Privacy policy

Last Update: March 28, 2025

Data Controller

The Data Controller (hereinafter also referred to as "the Controller") is Antidoto di Guzzo Valentina.

VAT No. 13915870961
REA Number MI2751342

For any information or clarification regarding the processing of personal data as provided for in this privacy notice, as well as to exercise the rights set out in section 6) below, you may use one of the following methods:

The Controller acknowledges the importance of respecting the protection of its users' personal data.

For this reason, it is committed to complying with the provisions of EU Regulation (679/2016) (GDPR, available at: https://www.garanteprivacy.it/il-testo-del-regolamento), as well as Legislative Decree 196/2003 (Privacy Code), as supplemented by Legislative Decree 101/2018.

This privacy notice, issued pursuant to Article 13 of the GDPR, describes the processing of personal data provided by users (natural persons) or acquired during the use and consultation of the website (both desktop and mobile versions): www.archivioantidoto.com.

The Controller processes the data collected during website navigation, in the manner and based on the conditions explained below, to provide an efficient and secure website, to allow contact with users visiting the site, to develop its business concerning the services provided, and generally to achieve its corporate purpose or comply with legal obligations.

Data collection and use will occur, where necessary, with the user's express consent, except in cases where data processing is allowed under different legal bases, which will be explained below.


PLEASE NOTE:

This information does not apply to other websites, pages, or online services that may be accessed via hyperlinks published on the site but refer to resources outside the domain archivioantidoto.com.

Regarding the processing of personal data carried out by the managers of Social Media platforms used by archivioantidoto.com, please refer to the privacy policies provided by them.

The Controller processes personal data provided by users through Social Media platform pages used by Archivio Antidoto solely to manage interactions with users (comments, public posts, etc.) and in compliance with applicable regulations.

Changes to This Privacy Policy

This Privacy Policy may be updated and modified over time to reflect changes in our practices or for operational, legal, or regulatory reasons.


What Data Do We Collect?

DATA PROVIDED BY THE USER

Information that the user shares directly through the website, such as:

  • Contact details including name, address, phone number, and email.

  • Order information including name, billing address, shipping address, payment confirmation, email, and phone number.

  • Account information, including username and other details used for account security purposes.

  • Information shared by the user, for example, by sending a message through the contact form on the site.

Some features may require the user to provide specific personal data. The user may choose not to provide this information, but this may prevent access to certain features.

NAVIGATION DATA

The computer systems and software procedures used to operate the website acquire, during normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols (such as IP addresses or domain names of the devices used by users connecting to the site, browser type and operating system used, information about pages visited, access times, and general system parameters).

The processing of such data is necessary to ensure proper functioning, best usability, and implementation of the website, as well as to monitor and guarantee security. With user consent, the site may collect navigation data to analyze website traffic, increase visibility, and support online advertising activities for archivioantidoto.com.

For more information, see the "COOKIES" section in this document.


How We Use Your Personal Data

The data indicated above may be processed for the following purposes:

  1. To contact the user and provide requested information

    • The voluntary and explicit provision of contact details by the user implies consent for the Controller to use this data to respond to requests (Article 6(a) GDPR).

    • Data collected will be processed and stored only for the time necessary to respond to requests, with a maximum retention period of 6 months from the last interaction.

  2. To process purchase orders made through the online shop

    • Data processing for service provision through the website is authorized under Article 6(b) and (c) GDPR (legal and contractual obligations).

    • Data will be processed by the Controller and any authorized third parties for the duration necessary to fulfill the contract.

  3. Promotional and marketing purposes

    • The Controller may send advertising communications, service updates, and newsletters only with the user's express consent (Article 6(a) GDPR).

    • The user can withdraw consent at any time by contacting the Controller.

  4. Website traffic analysis for performance evaluation and improvement


How We Share Your Personal Information

In certain circumstances, we may share the user's personal data with third parties such as:

  • External suppliers or collaborators performing services on our behalf (e.g., IT management, payment processing, data analysis, customer support, order fulfillment, and shipping).

  • Administrative/judicial authorities to protect rights, detect/prevent illegal activities, or when explicitly required by authorities.


Children's Data

Services provided through the website are not intended for children, and we do not knowingly collect personal data from minors. If a parent or guardian believes that a minor has provided personal information, they may contact the Controller to request deletion.

Data Security

The Controller processes and stores data in databases located within the EU, implementing appropriate technical, physical, logical, and organizational security measures to prevent violations of users' rights.

Personal data will be processed within the European Union. If technical or operational needs require using service providers outside the EU, processing will be regulated per Chapter V of the GDPR.

Under no circumstances will collected data be publicly disclosed.

User Rights

Users have the following rights, which can be exercised by contacting the Controller:

  • Access personal data and obtain a copy.

  • Rectify inaccurate or incomplete data.

  • Request data portability under Article 20 GDPR.

  • Request data deletion under Article 17 GDPR.

  • Restrict data processing under Article 18 GDPR.

  • Object to data processing under Article 21 GDPR.

Users can also file a complaint with the Italian Data Protection Authority at: https://www.garanteprivacy.it/modulistica-e-servizi-online/reclamo.

Cookies

Cookies are text strings stored on the user's device that allow access to information for various purposes, such as storing user preferences, analyzing website usage, and improving services.

This website uses:

  • Technical and functional cookies for communication transmission, website security, and storing user preferences.These cookies do not require user consent.

For more details, refer to the complete Cookie Policy.

NAME

DESCRIPTION

DURATION

_ab

Used to control when the admin bar is shown on the storefront.

1y

_abv

Persist the collapsed state of the admin bar.

1y

_checkout_queue_token

Used when there is a queue during the checkout process.

1y

_cmp_a

Used for managing customer privacy settings.

1d

_identity_session

Contains the identity session identifier of the user.

2y

_master_udr

Permanent device identifier.

session

_pay_session

The Rails session cookie for Shopify Pay

session

_secure_account_session_id

Used to track a customer's session for new customer accounts.

30d

_session_id

Used for providing reporting and analytics.

2y

_shopify_country

Used for Plus shops where pricing currency/country is set from GeoIP by helping avoid GeoIP lookups after the first request.

30min

_shopify_essential

Contains essential information for the correct functionality of a store such as session and checkout information and anti-tampering data.

1y

_storefront_u

Used to facilitate updating customer account information.

1min

_tracking_consent

Used to store a user's preferences if a merchant has set up privacy rules in the visitor's region.

1y

auth_state_<<id>>

Stores authentication state before redirecting customers to third party for authentication.

25min

card_update_verification_id

Used to support verification when a buyer is redirected back to Shopify after completing 3D Secure during checkout.

20min

cart

Contains information related to the user's cart.

2w

cart_currency

Used after a checkout is completed to initialize a new empty cart with the same currency as the one just used.

2w

cart_sig

A hash of the contents of a cart. This is used to verify the integrity of the cart and to ensure performance of some cart operations.

2w

cart_ts

Used in connection with checkout.

2w

checkout

Used in connection with checkout.

21d

checkout_prefill

Encrypts and stores URL parameters containing PII which are used in cart permalink URLs.

5min

checkout_session_lookup

Used in connection with checkout.

3w

checkout_session_token_<<id>>

Used when a checkout session is established on the server.

3w

checkout_token

Captures the landing page of the visitor when they come from other sites.

session

customer_account_locale

Used to keep track of a customer account locale when a redirection occurs from checkout or the storefront to customer accounts.

1y

customer_payment_method

Stores what payment method is being updated for subscriptions.

1h

customer_shop_pay_agreement

Used to help verify a new Shop Pay payment instrument.

20min

device_fp_id

Device fingerprint identifier to help prevent fraud.

session

device_id

Session device identifier to help prevent fraud.

session

discount_code

Stores a discount code (received from an online store visit with a URL parameter) in order to the next checkout.

session

dynamic_checkout_shown_on_cart

Adjusts checkout experience for buyers that proceed with regular checkout versus dynamic checkout.

30min

hide_shopify_pay_for_checkout

Set when a buyer dismisses the Shop Pay login modal during checkout, informing display to buyer.

session

identity-state

Stores state before redirecting customers to identity authentication.

1d

identity-state-<<id>>

Stores state before redirecting customers to identity authentication.

1d

identity_customer_account_number

Stores an identifier used to facilitate login across the customer's account and storefront domains.

12w

keep_alive

Used when international domain redirection is enabled to determine if a request is the first one of a session.

session

locale_bar_accepted

Preserves if the modal from the geolocation app was accepted.

session

locale_bar_dismissed

Preserves if the modal from the geolocation app was dismissed.

1d

localization

Used to localize the cart to the correct country.

2w

logged_in

Identity logged-in hint.

12w

login_with_shop_finalize

Used to facilitate login with Shop.

5min

master_device_id

Permanent device identifier.

1y

order

Used to allow access to the data of the order details page of the buyer.

3w

pay_update_intent_id

Stores an ID of a Shop Pay billing agreement update intent, required for a callback after verifying a new Shop Pay payment instrument.

20min

preview_theme

Used to indicate whether the theme is being previewed.

session

previous_checkout_token

Used to prefill checkout with the details from the previous checkout.

1y

previous_step

Used in connection with checkout.

1y

profile_preview_token

Used for previewing checkout customizations.

5min

receive-cookie-deprecation

A cookie specified by Google to identify certain Chrome browsers affected by the third-party cookie deprecation. More information about this cookie can be found here.

session

remember_me

Used to prefill checkout with the details from the previous checkout.

1y

secure_customer_sig

Used to identify a user after they sign into a shop as a customer so they do not need to log in again.

1y

shop_pay_accelerated

Indicates if a buyer is eligible for Shop Pay accelerated checkout.

1y

shopify-editor-unconfirmed-settings

Stores changes merchant does in the editor to update the preview.

16h

shopify_pay

Used to log in a buyer into Shop Pay when they come back to checkout on the same store.

1y

shopify_pay_redirect

Used to accelerate the checkout process when the buyer has a Shop Pay account.

1y

storefront_digest

Stores a digest of the storefront password, allowing merchants to preview their storefront while it's password protected.

1y

tracked_start_checkout

Used in connection with checkout.

1y

user

Used in connection with Shop login.

1y

user_cross_site

Used in connection with Shop login.

1y

wpm-domain-test

Used to test Shopify's Web Pixel Manager with the domain to make sure everything is working correctly.

session

 

  • Analytics cookies: The Owner analyzes site traffic data to assess its efficiency (e.g., compiling reports on site activity and user behavior, checking how often users visit the site, how the site is found, and which pages are visited most frequently, etc.). This type of cookie is installed only  with the user's consent.

NAME

DESCRIPTION

DURATION

_landing_page

Capture the landing page of visitor when they come from other sites.

2w

_orig_referrer

Allows merchant to identify where people are visiting them from.

2w

_shopify_ga

Contains Google Analytics parameters that enable cross-domain analytics measurement to work.

session

_shopify_s

Used to identify a given browser session/shop combination. Duration is 30 minute rolling expiry of last use.

30min

_shopify_sa_p

Capture the landing page of visitor when they come from other sites to support marketing analytics.

30min

_shopify_sa_t

Capture the landing page of visitor when they come from other sites to support marketing analytics.

30min

_shopify_y

Shopify analytics.

1y

checkout_one_experiment

Used when a checkout is eligible to Checkout One and has been assigned to an experiment (control group or test group).

session

shop_analytics

Contains the required buyer information for analytics in Shop.

1y

unique_interaction_id

Used for checkout metrics.

10min

For specific information about the cookies we use in connection with managing our store on Shopify, see https://www.shopify.com/legal/cookies.

COOKIE DISABLING

Most browsers automatically accept cookies by default, but you can choose to set your browser to remove or reject cookies through browser controls. Please note that removing or blocking cookies may negatively impact your user experience and may cause some Services, including certain features and functionalities, to work improperly or become unavailable. Additionally, blocking cookies may not completely prevent the way we share information with third parties, such as our advertising partners.

In this case, please follow the instructions provided by the respective browsers used for navigation, available at the following links:

Our website also recognizes the Global Privacy Control (GPC) signal, which allows you to opt out of certain uses or disclosures of your information. If you communicate your preference via GPC, we will treat that signal as a valid request to opt out of sharing/targeted advertising for the associated browser or device. If we can link the device sending the signal to your Shopify account, we will also apply the opt-out request to your account. To learn more about Global Privacy Control, visit https://globalprivacycontrol.org/.

Apart from Global Privacy Control, we do not recognize other "Do Not Track" signals that may be sent by your web browser or device.

External Links and Social Media Plugins

The website may include links to social media platforms (Instagram, TikTok, Facebook) to allow easy sharing of website content on these social networks.

If you select a social media link while browsing the site, the respective social media provider may install cookies on your device.

By default, browsing the site does not allow third-party providers to install cookies unless the user clicks on the relevant link.

These cookies are not managed by Antidoto’s website, and their use is entirely governed by the respective third-party privacy policies.

IMPORTANT NOTICE

If the legal basis for processing is the user’s prior consent, the consent may always be revoked. However, this may make it impossible for the owner to provide the requested information or service, or it may prevent the user from receiving commercial communications and newsletters. The revocation will not affect the lawfulness of processing based on consent before its withdrawal.

The personal data mentioned above may also, if necessary, be transmitted to law enforcement authorities and judicial or administrative authorities in compliance with the law for the investigation and prosecution of crimes, prevention, and protection against threats to public security. It may also be shared to allow Antidoto to exercise or protect its contractual rights or those of third parties before the relevant authorities, as well as for other reasons related to the protection of rights and freedoms of others.

In such cases, the retention of personal data will be extended for the additional period necessary to defend or assert a right or to comply with any further legal obligations or orders from authorities.