Privacy and Cookie Policy of Coviola.com
Last updated: 1 November 2025
Your privacy is important to Coviola.com. We are committed to protecting personal data in accordance with Regulation (EU) 2016/679 (GDPR) and applicable data protection laws. This policy explains what data we collect, how we use it, how long we keep it, and how you can exercise your rights.
Data Controller
The data controller is Coviola.com. For any privacy inquiry, you can contact us at info@coviola.com.
Categories of Data Collected
We may collect and process the following types of data:
Identification data: name, surname, company name, email address, phone number, billing information.
Payment data: handled securely by payment processors (e.g. Stripe). Coviola does not store card details.
Technical and browsing data: IP address, browser type, device identifiers, operating system, cookies, and access logs.
Voluntarily provided data: content of messages, support requests, emails, or form submissions.
Project data: files, images, credentials, or materials you provide to deliver services.
Marketing preferences: newsletter subscriptions and interactions with marketing emails.
Legal Basis and Purposes of Processing
Data is processed based on the following legal grounds:
Contract execution: to deliver projects, maintain client relationships, process payments, and provide support.
Legal obligations: for accounting, tax, and regulatory compliance.
Legitimate interests: to ensure security, prevent fraud, and improve website functionality and service quality.
Consent: for marketing communications, analytics, and optional cookies.
If consent is withdrawn, processing based on legitimate interest or legal obligation may continue where applicable.
Use of Data
Personal data is used to:
Respond to inquiries and provide project quotations.
Deliver design, development, and marketing services.
Manage subscriptions and renewals.
Send updates, news, or promotional offers (only if consented).
Analyze and improve service performance and website traffic.
Comply with legal and tax requirements.
Third-Party Processors and Services
To operate effectively, Coviola uses third-party providers acting as data processors under GDPR-compliant contracts:
Stripe: processes payments securely under PCI DSS standards.
Google Analytics: provides anonymized website analytics.
Meta Pixel: measures campaign effectiveness (requires consent).
Mailchimp: manages newsletters and marketing automation.
Crisp Chat: provides live chat support and ticket management.
Cloud hosting providers: store project and operational data in secure data centers.
Each provider processes data according to its own privacy terms and the Standard Contractual Clauses when outside the EU.
Cookies and Tracking
Coviola.com uses cookies to provide a secure and optimized browsing experience.
Essential cookies: required for site functionality and security (do not require consent).
Analytical cookies: used to gather anonymized usage statistics.
Marketing cookies: track engagement across platforms (require consent).
A cookie banner appears on your first visit, allowing you to accept, reject, or manage preferences. You can change preferences anytime through the “Cookie Settings” link at the bottom of the site.
Data Retention
Contractual and billing data: retained up to 10 years to comply with legal obligations.
Communication data: retained up to 24 months or until consent is withdrawn.
Analytics and cookies: retained according to the provider’s policies and your consent settings.
After the retention period, data is securely deleted or anonymized.
International Data Transfers
Some service providers may process data outside the EU. Where this occurs, Coviola ensures adequate protection through the European Commission’s Standard Contractual Clauses (SCC) or other lawful mechanisms recognized by the GDPR.
Security Measures
We use technical and organizational measures to safeguard data against unauthorized access, disclosure, loss, or alteration. These include encryption (SSL/TLS), restricted access, secure password management, and continuous system monitoring. No method of transmission or storage is completely risk-free, but we aim to maintain industry-level security standards.
Your Rights under GDPR
You have the following rights:
Access your personal data.
Request correction of inaccurate or incomplete data.
Request deletion of data (“right to be forgotten”).
Restrict or object to specific types of processing.
Request data portability in a structured, machine-readable format.
Withdraw consent at any time without affecting the legality of prior processing.
File a complaint with the Garante per la Protezione dei Dati Personali (Italian Data Protection Authority) or your local supervisory authority.
Requests can be submitted by email to info@coviola.com. Coviola may verify your identity before fulfilling your request.
Data of Minors
Coviola.com does not knowingly collect or process personal data of minors under 16 years old. If we become aware that such data has been provided without parental consent, it will be deleted promptly.
Automated Decision-Making
Coviola does not make decisions solely based on automated processing that produce legal or similarly significant effects for users.
Breach Notification
If a data breach occurs that poses a risk to individuals’ rights and freedoms, Coviola will notify the relevant authority within 72 hours and affected users without undue delay, as required by the GDPR.
Links to External Websites
Coviola.com may contain links to third-party websites or tools. Coviola is not responsible for their content or data protection practices. We encourage you to review their privacy policies.
Policy Updates
Coviola may revise this policy to reflect service or legal changes. Updates will be posted on this page, with the most recent date listed at the top. Continued use of our website or services after changes means you accept the updated version.
Contact Information
For any data protection question or exercise of your rights, contact us at:
info@coviola.com
