Privacy Policy

Dear user,

Panificio San Paolo ( is committed to safeguarding your privacy. For any questions or problems regarding the use of your personal data, contact us at and we will be happy to assist you.

By using this site and / or our services, you consent to the processing of your personal data as described in this Privacy Policy.

 Contents Index

  1. Definitions used in this Policy
  2. Principles of data protection
  3. Which rights you have regarding your personal data
  4. What personal data we collect about you
  5. How we use your personal data
  6. Who has access to your personal data
  7. How we secure your data
  8. Content embedded from other websites
  9. How to check your data
  10. 10. "owner", responsible and in charge of data processing
  11. Contact information
  12. 12. Information about cookies
  13. 13. Our cookies


Personal data  - any information related to an identified or identifiable natural person.
Processing - any operation or set of operations performed on Personal Data or set of personal data.
Data subject - A natural person whose data has been processed.
Boy / child - A natural person under 16 years of age.
We / our (both upper and lower case) - San Paolo Bakery

Principles of data protection

We are committed to following the following data protection principles:

  • The processing is lawful, fair, transparent. Our processing activities have legal bases. We always consider your rights before processing personal data. Upon request we will provide you with information regarding data processing.
  • The processing is limited to the stated purpose. Our processing activities correspond to the purpose for which the personal data were collected.
  • Processing is performed with minimal data. We collect and process a minimum amount of Personal Data required for any purpose.
  • Processing is limited to a period of time. We do not store your personal data for longer than necessary.
  • We will do we do our best to ensure the accuracy of the data.
  • We will do our best better to ensure the integrity and confidentiality of data.

Rights of the data subject

The data subject has the following rights:

  1. Right to information: means that you have the right to know whether your personal data is being processed; what data is collected, where it comes from, why and by whom it is processed.
  2. Right of access: it means that you have the right to access the data collected by and about you. This includes the right to request and obtain a copy of the personal data collected.
  3. Right of rectification: this means that you have the right to request the correction or deletion of personal data that are inaccurate or incomplete.
  4. Right to erasure: in certain circumstances it is possible to request the deletion of personal data from our archives.
  5. Right to limit processing: meaning that, if certain conditions apply, the the user has the right to limit the processing of their personal data.
  6. Right to object to the treatment: this means that in some cases you have the right to object to the processing of your personal data, for example in the case of direct marketing.
  7. Right to object to aut processing automated: this means that you have the right to object to automatic processing, including profiling; and not be subject to a decision based solely on automated processing. This right can be exercised whenever there is a profiling result that produces legal effects that affect or significantly affect you.
  8. Right to data portability: you have the right to obtain your personal data in a machine-readable format or, if possible, as a direct transfer from a processor to a other.
  9. Right to complain: in the event that we refuse your request under the Access Rights, we will provide you with a reason to explain why. If you are not satisfied with the way your request has been handled, contact us.
  10. 10 . Supervisory authority's right to help: meaning that you have the right to seek help from a supervisory authority and the right to other legal remedies such as a claim for damages.
  11. Right to withdraw consent: the user has the right to withdraw any consent for the processing of their personal data. < / span>

Data we collect

Information you have provided us
This could be your e-mail address, name, billing address, home etc. - mainly the information necessary to provide you with a product / service or to improve your user experience. This is information you give us through, for example, filling in online forms.

Information collected automatically on you
This includes information that is automatically stored by cookies and other session tools. For example, the information on the shopping cart, the IP address, the purchase history (if any), etc. This information is used to improve the customer experience. When you use our services or look at the contents of our website, activities can be recorded . However, on this website, we do not collect any of this information.

Information from our partners
We collect information from our trusted partners with confirmation that have legal bases for sharing this information with us. This is the information that you have provided to them or that they have collected about you for other legal reasons.

Public domain information
We may collect information about you that is publicly available.

How we use your personal data

use your personal data for the purpose of:

  • provide you with our service. This includes for example registering your account; provide you with products and services that you have requested; provide you with promotional items at your request and communicate with you in relation to these products and services; communicate and interact with you; and notify changes to any service.
  • improve your customer experience;
  • fulfill an obligation established by law and / or by the contract;

    We use your personal data for legitimate reasons and with your consent

    For reasons related to the conclusion of a contract or the fulfillment of contractual contracts, we process your personal data for the following purposes:
  • to identify you;
  • to provide you with a service or to have / offer you a product;
  • communicates both sales and billing;

For reasons of legitimate interest, we process your personal data for the following purposes:

  • for personalized personalized invitations (from us and / or from ours carefully selected partners);
  • administer and analyze our customer base (behavior and history of purchases) in order to improve the quality, variety and availability of the products / services offered / services;
  • conduct questionnaires regarding customer satisfaction;

If you haven't informed us otherwise, consider offering products or services similar or the same as yours purchase history or to your browsing behavior, in our legitimate interest.

With your consent we process your personal data for the following purposes:

  • to offer you newsletters and promotional offers (from us and / or our carefully selected partners );
  • for other purposes for which we have asked for your consent;

We process your personal data in order to fulfill the obligations deriving from the law and / or use your personal data for the options provided by law. We reserve the right to anonymize the personal data collected and to use such data. We will only use data outside the scope of this policy when it is anonymized. We keep your billing information and other information collected about you for the time necessary for accounting purposes or other obligations deriving from the law, but not beyond these.

We may process your personal data for different purposes which are not mentioned here, but are compatible with the original purpose for which the data was collected. To do this, we will make sure that:

  • the link between the purpose, context and nature of the Personal Data is suitable for further processing;
  • further processing would not harm your interests and
  • that there will be adequate protection for processing.

We will inform you of any further processing or purposes. 

Who else has access to your data

We do not share your personal data with strangers. In some cases, the user's personal data is provided to our trusted partners in order to make it possible to provide the service or improve the customer experience. We share your data with:

Our processing partners:

  • Google Analytics

We only work with processing partners who are able to guarantee an adequate level of protection of personal data. We disclose your personal data to third parties or public officials when we are legally obliged to do so. We may disclose your personal data to third parties if you have consented or if there are other legal reasons for doing so.

How we put safely your data

We do our best to keep your personal data safe. We use secure protocols for communication and data transfer (such as HTTPS). We use anonymity and camouflage where possible. We monitor our systems for possible vulnerabilities and attacks.

Even if we do our best, we cannot guarantee information security. However, we are committed to notifying the competent authorities of data breaches. We will also notify you if there is a threat to your rights or interests. We will do everything reasonably possible to prevent security breaches and assist authorities in the event of a breach.

If you have an account with us, keep in mind that you must keep your username and password secret.

Boys / children

We do not intend to knowingly collect or collect information from children. We do not direct children to our services.

Content embedded from other websites 

The articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves exactly as if the visitor had visited the other website.

These websites can collect data about you, use cookies, integrate additional third-party tracking, and monitor interaction with that embedded content, including tracking your interaction with embedded content if you have an account and are connected to that website.

How to check your data

If you have an account on this site, or have left comments, you can request to receive an exported file from the site with the personal data we have about you, including the data you have provided to us. You can also request that all personal data concerning you be deleted. This does not include data that we are obliged to keep for administrative, legal or security purposes. You can request all the data we have collected about you by sending an email to, specifying the email address with which you registered.

"Owner", responsible and in charge of data processing

The Data Controller is Panificio San Paolo (VAT number 02442930745 ).

The user's personal data are processed by persons in charge of the treatment within the structure, are designated and appointed respectively by the Data Controller and operate under his direct authority on the basis of the instructions received. The user's personal data may also be processed by the subjects designated as data processors or independent data controllers who provide instrumental services to meet the user's request. The updated list is available at the company headquarters

The Data Controller has not identified the figure of the Data Protection Officer data (DPO or DPO), as it is not subject to the designation obligation pursuant to art. 37 of the GDPR Regulation.

Contact information

In case of questions concerning the processing of personal data, rights relating to personal data or this privacy statement, contact the administration at this address:

Supervisory authority
Phone: +39 06 69677 1

Cookies and other technologies we use

We use cookies and / or similar technologies to analyze customer behavior, administer the website, track user movements and collect user information. This is done in order to personalize and improve your experience with us.

A cookie is a small text file stored on your computer. Cookies store information that is used to help make sites work. Only we can access the cookies created by our website. You can control your cookies at the browser level. Choosing to disable cookies may hinder the use of certain functions.

We use cookies for the following purposes: 

  • Necessary cookies: these cookies are necessary in order to use some important features on our website, such as access. These cookies do not collect any personal information.
  • Functional cookies: these cookies provide features that make using the service more convenient and make more personalized features possible. For example, they might remember your name and email in the comment forms so you don't have to re-enter this information the next time you comment.
  • Analytical cookies: these cookies are used to track the use and performance of our website and services.

You can remove the cookies stored on your computer via your browser settings. Alternatively, you can control some third-party cookies using a privacy improvement platform such as optout.aboutads. info or . For more information about cookies, visit .

We use Google Analytics to measure traffic on our website. Google has its own privacy policy which you can consult here . If you wish to disable Google Analytics tracking, please visit the Google Analytics opt-out page.

Our cookies

The list of our cookies follows.




hasConsentNecessaryStores the user's cookie consent status for the current domain.
PHPSESSIDNecessaryNecessary to ensure the proper functioning of the shop.
wc_fragments_KEYNecessaryNecessary to guarantee the correct functioning of the trolley.
_gaAnalytical (Third party cookies)Register a unique ID used to generate statistical data on how the visitor uses the website. Data sent in: United States
_gatAnalytical (Third party cookies)Used by Google Analytics to limit the frequency of requests. Data sent in: United States
_gidAnalytical (Third party cookies)Register a unique ID used to generate statistical data on how the visitor uses the website. Data sent in: United States
_hjIncludedInSampleAnalytical (Third party cookies)Used by HotJar to generate data on the navigator's user experience. Data sent in: United States
_hjRecordingEnabledAnalytical (Third party cookies)Used by HotJar to generate record the user experience of the navigator. Data sent in: United States

Changes to this privacy statement

We reserve the right to make changes to this Privacy Policy. The last change was made on April 15, 2019.

This site uses cookies, including third parties.
By continuing to browse, clicking on any element or closing this banner, you consent to the use of cookies. Cookies Policy