top of page

Privacy Policy for Users

Fashion Atelier by Jana Grossmann with registered office in Bergamo – Via San Lazzaro n. 38, 24122, Tax Code n. GRSJNT67D45Z112N (hereinafter, “Holder”), owner of the (hereinafter, the “Site”), asowner of the processing of personal data of users who browse the Site (hereinafter, the "Users”) provides below the privacy information pursuant to art. 13 of EU Regulation 2016/679 of 27 April 2016 (hereinafter, "Regulation”, or the “Applicable Regulations”).

The Owner takes the right to privacy and protection of the personal data of its Users into the utmost consideration. For any information in relation to this privacy policy, Users cancontact the Owner at any time, using the following methods:

  • By sending a registered letter with return receipt to the registered office of the Data Controller (Via San Lazzaro n. 385, 24122 – Bergamo)


1. Purpose of the processing

The personal data of Users will be processed lawfully by the Owner pursuant to art. 6 of the Regulation for the following processing purposes:

to.provision of the service, or to allow the User to browse the Site. The User's data collected by the Owner for this purpose includes all personal data whose transmission is implicit in the use of Internet communication protocols, which the IT systems and software procedures used to operate the Site acquire during their normal operation. exercise: the IP addresses or domain names of the computers used by the Users, the addresses in URI (Uniform Resource Identifier) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the User's IT environment. This data is used for the sole purpose of obtaining anonymous statistical information on the use of the site and to allow its correct functioning. Without prejudice to what is provided elsewhere in this privacy policy, under no circumstances will the Owner make the Users' personal data accessible to other Users and/or third parties.

b.administrative-accounting purposes, or to carry out activities of an organisational, administrative, financial and accounting nature, such as internal organizational activities and activities functional to the fulfillment of contractual and pre-contractual obligations; obligations, or to fulfill obligations established by law, by an authority, by a regulation or by legislation and to ascertain responsibility in case of hypothetical computer crimes against the Site.


2. Data processing methods and retention times

The Data Controller will process the Users' personal data using IT tools, with logic strictly related to the purposes themselves and, in any case, in such a way as to guarantee the security and confidentiality of the data themselves.

The personal data of the Users of the Site will be kept for the time strictly necessary to carry out the primary purposes illustrated in paragraph 1 above, or in any case as necessary for the civil protection of the interests of both the Users and the Owner.


3. Scope of communication and dissemination of data

The employees and/or collaborators of the Owner in charge of managing the Site may become aware of the Users' personal data. These subjects, who are instructed by the Owner pursuant to art. 29 of the Regulation, will process the User's data exclusively for the purposes indicated in this information and in compliance with the provisions of the Applicable Regulations.

Third parties who may process personal data on behalf of the Owner as "External Data Processors”, such as, by way of example, providers of IT and logistics services functional to the operation of the Site, providers of outsourcing or cloud computing services, professionals and consultants.

Users have the right to obtain a list of any data controllers appointed by the Data Controller by making a request to the Data Controller in the manner indicated in paragraph 4 below.


4. Rights of interested parties

Users may exercise the rights guaranteed to them by the Applicable Regulations by contacting the Owner in the following ways:

  • By sending a registered letter with return receipt to the registered office of the Data Controller (Via San Lazzaro n. 38, 24122 – Bergamo)

  • By sending an email to the admin


Pursuant to the Applicable Regulations, the Owner informs that Users have the right to obtain indication (i) of the origin of the personal data; (ii) the purposes and methods of processing; (iii) of the logic applied in case of processing carried out with the aid of electronic instruments; (iv) the identification details of the owner and managers; (v) of the subjects or categories of subjects to whom the personal data may be communicated or who may become aware of it as managers or agents.


Furthermore, Users have the right to obtain:

to the'access, L'update, therectification or, when they are interested in it, theintegration some data;


b) thecancellation, thetransformation into anonymous form or theblock of data processed in violation of the law, including those whose retention is not necessary in relation to the purposes for which the data were collected or subsequently processed;

c) certification that the operations referred to in letters a) and b) have been brought to the attention, also with regard to their content, of those to whom the data have been communicated or disseminated, except in the case in which this requirement is proves impossible or involves the use of means that are manifestly disproportionate to the protected right.


Furthermore, Users have:


a) (where applicable) the right torevoke consent at any time, if the processing is based on their consent;


b) (where applicable) the right todata portability (right to receive all personal data concerning them in a structured, commonly used and machine-readable format), the right tolimitation of processing of personal data and theright to cancellation (“right to be forgotten”);


c) the right to object:

  • in whole or in part, for legitimate reasons to the processing of personal data concerning them, even if pertinent to the purpose of the collection;

  • if they believe that the processing concerning them violates the Regulation, the right tolodge a complaint with a Supervisory Authority (in the Member State in which they habitually reside, in which they work or in which the alleged infringement occurred). The Italian supervisory authority is theGuarantor for the protection of personal data, with headquarters in Piazza di Monte Citorio n. 121, 00186 – Rome (

The Owner is not responsible for updating all the links that can be viewed in this Policy, therefore whenever a link is not working and/or updated, Users acknowledge and accept that they must always refer to the document and/or section of the websites referred to by this link.

bottom of page