Privacy Policy

This policy describes how Silk and More di Alberto Veralli processes the personal data of users who visit and use the silkandmore.eu website and related e-commerce services.

1. Data Controller

The Data Controller is:

Silk and More by Alberto Veralli
VAT / VAT NUMBER: IT12184070964
Email: info@silkandmore.eu

For any request relating to the processing of personal data or the exercise of privacy rights, the user can contact the Data Controller at the email address indicated above.

2. Types of data processed

The site may process the following categories of personal data.

Browsing data and technical data

During navigation, technical data necessary for the operation of the site may be collected, such as IP address, technical identifiers, browser and device data, operating system, pages visited, date and time of the request, technical logs and data relating to interaction with the site.

Information you provide

When the user uses the forms on the site, creates an account, places an order, subscribes to the newsletter or contacts customer service, data such as name, surname, email address, telephone number, billing and shipping address, company data, VAT number, Tax Code, PEC, SDI code, content of messages sent and any other information communicated voluntarily may be processed.

Order and purchase data

For the management of e-commerce, data relating to the products purchased, amounts, quantities, shipping preferences, order status, purchase history, any invoice requests, returns, refunds, complaints and after-sales assistance are processed.

Payment information

The site allows payment via bank transfer, PayPal, and electronic payments handled through Stripe. In the case of payment via PayPal or Stripe, the data required for the transaction is also processed by the respective payment providers. Silk and More does not retain complete payment card information, except for any technical transaction identifiers and information necessary for order management, accounting, refunds, and support.

Data for newsletters and commercial communications

When the user subscribes to the newsletter, name, email, date and time of subscription, source of subscription, IP address used at the time of subscription, preferences expressed and data relating to interaction with the communications sent, such as openings, clicks and unsubscriptions, if technically available, may be processed.
The newsletter service can be managed via MailPoet and/or Mailchimp.

Review and rating data

If the user leaves a review or receives a request for a review after purchase, name or display name, email address, purchased product, reference order, rating, review text, any uploaded images and technical data necessary to verify the authenticity of the review may be processed. The site may use Customer Reviews for WooCommerce and related services, such as CusRev, for the management of reviews and review requests.

CRM data and customer support

The site may use CRM tools, including Jetpack CRM, to organize contacts, customers, requests, orders, business activities, and user communications. The data processed may include personal data, contact data, order history, internal notes and communications with the customer.

Data collected through analytics, marketing, and social catalogs

The site may use analytics, marketing, conversion measurement tools and links to third-party product catalogs, including Google Analytics, Google services, Meta tools for Facebook and Instagram, and TikTok tools. These services may collect usage data, online identifiers, browsing events, product interactions, and aggregated or pseudonymised data for statistics, advertising campaigns, remarketing, conversion measurement and synchronisation of product catalogues.

Data processed through technical plugins and SEO

The site uses WordPress, WooCommerce and technical plugins, including Yoast SEO, which can process technical data or generate metadata necessary for the correct indexing, security, maintenance and operation of the site.

3. Purposes of processing and legal bases

Personal data is processed for the following purposes.

Site operation and security

Technical data is processed to enable navigation, keep the site secure, prevent abuse, fraud, unauthorized access, and resolve technical issues.

Legal basis: legitimate interest of the Data Controller and need to provide the service requested by the user.

Manage accounts, orders, and purchases

The data is processed to create and manage the account, receive and process orders, send confirmations, manage payments, shipments, invoices, service communications, returns, refunds, complaints and after-sales assistance.

Legal basis: performance of the contract or pre-contractual measures requested by the user.

Tax, accounting and administrative obligations

The data are processed to comply with legal obligations, including tax, accounting, administrative and document retention obligations.

Legal basis: legal obligation.

Responding to contact and support requests

The data communicated via forms, emails or other contact channels are processed to respond to your requests and provide support.

Legal basis: execution of pre-contractual or contractual measures, or legitimate interest of the Data Controller to manage the requests received.

Sending newsletters and promotional communications

The data is processed to send newsletters, product updates, offers, discounts and commercial communications.

Legal basis: User consent. The user can revoke consent at any time via the unsubscribe link in the emails or by contacting the Data Controller.

Marketing to existing customers

Within the limits permitted by applicable legislation, the Data Controller may send communications relating to products or services similar to those already purchased by the user, unless the data subject objects.

Legal basis: legitimate interest of the Data Controller, in permitted cases, or consent when requested.

Site Statistics, Analytics and Improvement

The data may be processed to analyze site usage, measure performance, understand user behavior in aggregate form, and improve content, products, and services.

Legal basis: consent, when the analysis involves the use of cookies or non-technical tools; legitimate interest or aggregated/anonymized data when applicable.

Advertising, remarketing and social catalogs

The data may be processed to measure advertising campaigns, create custom or similar audiences, show relevant ads, and link the site’s product catalog to platforms such as Meta, Facebook, Instagram, and TikTok.

Legal basis: user consent, where required, in particular for cookies and advertising tracking or profiling tools.

Product Reviews

The data may be processed to allow users to post reviews, submit review requests after a verified purchase, prevent fraudulent reviews, and show product ratings.

Legal basis: consent or legitimate interest, depending on the functionality used; performance of the contract for communications closely related to the purchase, where applicable.

Protection of rights

The data may be processed to ascertain, exercise or defend a right of the Data Controller in or out of court.

Legal basis: legitimate interest of the Data Controller and, where applicable, legal obligation.

4. Cookies and tracking tools

The site uses cookies and similar technologies for technical, functional, statistical purposes and, subject to consent where required, for marketing, measurement and connection purposes with third-party platforms.

The detailed management of cookies, tracking technologies, consent preferences and any third-party services involved is described on the dedicated Cookie Policy page, available on the website at https://silkandmore.eu/cookie-policy/.

You can change your cookie preferences through the consent management tools available on the site, as well as through your browser settings.

5. Services and third-party providers

To provide its services, the site may use third-party providers who process personal data on behalf of the Data Controller or as independent data controllers, as the case may be.

By way of example, the following may be involved:

  • hosting providers and technical suppliers of the site;
  • WordPress, WooCommerce and related plugins;
  • payment providers, including PayPal and Stripe;
  • newsletter services, including MailPoet and/or Mailchimp;
  • analytics services, including Google Analytics;
  • advertising services and product catalogs, including Meta/Facebook/Instagram and TikTok;
  • CRM services, including Jetpack CRM;
  • anti-spam, security, backup, and maintenance tools;
  • review services, including Customer Reviews for WooCommerce/CusRev;
  • couriers, fiscal, administrative, legal and accounting consultants.

The updated list of data processors can be requested by contacting the Data Controller.

6. Transfer of data outside the European Economic Area

Some providers used by the site may process personal data in countries outside the European Economic Area. In such cases, the transfer takes place on the basis of collateral instruments provided for by applicable law, such as adequacy decisions, standard contractual clauses or other suitable safeguards.

The user can request more information on transfers by contacting the Data Controller.

7. Retention period

Personal data are stored for the time necessary to achieve the purposes for which they were collected and, subsequently, for the period required by applicable legislation or necessary for the protection of the rights of the Data Controller.

In particular:

  • Account and registration data are stored until the account is deleted, unless further retention obligations are required;
  • data relating to orders, payments, invoices and accounting documents are kept for the period provided for by tax and accounting regulations;
  • data relating to requests for assistance are kept for the time necessary to manage the request and for the possible protection of rights;
  • the data processed for newsletters and marketing are stored until consent is revoked or deletion is requested;
  • the data collected through cookies are stored according to the durations indicated in the Cookie Policy and in the consent management panel;
  • Reviews may remain posted until removed if applicable, or as long as the product and site remain active, except for rights protections.

8. Processing methods and security

The processing is carried out using computerized, telematic and, if necessary, paper tools, according to logics strictly related to the purposes indicated. The Data Controller takes appropriate technical and organizational measures to protect personal data against unauthorized access, loss, disclosure, modification or destruction.

9. Communication of data

Personal data may be communicated to subjects authorized by the Data Controller and to external suppliers involved in the management of the site, orders and services requested by the user.

Data will not be sold. The data may be communicated to the competent authorities when required by law or necessary to protect the rights of the Data Controller.

10. Rights of the data subject

The user may exercise, within the limits provided for by applicable law, the following rights:

  • obtain confirmation of the existence or otherwise of personal data concerning him/her;
  • access your personal data;
  • request the correction or updating of data;
  • request the deletion of data;
  • request the limitation of processing;
  • object to the processing;
  • receive the data in a structured and machine-readable format, where applicable;
  • revoke the consent given, without prejudice to the lawfulness of the processing carried out before the revocation;
  • lodge a complaint with the competent supervisory authority.

To exercise your rights, you can write to info@silkandmore.eu.

11. Changes to this policy

The Data Controller reserves the right to update this Privacy Policy at any time, also in coordination with any updates to the Cookie Policy. Changes will be posted on this page and will be effective from the date of posting, unless otherwise noted.

Last updated: 05 May 2026