Privacy Policy

(Information on the processing of personal data)

Version 1.0 – updated on 2026-02-10

This information is provided in accordance with current legislation on the protection of personal data, including Regulation (EU) 2016/679 (GDPR) and the Swiss Federal Act on Data Protection (FADP), and is intended for users who interact with the website https://xn--gsto-0ra.ch.

1. Data Controller

The controller of the personal data processing is:

The Store Sagl
Via Ferruccio Pelli 10
6900 Lugano – Switzerland
Email: gustolugano@gmail.com
Phone: +41 79 338 10 20

The controller determines the purposes and means of the processing of personal data.

2. Types of data processed

The site may process the following categories of personal data:

  • personal details (first name, last name)
  • contact details (email address, phone number)
  • billing and shipping address
  • data relating to orders and payments
  • browsing data (IP address, browser and device information)
  • data collected through cookies and similar technologies (as described in the Cookie Policy)

Payment data is never stored directly by the site, but is processed exclusively by payment service providers.

3. Purposes of processing

Personal data is processed for the following purposes:

  • management and fulfillment of orders placed on the site
  • management of payments and billing
  • communications relating to orders or user requests
  • fulfillment of legal and tax obligations
  • improvement of the browsing experience and the services offered
  • anonymous statistical analysis on the use of the site
  • marketing and advertising activities, only with the user’s prior consent

4. Legal basis for processing

The processing of personal data is based on one or more of the following legal bases:

  • execution of a contract or pre-contractual measures
  • fulfillment of legal obligations
  • legitimate interest of the controller (e.g., site security)
  • explicit consent of the user, where required

Consent may be revoked at any time.

5. Processing methods and security

Data processing is carried out using IT and electronic tools, in compliance with the principles of lawfulness, fairness, and transparency.

Appropriate technical and organizational security measures are adopted to protect personal data from unauthorized access, loss, alteration, or disclosure.

6. Data recipients and third-party services

Personal data may be communicated to third parties exclusively for the purposes indicated above, including:

  • WooCommerce (e-commerce management)
  • Stripe (payment management)
  • Google Analytics (statistical analysis, subject to consent)
  • Google Ads (advertising activities, subject to consent)
  • Meta (Facebook and Instagram) (advertising and tracking activities, subject to consent)
  • technical and hosting service providers

Some of these entities may be located outside of Switzerland or the European Economic Area. In such cases, the transfer of data takes place in compliance with the guarantees provided by applicable legislation.

7. Cookies and tracking tools

The site uses technical, statistical, and marketing cookies.

The use of cookies and similar technologies is governed by the Cookie Policy, which can be consulted in the appropriate section of the site.

Consent to the use of non-technical cookies can be managed or revoked at any time via the banner or consent settings.

8. Data retention period

Personal data is kept for the time strictly necessary to achieve the purposes for which it was collected, as well as to fulfill applicable legal obligations.

Data relating to orders and billing is kept according to the terms provided by tax legislation.

9. Rights of the data subject

The user has the right to:

  • obtain information on the processing of their personal data
  • access their data
  • request its rectification or update
  • request its deletion, within the limits permitted by law
  • restrict or object to the processing
  • revoke consent at any time
  • request data portability
  • lodge a complaint with the competent data protection authority

To exercise their rights, the user can contact the controller at the contact details indicated above.

10. Changes to this information

This Privacy Policy may be subject to changes or updates over time, also as a result of regulatory changes or updates to the services offered.

The most recent and updated version is always available on this page.
Any changes will take effect from the date of publication.

Document version
Version 1.0 – updated on 2026-02-10.

This document may be subject to changes or updates over time, also as a result of regulatory changes or updates to the services offered.

The most recent and updated version is always available on this page. Any changes will take effect from the date of publication.

Shopping Cart