Privacy policy | Paoletti Guitars

Paoletti Guitars

Privacy policy

January 30, 2026

1. Data Controller

The Data Controller is Paoletti Guitars S.R.L. unipersonale,
registered office at Via Palatucci 86, 51039 Quarrata (PT) – Italy
VAT: IT02433740970
Website: paolettiguitars.com
Email: paolettiguitars.com

2. Types of Personal Data Collected

Paoletti Guitars may collect and process the following categories of personal data:

  • Identification data: first name, last name.
  • Contact details: email address, phone number.
  • Technical data: IP address, browser type, cookie identifiers.
  • Voluntarily provided data: any personal information shared via contact forms, comments, or other messages.

3. Purpose and Legal Basis of Processing

Personal data are processed for the following purposes and based on the corresponding legal grounds:

  • To respond to inquiries or contact requests: based on your consent (Art. 6, para. 1, letter a, GDPR).
  • To prepare quotations, manage orders, or fulfill contracts: necessary for the performance of pre-contractual or contractual obligations (Art. 6, para. 1, letter b, GDPR).
  • For analytics, service improvement, and security: based on the legitimate interest of the Data Controller (Art. 6, para. 1, letter f, GDPR).
  • For compliance with legal and fiscal obligations: necessary to meet legal requirements (Art. 6, para. 1, letter c, GDPR).

4. Processing Methods

Data are processed using electronic and/or manual tools, in accordance with the principles of lawfulness, fairness, transparency, and confidentiality, following Regulation (EU) 2016/679 (GDPR) and applicable national legislation.

5. Comments

When visitors leave comments on the website, we collect the data shown in the comment form, as well as the visitor’s IP address and browser user agent string to assist with spam detection.

An anonymized string derived from your email address may be provided to the Gravatar service to verify whether you use it. The Gravatar privacy policy is available here: https://automattic.com/privacy/.
After your comment is approved, your profile picture becomes visible to the public in the context of your comment.

6. Media

If you upload images to the website, please avoid including embedded location data (EXIF GPS). Visitors to the website may download and extract any location data from such images.

7. Contact Forms

The personal data submitted through contact forms (name, email address, and message content) are used exclusively to respond to your inquiries.
These data are stored for a maximum of 12 months from the last correspondence.

8. Cookies and Analytics

This website uses technical cookies necessary for its proper operation and Google Analytics 4 (Google Ireland Limited) to collect aggregated, anonymized statistical data on website usage.

Analytics cookies are activated only after the user provides explicit consent through the cookie banner.
IP addresses are anonymized, and data are analyzed in aggregate form only.

You may modify or withdraw your consent at any time through the cookie preferences panel.
For more information, please refer to our Cookie Policy.

9. Embedded Content from Other Websites

Articles or pages on this site may include embedded content (e.g., videos, images, or articles).
Embedded content behaves exactly as if the visitor had visited the other website, which may collect data, use cookies, or apply third-party tracking according to its own privacy policy.

10. Data Retention Period

Personal data are retained as follows:

  • Comments: indefinitely, unless deletion is requested.
  • User accounts (if any): until the user or administrator deletes the account.
  • Contact form data: up to 12 months.
  • Analytics data: up to 26 months.

10. Data Retention Period

Personal data are retained as follows:

  • Comments: indefinitely, unless deletion is requested.
  • User accounts (if any): until the user or administrator deletes the account.
  • Contact form data: up to 12 months.
  • Analytics data: up to 26 months.

Statutory Retention Periods

Certain personal data may be retained for the period required by applicable laws and regulations.
This includes, for example, business, tax, and employment records that must be stored for a minimum of 6–7 years for accounting and fiscal purposes, and up to 10 years in some cases, depending on local legal obligations.
Paoletti Guitars retains such data strictly for compliance with statutory duties and deletes or anonymizes them once the legal retention period has expired.

11. Data Transfers Outside the EU

Where data are transferred outside the European Economic Area (EEA), for example to service providers such as Google or Meta, such transfers occur in compliance with the Standard Contractual Clauses (SCCs) approved by the European Commission, ensuring adequate data protection standards.

12. Your Rights

Under Articles 15–22 of the GDPR, you have the right to:

  • Access your personal data.
  • Request rectification or updating of your data.
  • Request erasure (“right to be forgotten”).
  • Restrict or object to processing.
  • Request data portability.
  • Withdraw consent at any time, where applicable.
  • Lodge a complaint with the Italian Data Protection Authority (Garante per la Protezione dei Dati Personali): www.garanteprivacy.it.

To exercise your rights, contact us at [email protected].

13. Data Security

The Data Controller adopts appropriate technical and organizational measures to ensure the security of personal data and to prevent unauthorized access, disclosure, alteration, or accidental destruction.

14. Children’s Data

This website is not intended for individuals under 18 years of age.
Paoletti Guitars does not knowingly collect personal data from minors.

15. Updates to this Policy

This Privacy Policy may be updated periodically to reflect legal or operational changes.
The most recent version will always be available on this page.

Paoletti Guitars S.R.L. unipersonale
© Copyright 2026 – All rights reserved
Via Palatucci 86, 51039 Quarrata (PT) – Italy
www.paolettiguitars.com