Privacy Policy

Information pursuant to EU Regulation 679/2016 (“General Data Protection Regulation”) for the management of online sales through the e-commerce site pastadallacosta.it.

Independent Data Controllers

North Star Srl, with registered office in Reggio Emilia, Via Brigata Reggio 27, and Dalla Costa Alimentare Srl, with registered office in Castelminio di Resana, Via della Fornace 131, are independent data controllers of the personal data collected on this website pursuant to and for the purposes of EU Regulation 679/2016 (“GDPR”).

In accordance with the commitment and care that North Star Srl and Dalla Costa Alimentare Srl (hereinafter “the Data Controllers”) devote to the protection of personal data, we hereby inform you about the methods, purposes, and scope of communication and dissemination of your personal data and your rights, in accordance with Article 13 of the GDPR.

1. CATEGORIES OF PERSONAL DATA PROCESSED BY THE DATA CONTROLLER

In order to offer you the services provided by the pastadallacosta.it website, the Data Controllers, on the basis of a sales agreement entered into between them, must process certain personal data necessary for the provision of services or to provide information or support to the User, if requested. The Data Controllers may process the following categories of users’ personal data:

  1. technical navigation data relating to the IP address, identification codes of the devices used by the user to access the site or services, browser characteristics and access times, necessary for the registration procedure and use of the services in the private area of the website already indicated;
  2. common identification and contact details provided by the user (e.g., first name, last name, email address, etc.) when registering on the private area of the pastadallacosta.it website, as well as when subscribing to the newsletter;
  • billing and shipping information, order history, and payment method associated with the personal account of the user registered on the same website;
  1. sales data collected through the e-commerce platform on the website pastadallacosta.it and the personal details of the respective purchasers.
  2. data belonging to special categories pursuant to Article 9 of the GDPR (e.g., health data, such as allergies), which can be obtained from the content of requests for information or complaints (e.g., concerning product quality or ingredients) from consumers;

2. PURPOSES AND LEGAL BASIS OF THE PROCESSING

The Data Controllers collect and process the aforementioned categories of personal data for the following purposes:

  • The personal data indicated in points ii. and iii. are used to allow the user concerned to register on the platform and, through their account, to use the services reserved for users registered in the private area of the website, including the ability to view their purchase history and/or change their billing/shipping address and default payment method. The legal basis for the processing of such data is the execution of (pre)contractual measures. The provision of data is necessary for the provision of the service; without it, it will not be possible to perform the service requested by the user.
  • The personal data indicated in point will be processed as necessary for the execution of the contract, including pre- and post-sales customer support. The provision of data is necessary for the provision of the service; without it, it will not be possible to perform the service requested by the user.
  • The contact details mentioned in this section may be used, subject to express and specific consent (opt-in), for the purpose of sending newsletters (Consent to receive newsletters). The provision of data for the purpose of receiving newsletters is optional; therefore, failure to give consent will prevent the user from receiving them, without prejudice to the possibility of using other services. The User has the right to withdraw consent at any time by writing to the Data Controllers’ contact person or by clicking on “unsubscribe” at the bottom of each email containing the newsletter.
  • Only with your express, optional, and free consent may your personal data indicated in point ii. be used to perform statistical analyses, market surveys, promotional activities, and to send commercial information on the products and promotional initiatives of the Data Controllers through automated digital contact tools (i.e., email, text messages, automated calls without an operator, push notifications, in-app messages). (Consent for direct marketing purposes);
  • Furthermore, with your optional, explicit, and specific consent, your personal data, as indicated in point , may be provided to other companies operating in the publishing, financial, automotive insurance, energy, consumer goods, humanitarian, and charitable sectors, which may contact you as independent Data Controllers – (an updated list of which is available to you and can be requested from the Data Controllers’ Data Protection Officer at the address below) so that they may pursue their own independent commercial and promotional purposes, i.e., for statistical analysis, market research, and to send commercial information about their products and/or promotional initiatives through the same automated channels mentioned above (Specific consent for communication to third parties for marketing purposes);
  • With your explicit consent, we may also process data belonging to special categories pursuant to Article 9 of the GDPR, such as health data (for example, any personal allergies or food intolerances) if you have deemed it necessary to communicate this information when requesting information or making complaints (Explicit consent to the processing of health data such as allergies and food intolerances). The provision of data by you is optional; however, if you do not provide it, the Data Controllers will not be able to manage and respond to your request for information.
  • Finally, we may also use your personal data for the purpose of establishing, exercising, and/or defending our rights or those of a third party in court or out of court and in the stages leading up to litigation (legitimate interest for defensive purposes).

For information purposes, it should be noted that for categories of data not expressly mentioned in this policy (e.g., data relating to sales made on channels other than the aforementioned website, such as marketplaces) and for any purposes other than those indicated herein, the sole Data Controller is North Star Srl.

3. DISCLOSURE, COMMUNICATION, AND PARTIES ACCESSING THE DATA

Your personal data will not be disclosed, but may be communicated where necessary for the provision of the service to third parties (such as third-party technical service providers, postal couriers, hosting providers, IT companies) appointed, where necessary, as Data Processors by the Data Controllers for technical or organizational tasks instrumental to the provision of the services or to independent data controllers such as consultants, auditors, etc. hosting providers, IT companies) appointed, if necessary, as Data Processors by the Data Controllers for technical or organizational tasks instrumental to the provision of services, or to independent data controllers such as legal advisors or public authorities and judicial bodies. The updated list of Data Processors can always be requested from the Data Controllers using the contact details below. Access to the data is also granted to categories of persons in charge of the Controllers involved in the internal organization for the processing of personal data (e.g., administrative, commercial, marketing, customer service, system administrators). The right to communicate to third parties remains unaffected if you have given your specific and optional consent (e.g., in the presence of your specific consent for communication to third parties for marketing purposes).

4. TRANSFER OF DATA ABROAD

Currently, your personal data is processed by the Data Controllers within the European Union. However, if for technical and/or operational reasons it becomes necessary to use suppliers (who will be appointed as Data Processors, where necessary) located outside the European Union, or if it becomes necessary to transfer some of the data collected to technical systems and services managed in the cloud and located outside the European Union, the processing will be regulated in accordance with the provisions of Chapter V of the Regulation and authorized on the basis of specific decisions of the European Union. All necessary precautions will therefore be taken to ensure the complete protection of personal data, basing such transfer on: a) adequacy decisions of the recipient third countries expressed by the European Commission; b) adequate safeguards expressed by the recipient third party pursuant to Article 46 of the Regulation; c) the adoption of binding corporate rules, known as Corporate Binding Rules. For further information on the type of appropriate safeguards that will be adopted pursuant to Articles 46 et seq. of the GDPR in the case of cross-border data transfers, you can contact us at the contact addresses listed below.

5. DURATION OF PROCESSING AND STORAGE OF PERSONAL DATA

Your Personal Data will be stored for a period not exceeding that strictly necessary to pursue the purposes indicated in paragraph 2 above, in compliance with the principles of minimization and storage limitation pursuant to Article 5, paragraph 1, letters c) and e) of the GDPR.

In particular, personal data relating to the creation of the account are processed until the user requests the deletion of the account and, in any case, for a period of time not exceeding that necessary for the purposes for which they were collected.

Data relating to marketing activities and the sending of newsletters will be stored until the data subject withdraws their consent and, in any case, for no longer than two years from the date on which consent was given. At the end of this period, the User will be asked to renew their consent to register on the website.

Sales data will be stored for a period equal to the duration of the contractual relationship and for 10 years after its expiry;

Personal data contained in requests for information or complaints will be stored for the time strictly necessary to manage such requests, unless it is necessary to extend the storage period for reasons related to the need to ascertain, exercise, or defend a right in court.

Data processed for legitimate interests for defensive purposes is retained for a period equal to the duration of the contractual relationship and for 10 years after its expiry.

6. RIGHTS OF THE DATA SUBJECT

The Data Controllers guarantee that you may exercise your rights under Article 12 et seq. of the GDPR at any time. In particular, you have the right:

  • to know whether the Data Controllers hold and/or process personal data relating to you and to access it in full, including obtaining a copy (Art. 15 Right of access),
  • the rectification of inaccurate personal data or the integration of incomplete personal data (Art. 16 Right to rectification);
  • to the erasure of personal data held by the Controllers if one of the grounds provided for in the GDPR applies (Right to Erasure, Art. 17);
  • to ask the Controllers to restrict processing to certain personal data only, if one of the grounds provided for in the Regulation applies (Art. 18 Right to restriction of processing);
  • to request and receive all your personal data processed by the Data Controllers, in a structured, commonly used, and machine-readable format, or to request the transmission of such data to another data controller without hindrance (Art. 20, Right to Data Portability);
  • in cases where we have requested your consent to process your personal data, you may withdraw it at any time, without prejudice to the lawfulness of the processing based on the consent given and carried out prior to said withdrawal;
  • to object at any time, on grounds relating to your particular situation, to the processing of personal data based on legitimate interest, without prejudice to Article 21 of the GDPR “the controller shall no longer process the personal data unless the controller demonstrates compelling legitimate grounds for the processing which override the interests, rights, and freedoms of the data subject or for the establishment, exercise, or defense of legal claims.”
  • These rights may be exercised by contacting one of the Data Controllers whose contact details are provided in the relevant section of this policy. Furthermore, you always have the right to lodge a complaint with the Italian Data Protection Authority, which can be contacted at garante@gpdp.it or via the website http://www.gpdp.it.

7. CONTACT DETAILS OF THE DATA CONTROLLERS’ PRIVACY REPRESENTATIVES

Since North Star Srl and Dalla Costa Alimentare Srl act as independent Data Controllers, to exercise your rights, you can contact each of the two companies separately at the following addresses:

For North Star Srl

  • Privacy Office c/o North Star Srl via Brigata Reggio, 27, 42124 – Reggio Emilia (RE)
  • or by sending an email to: privacy@northstaritaly.com

For Dalla Costa

  • Ufficio Privacy c/o Dalla Costa Alimentare Srl via della Fornace, 131, 31023 – Castelminio di Resana (TV)
  • or by sending an email to: privacy@dallacostalimentare.com
SHOP

LINEE

PRIVATE LABEL

PASTIFICIO

RICETTE

NEWS

ABOUT

LAVORA CON NOI

CONTATTI

SHOP

LINES

PRIVATE LABEL

PASTA FACTORY

RECIPES

NEWS

ABOUT

WORK WITH US

CONTACTS

SHOP

Torna al menu

TRADIZIONE

The Tradition line celebrates the distinctive qualities, colours, and aromas of the Bel Paese.

BENESSERE

Shape and taste for a varied, balanced lifestyle.

KIDS

Playful, cheerful, and colourful — the most original and imaginative pasta shapes, designed especially for little ones

LICENZE

Iconic collaborations bring playful, colorful, and creative pasta shapes to the table

SPECIALI

Good mood, served! From seasonal celebrations to pasta shapes that tell stories of emotions and iconic places

VEDI TUTTE LE LINEE

SHOP

Torna alle linee

GUSTO

CAPPELLI

SEMOLA

VEDI TUTTE

SHOP

Torna alle linee

LEGUMI GLUTEN FREE

CEREALI GLUTEN FREE

PROTEIN

VEGGIE

FARINE SPECIALI

VEDI TUTTE

SHOP

Torna alle linee

FRUIT

BABY FOOD

GLUTEN FREE

TRICOLORE

VEDI TUTTE

SHOP

Torna alle linee

DISNEY

SMILEY WORLD

HELLO KITTY

DISNEY BIO

DISNEY SEMOLA

VEDI TUTTE

SHOP

Torna alle linee

HAPPY PASTA

SEASONAL

VEDI TUTTE

SHOP

Back to menu

TRADITION

The Tradition line celebrates the distinctive qualities, colours, and aromas of the Bel Paese.

WELLNESS

Shape and taste for a varied, balanced lifestyle.

KIDS

Playful, cheerful, and colourful — the most original and imaginative pasta shapes, designed especially for little ones

LICENSES

Iconic collaborations bring playful, colorful, and creative pasta shapes to the table

SPECIALTIES

Good mood, served! From seasonal celebrations to pasta shapes that tell stories of emotions and iconic places

VIEW ALL LINES

SHOP

Back to lines

GUSTO

CAPPELLI

SEMOLINA

DISCOVER ALL

SHOP

Back to lines

LEGUMES GLUTEN FREE

CEREALS GLUTEN FREE

PROTEIN

VEGGIE

SPECIAL FLOURS

DISCOVER ALL

SHOP

Back to lines

FRUIT

BABY FOOD

GLUTEN FREE

TRICOLOUR

DISCOVER ALL

SHOP

Back to lines

DISNEY

SMILEY WORLD

HELLO KITTY

DISNEY BIO

DISNEY SEMOLINA

DISCOVER ALL

SHOP

Back to lines

HAPPY PASTA

SEASONAL

DISCOVER ALL