A ALL
Last Updated: June 2, 2025
VOSTRETTI, LLC ("we", "our", "us", "VOSTRETTI") takes your privacy seriously, and we want you to know how we collect, use, share and protect your information.
This policy pertains to the personal data collected in connection with your interactions, usage, and experience on our website at Vostretti.com (site), including when you purchase products, interact via SMS, or engage with our brand across any platform ("Services"). As outlined below, our data practices are dependent upon the way you engage with our Services.
If you do not want us to share personal data or feel uncomfortable with the ways we use information to deliver our Services, please do not use our Services.
1. PURPOSE
The purpose of this Privacy Policy is to inform users of our site of the following:
a) The personal data we will collect;
b) Use of collected data;
c) Who has access to the data collected;
d) The rights of Site Users; and
e) The Sites cookie policy.
We gather personal data when, but not limited to, you create an account, publish content, reach out to our customer service team, interact with us on social media, opt-in to SMS communications, or engage in any form of interaction with our platform.
This Privacy Policy is in addition to the Terms of Service which can be found https://vostretti.com/terms-and-conditions
This Policy complies with applicable data protection laws including the California Consumer Privacy Act (CCPA), General Data Protection Regulation (GDPR), and Telephone Consumer Protection Act (TCPA).
2. OUR RESPONSIBILITIES
We are required by law to:
a) Safeguard the confidentiality and security of your personal information.
b) Adhere to the duties and practices outlined in this policy.
c) Notify you promptly in the event of a breach that may compromise the privacy or security of your personal information.
d) Refrain from selling your information without obtaining your explicit authorization.
3. YOUR RIGHTS
Under most legislation including GDPR, dependant on where you live, you may have certain rights afforded to you when it comes to your privacy. These rights are not absolute and may only apply in certain circumstances. You may exercise your right to any of these rights where indicated on our site or by contacting us.
You have the following rights:
a) Right to be informed;
b) Right of access;
c) Right to rectification;
d) Right to erasure;
e) Right to restrict processing;
f) Right to data portability;
g) Right to object; and
h) Right to give instructions concerning the use of your data after your death
CCPA Rights (California Residents)
You have the right to:
- Know what data we collect, how we use it, and whether it's shared
- Request deletion of your personal data
- Opt-out of the sale of personal data (we do not sell data)
- Receive equal service regardless of exercising privacy rights
To submit a request: email privacy@vostretti.com with "CCPA Request" in the subject.
GDPR Rights (EU/UK Residents)
You may:
- Access, update, or correct your data
- Request deletion or restrict processing
- Object to processing or withdraw consent
- Data portability (request your data in a structured format)
To exercise these rights, contact privacy@vostretti.com with "GDPR Request" in the subject.
4. CONSENT
By using our site users agree that they consent to:
a) The conditions set out in this Privacy Policy.
When the legal basis for us processing your personal data is that you have provided your consent to that processing, you may withdraw your consent at any time. If you withdraw your consent, it will not make processing which we completed before you withdrew your consent unlawful.
You can withdraw your consent by advising us in writing and sending it to:
Attention: Privacy Data Officer
Email: privacy@vostretti.com
5. LEGAL BASIS FOR PROCESSING
We collect and process personal data about users in the EU only when we have a legal basis for doing so under Article 6 of the GDPR.
We rely on the following legal bases to collect and process the personal data of users in the EU:
a) Users have provided their consent to the processing of their data for one or more specific purposes;
b) Processing of user personal data is necessary for us or a third party to pursue a legitimate interest. Our legitimate interest is not overridden by the interests or fundamental rights and freedoms of users.
c) Processing of user personal data is necessary for us to take, at the request of a user, steps before entering a contract or for the performance of a contract to which a user is a party. If a user does not provide the personal data necessary to perform a contract the access to the service may be restricted or denied.
d) Processing of user personal data is necessary to protect the life of the user or another natural person; and
e) Processing of user personal data is necessary to a task carried out in the public interest or in the exercise of our official authority.
6. PERSONAL DATA WE COLLECT
We only collect data that helps us achieve the purpose set out in this Privacy Policy. We will not collect any additional data beyond the data listed below without notifying you first.
Data Collected Automatically
When you visit and use our Site, we may automatically collect and store the following information:
1. IP address;
2. Location;
3. Hardware and software details;
4. Clicked links;
5. Content viewed;
6. Browser type and usage patterns through cookies and analytics tools.
Data Collected in a Non-Automatic Way
We may also collect the following data when you perform certain functions on our site and app:
1. First and Last name;
2. Age;
3. Date of birth;
4. Sex;
5. Email address;
6. Phone number (including mobile number for SMS opt-ins);
7. Address (shipping and billing);
8. Payment information (processed securely by third-party providers; we do not store payment details);
9. Any Auto filled data;
10. Purchase History (products ordered, order dates, returns, and related interactions);
11. User-Generated Content (reviews, feedback, survey responses, or customer service communications);
12. SMS/Mobile Data (when you opt-in, we collect your mobile number and engagement metrics).
We gather data from you creating an account to use our services for yourself or a minor in which you are granting consent to use our Services. We gather information such as but not limited to, your first and last name, date of birth, sex, email address, and address.
We gather technical data and information from software or systems hosting the Services, and from the systems, applications and devices that are used to access the Services.
We gather data concerning the content you contribute, such as articles, comments, or engagement with other users' content. Additionally, we collect insights into your usage patterns within the Services, encompassing the Partner Content you explore, follow, and your interactions with such Partner Content.
Additionally, if you create or log into your account through a social media site or third-party service (like Facebook or Google), we will have access to certain information from that service, such as your name, email address, and profile picture, in accordance with the authorization procedures determined by such social media site or third-party service.
7. HOW WE USE PERSONAL DATA
Data collected on our site will only be used for the purposes specified in this Privacy Policy or indicated on the relevant pages of our products and check out page. We will not use your data beyond what we disclose in this Privacy Policy.
We use your data for multiple purposes, including but not limited to:
- Process orders and provide Services
- Send transactional and marketing communications (email & SMS)
- Personalize product recommendations and shopping experience
- Facilitate contests, promotions, or giveaways
- Managing accounts, offering support, ensuring safety and security
- Communicating with you, responding to legal requests
- Improve website performance and customer experience
- Comply with legal obligations and prevent fraud
- Detecting and addressing fraudulent or harmful activities
8. WHO WE SHARE PERSONAL DATA WITH
Employees
We may disclose user data to any member of our organisation who reasonably needs access to user data to achieve the purposes set out in this Privacy Policy.
Third Parties
Where reasonable and practicable to do so, we will collect your Personal Information only from you. However, in some circumstances we may be provided with information by third parties. In such a case we will take reasonable steps to ensure that you are made aware of the information provided to us by the third party.
We do not sell your personal information. We may share data with:
- Service Providers (e.g., payment processors, shipping partners, SMS/email providers)
- Analytics and Technology Tools (e.g., Google Analytics, Shopify)
- Government or Legal Authorities when required by law
- Business Successors in case of a merger, acquisition, or reorganization
Your mobile opt-in data and consent status will never be shared with third parties for marketing.
Other Disclosures
We will not sell or share your data with other third parties, except in the following cases:
a) If the law requires it;
b) If it is required for any legal proceeding;
c) To prove or protect our legal rights; and
d) To buyers or potential buyers of this company in the event that we seek to sell the company.
If you follow hyperlinks from our Service to another site, please note that we are not responsible for and have no control over their privacy policies and practices.
9. HOW LONG WE STORE PERSONAL DATA
Your Personal Information is stored in a manner that reasonably protects it from misuse and loss and from unauthorized access, modification, or disclosure.
When your Personal Information is no longer needed for the purpose for which it was obtained, we will take reasonable steps to destroy or permanently de-identify your Personal Information. However, most of the Personal Information is or will be stored in client files which will be kept by us for a minimum of 7 years.
We retain your data only as long as necessary for the purposes outlined in this Policy, unless otherwise required by law. This includes retention for legal, accounting, or tax obligations.
10. SECURITY MEASURES AND USER RESPONSIBILITIES
We employ commercially reasonable measures to safeguard the confidentiality and integrity of personally identifiable information that you share with us. It's important to note, however, that no security measures can claim absolute perfection or imperviousness, and we cannot guarantee the complete security of your information.
While we take diligent precautions to ensure user data security and user protection, inherent risks may persist. The Internet, in general, can be susceptible to insecurity intermittently, and therefore, we cannot assure the security of user data beyond what is reasonably practical. We commit to our role in protecting your information, but it is equally crucial for you to exercise vigilance in safeguarding your own information.
Furthermore, it's essential to recognize that we lack control over the actions of individuals with whom you or any other user may choose to share information. Hence, exercising caution in granting access to others and judiciously selecting the information you share becomes imperative.
11. HOW WE PROTECT YOUR DATA
We prioritize the security and confidentiality of your information and have implemented robust measures to ensure its protection. Our commitment to safeguarding your data includes the following key practices:
a) Encryption: We use advanced encryption technologies to secure the transmission and storage of your data, ensuring that it remains confidential and protected from unauthorized access.
b) Access Controls: Strict access controls are in place, limiting access to your information only to authorized personnel who require it for specific purposes. This helps prevent unauthorized use or disclosure.
c) Secure Infrastructure: Our systems and infrastructure are designed with security in mind, incorporating industry best practices to create a secure environment for your data.
d) Regular Audits: We conduct regular security audits and assessments to identify and address potential vulnerabilities, maintaining the integrity of our protective measures.
While we take these proactive steps to protect your data, it's important for you to play a role in maintaining security. Please review our user responsibilities section to understand how you can contribute to keeping your information safe.
12. MARKETING COMMUNICATIONS
By providing your contact information, you consent to receive marketing communications from us:
Unsubscribe via the link in any email or contact privacy@vostretti.com
SMS
Message and data rates may apply. To opt out, reply STOP to any text. Text HELP for assistance. Consent is not a condition of purchase.
We do not send marketing messages unless you have explicitly opted in.
13. CHILDREN
Users must be at least 16 years old to access our website. We do not intentionally gather personal information from children under the age of 16. Personal data is collected only for individuals aged 18 and above, and this information is obtained with explicit consent from their parents or guardians.
Our Services are not intended for individuals under the age of 13. We do not knowingly collect personal information from children without parental consent. If we learn we have collected data from a child, we will delete it.
14. MAKING A COMPLAINT - PRIVACY
Individuals may file a complaint with the data protection officer if they are dissatisfied with a decision regarding their confidential information or if they think that their confidential information may have been inappropriately used or disclosed.
If you have any complaints about how we process your personal data, please contact us through the methods listed in the Contact Information section of our site or app, so that we can, where possible, resolve the issue. If you feel that we have not addressed your concern in a satisfactory manner, you may contact a supervisory authority. You also have the right to directly make a complaint to the supervisory authority.
15. COOKIE POLICY
A cookie is a small file, stored on a user's hard drive by a website. Its purpose is to collect data relating to the user's browsing habits. You can choose to be notified each time a cookie is transmitted. You can also choose to disable cookies entirely in your internet browser, but this may decrease the quality of your user experience.
We use cookies and similar technologies to track your behavior on our site, improve performance, and personalize content. By using our site, you agree to our use of cookies. You can modify or disable cookies in your browser settings.
We use the following types of cookies with the Service:
1. Functional Cookies
Functional Cookies are used to remember the selection you make on our site or app so that your selections are saved for your next visits;
2. Analytical Cookies
Analytical Cookies allow us to improve the design and functionality of our Site and App by collecting data on how you access our site and app, for example data on the content you access, how long you stay on our site and app etc
3. Targeting Cookies
Targeting cookies collect data on how you use the site and app and your preferences. This allows us to personalize the information you see on our site for you;
4. Third-Party Cookies
We may use third-party cookies. Third-Party cookies are created by a website other than ours.
16. INTERNATIONAL DATA TRANSFERS
VOSTRETTI is headquartered in Atlanta, GA, USA, and our information processing and storage predominantly occur on servers situated within the United States. However, depending on factors like user and service provider locations, we may also store data on servers and equipment in various countries.
By accessing or using our Services, or by providing information to us, you explicitly consent to the processing, transfer, and storage of information both within the U.S. and in other countries. It's important to acknowledge that the rights you possess under local law may not be identical in all jurisdictions.
If you are located outside the U.S., your information may be transferred to and processed in the U.S. We use contractual and legal safeguards to protect your data during these transfers.
For the transfer of personal data from users in the EU, EEA and UK, we rely on the Standard Contractual Clauses approved by the European Commission for such transfers or other transfer mechanisms deemed 'adequate' under applicable laws.
17. MODIFICATIONS
This Privacy Policy may be amended from time to time in order to maintain compliance with the law and to reflect any change to our data collection process. When we amend this Privacy Policy we will update with "Effective Date: at the top of this Privacy Policy. We recommend that our users periodically review our Privacy Policy to ensure that they are notified of any updates. If necessary, we may notify users by email of changes to this Privacy Policy.
18. CONTACT INFORMATION
If you have any questions, concerns or complaints, you can contact our data protection officer at:
VOSTRETTI
1441 Woodmont Ln #1666
Atlanta, GA 30318
Email: privacy@vostretti.com