Privacy Policy
Last Updated: July 02, 2025
FORTUNAT LTD (“we,” “us,” or “our”) is committed to protecting your privacy and ensuring the security of your personal data when you use our website, www.thepianissimo.com, or engage with our services. This Privacy Policy explains how we collect, use, store, disclose, and protect your personal information in accordance with the UK General Data Protection Regulation (UK GDPR), the EU General Data Protection Regulation (EU GDPR) (where applicable), the Data Protection Act 2018, and other relevant data protection laws.By using our website or services, you acknowledge that you have read and understood this Privacy Policy. If you have any questions, please contact us using the details in Section 16.
1. Who We Are
FORTUNAT LTD is a private limited company registered in England and Wales.
- Company Number: 16098957
- Registered Office: Holborn Gate, 330 High Holborn, Suite 505, 5 Desk Suite, London, England, WC1V 7QH
- Email: contact@thepianissimo.com
- Phone: +44 7360 498800
- Website: https://thepianissimo.com
We are the data controller responsible for the processing of your personal data, as defined under the UK GDPR and EU GDPR.
2. What Data We Collect
We may collect and process the following categories of personal data, depending on how you interact with our website or services:
2.1 Personal Information
- Identity Data: Name, surname, and (if applicable) account username.
- Contact Data: Email address, phone number, shipping address, and billing address.
- Transaction Data: Order details (e.g., products purchased, dates, totals), payment method details (e.g., last four digits of payment card, never full card details).
2.2 Technical and Usage Data
- Device Data: IP address, browser type, operating system, device type, and geolocation data (approximate, based on IP).
- Usage Data: Pages visited, time spent on the website, click patterns, and referral sources.
- Cookies and Tracking Data: Information collected via cookies, web beacons, or similar technologies (see our Cookies Policy for details).
2.3 Marketing and Communication Data
- Marketing preferences (e.g., whether you have opted in to receive newsletters).
- Content of communications you send us (e.g., emails, customer service inquiries).
2.4 Sensitive Data
- We do not collect sensitive personal data, such as information about your health, religion, political opinions, or biometric data, unless explicitly required and consented to for a specific purpose.
2.5 Aggregated Data
- We may collect and use anonymized, aggregated data (e.g., website traffic statistics) for analytics and business improvement. This data does not identify you and is not considered personal data under data protection laws.
3. How We Collect Your Data
We collect your personal data through the following methods:
- Direct Interactions: When you:
- Place an order or create an account on our website.
- Complete contact forms, request customer support, or send us emails.
- Sign up for newsletters or marketing communications.
- Participate in surveys, promotions, or competitions (if offered).
- Automated Technologies: Through:
- Cookies, web beacons, and analytics tools (e.g., Google Analytics, Meta Pixel, TikTok Pixel).
- Server logs capturing IP addresses, browser details, and usage patterns.
- Third Parties: From trusted partners, such as:
- Payment processors (e.g., Stripe, PayPal) providing transaction data.
- Logistics partners (e.g., Quivo) providing delivery status updates.
- Social media platforms, if you interact with us via social media (e.g., comments, messages).
4. Why We Collect Your Data (Purposes)
We use your personal data for the following purposes:
- Order Processing and Fulfillment: To process payments, ship products, and manage returns or refunds.
- Customer Service: To respond to inquiries, provide support, and resolve issues.
- Communication: To send order confirmations, shipping updates, and transactional emails.
- Legal Compliance: To meet tax, accounting, or regulatory obligations (e.g., maintaining transaction records).
- Fraud Prevention and Security: To detect and prevent fraudulent activity or unauthorized access to our website.
- Website Improvement: To analyze user behavior, optimize website functionality, and improve our services.
- Marketing: To send promotional emails, newsletters, or personalized offers (only with your explicit consent).
- Analytics: To measure website performance and understand customer preferences using anonymized data.
5. Legal Bases for Processing
We process your personal data based on the following legal grounds under the UK GDPR and EU GDPR:
- Contractual Necessity (Article 6(1)(b)): To fulfill our contract with you, such as processing orders, delivering products, and providing customer support.
- Legal Obligation (Article 6(1)(c)): To comply with legal requirements, such as tax and accounting obligations or responding to regulatory requests.
- Legitimate Interests (Article 6(1)(f)): For purposes such as fraud prevention, website analytics, and service improvement, where these interests do not override your rights and freedoms.
- Consent (Article 6(1)(a)): For optional activities, such as marketing emails or non-essential cookies, where you have provided explicit consent.
You may withdraw your consent at any time (see Section 9). Where we rely on legitimate interests, you have the right to object (see Section 9).
6. Data Sharing
We may share your personal data with trusted third parties under strict data protection agreements, only to the extent necessary to provide our services. These include:
- Payment Processors: E.g., Stripe, PayPal, to process secure payments.
- Logistics and Fulfillment Partners: E.g., Quivo (62 Boulevard Henri Navier, Lot 1-3, 95150 Taverny, France), to handle shipping and delivery.
- Email and Marketing Providers: E.g., Klaviyo, Zapier, to manage transactional and marketing communications.
- Analytics Providers: E.g., Google Analytics, Meta Pixel, TikTok Pixel, to analyze website performance and user behavior.
- IT and Technical Support Providers: To maintain website functionality and security.
- Legal or Regulatory Authorities: To comply with legal obligations, such as tax audits or law enforcement requests.
All third parties are required to process your data in accordance with applicable data protection laws and our contractual agreements, which include confidentiality and security obligations.
7. International Transfers
Some of our third-party service providers (e.g., payment processors, analytics providers) may be located outside the United Kingdom or European Economic Area (EEA), such as in the United States or Australia. When transferring your data internationally, we ensure appropriate safeguards are in place, including:
- Standard Contractual Clauses (SCCs): Approved by the UK and EU to ensure equivalent data protection standards.
- Data Processing Agreements: With strict confidentiality and security obligations.
- Adequacy Decisions (where applicable): For countries recognized by the UK or EU as providing adequate data protection.
If you have questions about international transfers, contact us at contact@thepianissimo.com.
8. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes outlined in Section 4, or as required by law. Typical retention periods include:
| Purpose | Retention Period |
|---|---|
| Order and Transaction Records | 6 years (to comply with UK tax and accounting laws) |
| Customer Service Records | 1 year after last interaction |
| Marketing Communications | Until you withdraw consent or unsubscribe |
| Analytics and Cookie Data | Up to 26 months (e.g., Google Analytics default) |
After the retention period, your data is securely deleted or anonymized so it can no longer be linked to you.
9. Your Rights
Under the UK GDPR, EU GDPR, and other applicable laws, you have the following rights regarding your personal data:
- Right to Access: Request a copy of the personal data we hold about you.
- Right to Rectification: Correct inaccurate or incomplete data.
- Right to Erasure (“Right to be Forgotten”): Request deletion of your data in certain circumstances (e.g., when no longer necessary or if you withdraw consent).
- Right to Restrict Processing: Limit how we use your data in specific cases.
- Right to Data Portability: Receive your data in a structured, commonly used, and machine-readable format, or have it transferred to another controller.
- Right to Object: Object to processing based on legitimate interests (e.g., analytics) or direct marketing.
- Right to Withdraw Consent: Withdraw consent for marketing or non-essential cookies at any time without affecting the lawfulness of prior processing.
- Right to Avoid Automated Decision-Making: Not be subject to decisions based solely on automated processing that produce legal or significant effects (we do not engage in such practices).
To exercise any of these rights, contact us at contact@thepianissimo.com with:
- Your full name and contact details.
- A description of your request.
- Proof of identity (if required to verify your request).
We will respond within one month, though this may be extended for complex requests. There is no fee for exercising your rights, unless the request is manifestly unfounded or excessive.
10. Marketing Communications
- We will only send marketing emails, newsletters, or promotional offers if you have provided explicit consent(e.g., by opting in during checkout or via a newsletter sign-up form).
- You can unsubscribe at any time by:
- Clicking the “unsubscribe” link in the footer of any marketing email.
- Contacting us at contact@thepianissimo.com.
- Unsubscribing from marketing communications does not affect transactional emails (e.g., order confirmations, shipping updates).
11. Cookies and Tracking
- We use cookies and similar technologies (e.g., web beacons, pixels) to enhance your experience, analyze website performance, and deliver personalized content.
- For detailed information, including how to manage your cookie preferences, see our Cookies Policy at www.thepianissimo.com/cookies-policy.
- You can accept, reject, or customize cookie settings via the cookie consent banner on our website.
12. Data Security
We implement robust technical and organizational measures to protect your personal data, including:
- Encryption: HTTPS encryption for website data transmission.
- Secure Servers: Hosted by Kinsta Inc. with industry-standard security protocols.
- Access Controls: Restricted access to personal data for authorized staff only.
- Third-Party Compliance: Contracts with service providers (e.g., Stripe, Quivo) requiring secure data handling.
Despite these measures, no online system is 100% secure. In the unlikely event of a data breach, we will:
- Notify affected users within 72 hours of becoming aware, where required by law.
- Inform the Information Commissioner’s Office (ICO) in the UK or relevant EU data protection authorities, as applicable.
13. Children’s Privacy
- Our website and services are not intended for children under 16 years of age.
- We do not knowingly collect personal data from minors. If we become aware that a minor’s data has been collected, we will promptly delete it.
- If you believe we have collected data from a child under 16, contact us immediately at contact@thepianissimo.com.
14. Complaints
- If you have concerns about how we handle your personal data, please contact us first at contact@thepianissimo.com so we can address your issue.
- You have the right to lodge a complaint with a supervisory authority:
- United Kingdom: Information Commissioner’s Office (ICO), www.ico.org.uk, or call +44 303 123 1113.
- European Union: Your local data protection authority (list available at https://edpb.europa.eu/about-edpb/about-edpb/members_en).
- EU Online Dispute Resolution (ODR): For consumer-related disputes, use the EU ODR platform at https://ec.europa.eu/consumers/odr.
15. Third-Party Links
- Our website may contain links to third-party websites (e.g., payment processors, social media platforms).
- We are not responsible for the privacy practices or content of these websites. We encourage you to review their privacy policies before providing personal data.
16. Changes to This Policy
- We may update this Privacy Policy to reflect changes in our practices, legal requirements, or operational needs.
- Updates will be posted on this page with the revised “Last Updated” date. Significant changes will be communicated via email or a prominent notice on our website.
- We encourage you to review this policy periodically to stay informed.
17. Contact UsFor questions, concerns, or to exercise your data protection rights, please contact:
FORTUNAT LTD
Email: contact@thepianissimo.com
Phone: +44 7360 498800
Address: Holborn Gate, 330 High Holborn, Suite 505, 5 Desk Suite, London, England, WC1V 7QH For data protection-specific inquiries, you may also request to speak with our Data Protection Officer (if appointed) via the above email.
