This Privacy Policy contains the information governing the processing of personal data of users (hereinafter referred to as the “User”) who access and use the following websites, owned by Milor S.p.A., or by companies controlled by it, in particular: www.bronzallure.com, www.etruscagioielli.com, www.albertm.it, www.duomilor.it, www.milor.com, www.galleria-milano.com, www.elledilinda.com, each individually identified as "the Site") for browsing and purchasing the products for sale (“Products”).


Milor S.p.A. (“The Data Controller”) is registered in the Business Register of the Milan Chamber of Commerce, Tax Code / VAT No. 04362490155; the registered office is at Via dei Gracchi, 35 20146 Milan, email: privacy@milor.com.

This Privacy Policy is to be considered an integral and essential part of the Terms of Use of each site and the cookies policy.

The information contained in the Privacy Policy is extended in accordance with Article 13 of Legislative Decree 30 June 2003 No. 196 and subsequent amendments (the “Privacy Code”) and Article 13 of EU Regulation 2016/679 (“GDPR”) to all Users who access and use the Site and/or purchase Products on the Site. This Policy refers solely to the use of the Site and to no other third-party site, even if referenced in any way within the Site.

Any changes will take effect immediately and will apply only to Users who use the Site after the date of such change. Therefore, we invite you to refer to it whenever you visit our Site to review its latest version available on the Site.

The data entered by the User at the time of registration on the Site or the Site's newsletter and when submitting each order will be used strictly for the purposes related to the purpose indicated at the time of data collection and/or for the purposes outlined in this Privacy Policy. More specifically, for sending the newsletter and/or for processing the order request and all related services, such as payment and delivery.

The User's personal data may also be used by the Data Controller and authorized third parties to fulfill any accounting and tax obligations related to the purchase of Products and to complete all activities strictly connected and preparatory to managing the Site-Customer relationship.

In particular: to carry out operations related to our commercial relationship, meaning concerning your subscription to the Services (especially verifying the authenticity of your email), Orders, deliveries, invoices, accounting, follow-up of the “customer relationship” with a Member, conducting satisfaction surveys, handling complaints and after-sales service, refunds, specific commercial gestures, Order returns, exercising your right of withdrawal, managing unpaid credits and disputes.

If the User has given consent, such personal data may be used for other purposes related to the sale of products on the Site:
1. sending promotions, offers, and suggestions about the Products for sale;
2. verifying User satisfaction;
3. sending promotional and/or advertising information related to other activities of the Site and its Partners;
4. conducting market research and post-sale analysis.
5. offering you commercial deals close to your geographic location, especially within offers that may include the “In-store Pickup” service;
6. managing your comments on the Site and/or on web pages published by us and hosted on our Social Network websites.

All User data collected will be processed exclusively and with due diligence by individuals specifically assigned to this task and specially trained in the matter. The purposes of the processing are those for which the data were collected, mainly using electronic and computer tools.

The data will be stored on computer and paper media, as well as on any other medium deemed suitable and compliant with the security measures imposed by applicable regulations. The data are kept in a way that allows the User’s identification for the minimum time necessary to achieve the purposes for which they were collected and then processed and, in any case, always in compliance with legal requirements.

Any damages caused by reasons not directly attributable to the Data Controller, such as site inaccessibility, viruses, corrupted files, interruptions of internet or telephone network connections, or other causes similar to those listed above, are not attributable to the Data Controller.

Furthermore, the User is required to diligently and responsibly keep all personal information strictly connected to the Site, such as access credentials to the Site, any order and shipping codes, or other data. Any theft or improper use of this data, and the consequences arising from these events, are the sole responsibility of the User.

The personal data requested by the Data Controller during the browsing of the Site may be mandatory or optional. The User's failure to consent to providing mandatory data will result in the inability to carry out the purpose for which the data was requested. The completion of optional data, on the other hand, is entirely at the User's discretion, who may choose whether or not to provide it. In this case, refusal will not affect the execution of the purposes indicated at the time of the request.

The User is also responsible for constantly updating such data, in order to allow the Data Controller to provide all services effectively and efficiently without incurring delays, errors, or additional charges resulting from the failure to update such data.

In particular, the Data Controller collects the Data you voluntarily declare starting from a collection form on the Site, including socio-professional information (for example, your profile, your surname, traditional first name, given names, gender, date of birth, sponsor and/or delivery address, profession).

On the occasion of an Order, our banking service providers also collect and process Personal Data related to your payment methods (credit card number, credit card expiration date, visual cryptogram - which will not be stored, etc.). On our part, we may process the partial number of your credit card consisting of the first six (6) and the last four (4) digits and the expiration date of your credit card as transmitted to us by your bank. Therefore, this payment identifier does not allow bank transactions to be carried out.

We also collect information related to the transaction carried out (transaction number, purchase details, etc.), or related to the payment of invoices issued starting from or through the Site (payment methods, discounts granted, receipts, balances and missed payments, or related to subscribed credits, amount and duration, etc.).

The Data Controller processes Data related to the management of the commercial relationship with you: product and/or service purchased, quantity, amount, frequency, delivery and/or billing address(es), phone number, security code, and any other relevant delivery information (tracking number, shipment location, etc.), purchase and service history, product returns, correspondence and/or telephone exchanges between you and our after-sales service, etc.

The communication of the User's personal data to third parties is subject to compliance with the legal limits imposed and the purposes declared and provided for in point 1. The third parties involved fall into the following categories:

1. those responsible for warehouse, packaging, shipping, delivery, and product return services;
2. those appointed by the Data Controller for the administrative, contractual, accounting, and legal management of the Site's activities;
3. credit institutions, insurance companies, and the company/companies responsible for payment processing, including electronic payments;
4. those responsible for the management and maintenance of the Site and all its functions;
5. any other parties to whom the Data Controller has granted access to the data, always in compliance with legal provisions or regulations.
6. affiliated, related companies, and offices associated with our Company,

Finally, the User's personal data may be used for contests and/or prize participation, and for sending advertising and promotional material related to the Site and the Data Controller's Partners, only with the User's explicit and voluntary consent.

In cases where data processing requires the explicit and voluntary consent of the User, it will be collected specifically with a clear explanation of the individual purposes pursued. It is specified that Article 6 of the GDPR provides cases where data processing does not require the User's express authorization, such as for fulfilling legal or contractual obligations undertaken towards the User.

The User has the right to request confirmation at any time of the existence of personal data concerning them, pursuant to Articles 12 and following of the GDPR.

In particular, in accordance with the Personal Data Regulation, you benefit from the following Specific Rights:
a. access (Article 15 of the GDPR), b. rectification (Article 16 of the GDPR), c. erasure (Article 17 of the GDPR), d. restriction of Processing (Article 18 of the GDPR), e. data portability (Article 20 of the GDPR), f. objection (Articles 21 and 22 of the GDPR), g. post-mortem directives (Law No. 78-17 of January 6, 1978, relating to data processing, files, and freedoms).

You have the right to obtain from the Data Controller confirmation as to whether or not personal data concerning you is being processed and, if so, access to such data and the following information:

1. the purposes of the processing; 2. the categories of data; 3. the recipients or categories of recipients to whom the data have been or will be disclosed; 4. where possible, the retention period for the data or, if not possible, the criteria used to determine that period; 5. the existence of the right to request from the Data Controller the rectification or erasure of data, or a restriction of the processing of your data, or the right to object to such processing; 6. when the data are not collected from you, any available information as to their source; 7. when data are transferred to a third country or to an international organization, you have the right to be informed of the appropriate safeguards relating to such transfer.

You have the right to obtain from the Data Controller, as soon as possible, the correction of any inaccurate data concerning you. You also have the right to request that incomplete data be completed, even if it requires providing an additional statement.

You have the right to obtain from the Data Controller the deletion, as soon as possible, of data concerning you for one of the following reasons:

a. the data are no longer necessary in relation to the purposes for which they were collected or otherwise processed by the Data Controller; b. you have withdrawn your consent to the processing of these data and there is no other legal basis for the processing; c. you exercise your right to object under the conditions set out below; d. there is no compelling legitimate reason for the processing; e. the data have been processed unlawfully; f. the data must be deleted to comply with a legal obligation; g. the data were provided by a child.

You have the right to obtain from the Data Controller the restriction of processing of your data based on one of the following reasons:

a. the Data Controller verifies the accuracy of the data following your dispute of their accuracy. b. the processing is unlawful and you oppose the deletion of the data, requesting instead the restriction of their use; c. the Data Controller no longer needs the data for processing purposes but they are still necessary for the establishment, exercise, and/or defense of legal rights; d. you have objected to the processing under the conditions described below and the Data Controller is verifying whether the legitimate grounds pursued override the reasons you have presented.

You have the right to receive from the Data Controller the data concerning you in a structured, commonly used, and machine-readable format when:

1. The data processing is based on consent and/or a contract, and
2. The processing is carried out using automated means.

When you exercise your right to data portability, you have the right to have the data transmitted directly from the Data Controller to a data processor you designate when technically feasible.

You have the right to object at any time, for reasons related to your particular situation, to the processing of your data based on the legitimate interest of the Data Controller. In such cases, the Data Controller will no longer process the data unless they demonstrate that there are legitimate and compelling reasons for the processing that override your interests, rights, and freedoms, or they may retain the data for the establishment, exercise, or defense of legal claims.

When data is processed for prospecting purposes, you may object to the processing of this data at any time.

Finally, the User has the right to object, in whole or in part, for legitimate reasons to the processing of personal data concerning them, even if relevant to the purpose of collection, as well as to the processing of personal data concerning them for sending advertising material or direct sales or for conducting market research or commercial communication.

To exercise these rights, the User may contact the following: Tony S.r.l. - Via Carducci 32, 2012 Milan - email: privacy@milor.it

The data controller for the personal data of Users who use the Site is Milor S.p.A. - Via dei Gracchi 35, 20146 Milan. To exercise their rights and for any further information regarding data processing, the User may contact the Data Controller at the following address: Milor S.p.A. - Via dei Gracchi 35, 20146 Milan - email: privacy@milor.it.

Your Personal Data is actively retained for a period of three (3) years from your last activity on the Site or on an electronic communication medium (particularly an email message) or, after this period, your profile is considered “inactive” and will be automatically deactivated. It is therefore up to you to create a new one for any new Orders.

Your Personal Data related to an Order is retained for a period of three (3) years from the date of an Order. It remains accessible to both you and us, especially after creating your account, to allow both of us to have a complete history of your Orders. We can delete it at any time upon your simple request.

However, at the end of the aforementioned periods, and if applicable, from the date of your deletion request, your Personal Data may be subject to intermediate archiving to comply with our legal, accounting, and tax obligations.

The Website is present on Social networks. For more information about the protection of your Data while browsing these Social networks, we invite you to consult their respective privacy policies.

To allow us to proceed with an easier registration or login to our Website, you may have the option to authenticate on our Website through a Social network. Simply click the dedicated button to automatically pre-fill your registration form on the Website based on the information you have already provided to the Social network. On our part, as the recipient, we may collect information when you browse the pages of our Social networks or use their authentication features.

Unless otherwise specifically stated, the Site's services are intended for a general audience. We recognize a special obligation to protect personal information obtained from young children. Therefore, for children under the age of 16 to register for any service, we require the child to provide the email address or other contact information of a parent or guardian who will be contacted by the Owner to inform them, confirm, modify, or refuse the registration of their child. The Owner reserves the right to request written proof of the parent’s or guardian’s authorization at any time. Until the parent or guardian responds to the Owner’s email according to the Owner’s instructions, the child’s use of the services may be limited.

A "cookie" is a connection marker that refers to a text file that can be stored, based on your choices, in a dedicated space on the hard drive of your Device when you visit the Site. A cookie file allows the issuer to identify the Device on which it is stored, for the duration of the cookie's validity or storage period, and therefore it must be considered Personal Data.

When you connect to our Site, we may be prompted, based on your choices, to install various Cookies on your Device that allow recognizing the browser of your Device during the validity period of the Cookie in question.

No personal data of users is acquired by the Site in this regard. Cookies are not used to transmit personal information, nor are any so-called persistent cookies used, nor any user tracking systems.

The use of third-party cookies (both temporary and permanent) by the site is solely anonymous and intended only to allow the owner to use web analytics services provided by third parties. These cookies enable the anonymous collection and recording of information about the pages visited on the site, but do not allow the identification of the visitor, nor are they combined in any way with other information. This data is used exclusively to track and analyze users' site usage, compile statistics based on information collected anonymously and through aggregated data. In particular, users are informed that the web analytics service that sets cookies used by the owner is ‘Google Analytics’, described below. Google Analytics is a web analytics service provided by Google, Inc. (‘Google’) that uses ‘cookies’ placed on the user’s computer to allow the visited website to analyze how users use it. The information generated by the cookie about the user’s use of the visited website (including the IP address) will be transmitted to Google and stored on Google’s servers in the United States. Google will use this information to track and analyze the user’s use of the website, compile reports on website activity for site operators, and provide other services related to website activity and Internet usage. Google may also transfer this information to third parties where required by law or where such third parties process the information on Google’s behalf. Google will not associate the user’s IP addresses with any other data held by Google. The user can refuse to use cookies at any time by selecting the appropriate settings in their browser. By using this Site, the User consents to the processing of their data by Google for the purposes and methods described above. To view Google’s privacy policy related to the Google Analytics service, please visit http://www.google.com/intl/en/analytics/privacyoverview.html.