The italian Bags & straps factory, since 1988  |  +39 071 750 1492

Privacy policy



This document ("Information") intends to provide you with information regarding the processing of information, as specified below, which will be provided by you or in any case available at our facility and which will be processed by the same and/or by other subjects identified for the purposes indicated below. The Information, in particular, is provided pursuant to EU Regulation no. 679/2016 ("GDPR") and subsequent national adaptation rules (jointly with the GDPR hereinafter "Applicable Law").

1. Identity and contact details of the Data Controller
The Data Controller, i.e. the legal entity that determines the purposes and means of processing personal data, is Stefy Line SRL with registered office in Via Paolo Soprani 52 – 62019 Recanati (MC), Tel. (071 7501492) (hereinafter “Data Controller ").

2. Contact details of the Data Protection Officer (so-called "RPD-DPO")
The Data Controller does not carry out activities that require the appointment of the person in charge of personal data protection.

3. Purpose and legal basis of the processing
The Personal Data collected will be processed for the purposes and on the basis of the legal bases set out below: for the management of your contractual relationship or to implement pre-contractual measures (such as, for example, the request for information or a quote). In this case, you are free to provide your Personal Data, even particular ones; however failure to provide it will not allow you to establish the aforementioned relationship and satisfy your request. Legal basis of the treatment the treatment is necessary in relation to the execution of a contract of which you are a part

4. Categories of personal data processed (pursuant to article 14)
Within the limits of the purposes and methods described in this Information, information that can be considered as "Personal Data" may be processed, which includes your personal details, your contact details (such as, for example, mobile phone number, e-mail address , etc.).

5. Recipients and categories of recipients
Personal data will not be disclosed, i.e. it will not be disclosed to indeterminate subjects. Instead, they may be communicated to well-defined subjects, in full compliance with the provisions of the law, for purposes strictly related to those previously indicated. Any access to your personal data is limited to subjects authorized by the Data Controller. The communication to the identified recipients, only if involved and functional, is linked to the achievement of the purposes referred to in point 3 above, therefore the personal data collected and processed may be:
a) used anonymously for statistical purposes;
b) made available to the Data Controller's collaborators, as Managers or persons authorized to process personal data;
c) disclosed to natural or legal third parties, public administrations, professionals, law enforcement agencies, government bodies, regulatory bodies, courts or other public authorities authorized by law;
d) communicated to commercial partners, only in case of prior and express consent of the User.
e) if necessary, transferred to another Data Controller in accordance with the provisions of the GDPR, also with regard to the right to data portability.

The information may also be communicated whenever the communication may be necessary to fulfill requests from the Judicial Authorities or Public Safety. The data collected will not be disclosed under any circumstances.

The list of personal data processors is available at the headquarters of the Data Controller.

6. Transfer of data abroad The data will not be transferred outside the European Union.

7. Data retention period (determination criteria)
Below is a table that contains indications of retention times (i.e. determination criteria) of Personal Data:

point 3, letter a): contract management

Storage times
For the entire duration of the relationship and subsequently for 10 years (ordinary prescription).

8. Methods of data processing
The processing of Personal Data will take place using manual, computerized or telematic tools, suitable for guaranteeing its security and confidentiality and will be performed by personnel duly trained in compliance with the Applicable Regulations.

In cases where it is necessary to contact you for needs related to the management of your position, you can be contacted via e-mail, text message, or through any equivalent electronic tool or by paper mail or call through an operator at all the contact details provided. If you prefer to be contacted only at one or some of these addresses, you can expressly request it by writing to the email address

9. Rights that are recognized to you
We inform you that you may exercise the rights recognized by the Applicable Law including, by way of example, the right (i) to access your Personal Data (and to know the origin, purposes and purposes of the processing, the data of subjects to which they are communicated, the data retention period or the criteria useful for determining it), (ii) to request their rectification, (iii) their cancellation ("oblivion"), if no longer necessary; incomplete, erroneous or collected in violation of the law, (iv) to request that the processing be limited to a part of the information concerning you; (v) to the extent that it is technically possible, to receive in a structured format or to transmit to you or to third parties indicated by you the information concerning you (so-called "portability" of the information concerning you and of those that have been voluntarily provided); (vi) as well as to revoke your consent at any time, in the event that this constitutes the basis of the treatment. In any case, the withdrawal of consent does not affect the lawfulness of the processing based on the consent given before the withdrawal itself.

You also have the right to object to the processing of your Personal Data, including profiling. The aforementioned rights may be exercised by sending an informal written request to the Data Controller at the contacts indicated in point 1.

The Owner must do so without delay and, in any case, at the latest within one month of receiving the request. The deadline may be extended by two months, if necessary, taking into account the complexity and number of requests received from the Data Controller. In such cases, the Data Controller will inform you and inform you of the reasons for the extension within one month of receiving your request.

I remind you that, if the response to your requests has not been satisfactory in your opinion, you can contact and lodge a complaint with the Guarantor Authority for the Protection of Personal Data ( in the ways provided for by the Regulations Applicable.

Do you like our products?
Leave us your contact details, we will keep you updated!