Free 24/48h shipping on orders over €49.99*
Pay cash on delivery
Skip to content

Quick links

Cart (€0,00)

Quick links

Your cart

Your cart is empty

Continue shopping

Privacy policy

Privacy Policy of www.celebrestore.com

Last updated: 19 April 2026

This Privacy Policy describes how Celebre Srl collects, uses, stores and discloses the personal data of users who visit and use the website www.celebrestore.com (hereinafter, the “Site”), including for the purpose of purchasing products and services online.

The Site is hosted and managed via the Shopify platform, which supports the provision of e-commerce services. Due to the use of this platform, some personal data may also be processed by Shopify as described in this privacy notice and Shopify’s privacy documentation. For certain platform features, Shopify may also process data for its own purposes and according to its own processing methods

Users are invited to read this Privacy Policy carefully before using the Site.

1. Data controller

The Data Controller is:

Celebre Srl
Via Nazionale 56/E
80059 Torre del Greco (NA)
Italy

Contact email: info@celebrestore.com

Pursuant to applicable data protection laws, Celebre Srl acts as the data controller of the personal data collected through the Site.

2. Types of personal data collected

When using the Site, we may collect, directly or through third parties, the following categories of personal data:

  • Identification and contact data, such as first and last name, email address, telephone number;
  • Billing and shipping data, such as billing address, shipping address, city, ZIP code, province, country;
  • Order and transaction data, such as products viewed, added to cart, purchased, returned or exchanged, amounts, payment confirmations, purchase history;
  • Account data, such as login credentials, account preferences and settings;
  • Payment-related data, to the extent necessary for transaction management; complete payment details are generally processed directly by payment service providers;
  • Usage data, such as IP address, pages visited, time of requests, session duration, navigation path, interactions with Site pages;
  • Device and browser information, such as device type, operating system, browser used, device identifiers, network connection;
  • Data collected via tracking tools, such as cookies, pixels, tags, web beacons and similar technologies;
  • Data contained in communications sent by the User, for example support requests, reports, complaints or messages sent by email or via contact forms;
  • Other categories of data voluntarily provided by the User in the course of the relationship with the Data Controller.

Unless otherwise specified, the data requested by the Site are necessary to provide the requested services. Failure to provide such data may make it impossible to provide the service, complete a purchase, or process the User’s requests.

3. Source of personal data

Personal data may be collected:

  • directly from the User, when placing an order, creating an account, subscribing to the newsletter, contacting the Data Controller or filling in forms on the Site;
  • automatically, while browsing the Site, via cookies and other tracking tools;
  • from service providers and third-party partners, including technology providers, payment providers, advertising, analytics, logistics and review services;
  • from Shopify, which supports the online store infrastructure and certain service-related features

4. Purposes of processing and legal basis

User personal data are processed for the following purposes.

4.1 Service delivery, site and account management

Data are processed to:

  • allow navigation and correct functioning of the Site;
  • create and manage the user account;
  • enable access to restricted areas;
  • save preferences, carts and settings.

Legal basis: performance of a contract or pre-contractual measures; the Data Controller’s legitimate interest in the correct operation of the platform.

4.2 Order processing, payments, shipping, returns and customer support

Data are processed to:

  • receive, confirm and manage orders;
  • process payments;
  • arrange shipping, delivery, returns and exchanges;
  • provide customer support;
  • issue administrative, accounting and tax documents.

Legal basis: performance of a contract; compliance with legal obligations.

4.3 Service-related communications

Data may be used to send communications strictly related to the requested services, such as:

  • order confirmations;
  • shipping updates;
  • account notifications;
  • technical or administrative communications;
  • responses to support requests.

Legal basis: performance of the contract; compliance with legal obligations; legitimate interest of the Data Controller.

4.4 Direct marketing and newsletter

With prior consent, or where permitted by law, User data may be used to send:

  • newsletters;
  • commercial and promotional communications;
  • updates on products, offers, initiatives and Site news.

The User’s email address may be added to the mailing list following registration, purchase or explicit subscription, in compliance with applicable law.

Legal basis: User consent; where applicable, the Data Controller’s legitimate interest within the limits permitted by law.

The User may object to direct marketing at any time, including by using the unsubscribe link in received communications.

4.5 Statistics and traffic analysis

Data may be processed to:

  • analyze Site traffic;
  • measure page performance;
  • understand user behavior;
  • improve features, content, products and services.

Legal basis: User consent when required for non-technical or profiling tools; legitimate interest of the Data Controller for aggregated statistics or strictly necessary technical tools.

4.6 Advertising and ad personalization

Data collected via tracking tools and advertising services may be used to:

  • display advertisements;
  • measure campaign effectiveness;
  • deliver personalized commercial content;
  • perform remarketing or behavioral advertising activities.

Legal basis: User consent, where required.

4.7 Security, fraud prevention and rights protection

Data may be processed to:

  • protect the Site and its systems;
  • prevent unauthorized access, fraudulent activity, abuse and unlawful behavior;
  • establish, exercise or defend a right in judicial or extrajudicial proceedings.

Legal basis: legitimate interest of the Data Controller; compliance with legal obligations.

4.8 Compliance with legal obligations

Data may be processed to comply with obligations established by laws, regulations, tax, accounting or administrative requirements, or by orders from competent authorities.

Legal basis: legal obligation.

5. Processing methods

Personal data processing is carried out using IT and telematic tools and, where necessary, paper-based systems, with logic strictly related to the purposes indicated above and adopting appropriate security measures to prevent unauthorized access, disclosure, alteration or destruction of data.

The Data Controller adopts appropriate technical and organizational measures taking into account the nature of the data processed and the risks related to processing. It should be noted that no transmission or storage system can be considered absolutely secure

6. Services and parties involved in processing

To pursue the purposes indicated above, the Data Controller may use third parties who process personal data on behalf of the Controller or, in some cases, as independent controllers.

Examples of such parties include:

  • hosting and e-commerce platform providers;
  • IT service and maintenance providers;
  • payment service providers;
  • couriers, shippers and logistics operators;
  • analytics and advertising service providers;
  • administrative, tax, legal and professional consultants;
  • parties in charge of managing reviews and customer satisfaction.

Where necessary, these parties may be appointed as Data Processors pursuant to Art. 28 GDPR, or operate as independent controllers.

The updated list of data processors can be requested from the Data Controller using the contact details provided above.

7. Shopify

The Site uses Shopify, a platform provided for managing and hosting the online store, the shopping experience, customer accounts, checkout and related functions.

In the context of this service, data such as the following may be processed:

  • name and surname;
  • email address;
  • phone number;
  • billing and shipping address;
  • order-related data;
  • device information;
  • usage data;
  • tracking tools;
  • information related to payments and transactions, to the extent necessary.

Shopify supports the Data Controller in delivering the Services and may process data on behalf of the Controller. For certain platform features and specific privacy requests, Shopify may also process personal data for its own purposes and according to its privacy documentation. For more information, Users are invited to consult Shopify’s privacy notice and portal.

8. Payment processing

Payments made through the Site are, unless otherwise indicated, handled by external payment service providers. In general, payment data are submitted directly by the User to the chosen provider and are not fully collected or stored by the Data Controller.

The Data Controller normally receives limited information, such as payment confirmation, transaction outcome and data necessary for administrative management of the order.

Payment services used or potentially usable on the Site include:

PayPal

PayPal is an online payment service provided by PayPal.

Data processed: various types of data as set out in the service’s privacy policy.

Google Pay

Google Pay is a payment service provided by Google Ireland Limited.

Data processed: various types of data as set out in the service’s privacy policy.

9. Newsletter and promotional communications

The Site may use a mailing list or newsletter to send informational and promotional communications.

By subscribing to the newsletter or through purchase/registration, where permitted by applicable law, the User’s email address may be used to send:

  • updates on products and services;
  • commercial offers;
  • promotional initiatives;
  • informational content related to the Data Controller’s activities.

The User may withdraw consent or object at any time to the sending of promotional communications, without affecting the lawfulness of processing carried out prior to the withdrawal.

10. Advertising

The Site may use advertising services that allow showing ads or banners, including personalized ones based on the User’s interests and behavior.

Google AdSense

Google AdSense is an advertising service provided by Google Ireland Limited. The service may use tracking tools, including cookies and similar identifiers, to analyze Site usage, measure campaign effectiveness and personalize ads.

Data processed: usage data; tracking tools.

To better understand how Google uses data and manage advertising preferences, Users may refer to the information made available by Google. The use of non-technical tracking tools for advertising purposes is subject, where required, to the User’s consent

11. Statistics

The Site may use web analytics services to monitor traffic and user behavior.

Google Analytics

The Site may use Google Analytics, a web analytics service provided by Google Ireland Limited, to collect statistical information on Site usage, create reports and improve offered services.

Data processed: usage data; tracking tools.

Activation of cookies or other non-technical tracking tools for statistical purposes is carried out, where necessary, only with the User’s prior consent

12. Review services

The Site may use services for collecting reviews and customer feedback.

Pixel S.r.l. – Trusted Program Trovaprezzi.it

Pixel S.r.l., represented by its pro tempore legal representative, is appointed as data processor of the User’s data, in particular the email address, for managing review requests within the Trusted Program of the site www.trovaprezzi.it, to the extent and in the manner necessary for the service.

13. Cookies and other tracking tools

The Site uses cookies and other tracking tools for technical, statistical, functional and, where applicable, marketing and profiling purposes.

Tracking tools strictly necessary for the functioning of the Site may be used without consent, within the limits permitted by law.
Non-technical tracking tools, including those for non-anonymized analytics, advertising or profiling, are used only with the User’s prior consent where required by applicable law. The cookie guidance from the Data Protection Authority requires that such preferences be managed in a clear and granular manner

For more information, including managing preferences and withdrawing consent, the User can consult the Site’s Cookie Policy and the related banner/preference management panel.

14. Disclosure and dissemination of data

Personal data may be disclosed, to the extent strictly necessary, to:

  • Shopify and e-commerce platform providers;
  • payment providers;
  • hosting and technical support companies;
  • couriers, shippers and logistics partners;
  • partners for marketing, analytics, advertising or review services;
  • consultants, professionals and parties providing support services to the Data Controller;
  • public authorities, bodies, supervisory authorities or parties entitled to request data by law.

Personal data are not published indiscriminately, unless required by law or expressly authorized by the User.

15. International data transfers

Personal data may be processed and stored in countries other than the one in which the User is located. In particular, some technology providers used by the Site, including Shopify, may operate through infrastructures and entities located outside the European Economic Area.

When personal data are transferred outside the EEA or the United Kingdom, the Data Controller implements appropriate safeguards under applicable law, such as adequacy decisions or standard contractual clauses approved by the European Commission, where required

Users can request more information about the safeguards in place by contacting the Data Controller.

16. Data retention period

Personal data are retained for the time strictly necessary to achieve the purposes for which they were collected, unless legal obligations or the need to protect the Data Controller require longer retention.

In particular:

  • data relating to purchases and the contractual relationship are retained for the time necessary to perform the contract and for subsequent administrative, tax, accounting and legal obligations;
  • account data are retained until account closure or for the period necessary to manage the service;
  • data processed for marketing purposes are retained until consent is withdrawn or the User objects, unless other legal obligations apply;
  • data collected for security and fraud prevention purposes may be retained for the time necessary to protect the Data Controller;
  • data collected via cookies and other tracking tools are retained as indicated in the Cookie Policy or in the providers’ notices.

At the end of the retention period, data will be deleted or anonymized, except where further retention is required by law.

17. User rights

Under Regulation (EU) 2016/679 (“GDPR”) and applicable law, the User may exercise the following rights:

  • obtain confirmation as to whether personal data concerning them are being processed;
  • access their personal data;
  • request rectification or updating;
  • request erasure;
  • request restriction of processing;
  • object to processing, where applicable;
  • receive data in a structured, commonly used and machine-readable format and request data portability, where applicable;
  • withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal;
  • lodge a complaint with the competent supervisory authority, in Italy the Italian Data Protection Authority (Garante);
  • obtain information on safeguards adopted in the event of transfers of data to third countries.

Requests can be sent to the contact details of the Data Controller indicated in this Privacy Policy. The Controller will respond within the timeframes required by applicable law.

18. Right to object to direct marketing

When personal data are processed for direct marketing purposes, the User may object at any time, free of charge and without having to provide any reason.

Following the objection, personal data will no longer be processed for such purposes.

19. Minors’ data

The Site is not intended for use by minors and the Data Controller does not knowingly collect personal data from persons under the age provided for by applicable law.

If a parent or guardian believes a minor has provided personal data via the Site, they may contact the Data Controller to request its deletion.

20. Data security

The Data Controller adopts appropriate technical and organizational security measures to protect personal data. However, no security system is completely invulnerable and no Internet transmission can be guaranteed to be absolutely secure.

Users are advised to use secure channels to transmit confidential information and to carefully safeguard their access credentials.

21. Third-party websites and services

The Site may contain links to third-party websites, apps or services. The Data Controller does not control these parties and is not responsible for their privacy practices, content or security measures.

Users are therefore invited to consult the privacy policies of third-party sites or services before interacting with them.

22. Legal defense and additional information

User personal data may be used by the Data Controller in legal proceedings or in the preparatory stages for defending against abuses in the use of the Site or related services.

For operational and maintenance needs, the Site and third-party services used may collect system logs and other information, which may include personal data such as IP address.

Further information on the processing of personal data can be requested at any time by contacting the Data Controller.

23. Changes to this Privacy Policy

The Data Controller reserves the right to modify this Privacy Policy at any time, including to adapt it to regulatory, technical or organizational changes.

Changes will be published on this page with an updated last modified date. If changes affect processing based on consent, the Controller will, where necessary, collect the User’s consent again.

24. How to contact us

For any questions about this Privacy Policy, to exercise rights under applicable law or to request further information, you may contact:

Celebre Srl
Via Nazionale 56/E
80059 Torre del Greco (NA)
Italy
Email: info@celebrestore.com

25. Key definitions

Personal data: any information that identifies or makes an individual identifiable.
User: the person using the Site.
Data subject: the natural person to whom the personal data refer.
Data Processor: the entity that processes personal data on behalf of the Data Controller.
Data Controller: the entity that determines the purposes and means of processing personal data.
Usage data: information collected automatically through the Site, such as IP address, browser, operating system, access times, pages visited and navigation path.
Cookies / Tracking tools: technologies used to collect or store information on the User’s device and to monitor interactions with the Site.

Quick
Shipping within 24-48 hours
Free from €49.99
Easy
90-Day Returns

Shop with confidence — you have 90 days to return your products.

Secure
Installment payments available

Pay in 3 interest-free installments by selecting Klarna or Scalapay at checkout