Data controller
The data controller of the personal data collected through this website is Shibumi S.p.A., Piazza della Repubblica 32, 20124 Milan (Italy), contact email connect@shibumi.group.
Legal
Privacy Policy
Last updated: May 4, 2026.
Categories of data processed
The website processes the data voluntarily submitted through the contact form: first name, last name, business email and message content. Technical data strictly necessary for server operation may also be processed, such as IP address, timestamp and access logs.
Purposes and legal basis
Contact form data is processed to handle the request, reply to the message and carry out pre-contractual steps requested by the data subject. The legal basis is Article 6(1)(b) GDPR.
How data is processed
Data is transmitted by the website to the server-side email endpoint and forwarded to connect@shibumi.group. Access is limited to authorised personnel handling commercial and operational follow-up.
Retention
Data submitted through the form is retained for the time necessary to manage the request and subsequent follow-up. When no longer needed, it is deleted or otherwise no longer used, unless retention is required by law or for the controller's legitimate defence.
Recipients
Data may be processed by technical suppliers hosting the website, managing the server or the email infrastructure, appointed where necessary as processors under Article 28 GDPR.
Transfers outside the EEA
The website is designed to minimise transfers to third parties. As of the update date of this notice, no unnecessary external fonts or scripts are loaded from third parties. Any transfers related to the hosting provider's infrastructure are governed by the provider's contractual safeguards.
Data subject rights
Data subjects may exercise their rights of access, rectification, erasure, restriction, objection and portability under Articles 15-22 GDPR by writing to connect@shibumi.group. They also have the right to lodge a complaint with the competent supervisory authority.