Privacy Policy

GDPR

Effective date: March 30, 2025

1.     General Data Protection Regulation (GDPR) Privacy Notice (For EEA Users)

GDPR [Link: https://gdpr-info.eu/] stands for General Data Protection Regulation. It's a European Union (EU) law that protects citizens' personal data from being misused by private and public sector organizations. The GDPR went into effect on May 25, 2018. 

 

2.     Data Controller

Cosa Piora is the data controller of your personal data collected through cosapiora.com, unless otherwise specified.

 

3.     Legal Bases for Processing

We only process your personal data when we have a legal basis under the GDPR. This includes:

     Contractual necessity: To fulfill a purchase, deliver goods/services, manage your account, or respond to inquiries.

     Consent: For email marketing or placing non-essential cookies.

     Legitimate interests: For fraud prevention, service improvement, and analytics.

     Legal obligation: To comply with legal or regulatory requirements.

 

4.     Your Rights Under GDPR

As an EEA resident, you have the following rights:

     Right to Access – Request a copy of the personal data we hold about you.

     Right to Rectification – Correct inaccurate or incomplete data.

     Right to Erasure (“Right to be Forgotten”) – Ask us to delete your data in certain circumstances.

     Right to Restrict Processing – Limit how we process your data.

     Right to Data Portability – Receive your data in a structured format or request it be sent to another provider.

     Right to Object – Object to processing for direct marketing or legitimate interest.

     Right to Withdraw Consent – Revoke consent at any time (e.g. for newsletters).

     Right to Lodge a Complaint – Contact your local data protection authority.

 

5.     International Transfers

We may transfer your data outside the EEA, including to the United States, where our servers and third-party providers (like Shopify and payment processors) are located. We ensure appropriate safeguards such as Standard Contractual Clauses (SCCs) approved by the European Commission or other lawful mechanisms.

 

6.     Data Retention

We retain personal data only as long as necessary to fulfill the purposes outlined in our Privacy Policy, comply with legal obligations, resolve disputes, or enforce our agreements.

 

7.     Automated Decision-Making

We do not use automated decision-making (including profiling) that significantly affects you unless:

     It is necessary for a contract;

     It is authorized by law; or

     You have given explicit consent.

 

8.     Contact Us

To exercise any of your GDPR rights, please contact us at:

     Email: legal@cosapiora.com

We may ask for identity verification before fulfilling your request.

ERROR MESSAGE

CONFIRMATION EMAIL HAS BEEN SENT.
PLEASE VERIFY IT THROUGH EMAIL.

YOU MUST AGREE WITH THE
TERMS & CONDITIONS, SHIPPING, AND RETURN POLICY OF SALES TO PROCEED.

To ensure the accuracy of items in your Shopping Bag,
please remove “Out-of-Stock” products.

Please select the product(s) for removal.

Please select the product(s) to add to the shopping bag.

REGISTRATION WAS SUCCESSFULLY COMPLETED. THANK YOU FOR YOUR REGISTRATION.

Personal information was updated successfully.

Additional product(s) cannot be added.
Please change your quantity.

Registration was successful.
THANK YOU FOR YOUR REGISTRATION.

Unsupported browser: Internet Explorer

effective of january 2021, cosa piora will no longer support the use of
internet Explorer as it is difficult for us to provide best user experience and
protect private customer information. There have been no updates on basic security
and general technical maintenance which has become increasingly challenging
to make improvements and add additional new features on our website.
please use the following browsers.


Recommended browsers: