DragonStore

Privacy Policy

Last updated: 4/1/2026

1. Data Controller

The Data Controller is DragonStore.
For any privacy-related inquiries, please contact us at: privacy@dragonstore.it.

2. Types of Data Collected

We collect various types of personal data to provide our services:

  • Identification and contact data: Name, surname, email address, phone number, shipping and billing address.
  • Payment data: Information necessary to process payments (managed via secure providers like Stripe or PayPal, we do not store full credit card data).
  • Account data: Username, password (encrypted), order history, preferences.
  • Navigation data: IP address, browser type, device used, pages visited (via cookies and similar technologies).

3. Purpose and Legal Basis of Processing

We process your data for the following purposes:

  • Contract execution: To manage orders, shipments, payments, and customer support. (Legal basis: Contract execution).
  • Legal obligation fulfillment: To comply with tax, accounting, and administrative obligations. (Legal basis: Legal obligation).
  • Marketing and Newsletter: To send you promotional offers and news, only if you have provided your explicit consent. (Legal basis: Consent).
  • Security and fraud prevention: To protect the site and users from fraudulent activities. (Legal basis: Legitimate interest).
  • Statistical analysis: To improve our services by analyzing data in aggregated and anonymous form. (Legal basis: Legitimate interest).

4. Data Recipients

Your data may be shared with third parties strictly necessary for service delivery:

  • Couriers and shipping companies: For product delivery.
  • Payment service providers: For secure transaction management.
  • IT service providers: For hosting, site maintenance, and email marketing services (if subscribed to the newsletter).
  • Competent authorities: If required by law or to protect our rights.

5. Extra-EU Data Transfer

Your data is primarily stored within the European Union. Should it be necessary to transfer data outside the European Economic Area (e.g., for cloud or analytics services), we ensure that the transfer takes place in compliance with GDPR guarantees (e.g., Standard Contractual Clauses or adequacy decisions).

6. Retention Period

  • Purchase-related data: Retained for 10 years as required by tax and civil regulations.
  • Account data: Retained as long as the account is active.
  • Marketing data: Retained until consent is revoked (unsubscribe).

7. Your Rights

In compliance with GDPR, you have the right to:

  • Access your personal data.
  • Request correction of inaccurate data or integration of incomplete data.
  • Request deletion of data (right to be forgotten), where applicable.
  • Limit the processing of your data.
  • Request data portability.
  • Object to processing at any time (e.g., for direct marketing).
  • Revoke consent at any time.

To exercise your rights, contact us at: privacy@dragonstore.it. You also have the right to lodge a complaint with the supervisory authority.

Cookies in use
Manage your consent

Necessary

Active

These cookies are essential for the website to function properly and cannot be disabled.

Functional

Inactive

These cookies allow the website to remember choices you make (such as your language or region).

Analytics

Inactive

These cookies help us understand how visitors interact with the website by collecting and reporting information anonymously.

Marketing

Inactive

These cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user.