Privacy Policy

Last Updated: November 5, 2025

1. Introduction

Welcome to MIIBC ceramic. We are committed to protecting your privacy and handling your personal data in an open and transparent manner. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website www.miibcceramic.com or make a purchase from us.

We are the data controller of your personal data under the EU General Data Protection Regulation (GDPR). If you have any questions, please contact us using the details below.

2. Who We Are (Data Controller)
  • Name: MIIBC ceramic
  • Address: Via Marco D’agrate 19B, Milan,Italy 20139
  • Contact Email: info@miibcceramic.com
3. The Data We Collect About You

We may collect, use, store, and transfer different kinds of personal data which we have grouped together as follows:

  • Identity Data: First name, last name, username, or similar identifier.
  • Contact Data: Billing address, shipping address, email address, and telephone numbers.
  • Financial Data: Payment card details. Note: All payments are processed by our secure third-party payment processors (e.g., Stripe, PayPal). We do not store your full card details on our servers.
  • Transaction Data: Details about payments to and from you, and other details of products you have purchased from us.
  • Technical Data: Internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website.
  • Profile Data: Your username and password, purchases or orders made by you, your interests, preferences, feedback, and survey responses.
  • Usage Data: Information about how you use our website, products, and services.
  • Marketing and Communications Data: Your preferences in receiving marketing from us and our third parties and your communication preferences.
4. How We Use Your Personal Data (Our Legal Basis)

We will only use your personal data when the law allows us to. Our primary legal bases under GDPR are:

  • Performance of a Contract: Processing necessary to fulfill your order (e.g., shipping, payment).
  • Legitimate Interests: Our business needs to operate effectively, provided your rights do not override them (e.g., website security, analytics).
  • Consent: Where you have given clear consent for us to process your data for a specific purpose (e.g., marketing emails).
  • Legal Obligation: Processing necessary to comply with the law (e.g., tax, accounting).
Purpose/ActivityType of DataLawful Basis for Processing
To register you as a new customerIdentity, ContactPerformance of a contract
To process and deliver your order (including manage payments, fees, and collect and recover money owed to us)Identity, Contact, Financial, TransactionPerformance of a contract, Legitimate Interests (to recover debts)
To manage our relationship with you (e.g., customer support, notifying you about changes to our terms or policy)Identity, Contact, Profile, Marketing & CommsPerformance of a contract, Legal Obligation
To administer and protect our business and this website (troubleshooting, data analysis, testing, system maintenance, support, reporting, hosting)Identity, Contact, TechnicalLegitimate Interests (for running our business, provision of administration and IT services, network security)
To use data analytics to improve our website, products/services, marketing, customer relationships and experiencesTechnical, UsageLegitimate Interests (to define types of customers for our products and services, to keep our website updated and relevant)
To send you marketing communications about our products, offers, and newsIdentity, Contact, Profile, Usage, Marketing & CommsConsent (for direct marketing)
5. Marketing Communications

You will receive marketing communications from us only if you have explicitly requested information from us or purchased goods from us and you have not opted out of receiving that marketing.

You can ask us to stop sending you marketing messages at any time by:

  • Clicking on the ‘unsubscribe’ link in any marketing email.
  • Contacting us at any time at info@miibcceramic.com.
6. Cookies

Our website uses cookies and similar tracking technologies to distinguish you from other users. This helps us to provide you with a good experience and allows us to improve our site.

For detailed information on the cookies we use and the purposes for which we use them, please see our Cookie Policy.

7. Data Sharing and International Transfers

We may share your personal data with the following third parties for the purposes set out in this policy:

  • Service Providers: Payment processors (e.g., Stripe, PayPal), shipping and delivery companies (e.g., DHL, UPS), IT and system administration services, and analytics providers (e.g., Google Analytics).
  • Professional Advisers: Lawyers, bankers, auditors, and insurers.
  • Authorities: Where required by law.

Some of these third parties may be located outside the European Economic Area (EEA). Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded by using specific contracts approved by the European Commission (Standard Contractual Clauses).

8. Data Security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way. We limit access to your personal data to those employees and partners who have a business need to know.

9. Data Retention

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. For example, we are required by tax law to keep basic information about our customers (including Contact, Identity, Financial, and Transaction Data) for 10 years after they cease being customers.

10. Your Legal Rights Under GDPR

Under certain circumstances, you have rights under data protection laws in relation to your personal data:

  • The right to access – You can request a copy of the personal data we hold about you.
  • The right to rectification – You can request correction of any inaccurate or incomplete data.
  • The right to erasure (the “right to be forgotten”) – You can ask us to delete your personal data.
  • The right to restrict processing – You can request that we suspend the processing of your data.
  • The right to data portability – You can request a transfer of your data to another service.
  • The right to object – You can object to our processing of your data, particularly for direct marketing.
  • Rights in relation to automated decision making and profiling – We do not use solely automated decision-making.

To exercise any of these rights, please contact us using the details in Section 2. We will respond to all legitimate requests within one month.

11. Changes to This Privacy Policy

We may update this policy from time to time. The latest version will always be posted on this page with the “Last Updated” date. We will notify you of any material changes by email or a notice on our website.