Privacy and legal

Privacy Policy

Humilis, with registered office in Via San Francesco 44, 06081, Assisi, PG, Italy, in its capacity as personal data controller according to EU Regulation 679/2016 applicable as of 25 May 2018 - General Data Protection Regulation ("GDPR") (hereinafter referred to as the "GDPR" or the "Applicable Legislation"), hereby discloses this information only for the website ("Site"), while it does not concern and does not apply to other websites that may be consulted through external links, and it is valid as Information provided according to Article 13 ff. of the Applicable Legislation.


The processing of your personal data by Humilis is carried out based on the principles of accountability, lawfulness, fairness, transparency, purpose limitation and storage, data minimization, accuracy, integrity, and confidentiality, in accordance with the provisions of the applicable legislation and the confidentiality obligations set out therein.

1. Data Controller

Humilis, with registered office in Via San Francesco 14, 06081, Assisi, Italy (hereinafter briefly referred to as “Humilis”), for the purposes specified below related to the provision of its services, including the forwarding of information and contact requests through the contact form, the subscription to the newsletter, and the subscription to the site in order to place orders and any service related to online sales and all that is necessary for the operation of this website (hereinafter referred to as the “Site”), processes your personal data acquired during the performance of the Services and/or during your navigation on this website, in its capacity as the Data Controller. The Data Controller determines the purposes and means of the processing of personal data.

1.1. Personal Data Protection Officer
Humilis has not appointed a Personal Data Protection Officer as it is not required to do so under EU Reg. 679/2016 (Art. 37).

1.2. Data Processors.
The complete list of Data Processors is available at Humilis’ head office.

2. Personal data subject to processing

“Personal data” means any information relating to a natural person (the data subject) who is identified or identifiable with particular reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more characteristic elements of his or her physical, physiological, mental, economic, cultural, or social identity.
The personal data collected on this site are:

  1. Navigation data
    The site’s computer systems collect some of your personal data, the transmission of which is implicit in the use of Internet communication protocols. This information is not collected to be associated with you as the data subject, but by its very nature it could nevertheless, through processing and association with data held by third parties, allow you to be identified. Among these are the IP addresses or domain names of the devices used to connect you to the site, the URI notation addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.), and other parameters relating to the operating system and computer environment. This data is used in order to obtain anonymous statistical information on the use of the site and to check its correct functioning; to allow - given the architecture of the systems used - the correct provision of the various functions requested, for security reasons and to ascertain responsibility in the event of hypothetical computer crimes against the site or third parties.
  2. Data provided voluntarily
    Through the site, you, as a data subject, may voluntarily provide us with personal data such as your name and e-mail address in order to contact you through the "Contact us" forms, data necessary to process your orders, such as your shipping address and billing information. Humilis shall process this data in accordance with the applicable law, assuming that it relates to you as the data subject who has provided it or has expressly authorized a third party to provide it in their name and/or on their behalf. In the aforementioned cases, you, as the data subject, and the third party that has provided the data on your/their behalf shall assume all obligations and responsibilities under the law, and shall indemnify Humilis against any objection, claim, request for compensation for damage caused by the processing, etc. that Humilis may receive from other parties whose personal data have been processed through the use of the site in violation of the applicable legislation.
  3. Cookies and related technologies
    Humilis collects your personal data through cookies.
    Cookies are small data files that can be sent from a website to your terminal device (usually your browser), where they are stored and then transmitted back to the site on your next visit. A cookie cannot retrieve any other data from the hard disk of the data subject’s terminal, nor can it transmit computer viruses, or acquire e-mail addresses. Cookies can be used either by the site owner or by third parties and can be easily disabled by the person concerned.
    In order to regularly provide its services, Humilis needs to use certain cookies, including third-party cookies, through this site. Therefore, if you, as the data subject, decide to disable the use of cookies for purely technical reasons, Humilis may not be able to provide you with certain services or deliver them in the requested manner.
    More information on the use of cookies and related technologies can be found by clicking here.

3. Purpose of processing and legal information

The personal data you provide through the site shall be processed by Humilis for the following purposes:

  1. The registration on the Humilis website and all that is necessary for the provision of the services offered, which takes place mainly by automated and computerized means, pre-contractual arrangements, as well as to conclude and execute the processing of your orders.
  2. In the aforementioned cases, Humilis will provide you with additional, specific information on the processing of your personal data in connection with certain services, in addition to this Privacy Policy.
    The legal basis for the processing of your personal data for the purposes described above (point b) is the provision of a contracted service or response to a request and does not require your consent under the applicable law.
  3. Purposes of statistical research/analysis on aggregate or anonymous data, without therefore the possibility of identifying you, purely for the purpose of measuring the operation of the site, evaluating its traffic, use, and interest.
    This purpose (point c) does not involve the processing of personal data.
  4. Purposes relating to the fulfillment of legal obligations, regulations, EU legislation, orders, and prescriptions of the competent authorities to which Humilis is subject.
    The processing related to the above-mentioned purpose (point d) does not require consent as it represents legitimate processing, since it constitutes the fulfillment of legal obligations, including those related to the provision of the services.
  5. The pursuit of a legitimate interest of ours, such as handling complaints and litigation, recovering debts, preventing fraud, and illegal activities.
    The legal basis in this case (point e) is Humilis’ legitimate interest also in exercising and/or defending, where appropriate, its rights in the appropriate forums.
  6. Carrying out commercial and promotional communication activities; to the e-mail address provided by you, as an interested party and already a Humilis customer, regarding services and activities - personalizing the site and commercial offers according to your interests.

Giving your consent to the processing of your personal data for the purposes listed above (point f) is optional, but failure to do so may make it impossible for Humilis to comply with a request or fulfillment to which you are subject or have been requested.
However, we do not carry out profiling operations in relation to the data collected through this site.

4. Recipients

Your personal data may be shared with and communicated, for the purposes specified in point 3 above, in Italy or abroad, to third parties such as:

  • subjects necessary for the provision of the services offered by the site, such as Humilis’ tax and legal consultants in connection with the relevant fulfillments, companies and technical consultants in charge of the management and maintenance of information systems, software, and databases, companies providing financial, administrative, filing, auditing, and financial statement certification services, in any case in strict connection with and within the limits of the fulfillment of their respective tasks and activities, suppliers, postal couriers, hosting providers, communication agencies also appointed, if necessary, as Data Processors by the controller;
  • persons in any case authorized by Humilis for the processing of personal data who have committed themselves to confidentiality or have an adequate legal duty of confidentiality (e.g. employees and collaborators of Humilis);
  • ● judicial authorities in the exercise of their functions when required by the applicable law.

The updated list of Data Processors can always be requested from the Data Controller.

5. Data transfer

Humilis does not transfer personal data abroad on its own initiative. However, some third-party service providers may have their servers physically located abroad (as in the case of e-mail providers). In such cases, the transfer of data abroad will take place exclusively within the scope of and in compliance with EU Reg. 679/2016 (Art. 44 ff.).

6. Data retention

Your personal data will be stored within the European Union and the respective security policies are reviewed in accordance with the relevant rules of good practice.
Humilis will only process your personal data for the time strictly necessary to achieve the purposes detailed and indicated in point 3, for a period of time that is therefore limited and varies according to the type of activity for which the personal data are processed.
Once this period has expired, your data will be permanently deleted or otherwise irreversibly anonymized.

  • Data collected during the purchase of goods on the Humilis website are processed until all administrative and accounting formalities have been completed and filed in accordance with local tax regulations and will be stored for ten years.
  • Data collected to conclude and execute contracts will be kept for ten years from the date of the conclusion of the contract.
  • Data related to invoicing will be kept for ten years from the date of invoicing.
  • Data that you, as a registered user, entered when registering to the site, will be retained until you request that your profile is deleted.
  • The information you provide to Humilis when using the “Contact us” service will be retained for 12 months from the date of communication, unless a contract is concluded.
  • The information you provide us for commercial communications and/or for sending newsletters will be kept until you ask us to stop sending it and/or to unsubscribe from the service, or until you ask us to stop sending it.

7. The rights of the data subject

Within the limits of the applicable law, as the party concerned by the processing of your personal data through the Humilis website, you may exercise the following rights at any time:

  • the right to obtain confirmation of the existence of your personal data and, if so, to obtain access to and a copy of such data. Unless otherwise required by the applicable law, Humilis may refuse to grant access to said copy in the event that the rights and freedoms of others may be infringed;
  • the right to be informed: of the source of the personal data, of the purposes and methods of the processing of personal data, of the logic applied to the processing, if the latter is carried out with the help of electronic means, of the identification data concerning the data controller and, where designated, data processors and the data protection representative, of the entities or categories of entity to whom or which the personal data may be communicated;
  • ● the right to obtain: the updating, rectification, or integration of data; the cancellation, transformation into anonymous form or blocking of data processed in breach of the law, including data whose storage is not necessary in relation to the purposes for which they were collected or subsequently processed, in the cases provided for by the applicable law; the restriction of the processing of personal data in the cases provided for by the law;
  • the right to object, in whole or in part, on legitimate grounds, to the processing of personal data even if pertinent to the purpose of collection, to the processing of personal data for the purpose of sending advertising materials or direct selling, or for the performance of market or commercial communication surveys;
  • the right to withdraw consent at any time where it constitutes the legal basis for the processing, without prejudice to the lawfulness of the processing based on the consent given before the revocation, to complain with the supervisory authority, in the cases provided for by the applicable law, to receive the data in a structured, commonly used and machine-readable format, and to transmit such data to another controller without hindrance;
  • the right to obtain certification that each of the recipients to whom the personal data have been transmitted has received notice of any rectification, or erasure or restriction of processing, unless this proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected. In any case, upon express request as a data subject, you may also obtain the contact details of the said recipients.

To exercise these rights, or to obtain any other information about them and, more generally, about the processing of your personal data, requests may be made by e-mail to the following address:

8. Modifications

This Privacy Policy is effective as of 25 May 2018. Humilis reserves the right to modify or simply update its content, in part or in full, also due to changes in applicable law. Humilis shall inform you of such changes as soon as they are introduced and they shall be binding as soon as they are published on the site. In any event, any changes made to this Policy over time shall be duly published in the appropriate section of this site.

Copyright and all its contents are the property of Humilis.

This includes documentation, images, fonts, design, music, software, code, and format scripts.

The material contained on the website is protected by copyright.

Any reproduction, alteration, transmission, publication, or redistribution to third parties for commercial purposes is strictly prohibited without the express written consent of Humilis.

Humilis prohibits the use of the content or trademarks on the site for any purpose or ends other than those mentioned above.

The images contained on the website are the property of Humilis.

Any use of such images without the written consent of Humilis shall be prosecuted in accordance with the law.