Last updated: 18 May 2026 — English translation of our Italian Privacy Policy. The Italian version remains the legally binding text in case of interpretation.

1. Data controller

AN FED AGRI Srl Società Agricola, Via San Rocco 17, 28100 Lumellogno (Novara), Italy. Contact: info@risoacquaesole.it.

2. Categories of data we collect

• Order and account data: first name, surname, email, postal address, phone, payment method (not card details directly, handled by the payment provider).
• Order history and preferences.
• Newsletter subscription data: email and consent.
• Browsing data: via cookies and analytics (see Cookie Policy).
• Communication data: when you contact us by email or contact form.

3. Purposes

• Contract performance (process your order, deliver the product, customer support).
• Legal obligations (invoicing, tax, accounting).
• Marketing communications, only with your explicit consent.
• Site performance and analytics (anonymised), based on legitimate interest.

4. Legal basis

We process your personal data under one or more of the following legal bases under Article 6 GDPR: contract performance, consent, legal obligation, legitimate interest.

5. Data retention

Order and account data: retained for 10 years for tax and accounting purposes. Newsletter data: until you withdraw consent. Browsing data: see Cookie Policy.

6. Your rights

Under Articles 15-22 GDPR you have the right to: access your data, rectification, erasure, restriction of processing, data portability, objection. To exercise these rights, write to us at info@risoacquaesole.it.

You also have the right to lodge a complaint with the supervisory authority: in Italy, the Garante per la Protezione dei Dati Personali (garanteprivacy.it); in your country of residence, the equivalent national data protection authority.

7. Data transfers outside the EU

Some of our service providers (e.g. payment platforms, email service providers, analytics tools) may process data in countries outside the European Union. In such cases, transfers are made on the basis of European Commission adequacy decisions, Standard Contractual Clauses, or other valid GDPR safeguards.

8. Cookies

For details on cookies used on our site, please refer to our Cookie Policy.

9. Data breach notification

In the event of a personal data breach likely to result in a high risk to your rights and freedoms, we will notify you without undue delay, in accordance with Article 34 GDPR.

10. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. The current version is always available on this page.