Free shipping on orders over 250€+

Menu
0

Free shipping on orders over 250€+

0

Your Cart is Empty

Shop All
  • Categories
  • Signature Collections
  • Featured Collections
    • Signature
    • Collections

    • Privacy policy

    PRIVACY & COOKIE POLICY

    Last updated: 13 May 2026

    Introduction

    CITIMI (operated by Zoe Monaco SNC) is committed to protecting the privacy and security of personal data of all our users and customers. Privacy and data security represent a priority for our organization.

    It is important to us that you understand, in a clear and transparent way, why and how we collect, store, share, and use your personal data — and what controls and choices you have. This is the purpose of this Privacy and Cookie Policy (the "Policy").

    By using our website verendi.com (the "Site"), creating an account, placing an order, subscribing to our newsletter, or otherwise interacting with us, you acknowledge that you have read this Policy and understood how we process your personal data.

    Data Controller

    The Data Controller of your personal data is:

    Zoe Monaco SNC (operating under the brand name "CITIMI")
    Registered office: Corso di Porta Vittoria 50, 20122 Milano
    P.IVA: 03491710046
    REA: MI-2077344
    Camera di Commercio: Milano
    Email: info@citimijewelry.com

    For any questions regarding this Policy or to exercise your rights, you can contact us at info@verendi.com.

    Scope of this Policy

    This Policy applies to all personal data collected by us through:

    • Our website verendi.com and any related subdomains
    • Online purchases and customer accounts on our Site
    • Newsletter subscriptions and marketing communications
    • Customer support interactions (email, contact forms, WhatsApp)
    • Cookies and similar tracking technologies used on the Site
    • Any other interaction between you and CITIMI

    This Policy is provided in accordance with Article 13 of Regulation (EU) 2016/679 ("GDPR") and Italian Legislative Decree no. 196/2003 (as amended by Legislative Decree 101/2018, "Codice Privacy").

    Personal Data We Collect

    We collect the following categories of personal data, depending on how you interact with us:

    • Contact details — name, surname, email address, phone number, billing address, shipping address, and tax number (where required for invoicing).
    • Account information — username, password (in encrypted form), preferences, wishlist items, and order history.
    • Transaction information — products you have viewed, added to cart, purchased, or returned; payment confirmation and order details. Note: we do not store your credit card information — payments are processed securely by our payment provider (PayPal).
    • Communications data — content of emails, support tickets, or messages exchanged with our customer service team.
    • Technical and usage data — IP address, browser type, device type, operating system, pages visited, time spent on pages, referring URL, and other technical information collected automatically when you visit our Site.
    • Marketing preferences — your subscription status for our newsletter and your interaction with marketing communications (such as email opens and clicks).

    We do not knowingly collect any "special categories" of personal data under GDPR Article 9 (such as health, religious beliefs, ethnic origin). Please do not provide us with such information.

    Sources of Personal Data

    We collect personal data from the following sources:

    • Directly from you — when you create an account, place an order, subscribe to our newsletter, contact our customer service, or otherwise interact with us.
    • Automatically through your device — when you visit our Site, your browser automatically transmits certain technical data such as your IP address, browser type, and pages visited (see the Cookies section below).
    • From our service providers — when our partners (such as Shopify, PayPal) process transactions or technical functions on our behalf.

    Why We Process Your Data (Purposes and Legal Bases)

    We process your personal data only when we have a valid legal basis under GDPR Article 6. The table below explains why we process each category of data:

    Purpose Legal basis (GDPR Art. 6) Data used
    To process and fulfill your orders Contract (Art. 6.1.b) Contact, transaction, account data
    To create and manage your customer account Contract (Art. 6.1.b) Account data
    To issue invoices and comply with tax obligations Legal obligation (Art. 6.1.c) Contact, transaction data, P.IVA if applicable
    To respond to your inquiries and provide customer support Legitimate interest (Art. 6.1.f) Contact, communications data
    To send you newsletter and marketing emails Consent (Art. 6.1.a) Contact data, marketing preferences
    To analyze website usage and improve our service Consent for analytics cookies (Art. 6.1.a); Legitimate interest for aggregated analysis (Art. 6.1.f) Technical and usage data
    To prevent fraud and ensure site security Legitimate interest (Art. 6.1.f) Technical data, transaction data
    To comply with legal requests from authorities Legal obligation (Art. 6.1.c) Any relevant data

    You can withdraw your consent for marketing communications at any time by clicking the "unsubscribe" link in any marketing email or by contacting us at info@citimijewelry.com.

    How Long We Keep Your Data

    We retain your personal data only for as long as necessary for the purposes described above:

    • Account data — for as long as your account is active, plus 1 year after closure.
    • Order data and invoices — 10 years from the date of purchase, as required by Italian tax law (Codice Civile, Art. 2220).
    • Customer support communications — 2 years from last contact.
    • Marketing preferences and newsletter subscription data — until you unsubscribe, plus 6 months for record-keeping.
    • Technical data and analytics — typically 14 months for analytics cookies (Google Analytics standard).
    • Cookies — varies by cookie type (see Cookies section).

    After these periods, your data will be securely deleted or anonymized.

    Who We Share Your Data With

    We do not sell your personal data. We share your data only with the following categories of trusted partners, who act as Data Processors under our instructions:

    • Shopify Inc. — our e-commerce platform provider, which hosts our Site and processes orders. Shopify is headquartered in Canada, with EU-region data storage available. Privacy policy: shopify.com/legal/privacy
    • PayPal (Europe) S.à r.l. et Cie, S.C.A. — our payment processor, based in Luxembourg, which handles all payment transactions. We never see or store your card details directly. Privacy policy: paypal.com/it/legalhub/privacy-full
    • Shipping carriers — depending on your delivery address, we share necessary delivery information (name, address, phone, email) with our shipping partners such as Poste Italiane, BRT, DHL, GLS, FedEx, or UPS. They process this data solely for the purpose of delivering your order.
    • Email and marketing service providers — when applicable, we use email service providers to send transactional emails (order confirmations) and marketing communications. Each provider operates under a Data Processing Agreement compliant with GDPR.
    • Service providers for analytics and website operation — we may use service providers for website analytics, customer support tools, or technical maintenance. Where these are based outside the EEA, we ensure adequate safeguards (Standard Contractual Clauses) are in place.
    • Public authorities — when required by law (tax authorities, courts, regulatory bodies).

    We require all our partners to maintain appropriate security measures and to use your data only for the purposes we specify.

    International Data Transfers

    Some of our service providers (such as Shopify, headquartered in Canada) may process data outside the European Economic Area (EEA). When this happens, we ensure that appropriate safeguards are in place, including:

    • Standard Contractual Clauses approved by the European Commission, or
    • Transfers to countries with an adequacy decision from the European Commission, or
    • Other lawful transfer mechanisms under GDPR Chapter V.

    You can request a copy of these safeguards by contacting us at info@citimijewelry.com.

    Your Rights

    Under GDPR (Articles 15–22), you have the following rights regarding your personal data:

    • Right of access (Art. 15) — You can ask us for a copy of the personal data we hold about you.
    • Right to rectification (Art. 16) — You can ask us to correct inaccurate or incomplete data.
    • Right to erasure / "right to be forgotten" (Art. 17) — You can ask us to delete your personal data, subject to legal retention obligations (such as accounting records).
    • Right to restriction of processing (Art. 18) — You can ask us to limit how we use your data in certain circumstances.
    • Right to data portability (Art. 20) — You can receive your data in a structured, commonly used, machine-readable format, and request its transfer to another controller.
    • Right to object (Art. 21) — You can object to processing based on legitimate interest, and to direct marketing at any time.
    • Right to withdraw consent (Art. 7.3) — Where processing is based on consent (e.g., newsletter, marketing cookies), you can withdraw your consent at any time without affecting prior lawful processing.
    • Right not to be subject to automated decision-making (Art. 22) — We do not currently use any automated decision-making that produces significant effects on you.

    To exercise any of these rights, contact us at info@verendi.com. We will respond within one month, as required by GDPR Article 12.

    Right to lodge a complaint with the supervisory authority: If you believe we are not handling your data in accordance with GDPR, you have the right to lodge a complaint with the Italian Data Protection Authority (Garante per la Protezione dei Dati Personali):

    Website: garanteprivacy.it
    Email: garante@gpdp.it
    Address: Piazza Venezia, 11 – 00187 Roma, Italy

    Children's Privacy

    Our Site is not intended for use by individuals under the age of 16. We do not knowingly collect personal data from children under 16. If you believe a child has provided us with their data, please contact us at info@citimijewelry.com and we will delete it promptly.

    How We Protect Your Data

    We implement appropriate technical and organizational security measures to protect your personal data, including:

    • HTTPS encryption for all data transmitted between your browser and our Site
    • Secure payment processing through PCI-DSS certified providers (PayPal)
    • Restricted access to personal data on a need-to-know basis within our organization
    • Regular security audits by our hosting provider (Shopify, which is PCI-DSS Level 1 certified)
    • Encrypted password storage for all customer accounts

    While no system is 100% secure, we continuously work to maintain a high level of security and to promptly address any vulnerabilities.

    Cookies and Similar Technologies

    This section explains how we use cookies on our Site and describes the choices you have regarding cookies.

    What are cookies?

    Cookies are small text files that websites place on your device when you visit them. They are used to make websites work, to improve user experience, and to provide information to the website owner about how visitors use the site.

    How we use cookies

    We use the following categories of cookies on our Site:

    • Strictly necessary cookies (technical cookies) — These are required for the Site to function properly. They enable basic features such as logging in, adding items to your cart, processing payment, and remembering your language preference. These cookies do not require your consent under Italian law (Codice Privacy, Art. 122.1) and cannot be disabled.
    • Performance and analytics cookies — These help us understand how visitors interact with our Site (which pages they visit, how long they stay, where they come from). This information is aggregated and helps us improve the Site. These cookies are set only with your consent.
    • Personalization cookies — These remember your preferences (such as language, region, recently viewed products) to provide a more tailored experience. These cookies are set only with your consent.
    • Marketing cookies — These track your activity across websites to display advertising relevant to your interests. They may be set by us or by third-party advertising partners (such as social media platforms). These cookies are set only with your consent.

    Your choices about cookies

    When you first visit our Site, you will see a cookie banner allowing you to:

    • Accept all cookies — consent to all cookie categories.
    • Decline all cookies — refuse all non-essential cookies (only technical cookies will be used).
    • Manage your preferences — choose which categories of cookies you want to allow.

    You can change your cookie preferences at any time by clicking the cookie settings link at the bottom of any page, or by clearing cookies through your browser settings.

    You can also configure your browser to refuse all cookies or to alert you when a cookie is being set. Instructions for major browsers:

    • Chrome: support.google.com/chrome/answer/95647
    • Firefox: support.mozilla.org/en-US/kb/cookies
    • Safari: support.apple.com/guide/safari/manage-cookies-sfri11471
    • Edge: support.microsoft.com/microsoft-edge

    Please note that disabling all cookies may affect the functionality of our Site.

    Third-party cookies

    Some cookies are set by third-party services we use, including:

    • Shopify — for essential e-commerce functionality
    • PayPal — for secure payment processing

    A detailed list of cookies used on our Site will be updated periodically and is available upon request at info@citimijewelry.com.

    Changes to this Policy

    We may update this Policy from time to time to reflect changes in our practices, services, or legal requirements. When we make significant changes, we will notify you by:

    • Posting the updated Policy on this page with a new "Last updated" date.
    • Sending you an email (if you are a registered user) when changes materially affect your rights.

    We encourage you to review this Policy periodically.

    Contact Us

    If you have any questions, concerns, or requests regarding this Privacy and Cookie Policy or your personal data, please contact us:

    Email: info@citimijewelry.com

    We are committed to addressing your concerns and resolving any issues promptly.