Privacy & Cookie policy

Privacy & cookies policy


As the General Data Protection Regulation (GDPR) takes effect across the European Union from May 25th, GRAFF made the required updates to its Privacy Policy. Developed to harmonize privacy laws across Europe, the GDPR redefines the transparency rules for how companies use and store their users/customers data.  


 What personal information do we collect from our customers and from the people that visit our website or social media pages?
From customers we collect exclusively the data necessary to carry out the administrative and commercial agreements.

When registering on our site, as appropriate, you may be asked to enter your name, email address, mailing address, phone number or other details to help you with your experience.


When do we collect information?
We collect information from you when you sign a commercial agreement, when you register on our site, subscribe to a newsletter, respond to a survey, fill out a form or enter information on our site.


 How do we use your information?
We may use the information we collect from in the following ways:

  • To finalize the commercial agreement connected with GRAFF sales and purchases
  • To send periodic emails regarding your order or other products and services.
  • To send you periodic newsletter with our company news and updates
  • To personalize user's experience and to allow us to deliver the type of content and product offerings in which you are most interested.
  • To allow us to better service you in responding to your customer service requests.
  • To administer a contest, promotion, survey or other site feature.


 How do we protect visitor information?

Your data are stored in GRAFF’s private database and are not communicated to any other company or authority

Our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our website site as safe as possible.

 We use regular Malware Scanning. Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology.

We implement a variety of security measures when a user enters, submits, or accesses their information to maintain the safety of your personal information.


How can you update your personal data or order the cancellation of them?

Every newsletter you receive always contains, at the bottom of it, a link through which you can update your personal data or unsubscribe from the newsletter.

In every moment you can ask for your personal data to be completely removed from GRAFF’s database by writing to




Just like practically every other website, also our website uses cookies. Cookies are small text files that sites visited by a user (but also other sites or webservers) send and store on the user’s computer (or mobile device), in order to be sent back to the same sites (or webservers), upon the user’s subsequent visit, thus sending back the information stored in the cookie.

Cookies have now become essential tools that allow modern sites to operate at their best, allowing the greatest customisation, interaction and fluidity in browsing. But cookies can also be used to monitor the user’s browsing habits and to then send advertisements which correspond to the user’s likes and interests.


Cookies can be:

  • session cookies (which expire – and are deleted – when the user closes his/her browser) or permanent cookies (which are stored for a fixed period of time, even years);
  • first-party or third-party cookies (in the latter case, cookies are set by a different site or webserver to the one that the user is visiting at that time);
  • technical cookies (which are needed for, and sometimes essential to, the complete – or better – use of the site) or profiling cookies (designed to create a profile of the user, to then send him/her advertisements which correspond to the choices and preferences made by the same as his/her browses).

The Italian Data Protection Authority considers technical cookies as session cookies, functional cookies and – only under certain conditions – analytics cookies; specifically the Authority, with the  8 May 2014 decision, specified that the latter can be regarded as technical cookies only if used for the purpose of optimising the site directly by the owner of the same site; the owner may collect information in an aggregate format on the number of users visiting the site and how they visit it.

For more information on the types of cookies, their features and how they work, please refer to the sites http://www.allaboutcookies.orgwww.youronlinechoices.com and the specific decision by the Authority referred to above.


The following cookies are used at our site:





These cookies are used to help analyse the access data to the site by users – in an anonymous and aggregate form. These are cookies related to the web analytics platform, Google Universal Analytics (



These cookies are used by internet site production software and are needed to allow the site to be browsed correctly.



The user may choose to delete, or refuse, some (or all) of the cookies through his/her browser settings. Typically, these programs also allow, through a specific option, just third-party cookies to be refused. Each browser has its own particular way of managing cookies and, for the most popular browsers, instructions are given in the links below:

Internet Explorer:


Google Chrome:


Apple Safari:


Mozilla Firefox:


It should also be noted that a user who completely disables cookies in his/her browser, may not be able to use the interactive features at certain websites.



Apart from that specified regarding browsing data, the user is free to provide personal data requested in any of the forms. Not providing this data, however, may make it impossible for the user to obtain the requested data.




Personal data will be processed with automated tools and will be stored for the time strictly necessary to fulfil the purpose(s) for which the data was collected and, in any case, for no more than 10 years, unless otherwise specifically established by law.


Specific security measures have been implemented to avoid any data loss, unlawful or improper use of data and unauthorised access to data.



We hereby inform you that, regarding this same data, you may, at any time, exercise those rights provided to you by CHAPTER III of the Regulation (among which we mention, purely by way of example: the data subject’s right to ask the Controller for access to the personal data that concerns him/her, to have this data rectified or eliminated, to supplement any incomplete data, to restrict processing of the data and to object to the data, in whole or in part, being used) by writing to one of the addresses indicated above or by emailing: Furthermore, pursuant to article 77 of EU Regulation UE 2016/679, you have the right to lodge a complaint with a Supervisory Authority which, in Italy, is the Italian Data Protection Authority in the event that you believe that your data has been processed in breach of the same Regulation.