Data: name and address details, e‑mail, phone, billing and shipping address, payment status, order history, selected bike configuration/size, warranty/serial numbers.
Purpose: performance of the contract, customer care, warranty/returns, and legal record‑keeping.
Legal basis: contract performance (Art. 6(1)(b)); legal obligation (Art. 6(1)(c)) for tax retention; legitimate interests for fraud and abuse prevention (Art. 6(1)(f)).
2.3 Test rides / appointments / events
Data: name, contact details, preferred model/size, location, time slot, and additional remarks.
Purpose: planning and handling of test rides, events, and community rides.
Purpose: reporting and communication about events, reviews/testimonials.
Legal basis: consent on site or via registration (Art. 6(1)(a)); legitimate interests (Art. 6(1)(f)) for general ambience imagery where no disproportionate impact occurs.
Choice: You can always object or withdraw consent.
3. Special / sensitive data
We do not intend to process special categories of personal data (such as health data). We also do not specifically target children under the age of 16. If you believe we have collected data from a minor without their consent, please contact privacy@italvega.com so we can delete it.
4. Retention periods
We keep personal data no longer than necessary for the purposes for which it was collected, or as long as required by law. Indicatively:
Process
Retention period
Web server logs
max. 12 months (security/diagnostics)
Order and invoice data
7 years (tax retention)
Warranty/recall records
duration of warranty + 2 years
Customer service correspondence
up to 24 months after last contact
Newsletter data
up to 6 months after the appointment, unless you become a customer
Test ride/appointment data
up to 6 months after appointment, unless you become a customer
Adjust these periods to reflect your actual practice.
5. Sharing data (recipients/processors)
We share data only where necessary. We conclude data processing agreements with our processors. Categories of recipients (depending on deployment):
Logistics partners: carriers and warehouse partners for delivery/returns.
Payment providers: Mollie, to process payments.
E‑mail/CRM/marketing: Klaviyo e‑mail delivery and segmentation.
Analytics & A/B testing: Google Analytics 4 (IP masking)
Advertising & social platforms: [[Meta Ads, Google Ads, TikTok]] (tracking only with consent).
Service & repair: certified service partners/dealers.
Legal/tax: advisers/authorities where legally required.
Transfers to countries outside the EEA occur only if the Chapter V GDPR requirements are met (e.g., EU Standard Contractual Clauses/adequacy decisions).
6. Cookies and similar technologies
We use cookies and similar technologies. This section explains the categories we use, their purposes, and how you can manage your preferences. A current, dynamic list of cookies is available in Cookie Settings and in the table below.
6.1 Categories
Necessary (functional): required for basic functionality (e.g., cart, login, load balancing). Consent not required.
Preferences: remember settings such as language or region. Consent is required if not strictly necessary.
Statistics (analytics): measure website usage. In some jurisdictions, privacy-friendly analytics cookies (e.g., GA4 with IP masking, no User ID, and no data sharing) may be set without consent; when in doubt, we request consent.
Marketing (tracking): track visitors across sites/platforms to serve personalised ads. Consent required.
6.2 Managing consent
On your first visit we display a cookie banner. You can accept, decline, or set per category.
You can withdraw or change your consent at any time by using the Cookie Settings (located in the footer).
We only place/read cookies after you have given consent, except for necessary cookies.
6.3 Cookie table
Name
Provider
Purpose
Category
Expiry
__cf_bm
Cloudflare
Bot and performance protection
Necessary
30 min
__cfruid
Cloudflare
Traffic management
Necessary
Session
_ga
Google Analytics
Statistics (anonymised IP)
Statistics
13 months
_ga_*
Google Analytics
Session measurement
Statistics
13 months
_gid
Google Analytics
Page views
Statistics
24 hours
_hjSession_*
Hotjar
UX analysis (consent only)
Statistics
30 min
_fbp
Meta
Remarketing (consent only)
Marketing
3 months
IDE
Google Ads
Remarketing/reporting (consent)
Marketing
13 months
preferences
Italvega
Language/locale setting
Preferences
6 months
In production, provide an auto‑generated cookie list from your CMP or keep this table updated manually when tools change.
6.4 Cookie Settings
Adjust or withdraw your preferences anytime via Cookie Settings
7. Profiling and automated decision‑making
We do not make decisions solely based on automated processing that produces legal effects concerning you. We may use your (consent‑based) preferences to show more relevant content or offers. You can always object or withdraw consent.
8. Your rights
Under the GDPR, you have (among others) the following rights:
Access to your data;
Rectification (correction/completion);
Erasure (in some instances);
Restriction of processing;
Data portability;
Objection to processing based on legitimate interests or to direct marketing;
Withdrawal of consent (without retroactive effect).
You can exercise your rights by sending a request to privacy@italvega.com. We will respond within 1 month of receipt (extendable by 2 months where necessary due to complexity). For verification purposes, we may request additional information.
Complaints?
You can complain to your local supervisory authority. For the Netherlands, the relevant authority is the Dutch Data Protection Authority (Autoriteit Persoonsgegevens), which can be accessed via https://autoriteitpersoonsgegevens.nl.
9. Security
We apply appropriate technical and organisational measures, including
TLS/HTTPS on all domains;
strict access control and 2FA;
encrypted backups;
logging/monitoring and DDoS protection;
periodic updates/patching;
processor and data‑processing agreements;
data minimisation and retention policy.
10. Third‑party links and social plugins
Our website may contain links to third‑party sites and embedded content (e.g., YouTube/Instagram). We are not responsible for their privacy/cookie policies.
11. Changes
We may update this Policy. Please refer to the version and effective date at the top. For material changes, we will notify you on the website or by email (where applicable).
This Cookie Policy forms part of Italvega’s Privacy Policy and is subordinate to it. For questions, please e‑mail privacy@italvega.com.
1) What are cookies?
Cookies are small text files placed on your device when you visit our website. We also use similar technologies such as local storage, pixels, and tags.
2) Which cookies do we use?
See the categories in §6.1 and the table in §6.3. The current list and your preferences are always available via Cookie Settings in the footer. The placement of analytics and marketing cookies depends on your consent choices.
3) Cookie consent
On your first visit, we display a clear cookie banner with ‘decline’, ‘accept’, and ‘customise’ options.
We do not use a ‘cookie wall’ that restricts access to basic content based on marketing consent.
You can withdraw or change your consent at any time by accessing the Cookie Settings.
4) Manage via browser and CMP
You can delete or block cookies via your browser settings. This may affect the functioning of (parts of) the website. For per‑category preferences, use our Consent Management Platform (CMP).
5) Transfers outside the EEA
Suppose cookies/trackers transfer data outside the EEA (e.g., to the US). In that case, we ensure that appropriate safeguards (such as EU Standard Contractual Clauses) are in place or we obtain prior consent.
6) Last update
30 September 2025.
WhatsApp us
This site is registered on wpml.org as a development site. Switch to a production site key to remove this banner.
