Urostal
Home About Contact

Privacy Policy

Privacy Policy

Last updated: 21 April 2026

This Privacy Policy explains how Firenze BioHealth SRL ("Firenze BioHealth", "we", "us", or "our") collects, uses, discloses, and protects your personal data when you visit or make a purchase from urostal.org (the "Website") or otherwise interact with us in relation to the Urostal food supplement.

We are committed to handling your information in a lawful, fair, and transparent manner and in accordance with applicable data protection laws, including the EU General Data Protection Regulation (GDPR), where applicable.

1. Data Controller

The data controller responsible for processing your personal data is:

Firenze BioHealth SRL
Website: urostal.org
Email: [email protected]

2. Personal Data We Collect

2.1 Data you provide directly

  • Order and account information: name, billing and shipping address, email address, phone number, order details, and account login details (if you create an account).
  • Payment information: payment method, transaction information, and limited card details processed via secure third-party payment providers. We do not store full card numbers or CVV codes on our servers.
  • Contact and support: information you share when you contact us by email, contact form, or other channels (for example, questions about Urostal, order issues, or feedback).
  • Newsletter subscription: your email address and any preferences you provide if you sign up for our newsletter or marketing communications.

2.2 Data collected automatically

When you use our Website, we may automatically collect certain technical and usage information, such as:

  • IP address and approximate location (country/region)
  • Device type, browser type, and operating system
  • Pages viewed, time and date of visits, referring/exit pages
  • Clickstream and interaction data on the Website

This information is typically collected using cookies and similar technologies.

2.3 Cookies and similar technologies

We use cookies and similar technologies to operate our Website, analyze how it is used, and improve your experience. Cookies are small text files stored on your device. Some cookies are necessary for the Website to function, while others are used for analytics or (where legally permitted) marketing.

You can manage or disable cookies through your browser settings. However, some Website features may not function properly if you disable essential cookies.

3. How We Use Your Personal Data

We process your personal data for the following purposes and on the following legal bases, where applicable:

  • To process and fulfill your orders (performance of a contract): handling payments, shipping products, sending order confirmations and updates, and managing returns or refunds.
  • To provide customer service and support (performance of a contract and legitimate interests): responding to your inquiries, resolving issues, and providing information about your orders.
  • To operate and improve our Website (legitimate interests): analyzing usage data to understand how visitors use the Website, fix technical problems, and enhance functionality, security, and user experience.
  • To send marketing communications (consent or legitimate interests, depending on jurisdiction): sending newsletters, product updates, or promotional offers about Urostal or related products, where permitted by law and in line with your preferences.
  • To comply with legal obligations: maintaining records for tax, accounting, and regulatory purposes and responding to lawful requests from public authorities.
  • To protect our rights and prevent misuse (legitimate interests): preventing fraud, enforcing our terms, and protecting the security of our systems, customers, and business.

4. How We Share Your Personal Data

We do not sell your personal data. We may share your data with the following categories of recipients, only as needed and with appropriate safeguards:

  • Service providers: third parties who help us operate our business and the Website, such as payment processors, shipping and logistics providers, IT hosting providers, email service providers, analytics services, and customer support tools.
  • Professional advisers: lawyers, accountants, or consultants who assist us in running our business, subject to confidentiality obligations.
  • Authorities and legal parties: law enforcement agencies, regulators, courts, or other public authorities when we are required to do so by law or when necessary to protect our rights or the rights of others.
  • Business transfers: in the event of a merger, acquisition, or sale of all or part of our business, your data may be transferred to the relevant third party, subject to appropriate safeguards.

5. International Data Transfers

Your personal data may be stored and processed in countries outside your country of residence, including countries that may not provide the same level of data protection. When we transfer personal data internationally, we take steps to ensure that appropriate safeguards are in place, such as using Standard Contractual Clauses or other lawful transfer mechanisms where required by law.

6. Data Retention

We retain your personal data only for as long as necessary for the purposes described in this Privacy Policy or as required by law. Retention periods may vary depending on the type of data and the context of processing, for example:

  • Order and transaction data: retained for the period required by tax and accounting laws.
  • Customer support communications: retained for a reasonable period after resolving your request.
  • Marketing data: retained until you withdraw your consent or object to processing, or after a period of inactivity in accordance with applicable law.

7. Your Rights

Depending on your location and applicable law, you may have some or all of the following rights in relation to your personal data:

  • Right of access: to obtain confirmation whether we process your data and receive a copy of it.
  • Right to rectification: to request correction of inaccurate or incomplete data.
  • Right to erasure: to request deletion of your data in certain circumstances.
  • Right to restriction: to request that we limit processing of your data in specific cases.
  • Right to data portability: to receive your data in a structured, commonly used, machine-readable format and transmit it to another controller where technically feasible.
  • Right to object: to object to processing based on our legitimate interests, including profiling, and to object at any time to processing for direct marketing.
  • Right to withdraw consent: where processing is based on your consent, you can withdraw it at any time without affecting the lawfulness of processing before withdrawal.

To exercise these rights, please contact us at [email protected]. We may need to verify your identity before responding to your request. You also have the right to lodge a complaint with your local data protection authority if you believe that your rights have been violated.

8. Security of Your Personal Data

We take appropriate technical and organizational measures to protect your personal data against unauthorized access, accidental loss, disclosure, alteration, or destruction. These measures include secure server configurations, access controls, encryption in transit where appropriate, and staff training.

However, no method of transmission over the internet or method of electronic storage is completely secure. While we strive to protect your personal data, we cannot guarantee absolute security.

9. Children’s Privacy

Our Website and products, including Urostal, are intended for adults and are not directed to children under the age of 18. We do not knowingly collect personal data from children under 18. If you believe that a child has provided us with personal data, please contact us and we will take steps to delete such information.

10. Third-Party Websites

Our Website may contain links to third-party websites or services that we do not operate. This Privacy Policy does not apply to those third parties, and we are not responsible for their privacy practices. We encourage you to review the privacy policies of any third-party sites you visit.

11. Marketing Communications

If you choose to receive marketing emails from us, we may send you information about Urostal and related products or services. You can opt out at any time by using the unsubscribe link in our emails or by contacting us at [email protected]. We will then stop sending you marketing messages, although we may still contact you about your orders or other non-marketing matters.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, or legal requirements. When we make material changes, we will post the updated policy on this page with a revised "Last updated" date. We encourage you to review this Privacy Policy periodically.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our handling of your personal data, please contact us at:

Email: [email protected]
Website: https://urostal.org