Privacy policy

Welcome to ('Site').

We invite you to carefully read this privacy policy ("Privacy Policy"), which applies each time you access the Site, regardless of whether you purchase products marketed there.

We would like to remind you that this Privacy Policy is governed by the European General Data Protection Regulation 2016/679 ("GDPR") and the Italian legislation on the protection of personal data. The regulation ensures that the processing of personal data is carried out with respect for the fundamental rights and freedoms, as well as the dignity of the data subject, with particular reference to confidentiality, personal identity and the right to protection of personal data.

Finally, we would like to remind you that users under the age of 14 (fourteen) may not give consent to the processing of personal data without the authorisation of the holder of parental responsibility.


  1. Data controllers

Under the GDPR, the data controller is the entity that alone or jointly with others determines the purposes and means of the processing of personal data. Where two or more data controllers jointly determine the purposes and means of processing, they are joint data controllers.

With reference to the processing of data collected and processed through the Site, we inform you that:

Montura Store S.r.l., with registered office in Italy, località le Fosse n. 1, 38060 Isera (TN), VAT number, tax code and Trento Chamber of Commerce registration number 02075200226, REA TN-198681 ("Montura Store"),


Montura S.r.l., with registered office in Italy, via Trento n. 138, 36010, Zanè (VI), VAT number, tax code and registration number with the Vicenza Chamber of Commerce 04376610244, REA VI-399742 ("Montura"),

are joint controllers of users' personal data (hereinafter jointly referred to as 'Controllers'), by virtue of a specific agreement.

The Data Controllers have appointed a Data Protection Officer ('DPO'), who can be contacted for any queries at the following e-mail address:


  1. Type of data and purpose of processing

Controllers may process and collect the following data, for the following purposes:

a) Management of cookies and the data collected through them on the Site: in this respect, please read the "Cookie Policy"

b) Creation and management of the user's account on the Site, as well as performance of the related services, replying to user requests, providing assistance and sending the requested information about the products sold: for this purpose, personal data provided voluntarily by the user and for access to the services reserved for registered users (e.g. Wish List, My Orders, etc.) are processed. - such as: e-mail address, personal data, password provided through registration on the Site), or otherwise lawfully acquired during the user's iteration with the Site;

c) Sale of products through the Site and pre- and post-sale activities, including all obligations, contractual and legal, arising therefrom: for this purpose, personal data provided voluntarily by the user (such as: e-mail address, personal data, billing data, shipping data) are processed even without the user's prior registration with the Site;

d) The Data Controllers may collect the user's data (such as personal and contact data), upon the user's free and express consent, for the performance of marketing activities and for commercial purposes, including commercial communications, information and updates on products, sales, promotional campaigns, events and recreational, sporting, cultural and other initiatives promoted by the Data Controllers, with automated methods (including newsletters, push notifications, e-mails and SMS), as well as with traditional methods. In addition, on the basis of legitimate interest, the Data Controllers may contact the user in order to propose products and services similar to those previously purchased by the user ("soft spam" - a type of contact which, on the basis of current legislation, does not require consent to be given);

e) Data provided by the user in order to propose his/her candidature and Curriculum Vitae to the Controllers through the "Careers" section on the Site. In this regard, we invite you to read the dedicated Privacy Policy.


  1. Legal basis for processing

With the exception of navigation data, which is regulated in the cookie policy, the legal basis for processing lies:

1. in the user's consent, with reference to the purposes set out under d.;

2. in the legitimate interest of providing information, services and responding to user requests, with reference to the purposes set out under b. and e.;

3. in the performance of the contract and pre- and post-contractual obligations, with reference to the purposes set out under c. and in the legal obligation with regard to tax and legal obligations related to the aforementioned activities.


  1. Process modalities

Personal data collected through the Site are processed using mainly computerised and telematic methods and tools, adopting security measures so as to minimise the risks of destruction or loss, even accidental, of the data themselves, of unauthorised access or processing that is not permitted or does not comply with the purposes of collection as indicated in this Privacy Policy.

However, such measures, due to the nature of the online transmission medium, cannot absolutely limit or exclude any risk of unauthorised access or dispersion of data. To this end, we recommend that you periodically check that your computer is equipped with appropriate software devices for the protection of network data transmission, both incoming and outgoing (such as up-to-date antivirus systems) and that your Internet service provider has taken appropriate measures for the security of network data transmission (such as, for example, firewalls and spam filters).

The Personal Data collected by the Controllers are provided directly by the user (through registration on the Site or as part of the sales process).

  1. Compulsory or optional nature of providing data

With the exception of navigation data (the provision and collection of which is governed by the "Cookie Policy", the provision to the Data Controllers of personal data collected through the Site either to respond to users' requests and queries, or for marketing purposes, or to access the "careers" session is free, elective and optional.

Failure to provide the information does not limit the use of the Site, but may make it impossible for the Data Controllers to respond to requests for information and queries, or to send information material, updates, newsletters and invitations to events, as well as to evaluate the user's application for job positions with the Data Controllers.

The provision of data, in particular personal and contact data, for the purposes related to the sale, as better specified in point 2, letter c. is necessary with regard to the conclusion of the contract for the purchase of products through the Site, as well as for the provision of other services rendered on the Site and related to the sale, or to comply with obligations arising from laws or regulations. Any refusal to provide certain data necessary for these purposes may make it impossible to execute the contract for the purchase of products on the Site, or to provide the other services related to this, such as assistance services, or to properly fulfil legal and regulatory obligations. Failure to provide data may therefore constitute, depending on the case, a legitimate and justified reason for not executing the contract for the purchase of products on the Site and the provision of related services by the Data Controllers.

As the case may be, and if necessary, the compulsory or optional nature of the communication of data will be indicated from time to time, by appending an appropriate character (*) to the information of a compulsory nature, i.e. only the data necessary for the provision of services and the purchase of products on the Site. Failure to indicate optional personal data will not entail any obligation or disadvantage.

It should also be noted that payment data (credit card data) are directly collected and processed by the online payment circuits and are neither displayed nor processed by the cardholders.

  1. Scope of personal data communication

Data may be communicated, known and processed by:

- employees and consultants of the Data Controllers, who will act as authorised processors;

- companies that perform specific technical and organisational services related to the Site (logistics services, IT services and marketing services) for the Data Controllers, in their capacity as Data Processors;

- third parties, solely for the purpose of executing the contract for the purchase of products on the Site (such as, for example, the credit institution for the execution of remote electronic payment services by credit/debit card);

- public or private entities in respect of which there is, for the Data Controllers, an obligation (or a power recognised by law or secondary or Community legislation) or a need to communicate.

In addition, Data may be disclosed to law enforcement or judicial authorities, in accordance with the law and upon formal request by such entities, or where there are reasonable grounds to believe that disclosure of such data is reasonably necessary to (1) investigate, prevent or take action regarding suspected unlawful activities or assist governmental control and supervisory authorities; (2) defend against any claims or allegations from third parties, or protect the security of Data Controllers; (3) exercise or protect the rights, property or safety of Data Controllers and its customers, employees or any other person.

  1. Data Transfer

Your data will not be disclosed. They may also be transferred outside the EEA, always guaranteeing adequate levels of protection and safeguard, through the use of technical and organisational measures to protect it and the stipulation of Standard Contractual Clauses, in accordance with applicable legislation. You may always contact the Data Controllers to find out the location of your data and to obtain a copy of it.


  1. Data retention period

With the exception of browsing data, the retention of which is detailed in the "Cookie Policy", the user's personal registration, access and account use data on the Site are retained for the period of use and activation of the account; unused accounts are deleted within 2 years of the last access/use of the account. Data processed for the purpose of providing a service, i.e. responding to specific user requests, will be retained for the time necessary to process the request and for any further time required by the Data Controller to fulfil the need or request received. The data processed for purposes related to the sale, will be kept for the period necessary to execute the contract and related services, as well as for the subsequent period of time required by civil and tax regulations. Finally, where the user has given consent, data collected for marketing and commercial activities are retained for a maximum of 5 years from the collection of consent.

  1. Exercise of the rights granted by law to the data subject

The data subject always has the right to obtain confirmation from the Data Controller as to whether or not personal data concerning him/her exists and to have it communicated in an intelligible form.

The data subject shall also have the right to obtain information on the source of the personal data, the purposes and methods of the processing, the logic applied in the event of processing carried out with the help of electronic means, the identification data concerning the data controller and the data processors, the names of the entities or categories of entity to whom or which the personal data may be communicated or who or which may get to know said data in their capacity as, for example, data processors or persons in any case authorised to process personal data. The data subject shall also have the right to request the updating, rectification or, where interested therein, integration of personal data, the erasure, anonymisation or blocking of personal data that have been processed unlawfully, including data whose retention is unnecessary for the purposes for which they have been collected or subsequently processed; certification to the effect that the above operations have been notified, as also related to their contents, to the entities to whom or which the data were communicated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected.

The user also has the right to data portability.

The data subject also has the right to object in whole or in part (withdrawal of consent) to the processing of personal data concerning him or her. 

The rights listed above may be exercised by writing to:

Finally, please note that it is always possible to lodge a complaint with the competent Supervisory Authority (Personal Data Protection Authority -

Version updated 04/03/2024.