PRIVACY POLICY

Last updated: 24 April 2026

1. Introduction

This Privacy Policy explains how Stema Group LLC (“Company”, “we”, “us”, or “our”) collects, uses, shares, and protects personal data when you visit stefanocicchini.systeme.io (the “Website”) or use our Services, whether you are located in the United States, the European Union/EEA, or any other country.
We strive to comply with applicable data protection laws in the jurisdictions where we operate, including, where relevant, US federal and state privacy laws and the EU General Data Protection Regulation (GDPR).

By using the Website or Services, you acknowledge that you have read and understood this Privacy Policy.


2. Data controller and contact details

The data controller responsible for processing personal data in connection with the Website and Services is:

Stema Group LLC
Business address: 30 N Gould St Ste R, Sheridan, WY 82801, USA
Email: marketing@stefanocicchini.com


3. Categories of personal data we collect

We may collect and process the following categories of personal data:

  • Identification and contact data: name, surname, email address, billing address, country, and social media handle (e.g., Instagram username).

  • Account data: login credentials, account ID, preferences, communication settings.

  • Transaction data: details of products/services purchased, payment method (tokenized by payment provider), billing information, currency, amount, date.

  • Technical and usage data: IP address, browser type and version, device identifiers, operating system, referring URLs, pages visited, time spent on pages, and other usage data.

  • Marketing and communication data: your preferences for receiving marketing communications and information about your interactions with our emails or campaigns.

We do not intentionally collect special categories of personal data (such as health data or political opinions) through the Website.


4. How we collect personal data

We collect personal data in several ways:

  • Directly from you: when you fill out forms, create an account, purchase a Service, subscribe to newsletters, or contact us via email or social media.

  • Automatically: when you visit the Website, we automatically collect certain technical and usage data through cookies, log files, and similar technologies.

  • From third parties: such as payment providers, analytics providers, and advertising platforms, as permitted by their terms and your settings.


5. Purposes and legal bases (where GDPR applies)

Where the GDPR or similar laws apply, we process your personal data based on:

  • Contractual necessity: to provide the Services, manage your account, process orders and payments, and deliver customer support.

  • Legal obligation: to comply with legal requirements (for example, tax, accounting, and anti‑fraud rules).

  • Legitimate interests: to improve and optimize our Website and Services, analyze usage, prevent fraud and abuse, secure our systems, and protect our rights, provided these interests are not overridden by your rights and freedoms.

  • Consent: for certain activities, such as sending marketing communications in some jurisdictions or using non‑essential cookies and similar technologies, where required.

You may withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.


6. How we use personal data

We use personal data for the following purposes:

  • To provide, operate, and maintain the Website and Services.

  • To process orders and payments and deliver the products or Services you request.

  • To manage your account and provide customer support.

  • To communicate with you, including sending transactional emails (such as order confirmations and service updates).

  • To send you marketing communications about our Services, where permitted by law and consistent with your preferences.

  • To analyze and improve the Website, Services, and user experience.

  • To prevent, detect, and investigate fraud, security incidents, and misuse of the Services.

  • To comply with legal obligations and enforce our rights.


7. Cookies and similar technologies

We use cookies and similar technologies to:

  • enable core site functionality;

  • remember your preferences;

  • analyze traffic and usage;

  • support marketing and advertising activities.

Where required by law (for example, in the EU/EEA for non‑essential cookies), we will request your consent via a cookie banner or similar tool and will respect your choices.
You can manage your cookie preferences through your browser settings and, where available, through our cookie banner.


8. How we share personal data

We may share your personal data with:

  • Service providers and processors: such as hosting providers, payment processors, email service providers, CRM and marketing tools, and analytics providers, who process data on our behalf and according to our instructions.

  • Professional advisors: including lawyers, accountants, and auditors, where necessary for business or legal purposes.

  • Authorities and regulators: when required by applicable law, court order, or governmental request, or to protect our rights or the rights of others.

  • Business transferees: in connection with any merger, acquisition, sale of assets, or similar transaction, subject to appropriate safeguards.

We do not sell personal data in the common sense of the word. Where laws such as the CCPA/CPRA define “sale” or “sharing” more broadly, we will comply with applicable obligations and provide relevant options where required.


9. International data transfers

Because Stema Group LLC is based in the United States and uses service providers in various countries, your personal data may be transferred to and processed in countries outside your own, including countries that may have different data protection laws.

Where we transfer personal data from the EU/EEA or other jurisdictions with data transfer restrictions, we rely on appropriate safeguards, such as:

  • standard contractual clauses approved by the European Commission;

  • adequacy decisions, where applicable; or

  • other legally recognized transfer mechanisms.

You can contact us for more information about the safeguards used for international transfers.


10. Data retention

We retain personal data only for as long as reasonably necessary to fulfill the purposes described in this Privacy Policy, including to meet legal, accounting, or reporting requirements.

In general, we retain:

  • account and transactional data for the duration of your relationship with us and for the applicable statutory retention periods;

  • marketing data until you withdraw your consent or object to processing, and for a limited period thereafter;

  • technical and analytics data for the time necessary to ensure the security, performance, and improvement of the Website and Services.


11. Your rights

Depending on your country or state of residence, you may have certain rights regarding your personal data, including:

  • the right to access your personal data;

  • the right to rectification of inaccurate or incomplete data;

  • the right to deletion (“right to be forgotten”), in certain circumstances;

  • the right to restriction of processing, in certain circumstances;

  • the right to data portability, where applicable;

  • the right to object to processing based on legitimate interests and to object at any time to processing for direct marketing;

  • the right to withdraw consent where processing is based on consent.

To exercise these rights, you can contact us at marketing@stefanocicchini.com. We may ask you to verify your identity before responding to your request.

If you are in the EU/EEA or another jurisdiction that grants you the right to lodge a complaint with a data protection authority, you may do so with the authority in your place of residence, place of work, or place of the alleged infringement.


12. Additional information for US state residents

If you are a resident of certain US states (such as California, Colorado, Virginia, and others), you may have additional rights under state privacy laws, such as:

  • the right to know the categories of personal information we collect and how we use and disclose them;

  • the right to request access to and deletion of certain personal information;

  • the right to opt out of certain types of data “selling” or “sharing” for targeted advertising;

  • the right not to be discriminated against for exercising your privacy rights.

Where such laws apply to our activities and their thresholds are met, we will provide additional notices and mechanisms to exercise these rights.


13. Security

We implement reasonable technical and organizational measures designed to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access.
However, no method of transmission over the internet or electronic storage is completely secure, and we cannot guarantee absolute security.


14. Children’s privacy

The Website and Services are not directed to children under the age of 13 (or a higher age of majority in some countries), and we do not knowingly collect personal data from children.
If you believe that a child has provided us with personal data, please contact us and we will take appropriate steps to delete such data, in accordance with applicable law.


15. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, or legal requirements.
When we make changes, we will revise the “Last updated” date at the top of this page. Your continued use of the Website or Services after any changes become effective constitutes your acceptance of the revised Policy.


16. Contact

For any questions or requests regarding this Privacy Policy or our data practices, you can contact us at:
Email: marketing@stefanocicchini.com
Mailing address: 30 N Gould St Ste R, Sheridan, WY 82801, USA