Mod6 – Informativa richiesta Salone

Privacy policy pursuant to Regulation (EU) 2016/679 (GDPR) and the national legislation in force in Italy (D.Lgs.196/03)

 

  1. General information

The data controller, Pettenon Cosmetics S.p.A. S.B. (hereinafter also referred to as the “Company”) hereby informs you (please note that you are hereinafter also referred to as the “User”), that for the purposes indicated below, it will process your personal data (or those of the Company it represents if acting on its behalf), which you provided. Only the data necessary for the pursuit of the purposes indicated in this policy shall be requested and processed. Please note that you must only provide your data and/or data of the Company represented by you. If you are acting on behalf of a Company, the activities envisaged in this policy shall be carried out in relation to the Company using the data you have provided and therefore consenting to the processing (where consent is required) on behalf of the Company you represent.

  1. Purposes and legal basis

The Company will be processing your data:

  1. A in order to process your request to become a Sinesia salon; the legal basis of the data processing is the implementation of pre-contractual measures taken at the request of the data subject.
  2. B in order to fulfil an obligation imposed by law, regulation or EU legislation, the legal basis is fulfilling a legal obligation;
  3. C for legitimate interests  such as to assert or defend a right of the Company; the legal basis of the data processing is the pursuit of legitimate interests.
  1. Compulsory provision of data

The provision of data for the purposes referred to in point 2, lett. A of the policy is necessary, and failure to provide such data will make it impossible to assess your request. The provision of data that are necessary for the purposes referred to in point 2, lett. B and C of the policy is necessary, and failure to provide such data will make it impossible to assess your request.

  1. Categories of data recipients

The data collected and processed for the purposes referred to in point 2, lett. A shall not be disclosed to third parties. For the purposes of point 2, lett. B of this policy, the data may be disclosed, if necessary, to public bodies, judicial bodies and police forces.

For the purposes of point 2, lett. C of this policy, the data may be disclosed, if necessary, to lawyers-legal advisers, public bodies, judicial and police bodies and to the post office (which may have access to the relevant address to be able to send written notices)

The Company shall only disclose data that are indispensable for the pursuit of the individual purposes set out in this policy.

The Company may then appoint (and, thereby disclose the data to) all those specifically delegated to data processing to process the data on its behalf, each one only processing indispensable data (employees of the sector to which the request is addressed, employees in charge of managing the site, also external to the Company, consultants, also external to the Company – e.g. legal consultants, computer technicians, employees of information systems, also external to the Company, employees in charge of relations with the public, also external to the Company). The Company has also identified Data Processors (also appointed by the Company) who may only have access to the data required to carry out the tasks assigned to them (such as IT outsourcing and site management companies, call centres and, more generally, companies or firms that carry out activities that are instrumental to those of the Company such as, for example, consulting companies or firms). The list of such data processors can be obtained by contacting the Company using the contact details provided in point 6 of the policy.

  1. Data retention

Your data may be stored and processed by the Company for as long as required for pursuing the purposes set out herein. The retention period is as follows:

– in relation to legal obligations, regulations and EU legislation, data may be retained for the time periods required by these regulatory sources;

– for the purposes referred to in point 2 lett. A of this notice, the data may be retained until the request has been assessed and/or a relationship has been established;

– in any case, all data may be retained for a period necessary to enforce or defend a right of the Company under Italian and European law.

  1. Data Controller and Data Protection Officer

The Data Controller is: Pettenon Cosmetics S.p.A. S.B. with registered office in Via del Palù, 7d, 35018 San Martino di Lupari PD, Tel. +39 049 99888 FAX +39 049 9988809 info@pettenon.it, gruppoprivacy@agf88holding.it.

As of today, the Company is not legally required to have an internal Data Protection Officer. In case such a function should become necessary, the identity of the relevant person will be made known through the Company’s website www.pettenon.it, which users are encouraged to visit periodically, including for any updates to this policy.

  1. Rights

We hereby inform you that the GDPR allows the data subject to request to the Company (using the contact details provided above) full access to its personal data and the rectification of such data, the data erasure, a restriction to the data processing, and the right to data portability; the data subject may also object to the processing of its data, again by contacting the Company, and exercise the other rights set forth in Chapter 3, Section 1 of the GDPR, including that of revoking consent, where envisaged: revocation of consent shall not however affect the lawfulness of the processing based on the consent given before revocation.

  1. Complaints

If the User believes that the processing of its personal data violates the provisions of the GDPR and privacy regulations, it may in any case lodge a complaint with the Italian Data Protection Authority, whose contact details may be found at www.garanteprivacy.it.

  1. Processing procedures

We hereby inform you that the data will be processed on the basis of computerised and paper/manual instruments, and that suitable protection systems will be adopted to safeguard confidentiality. All data shall be stored and processed in a manner that will fully protect confidentiality in compliance with all the regulations in force (and therefore also in accordance with the principles of fairness, lawfulness and transparency and protection of confidentiality and rights) and strictly in the pursuit of the purposes set out in this policy. Only the operations necessary to pursue the purposes set out in this policy shall be carried out on the data. The data shall be stored, as far as the Company is concerned, at its headquarters or server farm and as far as the data processors are concerned, at their headquarters or server farms. Any data disclosed to third parties will be stored and processed by them independently. The data will also be arranged in databases, including computerised databases.

 

Policy updated as of 12/04/2022

 

Newsletter

Sign up for our newsletter to receive timely updates on our products and treatments.

Continue Shopping →
Item added to cart.
0 items - 0,00 
Checkout