Privacy policy

What is the purpose of this notice?

This page describes how the website manages the processing of the personal data of the users that access it. Data processing is always based on principles of lawfulness and fairness in compliance with all applicable regulations in force (and therefore in accordance with the principles of necessity, fairness, lawfulness, transparency and protection of confidentiality) and with aims strictly related to the purposes pursued.
The personal data subject to processing will be processed by Pettenon Cosmetics S.p.A. S.B. (hereinafter also referred to as the “Company”), also considering technological innovations so as to minimise, by means of appropriate preventive security measures, the risk of their destruction or loss, including accidental loss, of unauthorised access to the data or of processing operations that are either unlawful or incompatible with the purposes for which the data were collected. The data shall only be processed to the extent of the operations required to achieve the purposes set out in this document and in any other information provided to users at the time of collection of their data and to which reference should be made.

The data shall be processed in accordance with all applicable regulations and in compliance with REGULATION (EU) 2016/679.

The data may also be arranged in databases, including computerised databases.
This document also constitutes a policy notice provided, among others, pursuant to Article 13 of REGULATION (EU) 2016/679, to those who interact with the web services of this website, for the purpose of protecting personal data.

The website in question is, which corresponds to the homepage of the website.

The policy is provided only for the website in question and not for other websites that may be consulted by the user via links. Such websites will be autonomous data controllers.

The policy is also based on Recommendation No. 2/2001 that the European personal data protection authorities, brought together in the Group established by Art. 29 of Directive No. 95/46/EC, adopted on 17 May 2001 to identify certain minimum requirements for personal data collection online, and, in particular, the procedures, timing and nature of the information that data controllers must provide to users when they connect to web pages, regardless of the purpose of the connection.
The server on which the personal data relating to the website are stored is located at.

In addition to the location of the server, the data may be processed at the Company’s registered office and at the offices of any appointed data processors (and also at the offices of any third-party independent data controllers to whom the data may be communicated and who are specified in this policy or in the relevant policies within the website).

Please note that, in any event, all data may be processed to enforce or defend a right of the Company in the appropriate fora and for all obligations under the law, regulation or EU legislation, bearing in mind that in this sense the provision of data is necessary and failure to do so will make it impossible to access the website and/or to establish any relationship with the Company (including simply by writing an e-mail for information) and that for these purposes the data may be disclosed to judicial or police bodies, lawyers and anyone it may be necessary precisely to meet the obligations laid down by law, regulation or legislation or to enforce or defend a right in the appropriate fora.
In any case, please take note of all the specific information that may be present in the appropriate sections of the website.


Types of data processed and processing procedures

Navigation data

The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.

The data may be processed on paper, manually, by computer and telematic means (therefore the Company stores and processes the data both on soft and hard copy).
The provision of such data is optional (except in the case of a request by judicial or police bodies in which case it must be provided) but if it is not provided, navigation on the website will not be possible.


See cookie policy.

Data provided voluntarily by the user

Regarding the specific provision of data for which a specific template exists, please refer to these templates and the relevant policies.
The optional, explicit and voluntary sending of e-mails to the addresses indicated on this website (in the case where only the e-mail address is provided and there is no specific form to fill in, for which reference should be made to the specific policies that regulate the provision in the various forms), will result in the subsequent acquisition by the Company of the sender’s address, necessary to reply to the requests, as well as any other personal data included in the message (and in the attachments to the same) or in the specific forms.
In this case (i.e., where only the address is indicated and there is no specific form to fill in, in the presence of which please refer to the specific policy governing the provision in the various forms/templates) the provision of data is optional, but failure to provide the address or other data necessary to fulfil the request will make it impossible to fulfil the request itself. By sending the e-mail, the data subject explicitly consents to the processing of data to fulfil a request.
In case of material dispatching requests, the data necessary for dispatching may be disclosed to the courier or postal service.
The data, in paper or electronic format, may be processed both manually and by means of computer/telematic tools, also organising the data in computer databases. The data will be stored for the period necessary to pursue the purposes indicated.

Data Controller and Data Protection Officer

The Data Controller is: Pettenon Cosmetics S.p.A. SB with registered office in Via del Palù, 7d, 35018 San Martino di Lupari PD, Tel. +39 049 99888 FAX +39 049 9988809,

As of today, the Company is not legally required to have an internal Data Protection Officer. In case such a function should become necessary, the identity of the relevant person will be made known through the Company’s website, which users are encouraged to visit periodically, including for any updates to this policy.


We inform you that the GDPR allows the data subject to request to the Data Controller (using the contact details provided above) full access to its personal data and the rectification of such data, the data erasure, a restriction to the data processing, and the right to data portability; the data subject may also object to the processing of its data, and exercise the other rights set forth in Chapter 3, Section 1 of the GDPR, including that of revoking consent, where envisaged: revocation of consent shall not however affect the lawfulness of the processing based on the consent given before revocation.


If the User believes that the processing of its personal data violates the provisions of the GDPR and privacy regulations, it may in any case lodge a complaint with the Italian Data Protection Authority, whose contact details may be found at

Legal basis

The legal basis for the data processing is: legal obligations (Italian and European laws), consent where required, and the data controller’s legitimate interests in the relationship with the user.

Scope of disclosure and dissemination

No data shall be disseminated by the Company

With regard to specific processing operations for which there is a specific form or template on the site or a specific section in this policy, please refer to those forms/templates and their specific sections.
For other processing operations, the data provided by users may be accessed (and processed on behalf of the Company) by persons specifically delegated by the Company (computer technicians, including those external to the Company, consultants, including those external to the Company – legal consultants, computer technicians, consultants responsible for the website management, marketing staff, including those external to the Company, website management staff, including those external to the Company, staff working in the fields regarding which requests may be submitted) and data processors (e.g. companies managing the website or where the website resides as well as outsourcers providing assistance in managing the company such as the parent company) appointed in accordance with the law by the Company. The list of data processors may be obtained by contacting the data controller. All of the aforementioned parties shall only process data that are necessary for the performance of their tasks.

If necessary, and as also specified at the beginning of this policy, the Company may also disclose the data to judicial or police bodies, lawyers and anyone to whom disclosure may be necessary for the purpose of fulfilling the obligations provided for by law, by a regulation or by EU legislation or to assert or defend a right in the appropriate fora.

Optional or compulsory data provision and processing procedures

For complete information on the Company’s data processing, please read all the policies contained in the various data request areas and all the sections of this privacy policy.

Retention period

For navigation data and cookies, please refer to the appropriate sections of this policy.

For the data provided in the forms and templates, please refer to the appropriate sections.

The data that are necessary to address specific requests may be retained until the request has been fulfilled, unless retention for a longer period is required under current Italian and European legislation;

– in order to comply with legal obligations, regulations and EU legislation, the data may be retained for the periods imposed by these regulatory sources;

– in any case, all data may be retained for a period necessary to enforce or defend a right of the Company under Italian and European law. 

Specific information

As already mentioned, there are specific summary policies on the website pages that are designed for particular services on request. Please also refer to these policies, supplementing this policy.

Additional Controllers

Sales on the website are carried out by Gruppo Sinergia S.r.l., with registered office in Viale Artigianato, 32 – 37064 Povegliano Veronese (VR), registered with the Verona Chamber of Commerce under number VR – 372994, tax code and VAT number 03879570236, Please refer to the policies of the same (in the website) for data processing carried out by it.

Policy updated as of 12/04/2022 Any updates to a policy that involve the constant revision of information will be reported on this page and you can also obtain previous privacy policies and information, if any, by contacting the Company



Sign up for our newsletter to receive timely updates on our products and treatments.

Item added to cart.
0 items - 0,00