This section describes the way personal data of the User(s) is handled by the website.
The information leaflet is provided in accordance with section 13 of Italian Legislative decree no. 196/2003, also known as the Italian Personal Data Protection Code, and section 13 of EU Regulation 679/2016 (GDPR – General Data Protection Regulation), for all visitors to the Website and users of Skinlabo S.r.l. website services accessible via the Website.
The data controller responsible for handling your personal data is Skinlabo S.r.l., Via Pietro Micca, 20, 10122 Torino – Italia, VAT no. 11541460017, (hereafter “Skinlabo” or “Data Controller”), e-mail firstname.lastname@example.org.
The computer systems and software procedures used to operate this Website acquire, during their normal operation, some personal data whose transmission is implicit in the use of internet communication protocols.
This information is not associated with identified Data Subjects; however, its very nature means it could allow users to be identified.
This category of data includes (i) IP addresses or domain names of the computers used by users connecting to the site, (ii) the addresses in the Uniform Resource Identifier (URI) of the requested resources, (iii) the time of the request, (iv) the method used in submitting the request to the server, (v) the size of the file obtained in response, (vi) the numerical code indicating the status of the response given by the server (good order, error, etc.) and (vii) other parameters related to the operating system and the computer environment of the user. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning and are deleted immediately after processing.
The Data Collector handles personal data, identification and non-sensitive details (name, surname, email address, residential address, city, delivery details, telephone number) hereafter referred to as “Personal Data”.
The User accepts full responsibility for third party data published or shared via the Website, and declares the right to communicate or share them. The User declares him/herself to be an adult (over 18), releasing the Data Controller of any responsibility.
The User’s Personal data is processed by the Data Controller in order to:
Personal Data are processed and stored by automated means for the time necessary to fulfil the purposes for which they are collected.
It should be noted that the User’s personal data are processed both in paper form and/or by telematic means, also with the use of electronic means by the Data Controller or other parties charged with this task (data entry companies hired to provide this service, management of online purchase orders, management of order payments), which are always identified and/or nominated, trained and fully aware of restrictions laid down by law as well as security measures designed to guarantee the Customer’s privacy and avoid risk of loss, damage, unauthorised access, non-consensual processing or processing for purposes not stated above.
Your data may be shared with service providers expressly tasked with performing certain duties regarding the activity of the Data Controller and/or, generally operating as autonomous data controllers and/or responsible for the processing as well as communication and/or dissemination of data requested in accordance with the law, police authorities, legal authorities, information and security services, or other public authorities for purposes of defence and national security or prevention, checking or prevention of criminal offences. The data may not be disseminated to other parties.
Personal data are managed and stored on servers within the European Union. However, if the Data Controller hold it necessary, the servers may be moved within Italy and (or in the EU region and/or outside of the EU). In said event, the Data Controller guarantees that the transfer of data outside of the EU will take place in accordance with current law, establishing if necessary agreements that guarantee an adequate level of safeguarding and/or adopting the standard contractual clauses laid down by the European Commission.
In accordance with section 7 of the Italian Privacy Law and sections 15 and subsequent of the GDPR, the User has the right to obtain:
To exercise the above rights, Users may send a message by email to the Data Controller, as stated in section 1, with the subject reference “Privacy”. We inform you that if you believe your rights have been violated by the Data Controller and/or third parties, you have the right to lodge a complaint with the Guarantor for the Protection of Personal Data and/or other competent authority as stated by the GDPR.
The User’s Personal Data will be processed by the Data Controller strictly for the time necessary to achieve the purposes for which it was collected as stated in section 3, after which it will be stored solely according to current Data Protection law, for administrative purposes and/or the enforcement or defence of one’s rights. In particular, for marketing purposes, the User’s Personal Data will be stored by the Data Controller for a maximum period of two years; the Data will be stored for profiling activity for no more than one year.
Finally, we inform you that should you believe your rights to have been violated by the Data Controller, you have the right to lodge a complaint with the Guarantor for the Protection of Personal Data and/or any other competent authority as stated by the Regulations published on http://www.garanteprivacy.it/home/urp