Privacy and Cookie Policy

Privacy Policy

We are pleased with your interest in our online store. Protecting your privacy is very important to us. Below, we provide detailed information on how we process your data.

1. Data Access and Hosting

You can visit our website without providing any personal data. When you visit a page on our website, the server records your access by automatically saving a log file containing, for example, the name of the requested file, your IP address, the date and time of access, the amount of data transferred, and the accessing provider (so-called access data). These data are analyzed exclusively for the purpose of ensuring the proper functioning of the website and improving our offering. This serves our legitimate interests in the correct presentation of our offering, which are overriding in a balancing of interests pursuant to Art. 6 (1) (f) GDPR. All access data will be deleted within seven days of the end of your visit to the site.

2. Data collection and use for contract processing and customer account opening

Personal data is collected only if you provide it to us as part of an order, when contacting us (e.g., via contact form or email), or when creating an account. Mandatory fields are marked as such because in these cases, we absolutely need the data in question to perform the contract, process your contact request, or create an account. Without this data, you will not be able to complete the order and/or activate the account, nor send the contact request. The data collected is clearly indicated by the respective input forms used. The processing of the personal data provided is based on Art. 6, paragraph 1, letter b) of the GDPR to perform the contract and process your requests. Once the contract has been fulfilled or your account has been deleted, the processing of your data will be restricted, and after any retention periods under tax or commercial law have expired, the data will be deleted, unless you have expressly consented to further use of the data. We also reserve the right to further use the data in compliance with the legal provisions, of which you will be duly informed here. You can delete your account at any time by sending a message to the contact details listed below or using the dedicated function within your account.

3. Data Transfer

For the performance of the contract pursuant to Art. 6, paragraph 1, letter b) of the GDPR, your data will be disclosed to the shipping company commissioned with the delivery, if this is necessary for the delivery of the ordered goods. Depending on the payment service provider selected during the ordering process, we disclose the payment data collected to the respective credit institution entrusted with the payment and, if applicable, to the relevant payment service providers commissioned by us or to the selected payment service. If you create a separate account with the payment service provider, some of this data may be collected by the payment service provider itself. In this case, you will need to log in to the payment service provider with your access data during the ordering process. The data protection policy of the respective payment service provider applies.

4. Cookies and Analytics Services

We use cookies on various pages to make visiting our website attractive and to enable the use of certain functions, to display suitable products, or for market research purposes. This serves to safeguard our legitimate interests in the optimized presentation of our offering, which are overriding in the process of balancing the interests pursuant to Art. 6 (1) (f) GDPR. Cookies are small text files that are automatically stored on your device. Some of the cookies we use are deleted at the end of the browser session or after you close your browser (so-called session cookies). Other cookies remain on your device and allow us to recognize your browser the next time you visit (persistent cookies). The storage period is indicated in the cookie settings of your web browser. You can configure your browser to notify you of the presence of cookies and decide whether to accept them individually, to accept them in certain cases, or to reject them altogether. Each browser has different ways of managing cookie settings. The Help menu of each browser describes how to change cookie settings. You can find the cookie settings for your browser at the following links: Internet Explorer™: https://support.microsoft.com/it-it/help/17442/windows-internet-explorer-delete-manage-cookies Safari™: https://support.apple.com/kb/ph21411?locale=it_IT Chrome™: https://support.google.com/chrome/answer/95647?hl=it&hlrm=en Firefox™: https://support.mozilla.org/it/kb/Attivare%20e%20disattivare%20i%20cookie Disabling cookies may prevent the site from functioning correctly. Use of Google Analytics Web Analytics Use of Google (Universal) Analytics for web analytics. For website analytics, this website uses Google (Universal) Analytics, a web analytics service provided by Google LLC (www.google.it). This serves to safeguard our legitimate interests in the optimal presentation of our offering, which are overriding in the process of balancing of interests pursuant to Art. 6 (1) (f) GDPR. Google (Universal) Analytics uses methods that enable an analysis of your use of the website, such as cookies. The information automatically generated by your use of this website is transmitted to a Google server in the USA and stored there. By activating IP anonymization on this website, the IP address is shortened before being transmitted within the member states of the European Union or in other states party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the USA and shortened there. The anonymized IP address transmitted by your browser as part of Google Analytics will not be associated with any other data held by Google. Google LLC is headquartered in the United States and is certified under the EU-US Privacy Shield. The current version of the certificate can be found here: [https://www.privacyshield.gov/list]. Under this agreement between the US and the European Commission, the latter has established an adequate level of data protection for companies certified under the Privacy Shield. You can prevent the collection of data generated by cookies and related to your use of the website (including your IP address) and its transmission to Google, as well as its further processing, by downloading and installing a browser plug-in available through the following link: http://tools.google.com/dlpage/gaoptout?hl=en. Alternatively, you can click this link to prevent Google Analytics from collecting data on this website in the future. An opt-out cookie will then be installed on your device.

5. Rights of Data Subjects

As a data subject, you have the following rights: • Pursuant to Art. 15 of the GDPR, the right to obtain information, to the extent indicated therein, about your personal data that we process; • Pursuant to Art. 16 of the GDPR, the right to obtain the rectification of inaccurate personal data or the completion of incomplete personal data stored by us; • Pursuant to Art. 17 of the GDPR, the right to the erasure of your personal data stored by us, unless there are grounds for further processing: - for exercising the right to freedom of expression and information; - for compliance with a legal obligation; - for reasons of public interest; - for the establishment, exercise, or defense of legal claims; • Pursuant to Art. 18 of the GDPR, the right to obtain restriction of processing of your personal data if: - you contest the accuracy of the data; - the processing is unlawful but you refuse to have it erased; - although we no longer need it, the personal data is necessary for the establishment, exercise, or defense of legal claims; - you object to the processing pursuant to Art. 21 of the GDPR; • pursuant to Art. 20 of the GDPR, the right to receive the personal data concerning you, provided to us, in a structured, commonly used, and machine-readable format, or the right to have the data transmitted to another controller; • pursuant to Art. 77 of the GDPR, the right to lodge a complaint with a supervisory authority. Generally, you can contact the supervisory authority of your habitual place of residence or workplace, or the place where our company is headquartered. For questions regarding the collection, processing, or use of your personal data, your right to access, rectification, restriction of processing, or deletion, as well as questions regarding the withdrawal of consent or objection to a particular use of your data, please contact us directly using the contact details provided in our legal notice.

6. Right to object

To the extent that we process your personal data, as described above, to protect our legitimate interests, which prevail in the context of a balancing of interests, you may object to such processing with future effect. If the data is processed for direct marketing purposes, you may exercise this right at any time, as described above. If the processing is carried out for other purposes, your right to object is limited only to cases that are justified by reasons relating to your particular situation. After you exercise your right to object, your personal data will no longer be processed for these purposes, unless we can demonstrate compelling legitimate grounds for the processing that override your rights, interests, and freedoms, or if the processing is for the establishment, exercise, or defense of legal claims. This does not apply if the processing is for direct marketing purposes. In this case, your personal data will no longer be processed for the aforementioned purposes.

7. Data Controller

For questions regarding the collection, processing, or use of your personal data, for information regarding your right to access, rectify, erase, or block its use, as well as for questions regarding the possible withdrawal of consent already given or objection to a particular use of your data, please contact our Data Protection Officer. RB Cosmetici Srl - email: rbcosmetici@gmail.com