This page describes how the website manages the processing of the personal data of the users that access it. Data processing is always based on principles of lawfulness and fairness in compliance with all applicable regulations in force (and therefore in accordance with the principles of necessity, fairness, lawfulness, transparency and protection of confidentiality) and with aims strictly related to the purposes pursued.
The personal data subject to processing will be processed by G&P COSMETICS SRL (hereinafter also referred to as the “Company”), also considering technological innovations so as to minimise, by means of appropriate preventive security measures, the risk of their destruction or loss, including accidental loss, of unauthorised access to the data or of processing operations that are either unlawful or incompatible with the purposes for which the data were collected. The data shall only be processed to the extent of the operations required to achieve the purposes set out in this document and in any other information provided to users at the time of collection of their data and to which reference should be made.
The data shall be processed in accordance with all applicable regulations and in compliance with REGULATION (EU) 2016/679.
The data may also be arranged in databases, including computerised databases.
The website in question is https://globalfashion.academy/ corresponding to the home page of the site.
The server on which the personal data relating to the website are stored is located at Via Piero Gobetti, 96 52100 Arezzo (AR) – Italy.
In addition to the location of the server, the data may be processed at the Company’s registered office and at the offices of any appointed data processors (and also at the offices of any third-party independent data controllers to whom the data may be communicated and who are specified in this policy or in the relevant policies within the website).
Please note that, in any event, all data may be processed to enforce or defend a right of the Company in the appropriate fora and for all obligations under the law, regulation or EU legislation, bearing in mind that in this sense the provision of data is necessary and failure to do so will make it impossible to access the website and/or to establish any relationship with the Company (including simply by writing an e-mail for information) and that for these purposes the data may be disclosed to judicial or police bodies, lawyers and anyone it may be necessary precisely to meet the obligations laid down by law, regulation or legislation or to enforce or defend a right in the appropriate fora.
In any event, please take note of all the specific information that may be present in the appropriate sections of the website.
The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
This information is not collected to be associated with identified data subjects, but by its very nature could, through processing and association with data held by third parties, allow users to be identified.
This category of data includes IP addresses or the domain names of the computers used by users who connect to the website, the URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user’s operating system and computer environment.
These data are used by the Company for the sole purpose of obtaining anonymous statistical information on the use of the website and to check that it is functioning correctly and are deleted immediately after processing. The data could be used to ascertain responsibility in the event of hypothetical computer crimes to the detriment of the website or more generally of the Company.
The data may be processed on paper, manually, by computer and telematic means (therefore the Company stores and processes the data both on paper and computer).
The provision of such data is optional (except in the case of a request by judicial or police bodies in which case it must be provided) but if it is not provided, navigation on the website will not be possible.
Regarding the specific provision of data for which a specific template exists, please refer to these templates and the relevant policies.
The optional, explicit and voluntary sending of e-mails to the addresses indicated on this website (in the case where only the e-mail address is provided and there is no specific form to fill in, for which reference should be made to the specific policies that regulate the provision in the various forms), will result in the subsequent acquisition by the Company of the sender’s address, necessary to reply to the requests, as well as any other personal data included in the message (and in the attachments to the same) or in the specific forms.
In this case (i.e., where only the address is indicated and there is no specific form to fill in, in the presence of which please refer to the specific policy governing the provision in the various forms/templates) the provision of data is optional, but failure to provide the address or other data necessary to fulfil the request will make it impossible to fulfil the request itself. By sending the e-mail, the data subject explicitly consents to the processing of data to fulfil a request. In case of material dispatching requests, the data necessary for dispatching may be disclosed to the courier or postal service.
The data, in paper or electronic format, may be processed both manually and by means of computer/telematic tools, including organising the data in computer databases. The data will be stored for the period necessary to pursue the purposes indicated.
The data controller is G & P Cosmetics s.r.l., having its registered office in Via L. Mascheroni No. 27 - 20145 Milano (MI-Italy), Tax Code, VAT number and Padua Company Register No. 04778640963, E.A.I. No. MI 1771789, Share Capital EUR 62,500.00 fully paid-in, a company subject to the management and coordination of AGF88 Holding S.r.l., Telephone: +39.0575.720.682 Email: firstname.lastname@example.org.
We inform you that the GDPR allows the data subject to request to the Data Controller (using the contact details provided above) full access to its personal data and the rectification of such data, the data erasure, a restriction to the data processing, and the right to data portability; the data subject may also object to the processing of its data, and exercise the other rights set forth in Chapter 3, Section 1 of the GDPR, including that of revoking consent, where envisaged: revocation of consent shall not however affect the lawfulness of the processing based on the consent given before revocation.
If the User believes that the processing of his or her personal data violates the provisions of the GDPR and privacy regulations, he or she may always lodge a complaint with the Italian Data Protection Authority, whose details can be found at www.garanteprivacy.it.
The legal basis for the data processing is: legal obligations (Italian and European laws), consent where required, and the data controller’s legitimate interests in the relationship with the user.
No data shall be disseminated by the Company
With regard to specific processing operations for which there is a specific form or template on the site or a specific section in this policy, please refer to those forms/templates and their specific sections.
For other processing operations, the data provided by users may be accessed (and processed on behalf of the Company) by persons specifically delegated by the Company (computer technicians, including those external to the Company, consultants, including those external to the Company - legal consultants, computer technicians, consultants responsible for the website management, marketing staff, including those external to the Company, website management staff, including those external to the Company, staff working in the fields regarding which requests may be submitted) and data processors (e.g., companies managing the website or where the website resides as well as outsourcers providing assistance in managing the company such as the parent company) appointed in accordance with the law by the Company. The list of data processors may be obtained by contacting the data controller. All of the aforementioned parties shall only process data that are necessary for the performance of their tasks.
If necessary, and as also specified at the beginning of this policy, the Company may also disclose the data to judicial or police bodies, lawyers and anyone to whom disclosure may be necessary for the purpose of fulfilling the obligations provided for by law, by a regulation or by EU legislation or to assert or defend a right in the appropriate fora.
For navigation data and cookies, please refer to the appropriate sections of this policy.
For the data provided in the forms and templates, please refer to the appropriate sections.
The data that are necessary to address specific requests may be retained until the request has been fulfilled, unless retention for a longer period is required under current Italian and European legislation;
- in order to comply with statutory obligations, regulations and EU legislation, the data may be retained for the periods imposed by these regulatory sources;
- in any case, all data may be retained for a period necessary to enforce or defend a right of the Company under Italian and European law.
As already mentioned, there are specific summary policies on the website pages that are designed for particular services on request. Please also refer to these privacy policies, supplementing this policy.