ARCO COSMETICI S.R.L.
Via dell’Industria, 41/45 - 24126 Bergamo - Italy
Tel. +39.035.322829 - Fax +39.035.314435
Following the consultation of this website, data related to identified or identifiable people may be processed.
This document describes the management methods of the www.arcocosmetici.com website in reference to personal data processing.
This information is provided in accordance with art. 13 of EU Regulation 2016/679 (later, “GDPR”) to those who interact with the services available through this website.
This report is provided solely for this website and not for other websites that may be consulted through links by the user.
- DATA PROCESSING HOLDER
The data processing holder is ARCO COSMETICI S.R.L. based in Via dell’Industria, 41/45 24126 Bergamo.
- RECIPIENTS OF THE DATA TREATMENT
- PURPOSE OF THE PROCESSING DATA AND LEGAL BASIS
The personal data provided are solely processed for purposes strictly connected and necessary for the use of the Website and the Services requested.Your personal data are being processed:
A) Without Your expressed consent (art. 6.1 letter b), c) GDPR), for the following Service Purposes:
- fulfill pre-contractual, contractual and tax obligations resulting from existing relationships with You;
- fulfill the obligations established by law, by a regulation, by community legislation or by an order Authority’s directive (such as anti-money laundering topic).
- ACCESS TO DATA
Your data may be made accessible for the purposes listed in points 3.A):
- to employees, cooperators, internal data processors (if appointed) of the Holder;
- to professional studios, consultants, providers of installing services, IT and telecommunication systems assistance and maintenance, system administrators that carry out outsourcing activities on behalf of the Holder as external process managers;
- to public authorities and administrations;
- credit and financial institutions, insurance companies.
- DATA COMMUNICATION
With no need of a stated consent (art. 6.1 letter b) and c) GDPR), the Holder may communicate your data for the purposes listed in point 3.A) to Supervisory Bodies, Judicial Authorities, insurance companies for the provision of insurance services, as well as to those entity to whom communication is mandatory by law. These subjects will process the data in their capacity as independent data controllers.
Your data will not be spread.
- DATA TRANSFER
Your data may be disclosed, in compliance with the current legislation, to external companies appointed by the Holder to perform various services, as for instance the assistance and maintenance of the Website and related Services.
In general, Your personal data will not be transferred or stored in a destination outside the European Economic Area.
If necessary for the management of the contractual relationship, some data might be transferred outside the European Economic Area. In this case, the recipients of Your data will be subject to obligations of protection and security equivalent to those guaranteed by the Data Controller.
In any case, only the data necessary for the pursuit of the aforementioned purposes will be communicated and the adequate guarantees applicable to transfers of data to third parties will be respected. (e.g.: Standard data protection clauses adopted by the European Commission).
Personal data are not subject to disclosure.
- PROCESSING METHOD AND CONSERVATION PERIOD
The treatment of Your personal data is carried out by means of the operations indicated in art. 4 n.2) GDPR and specifically: collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data. Your personal data are subjected to both paper and electronic and/or automated processing. Personal data are processed with automated tools for the time strictly necessary to achieve the purposes for which they were collected. Specific security measures are observed in order to prevent the loss of data, illicit or incorrect use and unauthorized access. Appropriate measures are also adopted concerning the processing of personal data deriving from the activities of communication or disclosure of personal data on the institutional website, in implementation of the current regulatory provisions on transparency, advertising of the administrative action, as well as consultation of documents on the initiative of the individual subjects. For this purpose, any document containing personal data is available on the website only through the internal search engine and only for a period sufficient to the achievement of the purposes for which the documents have been made public. The accessibility of documents containing personal data exclusively by those entitled is guaranteed by their availability in areas with limited access.
The Holder will process Your personal data for the time necessary to fulfill the aforementioned purposes and, in any case, for no more than 10 years after the end of the Service Finality relationship.
- NATURE OF DATA BESTOWAL AND CONSEQUENCES OF REFUSING TO RESPOND
The bestowal of data for the purposes set out in point 3.A) is mandatory. In their absence, we will not be able to guarantee the Services listed in point 3.A).
- TYPES OF DATA PROCESSING
a) Surfing data
During their ordinary operations, IT systems and software procedures used to operate this website acquire some personal data which transmission is implicit in the use of internet communication protocols.
These information are not collected to be associated with identified interested parties, but that by their own nature may allow to identity users through processing and association with data held by third parties.
This data category includes: IP addresses or domain names of the computers used by the users that connect to the Website, URL notation addresses (Uniform Resource Identifier) of the requested resources, request’s time, method used to submit the request to the server, dimension of the answered file obtained, numerical code indicating the state of the answer given by the server (successful, error, etc.) and other benchmarks related to the operating system or IT environment of the user.
These data may be solely used by authorities responsible for the acceptance of the responsibility in case of hypothetical computer crimes against the website.
No users’ personal data is acquired on purpose by the website.
Cookies are not used to transmit personal information nor will c.d. persistent cookies of any kind, namely systems for users tracking.
The use of c.d. session cookies (which are not persistently memorized on the user’s computer and vanish when the browser is closed) is strictly limited to the transmission of session identifiers necessary to allow the safe and efficient surfing of the website.
C.d. cookies session used in this website avoid the turning to other IT techniques potentially injurious to users’ surfing confidentiality and do not allow the acquiring of the user identifying personal data.
c) Optional data bestowal
Besides what is aforementioned in surfing data, the user is free to provide personal data reported in the data request forms. Failure to bestowal may cause the impossibility to receive what has been requested.
d) Data deliberately provided by the user
The optional, explicit and deliberate sending of e-mails to the addresses indicated in this Website entails the subsequent acquiring of the sender's address, necessary to respond to requests, as well as any other personal data included in the message.
- HOLDER, RESPONSIBLE AND APPOINTED
The Holder is ARCO COSMETICI S.R.L. based in Via dell’Industria 41/45 - 24126 Bergamo - Italy.
The updated list of the persons in charge for the processing is kept at the legal residence of the Holder of treatment data and can be viewed on Your request.
- RIGHTS OF THE INTERESTED PARTIES
The subjects to whom the personal data refer have, at any time, the right to obtain confirmation of the existence of the same data, to verify the accuracy, or to request its integration or updating, or cancellation (art. 15-19 UE REGULATION 2016/679).
The requests must be sent to firstname.lastname@example.org
Interested parties who believe that the processing of personal data reported to them through this website is in violation of the provisions of the Regulation have the right to submit a complaint with the Guarantor, as provided under art. 77 of the Regulation, or to take appropriate judicial offices (art. 79 of the Regulation).
The Holder periodically checks the privacy and security policy and, if necessary, revises it in relation to regulatory, organizational or technological changes. In case of policy changes, the new version will be published on this page of the website.
Version updated to 20/09/2018