INFORMATION NOTICE ON THE PROCESSING OF PERSONAL DATA

Dear Customer,

ANNA MAZZEO, Beautician based in Via Roma, 48/A – 11013 Courmayeur (hereinafter referred to as the “Data Controller”), in her capacity as Data Controller, informs you that the personal data provided by clients for information requests are processed in accordance with current data protection laws.

1. Purposes and legal basis of processing:

A: To respond to information requests received The personal data voluntarily provided through the website www.nanamonbijou.it (such as personal details, address, phone number, email address, etc.) will be processed without the need for the Data Subject’s prior consent (Art. 6(b) of the European Regulation No. 2016/679);

B: For promotional or marketing purposes personal data voluntarily provided through the website www.nanamonbijou.it (such as personal details, address, phone number, email address, etc.) will be processed only with the explicit consent of the Data Subjects (Art. 6(a) of the European Regulation No. 2016/679).

2. Data provision requirement: providing data for the purposes described in paragraph 1A is mandatory, and refusal to do so will make it impossible to provide the requested information. Failure to give consent for the purposes described in paragraph 1B will not in any way affect the possibility of receiving such information.

3. Data retention period: for the processing referred to in paragraph 1A, the Data Controller will retain the collected data for the time necessary to provide the requested information. In the event of consent for promotional or marketing purposes, the data will be retained for a period of 3 years from the date of collection.

4. Data communication: without the need for prior consent, the Data Controller may communicate data for the purposes referred to in paragraph 1A to entities to whom communication is mandatory by law, in order to fulfill clear and predetermined purposes. Data may be made accessible, for the purposes referred to in paragraph 1A, to the Data Controller’s employees and/or data processors and/or system administrators, as well as to third-party companies or other subjects (accountants, consultants, etc.) that perform outsourced activities on behalf of the Data Controller.

5. Data transfer: personal data are stored on servers located within the European Union. In any case, the Data Controller reserves the right, if necessary, to move the servers outside the EU. In such cases, the Data Controller ensures that any transfer of data outside the EU will be carried out in compliance with applicable legal provisions, including the signing of standard contractual clauses approved by the European Commission.

6. Data Subject’s rights: the Data Subject is entitled to exercise the rights provided for in Article 15 of the GDPR. Where applicable, the Data Subject may also exercise the rights set out in Articles 16–21 of the GDPR (right to rectification, right to erasure, right to restriction of processing, right to data portability, right to object), as well as the right to lodge a complaint with the competent Supervisory Authority. These rights may be exercised at any time by sending a registered letter to the Data Controller or an email to info@consulenteinrete.it.

7. Data Controllers, Processors, and authorized personnel: the updated list of internal and external data processors and authorized personnel involved in processing is kept at the registered office of the Data Controller.

———————————————————————————————————————————

Browsing data:

The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.

This information is not collected to be associated with identified data subjects, but by its very nature could, through processing and association with data held by third parties, allow users to be identified.

This category of data includes IP addresses or domain names of computers used by users connecting to the site, the URI (Uniform Resource Identifier) addresses of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the server response (successful, error, etc.), and other parameters related to the user’s operating system and IT environment.

This data is used solely for the purpose of obtaining anonymous statistical information on site usage and to check its correct functioning, and is deleted immediately after processing. The data may be used to ascertain responsibility in case of hypothetical computer crimes against the site; apart from this eventuality, data on web contacts do not persist for more than seven days.

Data voluntarily provided by the user:

The optional, explicit, and voluntary sending of emails to the addresses indicated on this site entails the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data included in the message.

Specific summary information will be progressively displayed or provided on the pages of the site set up for particular on-demand services.

Cookies:

No personal data of users is acquired by the site in this regard.

No cookies are used for the transmission of personal information, nor are any persistent cookies of any kind or user tracking systems employed.

The use of so-called session cookies (which are not stored permanently on the user’s computer and disappear when the browser is closed) is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to enable secure and efficient site browsing.

The session cookies used on this site avoid the use of other IT techniques that could potentially compromise the confidentiality of user navigation and do not allow the acquisition of personal identification data of the user.