EN

Privacy Policy

Information pursuant to Articles 13 and 14 of Regulation (EU) 2016/679

With this document (‘Information Notice’) the Data Controller, as defined below

wishes to inform you about the purposes and methods of the processing of your personal data and about your

rights granted to you by Regulation (EU) 2016/679 on the protection of

individuals with regard to the processing of personal data and on their free

movement (‘GDPR’). This Policy may be supplemented by the Controller where any

additional services requested by you entail further processing.

1. Data Controller and Data Processor, DPO

The Data Controller is

THE BEAUTY GROUP S.R.L.

Tax code/VAT number 13650200960

Head Office Address VIA FRATELLI GABBA, 5 CAP 20121 MILAN (MI)

The Data Controller and the DPO, also through the designated structures, will take charge of your

your request and provide you, without undue delay and, at the latest, within one month

of receipt of the same, the information relating to the action taken in respect of your

request.

We inform you that should the Controller have any doubts as to the identity of the individual making the

submitting the request, it may request further information necessary to confirm the identity

of the person concerned.

Categories of Data Subjects: Natural persons, legal persons, public and

private organisations.

2. Treatments

2.1. WEB treatment


PROCESSING: WEB – NAVIGATION DATA

The computer systems and software procedures used to operate this website

acquire, in the course of their normal operation, certain personal data whose transmission is

implicit in the use of Internet communication protocols. This information is not

collected to be associated with identified interested parties, but which by their very nature

could, through processing and association with data held by third parties, allow the

identify users. This category of data includes the IP addresses or domain names of the

computers used by users who connect to the site, addresses in URI notation

(Uniform Resource Identifier) notation of the resources requested, the time of the request, the method used

in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response

numeric code indicating the status of the response given by the server (successful, error, etc.) and other

parameters relating to the user’s operating system and computer environment. These data

are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to

control its correct functioning and are deleted after processing. The data

could be used to ascertain responsibility in the event of hypothetical computer crimes against the site.

computer crimes against the site.

Nature of data provision: Compulsory

Consequences of refusal to provide data Failure to provide data will result in

the impossibility for the company to provide the web service provided.

Minimum data protection measures: To be indicated

Personal data retention period: Your personal data will be actively processed for the

duration of the first and third party analytical systems.

Reference processing rules: The legal basis for registration to the Site and the

provision of related services is the necessity of execution of your request, in compliance

Article 6(1)(b) GDPR. Therefore, the acquisition of your

Your prior consent to the processing.

2.2. Trattamento WEB

PROCESSING: WEB – SENDING CURRICULUM VITAE

Through the ‘Work with us’ section of the Site you may provide your personal data and CV to the

Holder in order to apply for open positions or possible future positions. Your personal data

processed exclusively for the management of your application and related activities.

related activities.

Nature of data provision: Obligatory

Consequences of refusal to provide data Failure to provide consent will result in

the impossibility for the Data Controller to receive your Curriculum Vitae and to perform the activities aimed at managing your application.

activities aimed at managing your application.

Minimum data protection measures: password, firewall, antivirus, reCAPTCHA

Personal data storage period: Your personal data processed for the management of your CV

will be kept for N months after receipt or negative result of a selection, in order to

be considered for possible future positions.

Reference processing rules: The legal basis for registration to the Site and the

provision of related services is the necessity of execution of your request, in compliance

Article 6(1)(b) GDPR. Therefore, the acquisition of your

Your prior consent to the processing.

2.3. Trattamento WEB

TREATMENT: WEB – COMMERCIAL NEWSLETTER

Should you wish to be updated on the latest products and services offered by the

Data Controller or third party companies, you will be able to join our

marketing initiatives, allowing the Controller to send you the newsletter and further commercial communications.

commercial communications.

Nature of conferment: Optional

Consequences of refusal to provide data: Failure to provide data will not affect the

satisfaction of your requests and the use of web services but will make it impossible for the

Data Controller to send you commercial communications.

Minimum data protection measures: password, firewall, antivirus, reCAPTCHA

Personal data retention period: Your personal data will be actively processed for the

time necessary for the management of the existing relationship and/or the execution of the contract. The

information collected for the evaluation of the conclusion of the contract, in the event of non

completion, will be deleted within N months..

2.4. Trattamento WEB

TREATMENT: WEB – NEWSLETTER USE OF SERVICE

Should you wish to be updated on the latest products and services offered by the

Data Controller, you will be able to join our marketing initiatives by allowing

the Controller to send you the newsletter and further commercial communications.

Nature of conferment: Optional

Consequences of refusal to provide data: Failure to provide data will not affect the

satisfaction of your requests and the use of web services but will make it impossible for the

Data Controller to send you commercial communications.
Minimum data protection measures: password, firewall, antivirus, reCAPTCHA
Personal data retention period: Your personal data will be processed until
you decide to revoke your consent or object to the processing.
Reference processing rules: The legal basis for registration on the Site and the
provision of related services is the need to execute your request, in compliance
Article 6(1)(b) GDPR. Therefore, the acquisition of your
Your prior consent to the processing.

2.5. Trattamento WEB

PROCESSING: WEB – REQUESTS MADE THROUGH THE SITE
Your personal data may be processed by the Controller to fulfil your requests
made by writing to one of the e-mail addresses available on the Site or by completing the
registration and/or contact forms on the Site.
Nature of conferment: Compulsory
Consequences of refusal to provide data Failure to provide the requested data will result in

the impossibility for the Data Controller to execute your request.

Minimum data protection measures: password, firewall, antivirus, reCAPTCHA
Personal data retention period: The data collected for this purpose will be processed for the
time strictly necessary to fulfil your request and then stored for
10 years after the processing of your request.

Reference processing rules: The legal basis of the processing is the need to
execution of your request, in compliance with Article 6(1)(b) GDPR.
Therefore, the acquisition of your Your prior consent to the processing.

3. Cookies Policy:

3.1. Extended Cookie Policy:

On this site we use technology to collect information to improve your
online experience.
This policy covers the use of cookies and how you can
manage them.
We reserve the right to change this policy at any time. Any changes to
policy will take effect from the date of publication on the Site.

Cookies are small text strings that sites you visit send to your
your terminal equipment (usually your browser), where they are stored and sent back to the same sites the next time you visit.
the same sites the next time the same user visits.

In the course of browsing a site, the user may also receive on his terminal equipment cookies that
sent by different sites or web servers (so-called ‘third parties’), on which some elements may reside (such as, for example, the
certain elements (such as, for example, images, maps, sounds, specific links to pages in other
domains) present on the site that the same person is visiting.
Cookies, usually present in users’ browsers in very large numbers and sometimes even
with characteristics of wide temporal persistence, are used for different purposes
carrying out computer authentication, session monitoring, storing
information on specific configurations concerning users accessing the server, etc.
In order to arrive at a correct regulation of these devices, it is necessary to distinguish them
since there are no technical characteristics that differentiate them from one another precisely
on the basis of the purposes pursued by those who use them.

Cookie Management


Below is a list of the most common browsers with links to their cookie management settings:

Browsers provide a ‘private’ browsing mode, by activating which cookies are
always deleted after closing each browsing session.
Secondly, you can disable third-party profiling cookies by visiting the
http://www.youronlinechoices.com.
You can also disable Google Analytics cookies by downloading the appropriate
browser add-on for disabling Google Analytics at the following
web address: https://tools.google.com/dlpage/gaoptout.


Cookie Policy Terze Parti

Cookie Policy Facebook https://it-it.facebook.com/policies/cookies/

Cookie Policy Google https://www.google.it/intl/it/policies/technologies/cookies/

Cookie Policy Google https://www.linkedin.com/legal/cookie-policy

Cookie Policy Twitter https://twitter.com/it/privacy

Granting of consent for the use of cookies
By continuing navigation from the banner containing the so-called short information,
by scrolling down this page or clicking on any of its elements, you consent to the use of cookies
employed on this website by accepting the cookie policy described above.
You can always revoke your previously given consent through the methods
indicated in the paragraph entitled ‘COOKIE MANAGEMENT’.

4. What rights do you have as a data subject:

In relation to the processing operations described in this Policy, as a data subject you

may, as provided for in European Regulation 679/2016, exercise the rights set out in articles

15 to 21 and, in particular:

1. the data subject contests the accuracy of the personal data, for the period necessary for the controller to verify the accuracy of such data;

2. the processing is unlawful and the data subject objects to the erasure of the personal data and

requests instead that its use be restricted;

3. the personal data are necessary to the data subject for the establishment, exercise or defence of of a legal claim;

4. the data subject has objected to the processing pursuant to Art. 21 GDPR, during the period pending of the verification as to whether any legitimate reasons of the data controller prevail over those of the data subject.

The above rights may be exercised vis-à-vis the Controller by contacting the references above.

The exercise of your rights as a data subject is free of charge in accordance with Article 12 GDPR. However, in the case of requests that are manifestly unfounded or excessive, including by reason of their repetitiveness, the Controller may charge you a reasonable fee, in light of the administrative costs incurred in handling your request, or refuse to comply with your request.

RIGHT OF REVOCATION:

The data subject has the right to revoke his or her consent at any time. Withdrawal of the consent shall not affect the lawfulness of the processing based on the consent before revocation.


· RIGHT OF COMPLAINT:

The interested party has the right to lodge a complaint with the Guarantor Authority for the Protection of Personal Data personal data, Piazza di Montecitorio n. 121, 00186, Rome (RM).

I hereby declare that I have received from the Data Controller the information on the use of my personal data and to consent, pursuant to the privacy legislation, to the processing by the same of the special categories of personal data provided by me for the the performance of activities necessary for the activation and management of relations, operations and services requested by me.

This site is protected by reCAPTCHA, its use is subject to the Privacy Policy and terms of terms of use of Google.