Privacy Policy
Privacy Policy di www.beautiemilano.com
This Website collects some Personal Data from its Users.
Users may be subject to different levels of protection. Some Users therefore enjoy superior protection. More information about the security policies can be found in the applicability section.
Below you will find the main information on the processing by Hoculus srl of your personal data in relation to your browsing of beautiemilano.com and the use of the services offered.
This document can be printed using the print command present in the settings of any browser.
Data Controller
Hoculus srl - Via B. Telesio 12, 20145 Milan Italy
For any clarification, question or requirement related to your privacy and the processing of your personal data, you can contact us at any time by sending an email request to our customer service or by calling 3342483026.
Owner contact email: info@hoculus.com
Types of data collected
Among the Personal Data collected by this Website, either independently or through third parties, there may be: cookies; usage data; telephone number; first name; last name; email address.
Your personal data are processed, in particular, for the following purposes:
- to conclude and execute the purchase contract for goods offered on beautiemilano.com;
- manage your requests forwarded to our Customer Service.
Only with your express consent, however, we process your personal data to:
- send you our newsletters via e-mail (communications on news and commercial promotions);
- send you SMS messages about our news and commercial promotions (SMS service);
- send you commercial and promotional communications about our products and services and carry out opinion polls and market research (via e-mail, SMS, telephone and paper mail);
- customize the Site and commercial communications based on your characteristics and interests.
Complete details on each type of data collected are provided in the dedicated sections of this privacy policy or through specific information texts displayed before the data is collected.
Personal Data may be freely provided by the User or, in the case of Usage Data, collected automatically when using this Website.
Unless otherwise specified, all Data requested by this Website are mandatory.
If the User refuses to communicate them, it may be impossible for this Website to provide the Service. In cases where this Website indicates some Data as optional, Users are free to refrain from communicating such Data, without this having any consequence on the availability of the Service or on its operation.
Users who have doubts about which data are mandatory are encouraged to contact the owner.
Any use of Cookies - or other tracking tools - by this Website or by the owners of third party services used by this Website, unless otherwise specified, is intended to provide the Service requested by the User, as well as for the additional purposes described in this document and in the Cookie Policy, if available.
The User assumes responsibility for the Personal Data of third parties obtained, published or shared through this Website and guarantees to have the right to communicate or disseminate them, freeing the Owner from any liability to third parties.
Method and place of processing of the collected data
Processing methods
The Data Controller adopts the appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of Personal Data.
The processing is carried out using IT and / or telematic tools, with organizational methods and with logic strictly related to the purposes indicated. In addition to the Data Controller, in some cases, other subjects involved in the organization of this Website (administrative, commercial, marketing, legal, system administrators) or external subjects (such as third party technical service providers, postal couriers) may have access to the Data. , hosting providers, IT companies, communication agencies) also appointed, if necessary, as Data Processors by the Data Controller. The updated list of Managers can always be requested from the Data Controller.
Legal basis of the processing
The Data Controller processes Personal Data relating to the User if one of the following conditions exists:
- the User has given consent for one or more specific purposes; Note: in some jurisdictions the Data Controller may be authorized to process Personal Data without the User's consent or another of the legal bases specified below, as long as the User does not object ('opt-out') to such treatment. However, this is not applicable if the processing of Personal Data is governed by European legislation on the protection of Personal Data;
- the processing is necessary for the execution of a contract with the User and / or for the execution of pre-contractual measures;
- the processing is necessary to fulfill a legal obligation to which the Data Controller is subject;
- the processing is necessary for the execution of a task of public interest or for the exercise of public authority vested in the Data Controller;
- the processing is necessary for the pursuit of the legitimate interest of the Data Controller or third parties.
However, it is always possible to ask the Data Controller to clarify the concrete legal basis of each treatment and in particular to specify whether the treatment is based on the law, provided for by a contract or necessary to conclude a contract.
Place
The Data is processed at the Data Controller's operating offices and in any other place where the parties involved in the processing are located. For more information, please contact the Data Controller.
The User's Personal Data may be transferred to a country other than that in which the User is located. To obtain further information on the place of processing, the User can refer to the section relating to the details on the processing of Personal Data.
In case of superior protection, the User has the right to obtain information regarding the legal basis for the transfer of Data outside the European Union or to an international organization governed by public international law or consisting of two or more countries, such as for example the UN, as well as regarding the security measures adopted by the Data Controller to protect the Data.
If one of the transfers described above takes place, the User can refer to the respective sections of this document or request information from the Data Controller by contacting him at the details indicated in opening.
Retention period
The Data are processed and stored for the time required by the purposes for which they were collected.
Therefore:
- Personal Data collected for purposes related to the execution of a contract between the Owner and the User will be retained until the execution of this contract is completed.
- Personal Data collected for purposes attributable to the legitimate interest of the Data Controller will be retained until this interest is satisfied. The User can obtain further information regarding the legitimate interest pursued by the Data Controller in the relevant sections of this document or by contacting the Data Controller.
When the processing is based on the User's consent, the Data Controller can keep the Personal Data longer until such consent is revoked. Furthermore, the Data Controller may be obliged to keep Personal Data for a longer period in compliance with a legal obligation or by order of an authority.
At the end of the retention period, the Personal Data will be deleted. Therefore, at the end of this term the right of access, cancellation, rectification and the right to data portability can no longer be exercised.
Purpose of the processing of collected data
The User's Data are collected to allow the Owner to provide the Service, fulfill legal obligations, respond to requests or executive actions, protect their rights and interests (or those of Users or third parties), identify any malicious activities. or fraudulent, as well as for the following purposes: Statistics, Payment Management, Advertising, Remarketing and Behavioral Targeting, Tag Management, Platform and Hosting Services and Content and Function Performance Tests (A / B testing).
To obtain detailed information on the purposes of the processing and on the Personal Data processed for each purpose, the User can refer to the section 'Details on the processing of Personal Data'.
Details on the processing of Personal Data
Personal Data is collected for the following purposes and using the following services:
Payment management
Unless otherwise specified, this Website processes all payments by credit card, bank transfer or other means through external payment service providers. In general, and unless otherwise stated, Users are requested to provide payment details and personal information directly to such payment service providers.
This Website is not involved in the collection and processing of such information: instead it will only receive a notification from the payment service provider in question that the payment has been made.
PayPal (Paypal)
PayPal is a payment service provided by PayPal Inc., which allows the User to make online payments.
Personal Data processed: various types of Data as specified in the privacy policy of the service.
Place of processing: See the Paypal privacy policy - Privacy Policy.
Stripe (Stripe Inc)
Stripe is a payment service provided by Stripe Inc.
Personal Data processed: various types of Data as specified in the privacy policy of the service.
Place of processing: United States - Privacy Policy.
Apple Pay (Apple Inc.)
Apple Pay is a payment service provided by Apple Inc., which allows the User to make payments using their mobile phone.
Personal Data processed: various types of Data as specified in the privacy policy of the service.
Place of processing: United States - Privacy Policy.
Amazon Payments (Amazon)
Amazon Payments is a payment service provided by Amazon.com, Inc., which allows the User to make online payments using their Amazon credentials.
Personal Data processed: various types of Data as specified in the privacy policy of the service.
Place of processing: See Amazon's privacy policy - Privacy Policy.
Tag management
This type of service is functional to the centralized management of the tags or scripts used on this Website.
The use of these services involves the flow of User Data through them and, where appropriate, their retention.
Google Tag Manager (Google Ireland Limited)
Google Tag Manager is a tag management service provided by Google Ireland Limited.
Personal Data processed: Cookies; Usage data.
Place of processing: Ireland - Privacy Policy.
Klaviyo Inc.
Purpose
Manage contacts and send messages
Personal data collected
- First name
- Last name
- Date of birth
- Telephone number
- Purchase history
Description
Klaviyo is an address management and email message service provided by Klaviyo Inc.
To use the service provided by Klaviyo, the Data Controller generally shares information regarding Users (who make purchases), such as contact details and purchase history. For further information regarding the extent of this sharing, check the indications given below under the heading 'Personal Data processed'.
Commercial break
This type of service allows the User Data to be used for commercial communication purposes in various forms of advertising, such as banners, also in relation to the User's interests.
This does not mean that all Personal Data is used for this purpose. Data and conditions of use are indicated below.
Some of the services listed below may use cookies to identify the user or use the behavioral retargeting technique, that is to display advertisements tailored to the interests and behavior of the user, also detected outside this website. more information on this, we suggest you check the privacy policies of the respective services.
In addition to the possibility to opt-out offered by the services listed below, the User can opt for the exclusion of the use of cookies by a third party service for some advertising features by visiting the opt-out page of the Network Advertising Initiative.
Users can also choose not to participate in certain advertising features through the corresponding device configuration options, such as the mobile device advertising configuration options or the generic advertising configuration .
Facebook like audience (Facebook, Inc.)
Facebook Similar Audience is an advertising and behavioral targeting service provided by Facebook, Inc. that uses Data collected through the Facebook Custom Audience service in order to show advertisements to Users with similar behavior to Users who are already in a list. Custom Audience based on their previous use of this Website or their interaction with relevant content through Facebook applications and services.
Based on this Data, personalized ads will be shown to Users suggested by Facebook Similar Audience.
Users can choose not to use Facebook cookies for ad personalization by visiting this opt-out page .
Personal Data processed: Cookies; Usage data.
Place of processing: United States - Privacy Policy - Opt Out.
Direct marketing via SMS (this Website)
This Website uses User Data to send commercial proposals relating to services and products provided by third parties or not related to the product or service provided by this Website.
By subscribing to Beautie Milano SMS notifications, you agree to receive automated marketing text messages from us about our products and services at the telephone number provided at the time of registration and that messages can be sent via the automatic telephone dialing system or others. technologies. The frequency of messages is recurring. Consent is not a condition of purchase. Message and data rates may apply. Reply STOP, END, CANCEL, UNSUBSCRIBE or QUIT to unsubscribe and HELP for customer support. You may receive an additional text message confirming your decision to opt out. You understand and agree that attempting to cancel by any means other than sending SMS to the above opt-out commands may not be effective.
Personal Data processed: surname; first name; telephone number.
Remarketing
This type of service allows this Website and its partners to communicate, optimize and serve advertisements based on the past use of this Website by the User.
This activity is facilitated by the tracking of Usage Data and the use of Tracking Tools to collect information which is then transferred to the partners who manage the remarketing and behavioral targeting activities.
Some services offer a remarketing option based on email address lists.
In addition to the opt-out features offered by the services listed below, the User can opt-out by visiting the opt-out page of the Network Advertising Initiative.
Users can also choose not to participate in certain advertising features through the corresponding device configuration options, such as the mobile device advertising configuration options or the generic advertising configuration .
Facebook Remarketing (Facebook, Inc.)
Facebook Remarketing is a remarketing and behavioral targeting service provided by Facebook, Inc. that connects the activity of this Website with the Facebook advertising network.
Personal Data processed: Cookies; Usage data.
Place of processing: United States - Privacy Policy - Opt Out.
Platform and hosting services
These services are intended to host and operate key components of this Website, making it possible to provide this Website from a single platform. These platforms provide the Owner with a wide range of tools such as, for example, analytical tools, for managing user registration, for managing comments and the database, for e-commerce, for processing payments etc. The use of these tools involves the collection and processing of Personal Data.
Some of these services work through servers geographically located in different places, making it difficult to determine the exact place where Personal Data is stored.
Shopify (Shopify Inc.)
Shopify is a platform provided by Shopify Inc. that allows the Owner to develop, operate and host a website dedicated to electronic commerce.
Personal Data processed: various types of Data as specified in the privacy policy of the service.
Place of processing: Canada - Privacy Policy.
Statistics
The services contained in this section allow the Data Controller to monitor and analyze traffic data and are used to keep track of User behavior.
Google Analytics (Google Ireland Limited)
Google Analytics is a web analytics service provided by Google Ireland Limited ('Google'). Google uses the Personal Data collected for the purpose of tracking and examining the use of this Website, compiling reports and sharing them with other services developed by Google.
Google may use the Personal Data to contextualize and personalize the advertisements of its own advertising network.
Personal Data processed: Cookies; Usage data.
Place of processing: Ireland - Privacy Policy - Opt Out.
Facebook Ads conversion tracking (Facebook pixel) (Facebook, Inc.)
Facebook Ads conversion tracking (Facebook pixel) is a statistics service provided by Facebook, Inc. that connects data from the Facebook ad network with actions performed on this Website. The Facebook pixel monitors the conversions that can be attributed to Facebook, Instagram and Audience Network ads.
Personal Data processed: Cookies; Usage data.
Place of processing: United States - Privacy Policy.
Google Ads conversion tracking (Google Ireland Limited)
Google Ads Conversion Tracking is a statistics service provided by Google Ireland Limited that links data from the Google Ads ad network with actions performed on this Website.
Personal Data processed: Cookies; Usage data.
Place of processing: Ireland - Privacy Policy.
Content performance
The services contained in this section allow the Data Controller to track and analyze the response from the User, in terms of traffic or behavior, in relation to changes in the structure, text or any other component of this Website. .
Google Optimize (Google Ireland Limited)
Google Optimize is an A / B testing service provided by Google Ireland Limited ('Google').
Google may use the Personal Data to contextualize and personalize the advertisements of its advertising network.
Personal Data processed: Usage data; Tracking Tool.
Place of processing: Ireland - Privacy Policy.
Further information on Personal Data
Sale of goods and services online
The Personal Data collected are used for the provision of services to the User or for the sale of products, including payment and possible delivery. The Personal Data collected to complete the payment may be those relating to the credit card, the current account used for the transfer or other payment instruments provided. The payment data collected by this website depend on the payment system used.
Rights of the User
Users can exercise certain rights with reference to the Data processed by the Data Controller.
In case of superior protection, the User can exercise all the rights listed below. In any other case, the User can contact the owner to find out which rights are applicable in his case and how to exercise them.
In particular, the User has the right to:
- withdraw consent at any time. The User can revoke the consent to the processing of their Personal Data previously expressed.
- oppose the processing of their data. The User can oppose the processing of their data when it occurs on a legal basis other than consent. Further details on the right to object are indicated in the section below.
- access their data. The User has the right to obtain information on the Data processed by the Data Controller, on certain aspects of the processing and to receive a copy of the Data processed.
- verify and request rectification. The User can verify the correctness of his / her Data and request its updating or correction.
- obtain the limitation of the treatment. When certain conditions are met, the User may request the limitation of the processing of their Data. In this case the Data Controller will not process the Data for any other purpose than their conservation.
- obtain the cancellation or removal of their Personal Data. When certain conditions are met, the User can request the cancellation of their Data by the Owner.
- receive their data or have them transferred to another owner. The User has the right to receive his / her Data in a structured format, commonly used and readable by an automatic device and, where technically feasible, to obtain the transfer without obstacles to another owner. This provision is applicable when the Data is processed with automated tools and the processing is based on the User's consent, on a contract to which the User is a party or on contractual measures connected to it.
- propose a complaint. The User can lodge a complaint with the competent personal data protection supervisory authority or act in court.
Details on the right to object
When Personal Data are processed in the public interest, in the exercise of public authority vested in the Data Controller or to pursue a legitimate interest of the Data Controller, Users have the right to oppose the processing for reasons connected to their particular situation.
Users are reminded that, if their Data are processed for direct marketing purposes, they can oppose the processing without providing any reasons. To find out if the Data Controller processes data for direct marketing purposes, Users can refer to the respective sections of this document.
How to exercise your rights
To exercise the User's rights, Users can direct a request to the contact details of the Owner indicated in this document. Requests are filed free of charge and processed by the Data Controller as soon as possible, in any case within one month.
Applicability of the higher level of protection
While most of the provisions of this document apply to all Users, some are expressly subject to the applicability of a higher level of protection to the processing of Personal Data.
This higher level of protection is always guaranteed when the treatment:
- it is performed by a Data Controller based in the EU; that is to say
- concerns Personal Data of Users located in the EU and is functional to the offer of goods or services for consideration or free of charge to such Users; that is to say
- concerns Personal Data of Users located in the EU and allows the Owner to monitor the behavior of such Users to the extent that such behavior takes place within the Union.
Cookie Policy
This Website uses Tracking Tools. To find out more, the User can consult the Cookie Policy.
Further information on the treatment
Defense in court
The User's Personal Data may be used by the Owner in court or in the preparatory stages for its eventual establishment for the defense against abuse in the use of this Website or related Services by the User.
The User declares to be aware that the Owner may be obliged to disclose the Data by order of the public authorities.
Specific information
At the request of the User, in addition to the information contained in this privacy policy, this Website may provide the User with additional and contextual information regarding specific Services, or the collection and processing of Personal Data.
System log and maintenance
For needs related to operation and maintenance, this Website and any third party services used by it may collect system logs, i.e. files that record the interactions and which may also contain Personal Data, such as the User IP address.
Information not contained in this policy
Further information in relation to the processing of Personal Data may be requested at any time from the Data Controller using the contact details.
Response to 'Do Not Track' requests
This Website does not support 'Do Not Track' requests.
To find out if any third-party services used support them, the User is invited to consult the respective privacy policies.
Changes to this privacy policy
The Data Controller reserves the right to make changes to this privacy policy at any time by notifying Users on this page and, if possible, on this Website as well as, if technically and legally feasible, by sending a notification to Users through one of the extremes. contact number of which it is in possession. Please therefore consult this page frequently, referring to the date of the last modification indicated at the bottom.
If the changes concern treatments whose legal basis is consent, the Data Controller will collect the User's consent again, if necessary.
Definitions
Personal Data (or Data)
Any information that, directly or indirectly, also in connection with any other information, including a personal identification number, makes a natural person identified or identifiable constitutes personal data.
Usage Data
This is information collected automatically through this Website (including from third-party applications integrated into this Website), including: the IP addresses or domain names of the computers used by the User who connects with this Website, the addresses in URI (Uniform Resource Identifier) notation, the time of the request, the method used to forward the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response from the server (successful, error, etc. .) the country of origin, the characteristics of the browser and the operating system used by the visitor, the various temporal connotations of the visit (for example the time spent on each page) and the details of the itinerary followed within the Application,with particular reference to the sequence of the pages consulted, to the parameters relating to the operating system and the IT environment of the User.
User
The individual using this Website who, unless otherwise specified, coincides with the Data Subject.
Interested
The natural person to whom the Personal Data refers.
Data Processor (or Manager)
The natural person, legal person, public administration and any other body that processes personal data on behalf of the Data Controller, as set out in this privacy policy.
Data Controller (or Owner)
The natural or legal person, public authority, service or other body which, individually or together with others, determines the purposes and means of the processing of personal data and the tools adopted, including the security measures relating to the operation and use of this Website. The Data Controller, unless otherwise specified, is the owner of this Website.
This Website (or this Application)
The hardware or software tool through which the Personal Data of Users are collected and processed.
Service
The Service provided by this Website as defined in the relative terms (if any) on this site / application.
European Union (or EU)
Unless otherwise specified, any reference to the European Union contained in this document is intended to be extended to all current member states of the European Union and the European Economic Area.
Cookies
Cookies are Tracking Tools which consist of small pieces of data stored in the User's browser.
Tracking Tool
By Tracking Tool we mean any technology - eg. Cookies, unique identifiers, web beacons, integrated scripts, e-tags and fingerprinting - which allow users to be tracked, for example by collecting or saving information on the User's device.
Legal references
This privacy statement is drawn up on the basis of multiple legislative systems, including articles. 13 and 14 of Regulation (EU) 2016/679.
Unless otherwise specified, this privacy policy applies exclusively to this Website.