Privacy Policy

 

Introduction

This document (hereinafter “Privacy Policy“) provides information on the processing of personal data collected through this website (hereinafter “Site“) by the company AB Parfums S.p.A. , the data controller (hereinafter “Company” or “Controller“). This Privacy Policy is produced exclusively with reference to the Site and not for other websites that may be consulted by users through the use of links and links contained in the Site itself and therefore constitutes information to the parties concerned pursuant to current legislation and the provisions of art. 13 of EU Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (hereinafter “Regulation“). 

 Identity and contact details of the Controller:

AB Parfums S.p.A. , with registered office at Via Melchiorre Gioia n. 8, 20124 Milan (MI), Italy.

Email: [email protected]

 Principles relating to the processing of personal data

Pursuant to the Regulation, the Controller is responsible for ensuring that personal data are:

  • processed in a lawful, correct and transparent manner;
  • collected for specific, explicit and legitimate purposes, and not further processed in a way incompatible with those purposes;
  • adequate, relevant and limited to what is necessary in relation to the purpose for which they are processed;
  • accurate and, where necessary, kept up to date;
  • kept for a period not exceeding that necessary for the purposes for which they are processed;
  • processed using appropriate technical and organisational measures to safeguard personal data;
  • where data are processed on the basis of consent, such consent must be given freely by the data subject, the request for consent must be made in a clearly distinguishable manner, in an intelligible form and easily accessible, using clear and simple language.

What data do we process

All common personal data, i.e. information that identifies, or at least makes it possible to identify, a natural person (e.g. e-mail address) provided when interacting with the functions of the Site, including navigation data, or when it is possible to register with our “PROVIDERS AREA” and “TRADE AREA” for which specific privacy notices will be provided, or data collected in connection with requests received through the contact e-mail published on the Site ([email protected]) as well as data collected through cookies as specified in the Cookie Policy, may be subject to processing.

In relation to CVs sent spontaneously by candidates through links to AB Parfums’s Linkedin profile on the Site or through the email address indicated above, we point out that the candidate will be provided with a separate privacy policy at the time of the first useful contact, after sending the curriculum.

Why we process the user’s personal data and in what way

The Company may process the user’s common personal data in order to allow the use of the services and functions present on the Site and optimise its operation, to carry out statistics on visits, to manage the requests and notifications received through the Site, for registration in any reserved areas (Providers Area and Trade Area), pursuant to art. 6.1 (lett. a or b) of the Regulation. The Company may also process the user’s personal data in order to comply with obligations deriving from laws, regulations and Community legislation: the legal basis for processing for this purpose is art. 6.1(c) of the Regulation.

The processing of personal data is carried out by means of automated and non-automated tools, with logic strictly related to the purposes of the processing and, in any case, with methods and procedures to ensure the security and confidentiality of the data.

Necessary processings and optional processings

The forms to be filled in on this Site include both data that are strictly necessary to manage the communications and requests of the user, marked with the symbol [*], whose failure to provide information does not allow us to respond to the requests themselves, and optional data that are not strictly necessary to respond to the requests of interested parties. Failure to provide the latter will have no consequences.

Navigation data

The processing of personal data of users who visit the Site only (i.e. without sending communications or using any of the services/functions available) will be limited to navigation data, i.e. those for which transmission to the Site is necessary for the operation of the computer systems responsible for managing the Site and the Internet communication protocols. This category includes, for example, IP addresses or the domain of the computer used to visit the Site and other parameters relating to the operating system used by the user to connect to the Site. The Company collects these and other data (such as, for example, the number of visits and time spent on the Site) only for statistical purposes and in anonymous form in order to monitor the operation of the Site and improve its functionality. This information is not collected in order to be associated with other information on users and to identify the latter; however, by its very nature this information may allow the identification of users through processing and association with data held by third parties. Navigation data are normally deleted after processing in anonymous form but may be stored and used by the Company to ascertain and identify the perpetrators of any computer crimes committed against the Site or through the Site. Except for this eventuality and as specified in the Cookie Policy section, the navigation data described above are only temporarily stored in compliance with the applicable regulations.

 Links to other sites

The Site may contain links to other sites (so-called third-party sites). It is necessary to check the privacy policy of third party websites visited through the Site and obtain information on the conditions applicable to the processing of personal data. This Privacy Policy applies “ONLY” to the Site as defined above.

How we store data and for how long

In accordance with the provisions of Article 5.1.(c) of the Regulation, the information systems and computer programs used by the Company are configured in such a way as to minimize the use of personal and identification data; such data are processed only to the extent necessary to achieve the purposes indicated in this Privacy Policy; the data will be kept for the period of time strictly necessary to achieve the purposes actually pursued and in any case, the criterion used to determine the storage period is based on compliance with the terms permitted by applicable laws and the principles of minimizing processing, limiting storage and rational management of archives. In order to determine the appropriate period of retention of personal data stored by the site with the user’s consent, the Controller also takes into account the following criteria: the specific purposes set out in the information for which the Site stores personal information; the type of relationship in progress with the user (how often the user accesses his account; how regularly he navigates the Site, etc..); any specific request from the user to cancel their data or revoke consent; the legitimate commercial interest of the Controller of the processing.

How we ensure the security and quality of personal data

The Company undertakes to protect the security of the user’s personal data and to comply with the security provisions of the applicable legislation in order to avoid loss of data, unlawful or unlawful use of data and unauthorised access to the same, with particular but not exclusive reference to Articles. 25-32 of the Regulation. The Company uses a variety of advanced security technologies and procedures to help protect the personal data of users; for example, personal data are stored on secure servers located in places with protected and controlled access. The user can help the Company to update and keep correct their personal data by communicating any change related to their address, their qualifications, contact information, etc.

 Who can access the data

Personal data will be made accessible only to those who within the Company, and of parent, associated or subsidiary companies, need it because of their duties or role in the Company.  These subjects, the number of which will be as small as possible, will be suitably trained in order to avoid loss, destruction, unauthorised access or unauthorised processing of the data.

In addition, the data may be communicated to: (i) institutions, authorities, public bodies for their institutional purposes; (ii) professionals, independent collaborators, even in associated form; third parties and suppliers hired by the Company for the provision of services of a commercial, professional and technical nature functional to the management of the Site and related functions (e.g. providers of IT services and Cloud Computing), to the pursuit of the purposes specified above and to the services requested by the user; (iii) third parties in the event of mergers, acquisitions, sale of a company or business branch, audits or other extraordinary operations. These parties will receive only the data necessary for the relative functions and will undertake to use them only for the purposes indicated above and to process them in compliance with the applicable privacy regulations. The data may also be communicated to the legitimate recipients in accordance with the applicable legislation. With the exception of the foregoing, the data are not shared with third parties, whether natural or legal persons, who do not perform any commercial, professional or technical function for the Controller and will not be disclosed. The subjects who receive the data will treat them as Controllers, Processors or authorized subjects to the processing, as the case may be, for the purposes indicated above and in compliance with the applicable privacy law.

Transfer of data to non-EU countries

With regard to the possible transfer of data to third countries, including countries that may not guarantee the same level of protection provided by applicable legislation, the Data Controller hereby informs you that the processing will still be carried out in accordance with one of the methods permitted by the Regulation, such as, for example, the consent of the user, the adoption of Standard Clauses approved by the European Commission, the selection of subjects participating in international programs for the free movement of data, (eg EU-USA Privacy Shield) or operating in countries considered safe by the European Commission.

User rights

The users to whom the personal data refer have the right at any time to obtain confirmation of the existence or otherwise of such data and to know its content and origin, verify its accuracy or request its integration or updating, or correction, cancellation or limitation, or to oppose its processing, to submit a complaint to the supervisory authority pursuant to Art. 15 of the Regulation. In addition, pursuant to Art. 15 of the Regulation, the data subject is entitled to make a complaint to the supervisory authority in accordance with Art. 15 of the Regulation. 7,15,16, 17, 18, 19, 20, 21, 22 and 77 of the same Regulation, each user has the right to request information on the collection and use of their personal data, to access it, to obtain rectification, cancellation (right to be forgotten), limitation of processing, notification in case of rectification or cancellation of personal data or limitation of processing, the portability of data, -, and to oppose, in the cases provided for by law, to their t processing, to submit complaints relating to the collection and processing of personal information to the competent Guarantor authority, to revoke consent to the processing of personal data at any time except the lawfulness of the processing carried out to date on the basis of the consent revoked.

For any request relating to the processing of personal data by the Company, to exercise the rights recognized by applicable law, and to know the updated list of persons to whom the data are accessible, the user can contact the owner at the addresses listed above.

Changes to this Privacy Policy

If any changes are made to this Privacy Policy, the modified version will be published on this Site. The Company therefore invites the user to regularly visit this section to learn about the most recent and updated version of the Privacy Policy.