in accordance with EU Regulation 2016/679
General Data Protection Regulation
With this notice, the company Green Remedies Spa intends to provide users visiting the website www.hinoskincare.com (hereinafter referred to as the "Website") with a brief description of the methods and purposes of the processing of personal data. The processing shall be carried out in compliance with the EU Regulation 2016/679, General Data Protection Regulation (hereinafter referred to as the "Regulation").
The Regulation provides that "Personal Data" shall mean any information relating to an identified or identifiable natural person (hereinafter referred to as "Data Subject"). “Processing" shall mean any operation or set of operations carried out with the aid of automated processes and applied to Personal Data or sets of Personal Data, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or any other form of provision, alignment or combination, restriction, erasure or destruction.
Pursuant to Articles 12 ff. of the Regulation, we hereby provide you with the following information on the processing of Personal Data.
- DATA CONTROLLER
The Data Controller is Green Remedies Spa, with registered office in Padua, via Prima Strada 23/6, Tax code and VAT no. 03802660286 (hereinafter also referred to as the "Data Controller").
- PURPOSE AND LEGAL BASIS OF THE PROCESSING
No registration is required to access the Website, with the exception of areas where the user may freely and expressly provide certain data concerning him/her.
The processing of Personal Data is carried out for the following purposes:
a) activities strictly connected and instrumental to the navigation of the Website and the use of its services, with particular reference to the reserved areas of the Website. The Data Controller processes the Personal Data (such as name, surname, contact details, photographs, skin condition data) provided by the user by filling in the data collection forms available in the various sections of the Website, in order to process: (i) requests for information and reports; (ii) newsletter subscriptions; (iii) spontaneous applications for employment; (iv) registrations to the Skin Analyzer platform; (v) video consulting bookings.
b) to establish and execute contractual relationships and the resulting obligations;
c) to handle the orders and/or purchases made by the user and any activity required for sales and after-sales services (e.g. administrative and accounting activities, shipping, returns and guarantees, customer relations);
(d) to comply with the obligations imposed by any law, regulation, Community legislation or Authority;
e) to send by e-mail, to the e-mail address provided by the Data Subject at the time of purchase of a product or service of the Data Controller, promotional messages on products and/or services similar to those already purchased, without prejudice to the right to oppose at any time the receipt of such communications;
f) upon express consent, to send commercial and/or promotional communications about services, events, products of the Data Controller and Solgar Group companies, such as Solgar Italia Multinutrient Spa, Green Remedies Spa and CNM Italia Srl. Said processing may include marketing and advertising communication activities carried out through both automated (e.g. e-mail, SMS) and traditional contact methods (e.g. sending brochures by post) or the conduction of market research and statistical surveys.
The provision of Personal Data is optional; however, in certain cases (for example, subscription to the newsletter, online purchases or use of the Skin Analyzer service), failure to provide the data may make it impossible to access specific services.
Since the processing of Personal Data for the purposes referred to in letters a), b), c) and d), is necessary, respectively, for the execution of a request made by the Data Subject, for the implementation of pre-contractual measures adopted at the request of the Data Subject, and for the fulfilment of contractual and legal obligations, said processing may take place without the need for consent, in accordance with the provisions of Article 6, paragraph 1, letters b) and c) of the Regulation. With reference to the processing operations carried out for the purposes referred to in letter e), these are understood to be permitted pursuant to the Resolution of the Data Protection Authority (“Garante”) on the use of Personal Data no. 330 of 4 July 2013. The legal basis for the processing of Personal Data referred to in letter f) is the consent, which can be cancelled at any time by sending an email to firstname.lastname@example.org.
- PROCESSING METHODS
The processing of Personal Data provided through the Website is carried out using IT and electronic instruments, following organizational and processing rationales strictly related to the purposes of the processing, and in any case in such a way as to guarantee its safety, integrity and confidentiality. Specific safety measures have been adopted to minimize the risks of data loss, illegal or incorrect use and unauthorized access.
- DATA RETENTION PERIOD
Personal Data will be retained for the time strictly necessary to achieve the purposes for which they have been collected and processed.
With reference to the purposes referred to in letters a), b), c), d) of paragraph 2, Personal Data will be retained for the sole purpose of correctly providing the services, or, in case of purchase of goods, for the time required for the performance of the contract and related retention obligations provided for by administrative and accounting regulations. The data spontaneously provided by the Data Subject through the "Work with us" section will be kept for 12 months and then deleted. The data spontaneously provided by the Data Subject through the Skin Analyzer platform will be retained for the sole purpose of correctly providing the services and, once the analysis has been performed, will be immediately destroyed, deleted or anonymized.
With regard to the purposes referred to in letter e), Personal Data will be processed until the Data Subject has exercised his/her right to oppose the processing, while, with regard to the purposes referred to in letter f), Personal Data will be processed until the withdrawal of consent and, in any case, for a maximum period of 24 months.
This is without prejudice to the fact that, once the purposes of the processing have been fulfilled or in the event that the right to oppose the processing or to withdraw consent is exercised by the Data Subject, the Data Controller shall in any case be obliged and/or entitled to retain the Personal Data for the periods prescribed by the law and/or to claim or defend a right in court.
- TRANSMISSION OF PERSONAL DATA
Personal Data will not be disclosed. However, within the scope of the purposes indicated above, Personal Data will be accessible (within the limits of their respective competence) by the Data Controller's data processors, as well as by any third party whose collaboration will be deemed necessary by the Data Controller (e.g., for the maintenance of the Website or for the provision of the Skin Analyzer service). Where necessary, the Data Controller has expressly appointed these subjects as Data Processors. The Personal Data may also be accessed by other companies connected or related to the Data Controller, such as Solgar Italia Multinutrient Spa, CNM Italia Srl, for organizational reasons related to the purposes set out in paragraph 2, as Data Processors.
- PLACE OF DATA PROCESSING
The processing connected to the web services of this Website takes place at the servers of Green Remedies Spa, with registered office in Padua, in Via Prima Strada 23/6, and Aruba Spa, with registered office in Ponte S. Pietro (BG), in Via S. Clemente 53.
- INTERNATIONAL TRANSFERS
Personal Data may be transferred to countries outside the European Union in fulfilment of the purposes set out in paragraph 2 and, in particular, for the Skin Analyzer service. In the event of a transfer of Personal Data outside the European Union, in the absence of an adequacy decision by the European Commission, the Data Controller undertakes to adopt appropriate measures to ensure that Personal Data are adequately protected and that the requirements of the applicable legislation on the transfer of Personal Data to non-EU third countries are in any case complied with. You are entitled to request a complete and updated list of companies located in third countries to which Personal Data may be transferred by the Data Controller by writing, without formalities, to email@example.com.
- RIGHTS OF THE DATA SUBJECT
At any time, the Data Subject may exercise the rights set forth in Articles from 15 to 22 of the Regulation, including, in brief: to obtain from the Data Controller confirmation as to whether or not Personal Data concerning him/her are being processed and, where that is the case, access to the Personal Data and know the source, the purposes and methods of processing, the recipients or categories of recipients to whom the Personal Data may be transmitted and the storage period; to exercise the right to obtain the correction, updating or integration of the data; the right to the erasure or anonymization of the data or the limitation of the processing of Personal Data concerning him/her; the right to be informed of any rectification or cancellation or limitation of the processing carried out in relation to his/her Personal Data; the right to oppose, at any time, the processing of the data; the right to receive Personal Data in a structured, commonly used and machine-readable format.
The applicable legislation grants the Data Subject the right to lodge a complaint with the Personal Data Protection Authority or, in any case, with a competent supervisory authority, if the conditions are met.
The Data Subject is entitled to withdraw the consent given at any time without prejudice to the lawfulness of the processing based on consent before cancellation.
With regard to the exercise of the abovementioned rights, the Data Subject may contact the following addresses:
Address: Via Prima Strada 23/6 – Padova, Italy
Fax number: 0498894035
In any case, you may at any time request and obtain the cancellation of the data collected for the purposes described above
by clicking on the "Unsubscribe" link that is sent in each newsletter.