ITEN

Privacy Policy

Information notice on the processing of personal data pursuant to Article 13 of Regulation (EU) 2016/679 (“GDPR”)

This Privacy Policy describes how personal data of users visiting this website are processed, including data collected through the contact form, statistical analysis tools and anti-spam protection systems used on the website.

1. Data Controller

The Data Controller is:

Giovanni Buffardi
Via Achille Vianelli, 10 – Naples, Italy
Email: info@valutazionesicurezzacosmetici.it

2. Categories of Personal Data Processed

The following categories of personal data may be processed through this website:

  • identification and contact data voluntarily provided by the user through the contact form or by email, such as first name, last name, email address, phone number, company name and any other information included in the message;
  • technical browsing data, such as IP address, date and time of access, browser used, device, operating system and other technical information automatically transmitted while using the website;
  • data relating to the use of the website collected through statistical analysis tools;
  • data processed through tools designed to protect the website from spam and automated access.

3. Purposes of the Processing

Personal data are processed for the following purposes:

  • to allow navigation and ensure the proper functioning of the website;
  • to receive and manage requests sent through the contact form or by email;
  • to protect the website and its forms against spam, abuse and automated access;
  • to analyse website traffic and usage for statistical purposes;
  • to comply with legal obligations and protect the rights of the Data Controller.

4. Legal Basis for the Processing

The processing of personal data is based on the following legal grounds:

  • Article 6(1)(b) GDPR: processing is necessary in order to take steps at the request of the data subject prior to entering into a contract, with regard to requests sent through the website;
  • Article 6(1)(c) GDPR: processing is necessary for compliance with a legal obligation;
  • Article 6(1)(f) GDPR: processing is necessary for the purposes of the legitimate interests pursued by the Data Controller, including website security, prevention of misuse and protection of legal rights;
  • Article 6(1)(a) GDPR: consent of the data subject, where required, for the use of cookies and non-essential tracking tools.

5. Nature of the Provision of Data

Providing personal data through the contact form is optional. However, failure to provide the data necessary to handle the request may make it impossible to respond.

The provision of data for statistical purposes or for the use of non-essential tracking tools is based, where required, on the consent expressed by the user through the cookie banner.

6. Methods of Processing

Personal data are processed using electronic and IT tools, according to principles of lawfulness, fairness, transparency, data minimisation, integrity and confidentiality. Appropriate technical and organisational measures are adopted to protect personal data against unauthorised access, loss, disclosure or unlawful use.

7. Recipients of Personal Data

Personal data may be processed by persons authorised by the Data Controller and, where necessary, may be disclosed to third parties acting as data processors or independent data controllers, including:

  • hosting and infrastructure service providers, including Aruba;
  • technical service providers and website maintenance providers for the WordPress website;
  • email service providers;
  • Google, in relation to Google Analytics and Google reCAPTCHA services;
  • technical, tax or legal consultants, where necessary;
  • public authorities or competent bodies, where required by law.

8. Google Analytics

This website uses Google Analytics to collect statistical information on website usage, visits and page interactions, in order to analyse traffic and improve website content and performance.

Google Analytics may process data in accordance with the settings actually configured within the service.

9. Google reCAPTCHA

This website uses Google reCAPTCHA to protect the website and contact forms from spam, automated access and abusive activity.

The use of reCAPTCHA may involve the processing of technical data relating to the user’s device, browser and interaction with the website, as necessary for security and risk analysis purposes.

10. Transfer of Personal Data to Third Countries

The use of services provided by third parties, including certain Google services, may involve the transfer of personal data to countries outside the European Economic Area.

In such cases, the processing shall take place in accordance with the conditions laid down by the GDPR and through the adoption of the safeguards required under applicable law.

11. Data Retention Period

Personal data are retained for the time strictly necessary to achieve the purposes for which they were collected.

In particular:

  • data sent through the contact form or by email are retained for up to 12 months from the handling of the request, unless further retention is required for the protection of the Data Controller’s rights or for the management of subsequent requests;
  • technical and security-related data are retained for the time strictly necessary to ensure the proper functioning and protection of the website;
  • data collected through Google Analytics are retained according to the settings actually configured within the service;
  • data processed through reCAPTCHA are retained in accordance with the policies applicable to the relevant service.

12. Rights of the Data Subject

Under Articles 15 et seq. of the GDPR, the data subject has the right to:

  • obtain confirmation as to whether or not personal data concerning him or her are being processed;
  • access personal data;
  • request rectification or updating of personal data;
  • request erasure where legally applicable;
  • request restriction of processing;
  • object to processing, where permitted by law;
  • receive personal data in a structured, commonly used and machine-readable format, where applicable;
  • withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.

To exercise these rights, the data subject may contact the Data Controller at:
info@valutazionesicurezzacosmetici.it

13. Right to Lodge a Complaint

The data subject has the right to lodge a complaint with the competent Data Protection Authority if he or she believes that the processing of personal data is carried out in breach of the applicable legislation.

14. Cookies and Other Tracking Tools

This website uses technical cookies necessary for its functioning and may use analytics cookies and third-party security tools.

For more information on the types of cookies used, their purposes, duration, the third parties involved and the methods for managing consent, please refer to the website’s Cookie Policy.

15. Changes to this Privacy Policy

This Privacy Policy may be updated at any time. Users are invited to check this page periodically for any changes.

Last updated: 24/03/2026