Bellezza Espresso –

Privacy Policy

Personal data (hereinafter referred to as “data”) is only processed by us to the extent necessary and for the purpose of providing a functional and user-friendly website, including its content and the services offered there.

Under Art. 4 No. 1 of Regulation (EU) 2016/679, i.e. the General Data Protection Regulation (hereinafter referred to as “GDPR”), “processing” consists of any process carried out with or without the help of automated processes or any such series of processes in connection with personal data, such as collection, recording, organisation, arrangement, storage, adaptation or change, reading out, request, use, disclosure through transmission, distribution or any other form of provision, comparison or linking, restriction, deletion or destruction.

With the following privacy policy we hereby inform you in particular about the type, scope, purpose, duration and legal basis of the processing of personal data, insofar as we decide on the purposes and means of processing either alone or together with others. In addition, we will inform you below about the third-party components we use for optimisation purposes and to increase the quality of use, provided that third parties process data on their own responsibility.

Our privacy policy is structured as follows:

  1. Information about us as controllers
    II. Rights of users and data subjects
    III. Information on data processing 
  2. Information about us as controllers

The responsible data protection provider of this website is:

Bellezza Milano SRL
Via Monte Grappa 7
Bergamo – Italy

E-Mail: info@bellezzaespresso.com

  1. Rights of users and data subjects

With regard to the data processing described in more detail below, the users and data subject are entitled to

  • have confirmation as to whether data relating to them is being processed, be informed about the data processed, be further informed about data processing and for copies of the data (see also Art. 15 GDPR);
  • correct or complete incorrect or incomplete data (see also Art. 16 GDPR);
  • the immediate deletion of the data concerning them (see also Art.17 GDPR), or, alternatively, if further processing is required in compliance with Art. 17 par.3 GDPR, and restriction of processing in compliance with Art. 18 GDPR;
  • receive the data relating to them and provided by them and to transmit this data to other providers/responsible parties (see also Art. 20 GDPR);
  • complain to the supervisory authority if they believe that the data concerning them is being processed by the provider in violation of data protection regulations (see also Art. 77 GDPR).

In addition, the provider is obliged to inform all recipients to whom data has been disclosed by the provider about any correction or deletion of data or the restriction of processing that takes place on the basis of Articles 16, 17 par. 1, 18 GDPR. However, this obligation does not exist if this notification is impossible or involves a disproportionate effort. Irrespective of this, the user has a right to information about these recipients.

Under Art. 21 GDPR, users and data subjects also have the right to object to the future processing of the data concerning them, provided that the data is processed by the provider in compliance with Art. 6 par. 1 letter f) GDPR. In particular, an objection to data processing for the purpose of direct advertising is allowed.

III. Information on data processing

Your data processed when using our website will be deleted or blocked as soon as the purpose of storage no longer applies, the deletion of the data does not conflict with any statutory storage requirements and no other information on individual processing methods is subsequently given.

 

 

 

Server data

For technical reasons, in particular to ensure a secure and stable website, data is transmitted to us or to our web space provider by your internet browser. These so-called server log files record, among other things, the type and version of your Internet browser, the operating system, the website from which you switched to our website (referrer URL), the website(s) of our website that you visit, the date and time of the respective access as well as the IP address of the Internet connection from which our website is used.

The data collected in this way is saved temporarily, but not together with other data concerning yourself.

This retention takes place on the legal basis of Article 6 par. 1, letter f) GDPR. Our legitimate interest lies in the improvement, stability, functionality and security of our website.

The data will be deleted after seven days at the latest, provided that no further retention is required for evidence purposes. Otherwise, the data is completely or partially excluded from deletion until the final clarification of an incident.

Cookies

  1. a) Session cookies

We use the so-called cookies on our website. Cookies are small text files or other storage technologies that are stored on your end device by the Internet browser you use. These cookies process certain individual information about you, such as your browser or location data or your IP address.  

This processing makes our website more user-friendly, effective and secure, since the processing enables, for example, our website to be displayed in different languages ​​or to offer a shopping cart function.

The legal basis for this processing is art. 6 par. 1 letter b) GDPR, insofar as these cookies are used to process data for contract initiation or contract performance.

If the processing does not serve to initiate or process a contract, our legitimate interest is improving the functionality of our website. The legal basis is then art. 6, par. 1 letter f) GDPR.

These session cookies are deleted when you close your internet browser.

 

  1. b) Third-Party Cookies

If necessary, our website also uses cookies from partner companies with whom we work for the purpose of advertising, analysis or the functionalities of our website.

For details on this, in particular on the purposes and legal basis for processing such third-party cookies, please refer to the information below.

  1. c) Possibility of disposal

You can prevent or restrict the installation of cookies by setting your Internet browser. You can also delete cookies that have already been saved at any time. However, the steps and measures required for this depend on the specific Internet browser you are using. If you have any questions, please use the help function or documentation of your Internet browser or contact its manufacturer or support. In the case of so-called Flash cookies, however, the processing cannot be prevented via the browser settings. Instead, it is necessary to change the settings of your Flash player. The steps and measures required for this also depend on the Flash player you are using. If you have any questions, please also use the help function or documentation of your Flash player or contact the manufacturer or user support.

However, if you prevent or restrict the installation of cookies, not all functions of our website can be used to their full extent.

Contract performance

The data transmitted by you to make use of our range of goods and/or services will be processed by us for the purpose of contract processing and are necessary in this respect. Entering into and performing contracts are not possible if you do not provide your data.

The legal basis for processing is art. 6 par. 1 letter b) GDPR.

We delete the data upon completion of the contract, but must comply with the retention periods under tax and commercial law.

As part of the contract processing, we pass on your data to the transport company commissioned with the delivery of the goods or to the financial service provider, insofar as the transfer is necessary for the delivery of the goods or for payment purposes.

The legal basis for the transfer of data is art. 6, par. 1 letter b) GDPR.

Newsletter

If you register for our free newsletter, the data requested from you, i.e. your e-mail address and – optionally – your name and address will be transmitted to us. At the same time, we save the IP address of the Internet connection from which you access our website as well as the date and time of your registration. As part of the further registration process, we will obtain your consent to the sending of our newsletter, describe the content specifically and refer this privacy policy to you. We use the data collected in this way exclusively for sending the newsletter – it is therefore not passed on to third parties.

The legal basis for this is art. 6 par. 1 letter a) GDPR.

You can revoke your consent to be sent the newsletter at any time with effect for the future in accordance with art. 7 par. 3 GDPR. All you have to do is inform us of your revocation or click on the unsubscribe link contained in every newsletter.

Contact requests / contact option

If you contact us via the contact form or email, the data you provide will be used to process your request. Providing the data is necessary for processing and answering your request – without providing it, we cannot answer your request at all or only to a limited extent.

The legal basis for this processing is art. 6 par. 1 letter b) GDPR.

Your data will be deleted if your request has been answered conclusively and the deletion does not conflict with any statutory retention requirements, such as in the case of any subsequent contract processing.

User Submissions, Comments and Ratings

We offer you the opportunity to publish questions, answers, opinions or ratings, hereinafter referred to as “posts”, on our website. If you make use of this offer, we will process and publish your contribution, the date and time of submission and the pseudonym you may have used.

The legal basis for this is art. 6 par. 1 letter a) GDPR. You can revoke your consent at any time with effect for the future in compliance with art. 7 par. 3 GDPR. All you have to do is inform us that you want to revoke it.

In addition, we also process your IP and e-mail address. The IP address is processed because we have a legitimate interest in initiating or supporting further steps if your contribution infringes the rights of third parties and/or is otherwise unlawful.

In this case, the legal basis is art. 6 par. 1 letter f) GDPR. Our legitimate interest is any legal defence that may be necessary.

Subscription to Posts

If you publish articles on our website, we also offer you the option of subscribing to any follow-up articles from third parties. In order to be able to inform you about these follow-up articles by e-mail, we will process your e-mail address.

The legal basis for this is art. 6 par. 1 letter a) GDPR. You can revoke your consent to this subscription at any time with effect for the future in compliance with art. 7 par. 3 GDPR. All you have to do is inform us of your revocation or click on the unsubscribe link contained in the relative e-mail.

Google Analytics

We use Google Analytics on our website. This is a web analytics service provided by Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043 USA, hereinafter referred to as “Google”.

Through certification under the EU-US Privacy Shield (“EU-US Privacy Shield”)

https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

Google guarantees that the data protection regulations of the EU are also complied with when processing data in the USA.

The Google Analytics service is used to analyse the usage behaviour of our website. The legal basis is art. 6 par. 1 letter f) GDPR. Our legitimate interest is to analyse, optimise and operate our website in a cost-effective manner.

Usage and user-related information, such as IP address, location, time or frequency of visits to our website is transmitted to a Google server in the USA and stored there. However, we use Google Analytics with the so-called anonymisation function. With this function, Google already shortens the IP address within the EU or the EEA.

The data collected in this way is in turn used by Google to provide us with an assessment of the visit to our website and the usage activities there. This data can also be used to provide other services related to the use of our website and the use of the Internet.

Google states that it does not associate your IP address with other data. In addition, at

https://www.google.com/intl/de/policies/privacy/partners

Google has further data protection information for you, e.g. also on the possibilities of preventing the use of data.

In addition, at

https://tools.google.com/dlpage/gaoptout?hl=de

Google makes a so-called deactivation add-on available, along with further information on this. This add-on can be installed with the most common Internet browsers and offers you further control over the data that Google collects when you visit our website. The add-on informs the Google Analytics JavaScript (ga.js) that information about the visit to our website should not be transmitted to Google Analytics. However, this does not prevent information from being transmitted to us or to other web analysis services. You can of course also find out whether and which other web analysis services we use in this pricavy policy.

Google Maps

We use Google Maps on our website to show our location and to create directions. This is a service provided by Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043 USA, hereinafter referred to as “Google”.

Through certification under the EU-US Privacy Shield (“EU-US Privacy Shield”)

https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

Google guarantees that the data protection regulations of the EU are also complied with when processing data in the USA.

In order to enable the display of certain fonts on our website, a connection to the Google server in the USA is established when our website is accessed.

If you call the Google Maps component integrated into our website, Google will store a cookie on your device via your Internet browser. Your user settings and data are processed in order to display our location and create a route description. We cannot rule out that Google uses servers in the USA.

The legal basis is art. 6 par. 1 letter f) GDPR. Our legitimate interest is optimising the functionality of our website.

Through the connection to Google established in this way, Google can determine from which website your request was sent and to which IP address the directions must be sent.

If you do not agree to this processing, you have the option of preventing the installation of cookies by making the appropriate settings in your Internet browser. You can find details on this under “Cookies” above.

 

In addition, Google Maps and the information obtained via Google Maps are used in accordance with the Google Terms of Use https://policies.google.com/terms?gl=DE&hl=de and the Google Maps Terms and Conditions https://www.google.com/intl/de_de/help/terms_maps.html.

In addition, at

https://adssettings.google.com/authenticated

https://policies.google.com/privacy

Google has further information available.

 

Google Fonts

We use Google Fonts to display external fonts on our website. This is a service provided by Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043 USA, hereinafter referred to as “Google”.

Through certification under the EU-US Privacy Shield (“EU-US Privacy Shield”)

https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

Google guarantees that the data protection regulations of the EU are also complied with when processing data in the USA.

In order to enable the display of certain fonts on our website, a connection to the Google server in the USA is established when our website is accessed.

The legal basis is art. 6 par. 1 letter f) GDPR. Our legitimate interest is to optimise and operate our website in a cost-effective manner.

By connecting to Google when you visit our website, Google can determine from which website your request was sent and to which IP address the display of the font is to be sent.

At

https://adssettings.google.com/authenticated

https://policies.google.com/privacy

Google has further information available, in particular on the possibilities of preventing the use of data.

OpenStreetMap

For directions, we use OpenStreetMap, a service of the OpenStreetMap Foundation, St John’s Innovation Centre, Cowley Road, Cambridge, CB 4 0 WS, United Kingdom, hereinafter referred to as “OpenStreetMap”.

When you call up one of our websites into which the OpenStreetMap service is integrated, OpenStreetMap stores a cookie on your end device via your internet browser. As a result, your user settings and user data are processed for the purpose of displaying the page or to ensure the functionality of the OpenStreetMap service. This processing enables OpenStreetMap to identify the website from which your request was sent and to which IP address the map of the route should be sent. 

The legal basis is art. 6 par. 1 letter f) GDPR. Our legitimate interest is to optimise and operate our website in a cost-effective manner.

If you do not agree to this processing, you have the option of preventing the installation of cookies by making the appropriate settings in your Internet browser. You can find details on this under “Cookies” above.

At

https://wiki.osmfoundation.org/wiki/Privacy_Policy

OpenStreetMap offers further information on the collection and use of the data as well as on your rights and options for protecting your privacy.

“Facebook” social plug-in

We use the plug-in of the social network Facebook on our website. Facebook is an internet service provided by facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA. In the EU, this service is in turn operated by Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland, hereinafter both referred to as “Facebook”.

Through certification under the EU-US Privacy Shield (“EU-US Privacy Shield”)

https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active

Facebook guarantees that the data protection regulations of the EU are also complied with when processing data in the USA.

The legal basis is art. 6 par. 1 letter f) GDPR. Our legitimate interest is improving the quality of our website.

Facebook provides further information for you about the possible plug-ins and their respective functions at

https://developers.facebook.com/docs/plugins/

.

If the plug-in is stored on one of the pages of our website you visit, your internet browser downloads a representation of the plug-in from the Facebook servers in the USA. For technical reasons, it is necessary for Facebook to process your IP address. In addition, however, the date and time of the visit to our website are also recorded.

If you are logged in to Facebook while you are visiting one of our websites with the plug-in, the information collected by the plug-in from your specific visit will be recognised by Facebook. Facebook may assign the information collected in this way to your personal user account there. For example, if you use the Facebook “Like” button, this information will be stored in your Facebook user account and, if necessary, published on the Facebook platform. If you want to prevent this, you must either log out of Facebook before visiting our website or use an add-on for your Internet browser to prevent the Facebook plug-in from being blocked from loading.

Facebook provides further information about the collection and use of data as well as your rights and protection options in this regard in the
data protection information that can be retrieved at

https://www.facebook.com/policy.php

.

„Twitter“-Social-Plug-in

On our website, we use the plug-in of the social network Twitter. Twitter is an Internet service provided by Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA, hereinafter referred to as “Twitter”.

Through certification under the EU-US Privacy Shield (“EU-US Privacy Shield”)

https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active

Twitter guarantees that the data protection regulations of the EU are also complied with when processing data in the USA.

The legal basis is art. 6 par. 1 letter f) GDPR. Our legitimate interest is improving the quality of our website.

If the plug-in is stored on one of the pages of our website you visit, your internet browser downloads a representation of the plug-in from the Twitter servers in the USA. For technical reasons, it is necessary for Twitter to process your IP address. In addition, however, the date and time of the visit to our website are also recorded.

If you are logged in to Twitter while you are visiting one of our websites with the plug-in, the information collected by the plug-in from your specific visit will be recognised by Twitter. Twitter may assign the information collected in this way to your personal user account there. If, for example, you use the so-called “Share” button on Twitter, this information will be stored in your Twitter user account and, if necessary, published via the Twitter platform. If you want to prevent this, you must either log out of Twitter before visiting our website or select the appropriate settings in your Twitter user account.

Twitter provides further information about the collection and use of data as well as your rights and protection options in this regard in the
data protection information that can be retrieved at

https://twitter.com/privacy

.

Tracking pixels of the collecting company WORT

(VG WORT)

On our website, we use the so-called tracking pixels of VG WORT from the provider INFOnline GmbH, Forum Bonn Nord, Brühler Str. 9, 53119 Bonn, in the form of the so-called SZM (scalable central measurement method).

The legal basis is art. 6 par. 1 letter f) GDPR. Our legitimate interest is the optimisation and economic operation of our website and in taking into account copyright interests with regard to the content of our website.

The tracking pixel is a graphic that is placed on our website and that determines statistical key figures. This makes it possible to calculate the copy probability of texts based on the number of views and the specific content of our website. This data is collected anonymously. In order to be able to record the number of hits and your possibly recurring visit, either a so-called session cookie is stored on your device by your internet browser or a signature is used, which is made up of various information from your internet browser (e.g. user agent, screen resolution, or similar). However, your IP address will only be processed in an anonymous form. As an individual user, you are never identifiable.

If you do not agree to this processing, you have the option of preventing the storage of cookies by setting it in your Internet browser. See “Cookies” above for more information. In addition, you have the option of terminating the SZM measurement by means of a so-called opt-out. By confirming the link,

https://optout.ioam.de/

a cookie is stored on your end device via your internet browser, which prevents further analysis. Please note, however, that you must click the above link again if you delete the cookies stored on your end device.

YouTube

On our website, we use YouTube. This is a video portal operated by YouTube LLC., 901 Cherry Ave., 94066 San Bruno, CA, USA, hereinafter referred to as “YouTube”.

YouTube is a subsidiary of Google LLC., 1600 Amphitheater Parkway, Mountain View, CA 94043 USA, hereinafter referred to as “Google”.

Through certification under the EU-US Privacy Shield (“EU-US Privacy Shield”)

https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

Google guarantees, and consequently also its subsidiary YouTube, that the data protection regulations of the EU are also complied with when processing data in the USA.

To be able to show you videos, we use YouTube in connection with the “extended data protection mode” function. The legal basis is art. 6 par. 1 letter f) GDPR. Our legitimate interest is improving the quality of our website. According to YouTube, the “extended data protection mode” function ensures that the data described in more detail below is only transmitted to the YouTube server if you actually start a video.

Without this “extended data protection”, a connection to the YouTube server in the USA will be established as soon as you access one of our websites on which a YouTube video is embedded.

This connection is required in order to be able to display the respective video on our website via your Internet browser. In the course of this, YouTube will record and process at least your IP address, the date and time and the website you have visited. In addition, a connection to Google’s “DoubleClick” advertising network is established.

 

If you are logged into YouTube at the same time, YouTube assigns the connection information to your YouTube account. If you want to prevent this, you must either log out of YouTube before visiting our website or select the appropriate settings in your YouTube user account.

For the purpose of functionality and to analyse usage behaviour, YouTube permanently stores cookies via your Internet browser on your end device. If you do not agree to this processing, you have the option of preventing the storage of cookies by setting it in your Internet browser. See “Cookies” above for more information.

Google provides further information about the collection and use of data as well as your rights and protection options in this regard in the
data protection information that can be retrieved at

https://policies.google.com/privacy

.

Amazon Affiliate Programme

We use the AMAZON partner programme on our website. This is a service provided by Amazon Europe Core S.à r.l., 5 Rue Plaetis, L-2338 Luxembourg.  Advertisements from Amazon.de are placed on our website via the AMAZON partner programme. If you click on one of these advertisements, you will be forwarded to the corresponding offer on the AMZON Internet portal. If you then decide to buy the advertised product there, we receive a “commission” from Amazon.

Amazon uses cookies to enable this service. With the help of these cookies, Amazon can understand that you have been redirected from our website to the AMAZON Internet portal.

At

https://www.amazon.de/gp/help/customer/display.html?nodeId=201909010

Amazon has further data protection information.

The legal basis is art. 6 par. 1 letter f) GDPR. Our legitimate interest lies in ensuring the processing and payment of our commission claims by Amazon.

If you do not agree to this processing, you have the option of preventing the storage of cookies by setting it in your Internet browser. See “Cookies” above for more information.

Google AdWords with conversion tracking

On our website we use the advertising component Google AdWords and the so-called conversion tracking. This is a service provided by Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043 USA, hereinafter referred to as “Google”.

Through certification under the EU-US Privacy Shield (“EU-US Privacy Shield”)

https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

Google guarantees that the data protection regulations of the EU are also complied with when processing data in the USA.

We use conversion tracking for targeted advertising of our offer. The legal basis is art. 6 par. 1 letter f) GDPR. Our legitimate interest is to analyse, optimise and operate our website in a cost-effective manner.

If you click on an ad placed by Google, the conversion tracking we use will store a cookie on your device. These so-called conversion cookies lose their validity after 30 days and are not used to identify you personally.

If the cookie is still valid and you visit a specific page on our website, both we and Google can assess that you clicked on one of our ads placed by Google and that you were then redirected to our website.

With the information obtained in this way, Google creates statistics for us about the visit to our website. This also gives us information about the number of users who clicked on our ad(s) and about the pages of our website that were subsequently accessed. However, neither we nor third parties who also use Google AdWords are able to identify you in this way.

You can also prevent or restrict the installation of cookies by selecting the appropriate settings in your Internet browser. At the same time, you can delete cookies that have already been saved at any time. However, the steps and measures required for this depend on the specific Internet browser you are using. If you have any questions, please use the help function or documentation of your Internet browser or contact its manufacturer or support.

Furthermore, under

https://services.google.com/sitestats/de.html

http://www.google.com/policies/technologies/ads/ 

http://www.google.de/policies/privacy/

Google also makes further information on this topic available, and in particular on the possibilities of preventing the use of data.

Google AdSense

On our website we use Google AdSense to integrate advertisements. This is a service provided by Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043 USA, hereinafter referred to as “Google”.

Through certification under the EU-US Privacy Shield (“EU-US Privacy Shield”)

https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

Google guarantees that the data protection regulations of the EU are also complied with when processing data in the USA.

Google AdSense stores cookies and so-called web beacons on your end device via your Internet browser. This allows Google to analyse how you use our website. In addition to your IP address and the advertising formats displayed to you, the information collected in this way is transmitted to Google in the USA and stored there. Furthermore, Google can pass on this information to contractual partners. However, Google declares that your IP address will not be merged with other data from you.

The legal basis is art. 6 par. 1 letter f) GDPR. Our legitimate interest is to analyse, optimise and operate our website in a cost-effective manner.

If you do not agree to this processing, you have the option of preventing the installation of cookies by making the appropriate settings in your Internet browser. You can find details on this under “Cookies” above.

In addition, at

https://policies.google.com/privacy

https://adssettings.google.com/authenticated

Google has further information available, in particular on the possibilities of preventing the use of data.

Online job applications / publication of job advertisements

We offer you the opportunity to apply to us via our website. With these digital applications, your candidate and application data will be electronically collected and processed by us to process the application process.

The legal basis for this processing is Section 26 par. 1 line 1 BDSG in conjunction with art. 88 par. 1 GDPR.

If an employment contract is concluded after the application process, we will store the data you transmitted during the application in your personnel file for the purpose of the usual organisational and administrative process – of course in compliance with further legal obligations.

The legal basis for this processing is also Section 26 par. 1 line 1 BDSG in conjunction with art. 88 par. 1 GDPR.

If an application is rejected, we automatically delete the data transmitted to us two months after notification of the rejection. However, the data will not be deleted if the data requires longer storage of up to four months or until the conclusion of legal proceedings due to legal provisions, e.g. due to the burden of proof according to the AGG.

In this case, the legal basis is Art. 6 par. 1 letter f) GDPR and Section 24 par. 1 No. 2 BDSG. Our legitimate interest lies in legal defence and enforcement.

If you expressly agree to longer storage of your data, e.g. for your inclusion in an applicant or data subject database, the data will be processed based on your consent. The legal basis is then art. 6, par. 1, letter a) GDPR. However, you can of course revoke your consent at any time in compliance with art. 7 par. 3 GDPR by declaring this to us with effect for the future.

Sample privacy policy from the law firm Weiß & Partner

 

Bellezza Milano S.R.L.
Via Monte Grappa 7, 24121 Bergamo Italy

© 2022 by Bellezza. All rights reserved.