PRIVACY POLICY | Coraline Lab Skip to main content

PRIVACY POLICY

Welcome to the website www.coralinelab.com (hereinafter the "Website").

 

For Coraline Lab ™ (hereinafter also the "Seller", "Coraline Lab" or "The Company") your privacy and the security of your personal data are particularly important, which is why we collect and treat them with the utmost care and attention , in compliance with the European Regulation no. 2016/679 which is effective from 25 May 2018.

 

 

REASONS FOR THE INFORMATION

 

 

This privacy policy (the "Privacy Policy") contains important information about the personal data that is collected by visiting this Website and other Company brand sites (collectively, the "Websites"), as a registered user or not registered, and describes how to use such data. Where applicable, it also explains how the data provided by the user or collected during visits to the boutiques directly managed by the Company or by associated companies (the "Boutiques") or to the points of sale managed by its commercial partners (the "Points Sale "), or during other contacts with the Company. This information is supplementary to any other information received in such other circumstances.

 

 

This document contains important information on the following:

 

 

1. TREATMENT OF PERSONAL DATA

2. PERSONAL DATA COLLECTED

3. PURPOSE OF THE PROCESSING OF PERSONAL DATA

4. COMMUNICATION OF PERSONAL DATA

5. PROTECTION OF THE PRIVACY OF MINORS

6. STORAGE, ACCESSIBILITY AND TRANSFER OF PERSONAL DATA 

7. SECURITY AND CONFIDENTIALITY OF PERSONAL DATA

8. RIGHTS OF ACCESS TO PERSONAL DATA - MANAGEMENT OF CHOICES

9. STORAGE OF DATA

10. POLICY ON COOKIES AND SIMILAR PROCESSES

11. LINKS, ADVERTISERS, SPONSORS AND ADVERTISING

12. HOLDER OF THE TREATMENT, RESPONSIBLE FOR DATA PROTECTION: COMPANY CONTACTS 

13. UPDATES TO THIS INFORMATION NOTICE - COMMUNICATIONS

 

 

ACCEPTANCE

 

By visiting the Website, using its services or interacting with the Company, its Stores, Boutiques and / or Websites, the user confirms that he has read and understood this Privacy Policy and accepts that the Company collects, uses , store, transmit and disclose personal data collected through the Websites, Boutiques and / or Points of Sale in accordance with this Privacy Policy. Except in the case in which it is already registered, the Company may require the user to provide his consent (for example, by ticking a box), where he deems it appropriate to safeguard his rights or where required by current regulations. If you do not accept the conditions of this Privacy Policy, the user is requested not to visit this Website, not to create an account and not to otherwise use this Website or send him personal data, or not to provide his consent when this option is offered to him in accordance with current regulations.

 

 

1. TREATMENT OF PERSONAL DATA

 

 

In this Privacy Policy, the term "Personal Data" is used with reference to any information that allows the Company to identify the user (or a third party whose data the user provides), directly or indirectly, including any information connected to the purchase of goods or services, or that the user chooses to communicate to the Company or to share with it, or with third parties, while using the Websites or at the Points of Sale. The processing of personal data will take place in accordance with the General Regulation on the protection of personal data (EU) 2016/679 “Reg. (EU) 2016/679 "and, where applicable, to the legislation of the country where the data should be collected. The Company reserves the right to carry out further data processing, where required by law or in the context of investigations or criminal or other proceedings.

 

 

2. PERSONAL DATA COLLECTED

 

 

2.1 Origin of data

 

The Company collects personal data from the user only where the same voluntarily provides information, for example:

 

in the case of Branded Websites that distribute Company products: by placing an order through the Web Site (s) as a "guest"; opening an account or modifying it; creating a wish list; by entering a contest, sweepstakes or promotion; doing searches on the Website; by contacting the Company by sending a comment or a question; subscribing to email newsletters and updates regarding the latest products and services, boutique openings, events or promotions; or requesting to receive confirmation of an order, shipment or other notices;

 

in the case of the Company's Boutiques and Points of Sale: by filling in the Company's customer card, conversing informally during visits to the Company's Boutiques or Points of Sale, interacting with the Company or purchasing products;

 

in the case of events: by participating in events, surveys and market research, challenges and other promotions, including online, for example, on mini-sites managed by the Company on third-party social networks such as Facebook and Instagram;

 

in the case of the Company's customer service: asking for assistance, particular services or after-sales assistance;

 

in the case of e-mails, SMS and other electronic messages: by exchanging communications between the Company and the user.

 

If the user provides the Company with personal data of third parties (for example, family members, other customers or potential customers), the same should ensure that these third parties are informed and have authorized the use of their data as described in this Privacy Policy .

 

 

2.2 Types of data

 

The Company may collect and use different types of personal data according to the specific purposes pursued and described below: personal information, such as name, surname, gender, age / date of birth, country of origin and other personal data that current regulations allow to pick up; contact information, such as address, email address, telephone number, mobile phone number, any fax number and other contact information that current regulations allow us to collect;

 

payment information, such as payment instrument (credit or debit card); information relating to the sale, such as data, products or services provided, place of purchase, product codes, amount, total sale, VAT number, complaints, returns, refunds or other information relating to the sale that current regulations allow to collect; habits and profiles, such as data regarding purchases (purchase history, including boutiques where the purchase was made, type, quantity and price of the products purchased), information on activities and initiatives relating to the management of customer relations (date and categories of such actions carried out or to be carried out and their results), purchasing habits and preferences (wish list, preferred categories of products, color, style, other purchased brands, most visited countries, knowledge of the Company's brands, sizes, notes on shopping habits or special needs of the user - or preferred materials)

 

 

3. PURPOSE OF THE PROCESSING OF PERSONAL DATA

 

 

Depending on the specific circumstances in which the interaction between the user and the Company took place, personal data could be used for the following purposes.

 

 

3.1 For online and in-store sales (by the Boutique or Point of Sale where the user makes the purchase or by the local website provider, as identified in the Online Purchase Conditions of Sale)

 

Personal data provided by the user or collected at the time of purchase, whether or not made as a registered user, i.e. basic personal data, contact information, purchase data, tax data, payment details, sales information and any other data strictly necessary for the delivery of the products, will be used for:

 

manage, administer and process product purchases, sales and after-sales services, for example administrative activities, accounting, returns, guarantees, tax-free refunds, where applicable, fraud prevention and communications with the user, including via email, for any problem relating to the management of the order or subsequent requests relating to the order; comply with obligations imposed by EU laws, regulations or legislation (including anti-money laundering legislation) and make a legal claim or defend against it.

 

It is necessary to provide personal data for the aforementioned purposes and refusal would make it impossible to complete the purchase.

 

Except where otherwise required to comply with local regulations in force, the processing of data for these purposes, as necessary to comply with contractual and legal obligations, could be carried out without requiring the user's consent.

 

 

3.2 For the specific purposes for which the data were provided voluntarily

 

Personal data provided by the user or collected when the same requests a specific service (for example, by registering his account on the Websites, handling complaints or requesting information), i.e. personal information, contact information and data strictly necessary to follow up upon request, they will be used to: provide the requested services (for example, carry out the account registration processes, manage authentication on the Website and user accounts, assist them and manage any complaints and wish lists and respond to a question or request for contact that may have been sent by the user, also through the customer service department manage the subscription to the newsletter where the user is not registered.

 

Personal data must be provided for the aforementioned purposes and refusal would make it impossible to complete the request.

 

3.3 For the purposes of customer relationship management (CRM) if the user registers

 

Personal data provided by the user by filling in Company forms or collected during visits to Boutiques, Stores or Websites or interacting with the Company, i.e. personal and contact information and data regarding habits and profile of the user and his family details, will be entered in the centralized CRM system for:

 

offer promotions, discounts and other personalized services and send newsletters, other marketing and commercial communications on products and services and invitations to events on the Company's brands (organized by the Company or its distribution chain), surveys and research, market analysis, invitations to contests, sweepstakes or promotions and other initiatives for registered users or customers of the Company's trademarks (“marketing”). The Company may use traditional means of contact (ordinary mail and telephone) and / or digital and automated (e-mail, SMS, MMS, telephone and other digital channels, for example social media) and may send the user such communications on the the basis of his profile, if he has given his consent to profiling.

 

Where the Company uses Emails for communications made pursuant to Art. 130 of the Privacy Code, the User will always be given the option to refuse subsequent communications within the same message.

 

 

4. COMMUNICATION OF PERSONAL DATA

 

 

The Company shares, including through the use of APIs, your personal data with its affiliates, distributors and affiliates, including those located in other countries, and with other companies that provide services on its behalf (such as more detailed below), under its direction or that of third parties. These companies and organizations will only receive the personal data necessary to perform the services and will not be authorized to use them for any other purpose.

 

When the user purchases the products or uses the Company's online sales services, his personal data may be shared by the e-commerce provider of this Website with selected third parties who provide services to the provider, including those that fulfill the orders, ship products, process credit or debit card payments, and perform anti-fraud checks. The user's personal data may be shared with third parties to monitor and analyze the activity of the Website, host contents of the Website, provide technical and organizational services functional to the aforementioned purposes, maintain the customer database, provide marketing assistance and manage emails, market analyzes, surveys, contests, sweepstakes or promotions. These third parties may have access to the user's personal data or store or process them in order to provide these services on behalf of the Company in Italy, in the country where the user is located or abroad. The Company's service providers are not authorized to use personal data for purposes other than the provision of contracted services.

 

The processing of the user's personal data for CRM purposes will be carried out, according to the instructions provided by the Company, by the affiliated companies that manage the Company's brands locally in Italy and in other countries or online and by the Company's business partners (affiliates and distributors) who manage the Points of Sale or online sales on their websites, as data controllers. Finally, the data could be disclosed where required by specific laws or authority provisions.

 

The complete list of designated data processors and third parties to whom the data is disclosed can be obtained using our contacts indicated below (point 13).

 

 

5. PROTECTION OF THE PRIVACY OF MINORS

 

 

This Website is aimed at a general public, however its services are intended for individuals aged 18 and over. The Company does not knowingly request, collect, use and disclose personal data provided by persons under the age of 18 online or at Boutiques and Stores. If the Company learns that it has personally collected data from a minor, it will delete them.

 

In the event that the user is not of the required age, please do not register or proceed with the online purchase and ask an adult (or your parents or guardian) to perform the necessary procedures.

 

 

6. STORAGE, ACCESSIBILITY AND TRANSFER OF PERSONAL DATA

 

 

The processing of personal data collected through the Websites takes place mainly using electronic or web-based means, including web analytics services hosted by servers of selected Company suppliers operating both within the European Union and outside it. . In the Boutiques and Points of Sale, the processing of personal data can also be performed on paper. In both cases, personal data, for CRM purposes, are entered in the centralized and secured database of the Company located in Italy and managed by the CRM Managers and the marketing team in Italy and abroad.

 

If the Company has to transfer personal data abroad in order to pursue the purposes set out in this Privacy Policy, even where the legislation on personal data differs from that applicable in the country in which the user is located, the same will take measures to ensure that such communications take place in compliance with European data protection standards or other local standards used in the country where they are collected, so that user data remains safe and confidential.

 

 

7. SECURITY AND CONFIDENTIALITY OF PERSONAL DATA

 

 

The Company has implemented suitable measures to protect the user's personal data from accidental loss and from unauthorized access, use, modification and disclosure. When the user provides information on the order, for example, the Company uses SSL (Secure Socket Layer) technology, an encryption tool that guarantees security during the transmission of information over the Internet. Password controls, firewall technology and other technological and procedure-based security measures are also used in the management of this Website. Although the Company has implemented the aforementioned security measures for the Website, the user must know that it is not possible to guarantee 100% security. Therefore, the user provides his personal data at his own risk and, to the maximum extent permitted by current law, the Company will not be in any way responsible for their disclosure due to errors, omissions or unauthorized actions of third parties during or after their transmission to the same. The Company recommends that the user (i) periodically update the software to protect the transmission of data over the networks (for example, antivirus software) and check that the provider of the electronic communications services has adopted suitable means for the security of the transmission of the data on networks (for example, firewalls and anti-spam filters); (ii) keep confidential and do not disclose the username and password to anyone to access the account; and (iii) change the password periodically.

 

 

8. RIGHTS OF ACCESS TO PERSONAL DATA - MANAGEMENT OF CHOICES

 

 

8.1 User rights

 

At any time and free of charge, the user can access their data, receive their electronic personal data in a structured and commonly used machine-readable format and have them corrected, updated, modified or deleted (subject to any applicable exceptions). The user can update the data provided to the Company by contacting the same at the address provided below. Requests for deletion of data are subject to current legal obligations and the conservation of documents imposed on the Company.

 

To exercise these rights, the user can send a request by sending an email to info@coralinelab.com or a letter by ordinary mail to the address listed below (point 13). When contacting the Company, the user must ensure that they include their name, email address, postal address and / or telephone number (s) to be sure that the same can handle their request correctly.

 

 

8.2 Accuracy - Updating of personal data

 

To allow the Company to better serve the user, the same is invited to regularly check and update their personal data. If registered, the user will be able to access their personal data and modify them using the user account settings on the Website; otherwise, you can contact the Company by sending an email to info@coralinelab.com to receive assistance in updating your personal data.

 

 

8.3 Management of choices related to direct marketing and profiling

 

If the user wishes not to give their consent to the use of data for CRM, marketing and / or profiling purposes, or to manage their advertising preferences, they can send a simple request to the Company (see point 13). The same procedure applies where the user wishes to revoke their consent to profiling. 

 

 

9. STORAGE OF DATA

 

 

Personal data will be kept for the duration of the commercial relationship and for as long as necessary to pursue the purposes described in this Privacy Policy (for example, where the user subscribes to a newsletter, for the duration of this subscription, or where has a user account, until it is closed). After this period, the user's personal data will be kept only to comply with legal and regulatory obligations (for example, for 10 years, in the case of accounting purposes; for the duration of the mandatory retention obligation, in the case of tax purposes. ; etc.) or to allow the Company to maintain proof of their respective rights and obligations.

 

The user's personal data that are processed for CRM purposes (see point 3.3) will be kept until the account is closed or until consent to their processing for these purposes is withdrawn (see point 8.3). Personal data relating to information on purchases which are processed for profiling and marketing purposes will be kept for a limited period, in line with the term permitted by current law, and, upon expiry of this term, will be deleted or anonymised in permanently.

 

 

10. POLICY ON COOKIES AND SIMILAR PROCESSES

 

 

For more general information on cookies and their enabling and disabling, see the section Cookie Policy on the website.

 

 

11. LINKS, ADVERTISERS, SPONSORS AND ADVERTISING

 

 

This Website may contain links to various websites owned by the Company or controlled by it, as well as to websites of third parties. Where you choose to provide your personal information on such linked websites, such information will be subject to the privacy policy and security policies of such linked websites - including websites administered and operated by approved distributors of the Company, with the exception of data collected there by the Company's distributors for CRM purposes if the Company's privacy policy is published - and not this Privacy Policy Since the Company is not responsible for the information sent or collected, used, disclosed or otherwise subjected to processing by the websites of third parties, the user should be aware of these other privacy policies.

 

 

12. HOLDER OF THE TREATMENT, RESPONSIBLE FOR DATA PROTECTION: COMPANY CONTACTS

 

 

For the purposes of this Privacy Policy and the data processing described here, it is specified that the term "Company" refers to Coraline Lab ™ brand controlled by PHILIP ISLAND COMPANY S.r.l., with registered office in Via Cavedole 19, 41126 Modena, Italy. The Company is the data controller (as defined in Reg. (EU) 2016/679) of the data collected at Boutiques, Points of Sale and / or Websites in Italy and abroad for the CRM purposes referred to in points 3.2 and 3.3 .

 

 

13. UPDATES TO THIS INFORMATION NOTICE - COMMUNICATIONS

 

 

The Company, at its discretion, reserves the right to change, modify, add or delete parts of this Privacy Policy at any time, by publishing the revised version on this page of the Website and updating the "Last Modified" date below. indicated. It is the user's responsibility to review the Privacy Policy from time to time to become aware of any changes made.  

 

This information comes into force from 01 December 2020

 

Printable version IT | EN