index
Free shipping on orders over €80

PRIVACY POLICY FOR WAITING LIST AND NEWSLETTER

1. Data Controller

The Data Controller is GOOD VILLAIN SRL, with registered office in Via Rodolfo Farneti 8, 20129 – Milan (MI), VAT number 13050640963, e-mail: info@goodvillainbeauty.com (hereinafter “Good Villain” or the “Data Controller”).

2. Data Protection Officer (DPO)

Good Villain has appointed a Data Protection Officer (DPO), Avv. Andrea Baldrati, who can be contacted at the following email address: a.baldrati@bsdlegal.it .

3. Data Controllers and Services Used

To carry out certain activities, Good Villain uses suppliers who act as Data Processors:

  • Shopify, Inc. – Hosting Provider

    • Headquarters: 151 O'Connor Street, Ground floor Ottawa ON K2P 2L8, Canada.

    • It provides the e-commerce platform and hosts the data on servers located in Canada (Adequate Country according to the European Commission).

  • Biotek Srl

    • Registered office: Via R. Farneti n. 8, 20129 Milan (MI).

    • Provides support in managing and updating the website.

  • Mailchimp (The Rocket Science Group LLC d/b/a Mailchimp)

    • Headquarters: 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308, United States.

    • Email marketing and automation platform for managing newsletters and communications.

At this stage, the use of other Recipients of the Treatment is not foreseen.

4. Personal Data Collected

As part of the waiting list and/or newsletter, we collect only your email address. We do not collect any other personal data (name, surname, preferences, etc.) for the purposes of this initiative.

5. Purpose of Processing and Legal Basis

  • Subscription to the Waiting List: to send you communications regarding the launch of our e-commerce and related initiatives. The legal basis is the consent you provide us by entering your email address in the subscription form.

  • Sending Newsletters and Exclusive Offers: only if you confirm your subscription (double opt-in), we will keep your email address to send you news, promotions and personalized offers. The legal basis is the consent expressed during the confirmation phase.

6. Newsletter Subscription Method (Double Opt-In) and Consequences of Failure to Confirm

After entering your email:

  1. You will receive a confirmation communication (double opt-in) in your mailbox.

  2. If you confirm your subscription, we will be able to regularly send you our newsletters, promotions and special offers.

  3. If you do not confirm your registration, you will only receive some informative communications relating to the imminent opening of the e-commerce, after which your e-mail address will not be retained for further sending of newsletters or promotions.

7. Data Retention Period

If you do not confirm your subscription, your email address will be stored only for sending communications about the launch of the site and, subsequently, it will be deleted.

If you confirm your subscription, we will keep your email as long as you interact with our communications. If you do not open or interact with the newsletter for a long period (12 months), we will delete your address from our lists.

8. Transfer of Data Outside the European Union

  • Shopify, Inc. (Canada): Data transfer is protected by the European Commission's adequacy decision.

  • Mailchimp (United States): Mailchimp adheres to the Data Privacy Framework (EU-US, UK Extension and Swiss-US DPF) and, in the event of invalidity of this framework, applies the Standard Contractual Clauses to ensure compliance with the GDPR. For more details on the transfer of personal data and security measures, you can consult the Mailchimp information available here.

9. Rights of the interested party

At any time, you have the right to:

  • Access your personal data and obtain a copy of it.

  • Request correction or updating if inaccurate or incomplete.

  • Request its deletion (“right to be forgotten”) or limitation of processing.

  • Object to processing (in the cases provided for by the GDPR).

  • Request data portability.

  • Revoke your consent at any time, without prejudice to the lawfulness of the processing based on the consent given before the revocation.

You can exercise your rights by writing to: shipping@goodvillainbeauty.com or by contacting the DPO at the following address: a.baldrati@bsdlegal.it .

11. Complaint to the Supervisory Authority

If you believe that the processing of your personal data violates the provisions of the GDPR or Italian law, you have the right to lodge a complaint with the Guarantor for the protection of personal data ( www.garanteprivacy.it ).

12. Updates to the Information

This information may be subject to changes or updates. If there are material changes that affect your rights, we will give you adequate notice (e.g. by email).

GOOD VILLAIN SRLPIVA 13050640963 - © 2024 - GOOD VILLAIN Srl. All rights reserved.