General Data Protection Regulation (GDPR)

for the processing of personal data of the users of the site

Information pursuant to Regulation European 2016/679 – General Data Protection Regulation

Dear interested , we share the present information, provided in accordance with the “Regulation European 2016/679 relative to the protection of people physical data with regard to the processing of data Personal and a free circulation of such data “( hereafter referred to as” GDPR “) to those who interact with the” Contact us ” form ,” Subscribe a NewsLetter “of Biotech Company Srl (hereinafter” “), which are accessible via internet at the web address:

The information is provided only for the form above indicated present in the site and not to other forms or websites that may be consulted user through links and is an integral part of the Privacy Policy general of the present website .

In particular , pursuant to Article 13 of the GDPR, we inform you that:

  1. Responsibility

The Data Controller is Pier Mario Biava

Any request regarding this Privacy Policy, Data Protection Personal and the inf ormation security can to be forwarded to Pier Mario Biava contactable to the email address :

  1. Treatments

In the above forms indicated are the requests macro- carry the following types of information:

  • Contact data;
  • Data business ;
  • Data included through areas of message free .

Compiling with his given the fields above described and clicking on the Enter key, you does It is that memorize them and keep them in its bases data for processing of collection , registration , organization , storage , consultation , processing , modification , selection , extraction , comparison , use , interconnection , blocking , cancellation , destruction . To these Yes adds the treatment profiling carried through the interested but with focus the company that it It represents as an employee or collaborator.

  1. Purpose uses the data it collects by interested parties according to the following purpose :


  • answer to requests Business received ;
  • profile the company that the user who is filling It represents as an employee or collaborator;
  • to send behind separate newsletter consent containing news , site updates , security patch communications , surveys , campaigns promotional about to of activities.


  • make behind separated consents : sending newsletters; communication of events and courses training ; sharing industry news and updates on products and services ; various marketing activities type .
  1. Bases legal , Conservation Times

According to Article 6 paragraph 1 letter f) of the GDPR the treatments having finality Business Yes rely on the pursuit of the legitimate interest from . This, according to recital 47 of the GDPR and second logical relationship commercial relevant and appropriate between and the interested party , as :

  • Prospect Employee / Customer
  • Supplier of
  • Supplier of of Employee

The treatments belonging to the marketing purposes , pursuant to of Article 6 paragraph 1 letter a), yes rely on the consent explicit by the interested party .

According to Article 13, paragraph 2, letter a) the period of data retention personal is established in duration of 4 years from the time of the individual consensus dates . At the end the data they will be deleted physically from all of ours systems or will be required more consent .

  1. Data processing for minors

According to Article 8, paragraph 1 of the GDPR data processing the minor’s personal is lawful where the lower has at least 16 years . Ove the lower has age less than 16 years , this treatment is legal only if and in extent to which such consent is given or authorized by the holder of the responsibility parenting . It requires all the users who use the form above indicated to have age equal to at least 16 years or to self – certify the consent from the holder of the responsibility parenting .

  1. Data Details

According to Article Article 5, paragraph 1, point ( c), it only keeps data personal adequate , relevant and limited to what necessary respect to purposes for which I’m treaties ( “data minimization”); therefore it is required to users not to share data Personal revealing the origin racial or ethnic , opinions policies , convictions religious or philosophical , or belonging trade union , as well as to deal data genetic , data biometric intended to identify in such a way univocal a natural person , data concerning health or sex life or orientation sexual of the person. If the user deliberately should communicate to data of this the type, employees or collaborators, which have received training sessions specific privacy, will treat these data according to principles of maximum care and confidentiality .

  1. Recipients

The potentials providers primary that could to have access , process , archive , transmit and in general make treatments on data and information I’m evaluated also appearance of the Information Security (standards ISO / IEC 27001: 2013 and ISO / IEC 27018: 2014) and under the profile of the safeguard Privacy of People Physics whose data I’m treated by . it does not yield for any why her data to third parties . in limits relevant to indicated processing purposes, its data will to be communicated to specific providers appointed Responsible for the senses Article 28 of the GDPR. It is possible request the list updated supplier interested at the ema address :

  1. Location of treatments

The data that collects from the user could be transferred and stored in a destination outside the European Economic Area (EEA), also to ensure that their processing is performed by selected third parties, in order to facilitate the activities of Countries outside the EEA may not have regulations that offer the same level of personal data protection as is guaranteed by those in force in the EEA. In this case, will take the necessary precautions to ensure that these transfers comply with the regulations in force on data protection.

  1. Methods of Treatment

The treatments they will be carried out in such a way as to guarantee adequate data security personal data , including protection, through measures technical and organizational adequate, unauthorized or unlawful processing and against the loss, destruction or damage accidental (” integrity and confidentiality “). considers information security, including data personal , one factor indispensable . For this reason the company has decided to put in place for an Information Security Management System (ISMS) according to defined rules and criteria expected the “best practices” and the international reference standards in accordance to indications of the rules international :

By default, we have set up all servers to use the latest version of PHP 7 with the latest security fixes. We are running A pache in a chroot environment with suExec . We have sophisticated IDS / IPS systems that block malicious bot and attackers .   ModSecurity is installed on all our shared servers and we update our security rules on a weekly basis, thus protecting our customers from the most common attacks.

  1. Rights the involved

The interested person always has right to request the Owner access to his data , correction or cancellation from themselves , the limitation of the treatment or the possibility to oppose the treatment , to request the portability of the data , to revoke the consent to the treatment doing be worth these and the others rights provided by the GDPR through simple communication to the Data Controller by e-mail to the address . In detail will handle the request concerned without unjustified delay and, however , at most late within a month from receipt of the request same . This term Sara extended to 3 months in cases of cancellation timely data. The interested party also has right to propose complaint to control authority. In Italy it is operational the Data Protection Authority Personal .

  1. Duration enrollment to the newsletter

The writing the newsletter always has right to request the Owner access to his data , correction or cancellation from themselves , the limitation of the treatment or the possibility to oppose the treatment , to request the portability of the data , to revoke the consent to the treatment doing be worth these and the others rights provided by the GDPR through simple communication to the Data Controller by e-mail to the address . In detail will handle the request concerned without unjustified delay and, however , at most late within a month from receipt of the request same . This term Sara extended to 3 months in cases of cancellation timely data. The interested party also has right to propose complaint to control authority. In Italy it is operational the Data Protection Authority Personal . The duration of the signing up to the newsletter is intended valid until the removal from the same newsletter.


Privacy and cookies

Last updated 23 May 2018


This privacy policy and the use of cookies (the “Privacy Policy”) describes in detail the data used on the site []

The owner of the processing of your data is Pier Mario Biava

You can contact Pier Mario Biava by sending an email to: is committed to protecting the privacy of its users and customers. The purpose of this Privacy Policy is to inform you of the way collects, defines and uses the identification data such as name, email address, address, other contact details, or online identifiers and other information you provide during the use of the Platform (the “Personal Data”), as well as making it aware of which cookies it uses. You should carefully read this Privacy Policy.

What information is collected by

When the user visits and / or uses the Platform or contacts, the latter may collect the following information:

  • Personal Information that you choose to share with it when you register an account or sign up for email, newsletters and alerts and provide when you use its services, including information entered on the dating platform and included in the comments, in reviews or in user survey responses. During the process of booking an appointment or sending a review, the user may voluntarily provide to sensitive personal data (regarding, for example, his health or ethnicity), if related to the service he is requesting or reviewing.
  • When the user uses the it online payment system, the latter may retain (in the first person or through its designated payment manager) the credit or debit card details of the user in an encrypted and secure form. .
  • If the user decides to communicate with it (for example, via the Platform or via email, telephone, SMS or social media), the Company will record the fact that the user has contacted it and may retain the content of the communication, together with contact details and answers provided.
  • The information on the user’s visits to the Platform and its use, such as those on the device and browser used by the user, the IP address and the location, the IDFA identifier, the date and time of the visit, the duration of the visit, the referral site, the navigation paths on the site during the visit and the user interactions on the Platform, including the salons and treatments involved, may be associated by it to the account of the user. For more information on the purposes of collecting and using this information, read the section of this Privacy Notice dedicated to the use of cookies.

It is important that all Personal Information that you provide when registering or otherwise while using the platform are correct and accurate. This means, by way of example, to ensure that always has user contact information, including an email address.

If the user plans to send the Personal Data of another person to, for example while making a booking on behalf of another person, he should provide the Company with the data of that third party only with the consent of the person concerned and after that the latter has had access to information on how to use the data, including the purposes indicated in this Privacy Policy.

Protection of personal data

The transmission of information via the internet is not completely secure. For this reason, although does its best to protect your Personal Data, it can not guarantee the security of data transmitted to its Platform. Any transmission is carried out at the risk of the user. Once it has received the user’s Personal Data, will use strict procedures and security features for the treatment of the same.

How are the user’s personal data used?

In general, uses the Personal Data to provide you with the services and products required, process payments, providing customer services, show information and ads it deems of interest to the user, perform searches on customers, sending commercial email and promotions and inform the user of important changes to the Platform. also uses the User’s Personal Data for the following purposes:

  • Fulfill a contract or implement actions related to it. This is important when the user requests a service through it These obligations / actions include:
  • Send the user information about the requested services (as an appointment reminder) via email, SMS and push notifications.
    • Facilitate reservations and make payments.
    • Answer questions and doubts.
    • Manage the account.
  • Manage the business and pursue its legitimate interests, as required by it, in particular:
    • Keeping the Platform and systems safe and preventing fraud, security issues and other crimes.
    • Verify compliance with terms and conditions and ascertain, exercise and defend against legal claims.
    • Inform the user of new it services and special offers that the Company believes may be interesting for the same, for example via email, and showing advertisements on websites of third parties such as Facebook (where consent is not required).
    • Adapt and customize commercial announcements and advertisements based on information provided by you and your use of the Platform, it products and services and other sites (for further information, read the section of this Privacy Policy dedicated to use of cookies).
    • Help to monitor, improve and protect the Platform, as well as customize the Platform, the products and services of it (and those of its partners) to the user, based on the information provided by it and its use of the Platform, products and services of and other sites (for more information, read the section of this Privacy Notice dedicated to the use of cookies) .
    • Investigate and answer any questions or complaints received from you or others regarding the Platform or it products and services.
    • Conduct internal research and analysis so you can see how the Platform is used, as well as it products and services, and how the business is going.
    • Perform market research and consumer surveys.
    • Collect and publish reviews of products or services offered by it Partners and use them for advertising campaigns.
    • Use customer communications for training, registration and quality control purposes. If the user phones the it customer experience team, the Company will record the contact and the call can be recorded. In case of registration, the user will be informed and will be offered the opportunity to oppose registration where desired, and the means to do so.
    • Manage applications for a position open at it sent through the Site, including contact details. The information provided by the user will be kept for a period of 12 months and may be recalled if future job applications are sent to
  • If the user provides it with consent to:
  • Inform him of new it services and special offers that the Company believes may be interesting for the same, for example via email, and showing advertisements on websites of third parties such as Facebook (where consent is required).
  • Send information about competitions and surveys and details of promotional offers of it Partners and about the goods or services of other selected third parties, for example, those of brands related to health, beauty, leisure and lifestyle, via email and through push notifications transmitted by the App.
  • Transfer your personal data to the it Partners and to other selected third parties, for example, trademarks relating to beauty, leisure and lifestyle, to enable them to send information on their goods and services on their behalf.
  • Insert cookies and use similar technologies, in accordance with the section of this Privacy Notice dedicated to the use of cookies, and the information provided to the user when these technologies are used.
  • In the other cases in which it requires the user’s consent, the Company will use the data for the purposes indicated at the time.
  • For the purposes set by law:
  • Respond to requests from governments or law enforcement agencies conducting an investigation.
  • Comply with legal, regulatory and compliance obligations.

Revoke the consent or otherwise object to direct marketing activities

Whenever relies on the consent given by the user, the same can always revoke this consent, although the Company may have other legal reasons to perform the processing of data for other purposes, such as those listed above. In some cases, is authorized to send you direct marketing communications without your consent, where it is based on their legitimate interests. You have the absolute right to object to sending direct marketing communications at any time. This right can be exercised by following the instructions contained in the communication, if it is an electronic message, or by contacting at the addresses indicated below.

  • If you no longer wish to receive communications sent by it, you can click on the “unsubscribe” button located at the bottom of the emails sent or, alternatively, contact at In the case of direct marketing communications, deleting the user’s email address from the system can take 48 working hours.
  • If the user no longer wishes to receive communications sent by the Partners and other third parties, the same can contact the Partner or the third party directly. In the case of Partners, if the user needs assistance in this procedure, it will be pleased to do everything possible to provide help.
  • In case the user does not wish to receive push notifications through the app if any, may withdraw permission to receive push notifications for App by changing the settings of your phone’s operating system.
  • Right of withdrawal of consent. The interested party has the right to withdraw his consent at any time; the revocation does not affect the lawfulness of the treatment based on the consent given prior to the revocation.

Sharing of personal data with third parties takes the security and processing of your personal data very seriously and will not sell them under any circumstances.

  • If the user makes an order or otherwise interacts with it through a site or app proposed on behalf of a third party, the user’s contact details and order details will be transferred to the relevant third party. Where the user provides the related consent to these third parties they may also send commercial communications.
  • Communication to third party service providers who perform functions on behalf of it in relation to the Platform or otherwise related to the provision of services (for example, processing credit card payments, hosting websites, conducting surveys and market research, social media analysis, email marketing services delivery, data analysis tools and customer service communications management).
  • Communication to it Partners with whom the user books services through the Website or Apps, where the Company acts as a commercial agent for bookings, or directly with the Partner, through the Partner Platform or Widget, in the event that the Company operates exclusively as a technology provider. The user information is shared with the Partners to:
    • reservations can be made easier and, where necessary, we can make contact with the user prior to the appointment;
    • where the user has chosen to receive commercial emails from the Partners with whom he or she is booking, such emails may be sent to him including news and special offers; is
    • they can improve the services they offer to their customers and commercial operations, providing statistical data on customers, both in an aggregate and individual way.
  • Communication to trademarks of third parties with whom it collaborates on products, services, competitions and campaigns.
  • Communication to third party software providers for salons used by it Partners to ensure that these third-party software solutions and Connect show real-time availability to customers.
  • Communication to media agencies and advertising partners in order to conduct targeted marketing campaigns (for more information on online advertising practices, read the section of this Privacy Notice dedicated to the use of cookies).
  • Communication to other third parties, in order to facilitate the activity of it and improve its products, content, services or advertising, including, but not limited to, sending communications by email or publishing product reviews and services of or its Partners.
  • If it purchases, sells or transfers assets or assets or is subject to insolvency, bankruptcy or receivership. Should this occur,, where appropriate, may need to disclose the User’s Personal Data to the seller or buyer of such assets or assets.
  • If it have a duty to disclose or share Personal Information in order to comply with legal obligations, enforce or apply the terms and conditions and other agreements or protect the rights, property or safety of customers of or others. These circumstances include the exchange of information with other companies and organizations for the purposes of fraud protection and credit risk reduction.
  • Communications with governmental authorities and other third parties as required or permitted by law, including, without limitation, in response to orders of the court. it may also disclose user information where it has reason to believe that someone is affecting or interfering with the rights or property of, other users of its Platform or any other person who may be affected by such activities.

Warning: by publishing Personal Data in any area of the Platform accessible to the public (such as the reviews sections), such information may be collected by third parties on which has no control. is not responsible for the use of this information by these third parties.

The user is therefore invited to give due caution and attention before communicating Personal Data that will be disclosed in public areas. Furthermore, the user should avoid communicating Personal Data on public areas that could be used to identify him (such as name, age, home or work address or name of employer).

User rights in relation to personal data

In relation to the user’s personal data stored by, the user has the right to request:

  • Obtain a copy of personal data.
  • Correct, cancel or limit the processing of your personal data.
  • Obtain the personal data provided to it on the basis of the execution of a contract or with its consent, in a mechanically readable and structured format, and request that such information be transferred to another organization.
  • Oppose to the processing of your personal data in certain circumstances (in particular, where it is not required to process data to fulfill contractual or other legal obligations or where it is using data for direct marketing activities).

In the first case, the user will be able to view or modify the information provided to by logging in to their online account.

In some situations, the user’s personal data rights are limited. For example, may continue to process the Personal Data of which the user has requested the cancellation, in the event that, satisfying his request, it would reveal personal data of another person or where the Company is kept by law to do so or has a pre-eminent and legitimate reason.

The user will also have the right to file a claim if he / she considers that the processing of his / her personal data has not been corrected. The user is encouraged to contact first; however, to the extent that these rights are exercisable, the same has the right to complain directly to the competent supervisory authority.

If you wish to exercise any of these rights, you may contact by writing to Please note, however, that financial information will not be provided without verification.

What provisions apply to other sites linked to the Platform? is not responsible for the practices used by the sites connected to or from its Platform, or the information or content present in the same. Often, links to other sites are provided solely to refer to information on topics that may be useful to users of the Platform.

It reminds the user that the present Privacy Policy is no longer effective in the case where you use a connection that goes from to another site. Your browsing and interaction on any other website, including websites which have a link with the, are subject to their own rules and information of this website. Always read these rules and information before proceeding.

Social media and user-generated content

Some platforms allow users to submit their content. Please note that any content sent to one of the Platforms may be made public and the user should be cautious about providing certain personal data, such as financial information or the address, via such Platforms. Where the user publishes personal data on one of the social media pages, such as Facebook or Instagram, is not responsible for any actions taken by others. Please also refer to the respective information on privacy and use of cookies on the social media platforms that you use.

Changes to the Privacy Notice

In the event of changes to the privacy policies and procedures, will publish such changes on its Platform to make the user aware of the information he collects, how he uses it and the circumstances in which he may disclose it.

Place of storage of personal data

The data that collects from the user could be transferred and stored in a destination outside the European Economic Area (EEA), also to ensure that their processing is performed by selected third parties, in order to facilitate the activity. Countries outside the EEA may not have regulations that offer the same level of personal data protection as is guaranteed by those in force in the EEA. In this case, will take appropriate precautions to ensure that these transfers comply with applicable data protection regulations.

Paypal transactions

Please note that all PayPal transactions are subject to the PayPal Privacy Notice which is available at: If you wish to use PayPal to make transactions through the Platform, the same is invited to make sure to accept the conditions contained in the PayPal Privacy Notice.

Storage retains the Personal Data for the time necessary to perform the activities indicated in this Privacy Policy or otherwise communicated to the user or for the period allowed by current legislation.

If you submit your application through the Site for a position in , the information you provide will be kept for a period of 12 months and may be recalled if you send future job applications to .

Information on the use of cookies

The, in common with other commercial sites and apps, uses standard technologies, including cookies and similar tools, such as web server logs, web beacons, tokens, pixel tags, local storage, device identifiers and location IDs (collectively referred to as “Cookies” in this Privacy Notice) for the purposes indicated below.

Please note that third parties collect and use data derived from cookies placed on the platform. This Privacy Policy may not describe the practices used by such third parties for the protection of personal data. invites you to read the privacy policies of such third parties and, where prefer that no data reported by these companies, to follow the unsubscribe procedures, if any. For further information, read the following section “How can cookies be modified? .

Why are cookies used?

  • Purposes strictly necessary / related to transactions

The use of cookies for these purposes is essential for the proper functioning of the Platform and may be necessary to allow the user to move within the Platform and use its features, manage the system, prevent fraudulent activity, keep the user connected from one page to another or remind the user of the items added to the cart. These cookies can not be deactivated because the platform can not work properly without them.

  • Purposes related to functionality

The use of cookies for this purpose allows to improve and simplify the user experience. For example, they may remember choices made by the user, such as the country from which the Platform is visited, language and search parameters such as date, area or treatment, and be helpful in identifying problems with the Platform (such as crash events). . They can then be used to provide the user with a more appropriate experience compared to the selections made and to customize and improve visits to the Platform. The information collected from these technologies can be personally identifiable, as in the case of access data. They can not track the user’s browsing activity on other sites or apps outside the Platform. For this purpose, uses some tools, such as Snowplow.

  • Purposes related to performance

The use of cookies for this purpose allows better understand how many users visit the Platform, as they arrive on it, navigating within the same or used and which parts of the platform are the most popular. This helps the Company to improve the Platform, for example from the point of view of navigation and the experience offered by the interface, and improves the products and services. To achieve this goal, collects information on how users use the Platform and, for this purpose, uses third party technologies such as, by way of example, Google Analytics.


Google Analytics is a web analytics service provided by Google, Inc. which is used by to monitor how visitors use the Platform, compile reports and help improve the Platform. Google collects information anonymously, including the number of visitors to the Platform, the site from which visitors arrive at the Platform and the pages they visit on it. This information is used by Google to prepare reports for and help you improve the site. For more information about the data collected by Google and its data processing methods, please read the Google Privacy Policy available at ? Hl = en .

  • Advertising and targeting purposes

The use of cookies for this purpose allows to display advertising on the Platform and elsewhere and to collect information on the browsing habits and the use of the Platform by the user, in order to make the ads more relevant and personalized for the user based on his interests. may use remarketing technologies to allow third parties to show relevant and customized advertising to users through their networks. They are also used to identify the user who has viewed a particular ad, limit the number of times it displays it, and also help measure the effectiveness of an advertising campaign. uses some third party technologies for this purpose, including, but not limited to, Salesforce Marketing Cloud, Sovendus, Affiliate People, Snowplow, DoubleClick Floodlight, Google Analytics Audiences, Facebook Analytics, Bing and AppsFlyer. The technologies are used by social media sites also for advertising and targeting purposes.

These technologies remember the sites visited by the user and that the information is shared with other subjects, such as advertisers. When uses third parties for advertising and targeting purposes, it may disclose:

  • identifiable personal information , such as email address, order ID and location;
  • generic data, aggregated or anonymized relative to the user’s visits and the use of the platform; or
  • information in a pseudonymised format, such as the ID / code of a browser’s cookies or cryptographic information hash of the user’s email address, in order to personalize the advertisements and display them in other services. This ID or code is matched to the equivalent unique code of the user generated similarly by it advertising partners to customize the listings for the user.

The third of which company uses for advertising targeting purposes and have their own privacy policies, which should be read carefully.


Facebook targeting . These cookies are set by Facebook, which uses them to manage the login to the social and collect data on the interests of its users. Facebook uses this data to offer the user targeted advertising during the browsing experience or while online.

Targeting Google. These cookies are set by Google and allow them to profile the interests of visitors and ensure that the related advertising of reach the user on third party sites or during research. They can also be used to store user preferences and verify Google user accounts.

How are data collected by location technologies used?

See the previous paragraph entitled “How is your personal data used? .

How can cookies preferences be changed?

The following is a series of ways in which preferences for online cookies can be managed. For further information, also refer to the privacy and cookie information of the relevant third party.

  • Most browsers and devices allow the user to remove location technologies and / or block new set location technologies. To disable location technologies, consult the “Help” menu on your browser or device settings. However, please note that (a) such disabling may not be effective for all location technologies; and (b) disabling all localization technologies may limit the use of the Sites and / or delay or influence the way in which they operate.
  • Google Analytics: where the user prefers that the data will not be reported to Google Analytics, he may install the Browser Add-on to disable Google Analytics by following the instructions on the site: . The user can disable the use of cookies by Google by visiting the page to disable the display of personalized ads on Google at
  • Facebook Ads : the user can control how Facebook uses the data to display advertisements, disabling those that can be based on interests and / or the relationship with specific advertisers, in the settings on preferences for ads. For more information, visit the various Facebook pages that let you learn more about Facebook ads and cookies and update your settings:

If the user has deactivated the receipt of commercial communications via email through the methods described above in the section “Withdrawing consent or otherwise opposing direct marketing”, the same could still display non-personalized advertisements while online, in case which preferences settings on Facebook are aligned to an audience segment (predefined by Facebook) with which the activity of is associated . does not check if these advertisements are viewed by the user.

  • In the case of third parties not specified in this section, consult the relative privacy and cookie use information to learn more about the advertisements displayed when the user is online and how to disable them.

To conclude, I confirm that the data used on the site and more precisely: are compliant with the provisions of REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT –

Thanks for your collaboration.

Pier Mario Biava