INFORMATION NOTICE ON THE PROCESSING OF PERSONAL DATA
1. Purpose of the document and scope of application
Dear user, this document, drafted pursuant to Articles 13 and 14 of EU Regulation 2016/679 (“GDPR”), describes the general procedures for the processing of your data when you access the website www.fgcosmeticsgroup.com (hereinafter, the “Website”).
2. Data controller and contact details
F.G. Cosmetics s.r.l. (hereinafter referred to as the “Controller”) is the data controller. The Controller can be contacted by email at info@fgcosmeticsgroup.com or at its registered office in Olcella di Busto Garolfo (MI), Via Tosi, no. 17/19.
3. Categories of personal data processed
Processing involves the use of the following categories of personal data.
- Browsing data: information collected automatically, necessary to establish and maintain a connection to the Website and enable the web protocol (e.g., IP address, browser type, location, type of device used);
- Data collected via cookies: if you accept the installation of cookies and other trackers, your data will be processed through them in accordance with our cookie policy, based on the purposes pursued by the cookies used.
- Data provided directly by the user: in certain circumstances, the Website may request (or you may freely provide) some personal data, such as when filling out and submitting the form required to sign up for the reserved area or during newsletter subscription.
4. Purposes of use and legal basis
Personal data will be processed for specific purposes, based on a legal basis, i.e., a reason provided for by law, as described below.
Website management
To ensure connection stability to the Website and the ordinary functions of the internet protocol, some browsing data are used, such as the IP address and information about the browser and device used to connect. Processing is carried out as necessary to provide a requested service pursuant to Art. 6(1)(b) of the GDPR.
User account management
When a user creates an account and makes purchases for commercial purposes, the relevant data are used to process related activities, in order to perform a requested service, pursuant to Art. 6(1)(b) of the GDPR.
Newsletter delivery
If you choose to subscribe to our commercial newsletter, we will use your email address and name to send related commercial communications. Processing is carried out based on the consent you have given for this specific purpose, pursuant to Art. 6(1)(a) of the GDPR.
Service improvement
Information relating to user activity is used to evaluate service improvements. For example, information regarding a malfunction on a page may be used to modify its functioning. Processing is based on the legitimate interest of the data controller to improve the operation of the application and the user experience pursuant to Art. 6(1)(f) of the GDPR.
Security
Information relating to user activities in the system, and especially generated logs, is used for security purposes, such as identifying abnormal behavior and potential cyber attacks. Processing is based on the legitimate interest of the Controller to ensure the security of the infrastructure and stored personal data (Art. 6(1)(f) of the GDPR).
Legal compliance
Some data are processed to fulfill specific legal obligations, such as tax requirements. Processing is carried out as necessary to comply with a legal obligation (Art. 6(1)(c) of the GDPR).
Legal defense
In case of litigation, data may be used to prove the rights of the Controller in court or to defend against claims by the user or third parties. In this case, it is not possible to foresee the specific information processed, but only the data necessary to prove the Controller’s rights will be processed. Processing is carried out based on the legitimate interest of the Controller to defend its rights in court (Art. 6(1)(f) of the GDPR).
5. Information regarding consent
Any consent you may have given is optional and free, and can be withdrawn at any time. Failure to provide consent will only prevent the newsletter from being sent. You may withdraw consent at any time using the unsubscribe button provided at the bottom of commercial communications or by sending an email to info@fgcosmeticsgroup.com
6. Cookies and trackers
This site uses cookies and other tracking tools to ensure proper network operation, conduct statistical analysis, and carry out remarketing activities.
You can choose which cookies to install, based on their purposes, by clicking on the cookie banner that appears upon first visiting the Website, and you can later change your preferences using the dedicated functionality.
For more information, you can consult the cookie policy.
7. Data retention
Your personal data will be retained for the time necessary to fulfill the purposes for which they were collected. Data used for website management are kept until the end of the session, while information used for newsletter delivery is kept for the subscription period. Information collected for user account management, service improvement, security, and legal compliance purposes will be retained for no more than 10 years, depending on the specific pursued purpose.
8. Data circulation and transfer abroad
The Controller carries out processing activities directly through its organization, using appropriately appointed and trained individuals who act as authorized persons, as well as external companies providing various services on behalf of the Controller, acting also as data processors. In such cases, the Controller ensures that these third parties process data with an adequate level of protection to safeguard the rights and freedoms of data subjects. The updated list of processors acting on behalf of the Controller is available upon request at info@fgcosmeticsgroup.com
Upon motivated request by the Judicial Authority and only if required by law, data may also be provided to the Authority for the purpose of crime prevention and detection.
Personal data are transferred outside the European Economic Area, subject to the adoption of safeguards set out in Chapter V of the GDPR.
9. Nature of data provision
The provision of personal data is always optional, except for the collection of data related to network protocol management, the transfer of which is inherent and necessary to activate the connection to the Website.
10. How personal data are protected
The Controller commits to implementing appropriate technical and organizational measures necessary to maintain and guarantee the confidentiality, integrity, and security of personal data, and to prevent any loss, misuse, alteration, or unauthorized access. Similarly, the Controller conducts periodic checks on its systems to identify any vulnerabilities and attacks.
11. Rights regarding personal data
At any time, you may obtain from the Controller, if the conditions are met, access to your personal data, their rectification, deletion, or restriction of processing. Where required by law, you may also object to the processing of your data (Articles 15 et seq. GDPR). To exercise your rights with the Controller, you can contact info@fgcosmeticsgroup.com
If you believe that the processing of your personal data is carried out in violation of data protection regulations, you have the right to lodge a complaint with the Supervisory Authority (Art. 77 GDPR, https://www.garanteprivacy.it/home/diritti/come-agire-per-tutelare-i-tuoi-dati-personali) or take legal action before the Judicial Authority (Art. 79 GDPR and Art. 140-bis of Legislative Decree 196/2003).
Last update: 12/11/2025