Cookie policy

This document regulates the processing of personal data through the use of the website available at, as carried out by Fashtime S.r.l., Via Pietro Mascagni, 20122– (Milan), VAT 10284790960, (hereafter the “Data Controller”), in compliance with current data protection regulations, including, in particular, EU Regulation 2016/679 (hereafter “GDPR”).

1. Identity and contact details of the data controller

The Data Controller is Fashtime S.r.l. Since the data controller is located in Italy, no representative has been appointed.

2. Contact details of the Data Protection Officer

The Data Controller has not appointed a Data Protection Officer.

3. Methods of processing

3.1. Cookies and environmental data

3.1.1. Technical cookies

- Navigation, functional and session cookies: these allow the site to work properly. The use of so called session cookies (which are not permanently stored on the device of the Data Subject and are automatically deleted when the browser is closed) is strictly limited to the transmission of individual session identifiers. Session cookies are used in order to permit safe and efficient navigation on the site.

- Statistical cookies: The site uses statistical cookies made directly by the data controller or provided by third parties. In the latter case, suitable tools have been adopted to reduce their identifying capabilities, by also hiding significant portions of the controlled IP addresses. Furthermore, the use of these third-party statistical cookies has been subjected to contractual obligations that require third parties to use them exclusively to provide services, to store them separately and to not “enrich” them or “cross-reference” them with other information they have available. In any case, the Data Controller does not allow third-party suppliers to use cookies for purposes other than those listed above.

- As regards Google Analytics cookies specifically, the information that concerns the use of the site by users and is obtainable from cookies will be transmitted by the user’s browser to Google Inc., located at 1600 Amphitheater Parkway, Mountain View, CA 94043, United States, and stored in the servers of the same company. The privacy policies of Google, which we invite you to read, are available at the following address: . The privacy policy regarding the services of Google Analytics is available at the following address: .

- Browsing data and environmental variables: the IT systems and the procedures used to operate the site automatically acquire, during their normal functioning, some personal data relating to the navigation of the data subject, including environmental variables. This category of data includes, by way of example:

  • The IP addresses of the computers utilised by users of the service;
  • The number of accesses;
  • The pages displayed;
  • The date and time the access occurred;
  • The URL the browser was on before displaying our page;
  • The type of browser;
  • The operating system used.

3.1.2. Non-technical cookies

- Profiling cookies:

The site does not use profiling cookies.

- Deleting and disabling cookies:

Since cookies are normal text files, they can be accessed using word processing programs. In any case it is possible to configure your browser in order to prevent it from treating cookies.

  • Delete/disable cookies with Firefox:
  • Delete/disable cookies with Edge:
  • Delete/disable cookies with Chrome:
  • Delete/disable cookies with Safari:

3.2. Data provided voluntarily by the Data Subject

The data optionally and freely provided by the Data Subject, by sending e-mails to the addresses found on the site, may be acquired for purposes that will be specified each time. In particular, in addition to the email address required to reply to the sender, any other personal data contained in the related communication will be processed. The Data Subject is invited to not enter special category data (for example data concerning their health) in the communications that will be sent to the Data Controller.

The data collected this way will be stored and processed exclusively for the purpose of storing the correspondence and replying to the data subject. They will not be used for other purposes.

4. Purpose of processing and legal basis of processing

In relation to cookies of a technical nature referred to in point 3.1.1. and to navigation data, the processing of the data subject’s personal data is carried out in order to enable proper use of the website; use of the data is necessary for navigation on the website. In this case the legitimate interest of the data collector is the legal basis of the processing. In relation to data provided voluntarily by e-mail, the processing of personal data carried out makes it possible to respond to requests from the interested parties. The legitimate interest of the Data Controller in responding to the interested parties is the legal basis of the processing.

5. Source from which personal data originates

Only the data provided by the data subject, collected through the website or through an email sent by the Data Subject, will be processed, in compliance with this document. Data from sources accessible to the public will not be processed.

6. Recipients and possible categories of personal data recipients

The personal data of the data subject may sent to:

- Companies that offer services related to the information society, including, in particular, those that offer hosting services;

7. Data categories

The personal data of the Data Subject will be processed. Special category data will not be processed, pursuant to article 9 of the GDPR.

8. Data transfer

The Data Controller intends to transfer personal data to another country or to an international organization. These subjects could include, by way of example:

- Communications companies, which carry out communication activities on behalf of the Data Controller;

- Companies that offer services related to the information society, including, in particular, those that offer hosting services;

- Communication service providers;

The transfer of personal data to such subjects, if they are established in another country or are an international organization, will be carried out only if it is considered adequate by the European Commission, which will verify that the other country, the area or one or more specific sectors within the other country or the international organization in question can guarantee an adequate level of protection of the Data Controller’s rights. In any case, the Data Controller – if they deem it necessary – reserves the right to reach specific separate agreements that will oblige these subjects to adopt adequate security and organizational measures, aimed at appropriately guaranteeing the Data Controller’s rights. Google Inc., in particular, is contractually bound to ensure appropriate protection of the Data Controller’s rights. The data can be transferred to the following countries: United States of America. To obtain a copy of this data or information about the place where it was made available, simply send a request to this address: .

9. Retention period of personal data

Personal data processed and stored for all the purposes referred to in this document will be processed and stored for a period that shall not exceed 24 months, starting from the date of the individual collection; In any case, the Data Controller reserves the right to request the Data Subject to renew their consent to the processing and/or to verify the consent previously expressed.

10. Optional nature of consent and consequences of non-consent

In relation to personal data processed through technical cookies, in order to allow proper use of the website, the communication of personal data is not a contractual obligation in relation to technical cookies, but is based on the legitimate interest of the data controller, since a fully functional website could not be made available without this treatment. In relation to data provided voluntarily by e-mail, the processing of personal data is not a contractual obligation, but a treatment based on the legitimate interest of the Data Controller to respond to data subjects; without this treatment it would not be possible to respond to requests made by the Data Subject.

11. Rights of the Data Subject

11.1. Rights of the Data Subject

The Data Subject has the right to object, at any time and for reasons connected with their particular situation, to the processing of personal data concerning him/her, pursuant to Article 6, paragraph ,1 letters e) or f) of the GDPR, including profiling on the basis of these provisions. The Data Controller will refrain from further processing personal data, unless they are able to demonstrate the existence of compelling legitimate reasons for proceeding with the processing, which prevail over the interests, rights and freedoms of the Data Subject, or if they need to assess, exercise or defend one of their rights in court.

11.2. Other rights

The Data Controller also wishes to inform the Data Subject of the following rights:

- Right of the Data Subject to access data: the data subject has the right to obtain confirmation from the Data Controller of whether or not their personal data is being processed at that time and, in that case, to obtain access to their personal data and to specific information, in accordance with Article 15 of the GDPR;

- Right of rectification: the data subject has the right to obtain the correction of inaccurate personal data concerning them from the Data Controller, without undue delay. Taking into account the purposes of the processing, the data subject has the right to obtain the integration of incomplete personal data, and to provide an additional declaration, in compliance with article 16 of the GDPR;

- Right to delete data, including the right to withdraw consent: the data subject has the right to obtain the deletion of personal data concerning them by the Data Controller, without undue delay, and the Data Controller is obliged to cancel the data without undue delay; the Data Subject also has the right to withdraw their consent, if the reasons set out in article 17 of the GDPR apply; in this case, the right of revocation can be exercised at any time without undermining the lawfulness of the treatment based on the consent given prior to the revocation;

- Right to limit processing: the data subject has the right to obtain a limitation of the processing from the Data Controller, when the hypotheses defined by article 18 of the GDPR apply;

- Right to data portability: the data subject has the right to receive, in a format which is structured, in common use and can be read on an automatic device, the personal data concerning him/her that were provided to the Data Controller, and has the right to transmit this data to another data controller without impediment by the Data Controller, in the cases and under the conditions specified by article 20 of the GDPR.

12. Exercising these rights

Requests to exercise the rights indicated in this document must be addressed directly to the Data Controller at the following email address: Alternatively, you can exercise your rights by sending a communication via registered mail to the following address: Via Pietro Mascagni, 31, Milano, 20122, Italia.

13. Accessibility of this information

This information can be accessed at the address as well as from the Data Controller. If expressly requested, the information may also be provided orally, provided that the identity of the applicant has been attested, by means of a telephone request addressed to the Data Controller.

" Be the partner of choice and add value on a constant basis. "