Welcome to the Golden Goose S.p.A. website, available at the following URL (hereinafter the “Website”).

The Regulation governs the “protection of natural persons with regard to the processing of personal data” (hereinafter also “GDPR”). In your capacity as “Data Subject”, i.e. the person to whom the personal data being processed refers, we wish to provide you with appropriate information about the fundamental elements of the processing we perform.

1. Data Controller

Golden Goose S.p.A., with registered office in Via Privata Ercole Marelli 10, Milan, Italy (hereinafter “GG”), is the autonomous data controller of the personal data of the Data Subjects who browse the Website, including.

We remind you that you can always exercise your rights by writing to the following e-mail address: privacy@goldengoose.com.

2. Type of data, purpose and legal basis of processing carried out through the Site

Through the Site are collected and processed:

1. browsing data: personal data on browsing, processed to enable the proper functioning of the Site. In this regard, please read the Cookie Policy on the Website;
2. contact data for registration: personal contact data to register on the Site and create a personal account. For this purpose, the contact data may be used to send strictly necessary communications, such as confirmation of registration, renewal of the Site documentation or management of any requests you may have. Your consent is not required for the processing of personal data for this purpose, as it is a processing necessary for the performance of a service requested by the Users (art. 6, paragraph 1, lett. b) of the Regulation);
3. contact data for marketing activity: contact personal data processed by GG to send the user newsletters and marketing communication regarding information and updates related to HAUS events and projects and products promoted and commercialized by GG. The legal basis for this processing is the free and explicit consent of the user (art. 6.1 (a) GDPR). Your consent is optional and can be revoked at any time, without prejudice to the lawfulness of the processing carried out before the revocation.
4. contact data for booking participation to events: personal contact data to book the participation to events and activities organized by GG at its Haus premises and manage such reservation by GG. The legal basis may be alternatively the consent freely expressed (art. 6.1 (a) GDPR) or the execution of the agreement related to the participation to the event (art. 6.1 (b) GDPR);
5. contact data, image and voice: personal data contact for external communication activities having promotional purposes of GG's activity and events (e.g., publication of personal data, including through digital channels, such as photos, video and audio recordings on the Company's institutional websites and on the Company's social accounts, as well as in printed and digital publications) on the legal basis of your consent from time to time optionally given (art. 6.1 (a) GDPR) and which ca be always be freely revoked without prejudice to the processing carried out up to that point;
6. contact data and biographical information: personal contact data and biographical information for analyze your preferences and characteristics to improve our commercial offer. Only if you also provide consent to marketing (let. b)), personalize communications directed to you, based on the analysis of your preferences and characteristics. The legal basis for this processing is the free and explicit consent of the user (art. 6.1 (a) GDPR). Your consent is optional and can be revoked at any time, without prejudice to the lawfulness of the processing carried out before the revocation.

3. Source of personal data

With the exception of browsing data indicated at point 2 (a), the personal data collected by GG are provided directly by the Data Subject through the Webiste.

The personal data collected through the GG Website are collected using mainly informatic and telematic methods and tools, adopting the necessary security measures in order to minimize the risks of destruction or loss, even accidental, of the data themselves, of unauthorized access or processing that is not permitted or does not conform to the purposes of collection indicated in this Privacy Policy.

However, such measures, due to the nature of the online medium of transmission, cannot absolutely limit or exclude any risk of unauthorized access or loss of data.

To this end, you should periodically check that your computer is equipped with software devices to protect incoming and outgoing data transmission on the internet (such as up-to-date antivirus systems) and that your ISP adopts the appropriate measures to safeguard the transmission of data online (such as firewall and spam filter).

4. Mandatory or voluntary nature of providing data

With the exception of browsing data, point 2, lett. a), the provision and collection of which is regulated by the “Cookie Policy”.

With reference to the purpose referred to in point 2, lett. b), some of the personal data requested by the Site may be marked as "mandatory" (for example, indicated with an *), as they are necessary to proceed with registration or access the services offered. Failure to provide data marked as "mandatory" will make it impossible to use the requested service (for example, if you do not provide personal or contact information, we will not be able to complete the creation of the account and allow you to make reservations). Failure to provide data marked as "optional", however, will have no consequences regarding the possibility of using the services provided by the Site.

The transmission to GG of personal data collected for purposes indicated at point 2 lett. c), e), f) is free, optional and facultative. Failure to provide it does not restrict use of the Website.

The provision of data for purpose indicated at point 2 lett. d) is mandatory, failure to provide such data do not permit to attend the event or the activity.

5. Categories of recipients of personal data and transfer outside SEE

Personal Data may be known by:

- GG employees and consultants, who shall act as authorised data processors for the internal organisation of the company’s activities;

- companies which shall act as data processors for GG or independent data controller, carrying out specific technical and organisational services connected to the Website (for example logistics services, IT services, customer care services and marketing services, events organizer and promotor).

Data may be communicated to third parties and/or the above-mentioned subjects also outside, in countries belonging to the European Union or, where not belonging to the European Union, in any case guaranteeing adequate guarantees for the protection and safeguarding of your data in compliance with the regulations in force. In this case, should there be transfers outside the EEA, it will be the Company's responsibility to sign from time to time - for those countries whose adequacy is not already recognized through a decision of the European Commission (pursuant to Art. 45 of the GDPR) - suitable Standard Contractual Clauses (“SCC”) with the importing companies in those countries (pursuant to Art. Art. 46, par. 2, lett. c of the GDPR), applying the necessary ancillary measures after carrying out the necessary case-by-case analysis. You may in any case always request information about the exact location of your data by writing to the DPO at the contact details below

6. Data retention period

To know about the retention period and persistence of cookies (point 2. lett. a)), please read the Cookie Policy.

The personal data collected for the purpose referred to in point 2. Lett. b) shall be stored for the entire period of existence of the personal account created.

The personal data collected for marketing activity and study of habits purposes (point 2. lett. b) and e)) shall be stored for a period not exceeding 5 years.

The personal data collected for booking and managing reservation and external communication activities having promotional purposes (point 2. lett. c) and d)) purposes will be stored for a period strictly necessary because of the data treatment and in any case not exceeding 1 year.

7. Rights granted to the Data Subject by the privacy law

The Data Subject is always entitled to obtain from GG:

1. confirmation whether or not personal data concerning them are being processed even if not yet recorded, and their communication in an intelligible form;
2. information concerning the origin of their personal data, the purposes and methods of processing the logic applied in the case of processing performed with the support of electronic instruments, the details of the data controller and data processors, an indication of the subjects and categories of subjects to whom the personal data may be disclosed or who may be informed thereof in their capacity as data processors or, in any event, parties authorised to process the data;
3. the updating, rectification or, if interested, the completion of the personal data;
4. the erasure, anonymisation or blocking of unlawfully processed personal data, including data whose retention is not necessary for the purposes for which they were collected or subsequently processed, as well as certification that the operations referred to above have been brought to the attention of those to whom the data were disclosed, except where this proves impossible or involves the use of means disproportionate to the protected right;
5. the portability of their personal data;
6. the restriction of the processing of their personal data.

The Data Subjects also have the right to object, in whole or in part, on legitimate grounds, to the processing of their personal data, even if it is relevant to the purpose of the collection, and to revoke the consent provided previously.

The rights listed above may be exercised by contacting GG at the following address: privacy@goldengoose.com.

Finally, please note that you are always entitled to lodge a complaint with the competent supervisory authority (Autorità Garante per la Protezione dei Dati Personali [Italian Data Protection Authority]).

Sign up for the newsletter to receive information and updates regarding sustainability initiatives and projects promoted by Golden Goose.