Privacy Policy

The purpose of this Privacy Policy is to describe the methods of collecting the personal data of the website users performed through the website (the “Site“) pursuant to Articles 13 and 14 of European Regulation 2016/679 concerning the protection of personal data (the “Regulation“) and of Legislative Decree Legislative No. 101/2018.

Users are advised to read the Privacy Policy carefully before submitting any personal information and/or filling in any Section on the Site.

1. Data Controller

The Data Controller on the Site pursuant to Article 4 of the Regulation, is Sharon Personal Care S.r.l. (the “Company “), with its registered office in Via Vincenzo Monti, n. 11 - 20123, Milano, VAT Registration no. and Tax Code 12324840961, e-mail address, CEM (certified email address)

2. Purpose and legal basis of the processing carried out on the Site

Personal data are collected and processed through the Website for the following purposes:

a. Request for services: the personal data voluntarily provided by the user through the filling up and sending of the form in the “Contacts” section (name, surname, email address, name company, job title and additional information indicated therein) are processed by the Company to provide feedback, by e-mail or telephone, about request.

b. Marketing: the personal data directly provided by the user through the filling up and sending of the form in the “Newsletter” section (name, surname, email address, name company) are processed by the Company in order to (i) send information and updates on its products on events and other initiatives promoted e (ii) to allow you to download brochures, catalogues and informative material from the Site.

c. Cookies: in addition to the data expressly provided, other data deriving from the user’s navigation may be recorded on the Site. In fact, when users access it, the Site may send a “cookie.” “Cookies” are small text files that are stored on the user’s computer when visiting the pages of the Site. “Cookies” are used to give users the best navigation experience and to allow the operation of certain services that require identification of the user’s path through different pages of the Site. For any access, regardless of the presence of a “cookie”, the Site records the type of browser (e.g., Internet Explorer, Safari, Chrome, Firefox), the operating system (e.g., Windows, Macintosh) and the host and last requested URL of the user, as well as data of the page requested. This data can be used in aggregate and anonymous form for statistical analysis on Site usage. In this regard, please read the specific Cookie Policy (

Personal data collected and processed by the Company are provided directly by the user, except for navigation data referred to the “Cookies” section of point 2 (d) above which are regulated by the Cookie Policy (

The legal basis of the processing of the user’s personal data is:

    (i) for the purposes referred to in point 2 (a), above, in the legitimate interest of the Company to give feedback the user’s requests;

     (ii) for the purposes referred to in point 2 (b), above, on the specific consent given by the user.

For the purposes referred to in point 2 (c), please refer to the appropriate Cookie Policy (

3. Categories of recipients of personal data

The Company communicates the personal data of users of the Site only to the extent permitted by law and in accordance with what is described below. In particular, the user’s personal data may be processed or known by:

     (i) employees of the Company, who operate as subjects authorised to process data pursuant to Articles 29 of the Regulation and 2quaterdecies of the Legislative Decree No. 101/2018 and in this sense are instructed by the Company;

     (ii) companies that provide the Company with specific technical and organisational services connected to the Site, as Data Processors pursuant to article 28 of Regulation;

     (iii) police or judicial authorities, in accordance with the law and upon formal request by them, or if there are well-founded reasons to believe that the communication of such data is reasonably necessary to: (a) investigate, prevent or take action against suspected illegal activities or to assist the state authorities and supervisory; (b) defend itself against any claims or accusation by third parties, or protect the security of its website and the Company; or (c) exercise or protect the rights, property or safety of the Company, its customers, employees or any other person.

Personal data will not be transferred to a non-EU Countries or International Organisations that do not guarantee an adequate level of protection, recognized, pursuant to Article 45 of the Regulation, on the basis of an EU Commission Adequacy Decision. In the event that it becomes necessary for the provision of the Website's services to transfer the aforementioned data to non-EU Countries or International Organizations, for which the Commission has not adopted any Adequacy Decision, it will take place only in the presence of appropriate safeguards provided by the recipient Country or Organization, pursuant to Article 46 GDPR, and provided that the subjects have enforceable rights and effective remedies. In the absence of an adequacy decision by the Commission or appropriate safeguards, including binding corporate rules, the transfer will take place only if one of the conditions indicated in Article 49 GDPR.

4. Methods of processing personal data and retention period

Personal data collected through the Site are processed using mainly IT and telematic methods and tools, adopting the security measures in such a way as to minimise the risk of destruction or loss, even accidental, of the data themselves, of unauthorised or unlawful access or processing that does not comply with the collection purposes indicated in this Privacy Policy. However, these measures, due to the nature of the online transmission medium, cannot absolutely limit or exclude any risk of unauthorised access or dispersion of data. To this end, it is advisable to periodically check that computer is equipped with software devices suitable for the protection of data online transmission, both incoming and outgoing (such as updated antivirus systems), and that the Internet service provider has adopted appropriate measures for the security of online data transmission (such as firewalls and anti-spamming filters).

Personal data provided by the user during navigation and related to it will only be stored for a period not exceeding 1 year. Personal data processed to provide feedback to the user’s request will be kept for the time necessary to provide such feedback. Data collected for marketing purposes will be kept for a suitable period in line with the reference sector and in consideration of the interest shown by the user in receiving updates/information. Registration and the related processing are in any case considered valid until the user unsubscribes, which can be done via the link present in each email. In any case, for further information you can write to the following address:

5. Mandatory or optional nature of data provision

Except for navigation data regulated by the Cookie Policy (, the provision of personal data collected through the Site is free and optional. The failure to provide this data does not limit the use of the Site but may make it impossible for the same to respond to request for information made or to send the informative material, updates, newsletter, invitations to event organised by the Company.

It remains understood that user have the right to revoke your consent at any time by sending an email to Revocation of consent shall not affect (i) the lawfulness of the processing based on the consent given prior to revocation and (ii) further processing of the same data based on other legal basis (e.g., legitimate interest.

6. Rights granted to the user

The user has right to:

  • access personal data that concern them and to obtain confirmation of the existence or not of the same, the communication thereof in an intelligible form and supplementing thereof;
  • request the updating, correction or, if interested, supplementing of personal data;
  • the limitation of the processing which concerns them, the erasure, transformation into anonymous form or the blockage of processed data in breach of the law, including any data whose conservation is not required in relation to the purposes for which the same has been collected or subsequently processed;
  • oppose, wholly or in part, the processing of their personal data for legitimate reasons, even if pertinent for the purpose for which it was collected;
  • obtain the transmission of their data to another data controller (so called right to data portability).

The above rights may be exercised by contacting the Company at the following address:

Further, if the processing is based on consent, the user can withdraw the consent given pursuant to art. 7, paragraph 3, of the Regulation, without prejudice to the lawfulness of the processing carried out before the withdrawal (please refer paragraph 5).

7. Right to lodge a compliant

Pursuant to Article 77 of the Regulation, the user has the right to lodge a complaint with the National Supervisory Authority (for Italy, the Data Protection Authority:

8. Final clause

Considering the current state of the evolution of the data protection laws, this Privacy Policy may be updated at any time.

Last update 03/06/2024

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.