Privacy Policy

Corman S.p.A. firmly believes that transparency is the core of a strong relationship with its customers and users. For this reason, the company wishes to be entirely clear and open on how personal data is used.
Here follows a description of how the website is managed, with reference to the processing of personal data of users.
This notice is given pursuant to art. 13 of Regulation (EU) 2017/679 “on the protection of natural persons with regard to the processing of personal data and on the free movement of such data” (the GDPR), to those who interact with the web services of Corman S.p.A., accessible electronically at, i.e. the home page of the Organyc Igiene Femminile official website.
This policy is also based on Recommendation No. 2/2001 that the European data protection authorities, meeting as the Working Party established by Article 29 of Directive 95/46/EC, adopted on 17 May 2001 regarding certain minimum requirements for collecting personal data on-line, and, in particular, the manner, timing and nature of the information that Data controllers must provide users with when they connect to web pages, regardless of the purpose of the connection.

1. Data Controller
The data controller is Corman S.p.A., with registered office in Via Liguria, 3 – 20084 Lacchiarella (MI).

2. Place of processing of personal data and data processors
The processing operations connected to the web services of this website take place at the company’s registered office in Via Liguria 3 – 20084 Lacchiarella (MI) and are carried out only by the technical staff of the Office responsible for processing, pursuant to art. 29 of the GDPR. For the various specific services, related data files are processed by specialized companies which are appointed as Data Processors pursuant to art. 28 of the GDPR. The complete list of Data Processors can be requested by contacting

3. Type of data processed

3.1 Browsing data

The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
This information is not collected to be associated with identified data subjects, but by its very nature could, through processing and association with data held by third parties, allow users to be identified.
This category of data includes IP addresses or domain names of the computers used by users who connect to the site, URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc..) and other parameters relating to the operating system and computer environment.
This data is used for the sole purpose of obtaining anonymous statistical information on the use of the website and to check its correct functioning, and is deleted immediately after processing. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the site.

3.2 Data provided by the user

The optional, explicit and voluntary sending of electronic mail to the addresses indicated on this website entails the subsequent acquisition of the sender’s address, necessary in order to respond to requests, as well as any other personal data included in the message.

4. Purpose and legal basis of data processing

Notwithstanding the terms on browsing data referred to in point 3.1), personal data provided by users through the website is processed for the following purposes:
a) to allow the performance of operations strictly connected and instrumental to the management of relations with users – including but not limited to – access to reserved sections;
b) to carry out all activities of purchase order management (including administrative management of the contract, shipment of products, management of payments), as well as the fulfilment of all obligations imposed by current laws and regulations;
c) to allow the correct execution of contractual obligations assumed by the company towards its website users and customers and vice versa, as well as the consequent accounting and fiscal requirements;
d) to permit compliance with obligations laid down in European law, regulations and rules, or regulations issued by authorities empowered to do so by law and by supervisory and auditing bodies;
(e) when processing is necessary for the establishment, exercise or defence of legal claims or whenever courts are acting in their judicial capacity;
f) for purposes of statistical research/analysis on aggregate or anonymous data, without thus being able to identify the User, aimed at measuring the functioning of the website and its operational functions, including the resolution of any technical issues.
The legal basis for the processing of personal data for the purposes referred to in point a) is the provision of a service or the response to a request, which does not require a user’s consent, in accordance with applicable law.
With regard to purposes b) and c), the legal basis for processing is contractual necessity.
With regard to purpose d), the processing is necessary for the fulfilment of legal obligations.
With regard to purpose e), the processing is necessary for the legitimate interests pursued by the Controller.
Finally, the purpose referred to in point f) does not involve the processing of personal data.

5. Consent to data processing

Apart from the conditions already specified for browsing data, the user is free to provide his/her personal data and consent to the different data processing as indicated in the information notice.

6. Third-party advertisers and links to other websites

The website of Corman S.p.A. may include third-party advertising messages and links to other websites and applications where it is possible to buy services and products. Third-party advertising partners may collect information about you when you interact with their content, advertising and services.

7. Processing methods and storage time
Personal data is processed by automated tools for the time strictly necessary to achieve the purposes for which it was collected.
Specific security measures are implemented to prevent data loss, illegal or incorrect use and unauthorized access.

8. Rights of interested parties
The parties to whom the personal data refer have the right at any time to obtain confirmation of the existence or non-existence of such data and to know its content and origin, verify its accuracy or request its integration or updating, or correction (art. 15 et seq. of GDPR).
According to the aforesaid article, one has the right to request the cancellation, transformation into anonymous form or blocking of data processed in violation of the law, and to oppose in any case, for legitimate reasons, their processing.
Requests should be sent by e-mail to:

9. Modifications

The company reserves the right to modify the Privacy Policy at any time (also due to changes in current regulations) by updating this page. Users are therefore required to periodically check the Privacy Policy to remain informed of updates.

This notice, Rev.00, was issued on 15/07/2020 and comes into effect as of 1/08/2020.