Privacy policy

Dear Customer, in accordance with the obligations imposed by Regulation (EU) 679/2016 (General Data Protection Regulation - so-called "GDPR") Sportlab Milano (from now also referred to as "we", "our" or "the Company" ), intends to inform you on how your personal data, even of a particular nature, are processed, to request your consent where this is necessary and to make you aware of your rights as well as of the methods to be able to exercise them easily.

This information is also issued to supplement, specify and possibly rectify the privacy information of partners and entities and / or provided on the basis of the forms from this tax, if this has been made in fulfillment of the contractual obligations imposed on the company. Likewise, any further information relating to specific processing or information provided on behalf of third party data controllers remains unaffected. 



    1.  1.1. Data controller and contact details 

This Privacy Policy outlines the practices of SportLab Milano SRLS, legally represented by Milano Ida Maria, in relation to the information collected from users who access our website at (" Sito "), or otherwise share personal information with us (collectively: "Users"). " "). 

SportLab Milano SRLS

Registered office: Via Casoretto 32, 20131, Milano

Legal Representative and contact person: Milano Ida Maria

VAR number: 11661500964

REA Code: MI - 2617657

website domain:


    1. 1.2. Sources of collection and personal data

SportLab Milano SRLS collects personal data concerning you directly from you, both in its commercial offices and through remote communication techniques (for example through its websites, for which reference is made to the specific information published therein; the sites and third-party platforms; etc.). You can provide us with your personal data when requesting information, quotes, registering for our services, during negotiations, at the time of signing contracts or during their development as well as at the time of joining / providing services and / or services, however qualified or named.


2.1 Definitions

The definition of personal data refers to any information relating to an identified or identifiable natural person. An identifiable person is a natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or one or more characteristic elements of his identity. physical, physiological, genetic, psychic, economic, cultural or social.

The term "processing" means any operation or set of operations performed on personal data or on a series of personal data, even with automated tools, such as collection, registration, organization, structuring, storage, adaptation or modification, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, limitation, deletion or destruction.

2.2 How and by whom the data is managed  

The company establishes the purposes and methods of processing the user's personal data. For the resulting legal responsibilities, the data controller is legally responsible for the storage and use of personal information on computers or manual archives. 

SportLab Milano SRLS employs a data protection officer, recognized in Milano Ida Maria, so in case of questions or doubts regarding privacy or requests relating to the personal data provided, you can contact us at any time at the email address:

2.3 Cookies

All of our activities are based on rigorous ethical principles and legal requirements and we are committed to protecting the privacy of all visitors to our website, whether from a fixed or mobile device. We do not collect sensitive user data.

Our website, in order to offer the best possible user experience, may use technologies that are useful for this purpose. Reason for which personal data could be collected automatically through the use of cookies, for more information see our "Cookie Policy" about it.

2.4 Purpose of operational management 

To better satisfy your requests, both in the pre-contractual phase and to execute a specific contract to which you are a party, as well as for all activities connected or instrumental to these, functionally linked to the operations of the Company or to the protection of your rights. All the activities necessary to provide you with the information, assistance, services, services or products requested or of interest to you fall within these purposes. 

Information relating to the user's computer may be collected for system administration purposes, as well as to report aggregate information for internal marketing analysis purposes. This is data relating to our users' browsing actions and patterns and may include the following:

  • the visitor's IP address or the domain names of the computers used by the Users who connect to the Site;; 
  • date and time of the visit;
  • referral URL (the site from which the visitor was referred);
  • URI (Uniform Resource Identifier) of the requests;
  • the method used to submit the request to the server;
  • the size of the file obtained in response; 
  • the numerical code indicating the status of the response given by the server (successful, error); 
  • pages visited and user navigation on our website;
  • information on the browser used;
  • other parameters relating to the operating system and the IT environment of the User.


3.1 Legal bases of processing

As already stated at the beginning, the processing of the User's Personal Data by the Owner is aimed at:

  • pursue, in accordance with art. 6.1, lett. f) of the GDPR, its own legitimate interest, consisting in guaranteeing the security of the Site and the information exchanged on it, i.e. the ability of this Site to resist, at a given level of security, unforeseen events or illegal or malicious acts that compromise the availability, authenticity, integrity and confidentiality of personal data stored or transmitted and the security of the related services offered or made accessible;
  • for the fulfillment of pre-contractual and contractual obligations following a request for information, sale of the products offered by, purchase made in-store / online, (eg tax and accounting obligations);
  • only with his specific and distinct consent, in accordance with art. 23 and 130 of the Privacy Code and art. 7 of the GDPR, for marketing purposes:
    a. to sending newsletters and communications with commercial and promotional, informative and / or advertising content in relation to Skinlabo products or services, as well as statistical analysis and market research strictly related to the services offered through the portal;
    b. to send commercial proposals relating to services and products provided by third parties or not related to the products and services provided by the site;
  • to exercise the rights of the owner, for example the right of defense;
  • only with his specific and distinct consent, in accordance with art. 23 and 130 of the Privacy Code and art. 7 of the GDPR for the performance of profiling activities, such as the analysis of consumer habits or choices of customers treating, mainly the data relating to the date and time of display by the User of e-mail messages containing information, including commercial and promotional information relating to the site treating, mainly the data relating to the date and time of display by the User of e-mail messages containing information, including commercial and promotional information relating to the site;
  • to fulfill the obligations established by law, by a regulation, by community legislation or by an order of the Authority.


3.2 How the information provided by the user is used

All information provided by the user is in compliance with the rules indicated above, in particular, as regards the methods of processing data, provided voluntarily by the user, such as:

  • the personal identification data of the person, i.e. contact details, title, including name and surname, billing address or addresses, postcode, date of birth, gender, telephone number , e-mail address, credit and debit card details. If the user provides the personal data of another person, he must ensure that he has the right to share this information with us;
  • the information provided by the user through third parties such as Facebook and Instagram;
  • the information that the user uploads to the site or shares through our site using our services;
  •  preferences and interests stored in the profile, if the user has created an online account with us;
  • the information received if the user contacts us to report a problem with our site or to receive technical and / or customer assistance, for which there may be a correspondence or conversation log;

are used for the purposes described in this Privacy Policy. 

The user can change their personal data at any time and oppose their further processing, by email to the email address: .

3.3 Benefits provided to the user

 For the user, this treatment may reserve some advantages, such as:

  • make sure that the contents of our site are presented on the user's computer in the most efficient way;
  • inform the user about the status of the order or delivery, for the purposes associated with the orders placed by the user; 
  •  answer a question about our products, to satisfy the user's requests;
  • fulfill the order, to process the payment with the payment card and / or to perform customer service functions;
  • offer him the best possible service to verify the identity of the user and to answer any of his questions;
  • fulfill our obligations arising from any contracts entered into between the user and us;
  • allow the user to participate in the interactive features of our services when he chooses to do so;
  • notify the user of changes regarding our services, terms, conditions and policies and / or other administrative information:
  • subject to the user's authorization, we may contact him directly using the contact information provided by him (for example by post, e-mail, SMS, telephone or other electronic methods) for marketing, advertising and market research purposes.

3.4 Further hypotheses of use 

When the user visits the SportLab Milano SRLS website, his personal data may be processed in the following ways:

  • analysis of data relating to contents, A / B tests and navigation between products;
  • analysis of data relating to the origin of the traffic;
  • analysis of data relating to internal research;
  • analysis of data relating to purchases;
  • device data analysis.


4.1 User Data

The user's personal data are processed electronically, also with the aid of electronic means by the Data Controller or by persons duly appointed to carry out these tasks (data entry company, for the related purposes the execution of the service, the management of the purchase order of online products, the management of the payment), constantly identified and / or appointed, appropriately trained and respectful of the constraints imposed by law, using security measures to guarantee the protection of confidentiality and to avoid the risks of loss or destruction, of unauthorized access, of processing that is not permitted or does not comply with the above purposes.

4.2 Exercisable rights

 Below, the user will find, by way of example, the rights he can exercise:

  • the user has the right to access some of the personal data provided by him, request details of the information about him that we store and process, including the purposes for which they are used, by e-mail to the address indicated above;
  • the user has the right to request the correction, addition, deletion or blocking of their personal data stored, by email to the address indicated above;
  • the user has the right to object to the processing of personal data, even if used by the Company for marketing purposes. In this case, if we intend to use personal data for such purposes or disclose your information to third parties for such purposes, we will inform the user through this Privacy Policy;
  • e-mails sent to the user by the Company bearing newsletters or marketing content include the option to unsubscribe by following the instructions in the e-mail itself. If the user does not wish to receive e-mails from us, he can simply do so via a contact email;
  • the user has the right to withdraw consent to the processing of their personal data at any time. The withdrawal of consent, however, does not affect the legitimacy of the processing based on the consent prior to the withdrawal. The operation can be requested by e-mail to the contact address;
  • if the user wishes to withdraw his consent to receive promotional information and offers in general, including by post, e-mail, SMS, telephone or other digital methods, he can do so at any time by writing to SportLab Milano SRLS, at the email address provided;
  • the user's rights described above may be subject to conditions or limitations.  

4.3 User refusal 

If the user provides their personal data on our websites or other channels, this is done on a completely voluntary basis. If the user chooses not to provide the requested information, some customer benefits may not be available. We offer numerous options, depending on the specific circumstances, to help the user retain control of their data. These options may include viewing and editing data online. It may also be possible to unsubscribe from services or delete user accounts or receive information about the data we hold about you.

In case of changes to the information provided by the user, for example in case of change of the e-mail address or other contact data, or if the user wishes to cancel his registration, we invite the user to contact the address  email: .


5.1 Disclosure of personal data: third parties

 The treatment of user data with the utmost care and confidentiality is one of our core values. If required by law, your data may be disclosed to third parties. We employ service providers and data processors in charge of processing data on our behalf. These services include authentication services, hosting and maintenance, data analysis services, email messaging services, delivery services, payment transaction management, creditworthiness, address and email checking. These third parties are our data processors and may only process personal data to the extent necessary to provide their services. Our data processors have a contractual obligation to treat this information in the strictest confidence. They are prohibited from using the data in any other way than is necessary. Measures are taken to ensure that our data processors, including suppliers of and managers who work on behalf of SportLab Milano SRLS, preserve and protect the confidentiality of your data.

Some of our data controllers are situations outside the European Union (EU) / European Economic Area (EEA). As a result, we will share your personal data with countries outside the EU / EEA. However, we will only provide this information if they are recipients who meet the necessary requirements, including:

  • the country in question is considered a safe third country;
  • the supplier in question owes the European Commission's standard contracts for the transfer of personal data to third countries;
  • the supplier in question is certified according to art. 40 of the GDPR; 
  • the supplier in question has a set of approved binding corporate rules.


5.2 Retention of personal data

The Company will not keep the user's personal data for a period of time longer than that necessary for the purposes for which they are processed.  

In accordance with the laws that impose obligations to keep documents for accounting purposes and with the general rules relating to the ordinary limitation period for contractual actions, we will delete your personal data relating to the primary purposes after the ten-year period has elapsed, starting from the moment of termination of the contract.

Personal data processed for additional optional purposes (marketing purposes; profiling purposes; customer satisfaction purposes) will be deleted after ten years, a term deemed appropriate since these are data related to the sale of goods and services with a low purchase frequency. and consider the industry statistics.

5.3 Transfer of personal data

Personal Data are managed and stored on servers located in the territory of the European Union. In any case, it is understood that the Data Controller, represented by Milano Ida Maria, if necessary, will have the right to move the location of the servers to Italy and / or to the European Union and / or to non-EU countries. In this case, the Data Controller ensures from now on that the transfer of non-EU data will take place in compliance with the applicable legal provisions by stipulating, if necessary, agreements that guarantee an adequate level of protection and / or adopting the standard contractual clauses provided by the Commission. European.


Any complaints can be submitted to the legal contact, identified in Milan Ida Maria, at the email address: .

For further complaints regarding the processing of their personal data, according to the procedures described above, the contact details of the Italian data protection supervisory authority are provided below: Guarantor for the protection of personal data, based in Piazza Venezia no. 11 - 00187 Rome.


Tel: (+39) 06.696771



SportLab Milano SRLS is committed to respecting the fundamental principles of privacy and data protection. Therefore, we periodically review our Privacy Policy in order to keep it updated and compliant with the principles of privacy and data protection. This Privacy Policy may be amended from time to time in order to keep abreast of new developments and opportunities associated with the Internet and to maintain compliance with current legislation. Any changes that we may make to our Privacy Policy in the future will be published on this page and, if necessary, may be communicated to the user via e-mail. This Privacy policy was published on 23/05/2018.