Pursuant to art. 12 e ss. Of the Regulation (UE) 2016/679

BookAppBusiness and associate Apps

Micrologic S.r.l., based in Crevoladossola 28865 (VB), Via Palli n. 3, P.IVA  01098320037, as the controller of the processing of personal data (below, as well, the Controller), makes the following policy.

01. Scope of processing

Controller processes personal data of users, managed on the platform named BookAppBusiness, to which multiple apps have access (es.: BarberApp, TimeBeauty, FitnessTime, BookApp, the Apps) and through which bookings and online management of bookings are provided (Service) to beauty centres, barbershops or hairdressers and similar.

02. Processed data

Suppliers of the service are divided into consumer users, which benefit from personal beauty and care services, and business users, which provide personal beauty and care services (collectively, Users).

Regarding Consumer users, the Controller processes the following personal data: identification and contact data (ex.: name, surname, email address, login credentials of BarberApp); business data (date and place of bookings made through BarberApp); other data necessary and functional to the provision of the Service to Business users.

Regarding Business users, the Controller processes the following personal data: identification and contact data (ex.: name, surname, tax code, email address, mobile number, address, login credentials of BarberApp); payment data (invoices, dates and payment amounts), business data (appointments made and managed by BarberApp); other data necessary and functional to the provision of the Service to Business users.

03. Data sources

Personal data are collected directly from the data subject.

Business user, however, can create second-tier accounts on BookAppBusiness for its employees, who provide beauty treatments and personal care services. For these subjects, Business user assumes the qualification of independent controller and therefore should provide them this policy.

04. Purpose of processing

Personal data are processed, in order to provide the Service. In particular, personal data are processed to:

  • create accounts on BookAppBusiness or on the Apps and make or receive bookings at the affiliate commercial establishments;
  • promote personal care and beauty (only for Business users);
  • make payments for the subscription (only for Business users);
  • allow Consumer users to specify their services and to choose professionals, who perform them (Business user or his employees);
  • post content on the Apps and benefit from a service of communication between Users.

05. Legal basis of the processing

Controller process personal data for the sole purpose of providing the Service to Consumer and Business users.

Further processing of personal data from Micrologic may occur, only if the data subject has given its express consent to the processing (reversible whenever); if the processing is required by law or by the Regulation; if there is a legit interest of the Controller declared and motivated, according to the provisions of the Regulation (UE) 2016/679. 

06. Scope of communication and dissemination of data

Business users take note, that their personal data may be published on BarberApp and may be available to Consumer users to allow the provision and use of the Service.

Controller may communicate personal data to third-party consultants, who perform, on behalf of the former, services and technical tasks to support the provision of Services. For instance:

  • society of the group Micrologic;
  • consultants and suppliers of professional services (information technology, legal, accounting, etc.);
  • subjects, who perform customer service activities (i.e. call center, help desk, etc.);

Subjects, to whom the Controller communicates personal data, are appointed as Data Processors or act as Independent Data Controllers. The complete list of subjects, to whom personal data are communicated, may be requested from the Controller at the addresses and in the manner indicated in the following paragraph 9.

Data are not subject neither of dissemination nor of transfer or communication outside the European Union.

07. Storage time of personal data

Personal data are processed for as many time as the interested parties use the Service, as well as for a further period necessary to the statute of limitations, in relation to possible actions or claims in civil or criminal proceedings.

During that further period of retention of personal data (generally not exceeding 10 years, unless there is an interruption of the limitation period), personal data are preserved separately and discreetly and are subject to more restrictive security measures. 

08. Profiling and automated processes

Personal data are not subject of an entirely automated decision process, including profiling

09. Rights of the interested party

Pursuant to art. 15 e ss. of the Regulation (UE) 2016/679 (the Regulation), the interested party may, whenever, ask the Controller a confirmation of the ongoing process of personal data concerning him, with indication of the purposes and categories of data. In such case the Customer may always:

  • ask for the access and for the rectification of data, if incorrect, and for the integration of those incomplete;
  • ask for the deletion of data (when occurring one of the conditions pursuant to art. 17, paragraph 1 of the Regulation and in compliance with the exceptions provided for in paragraph 3 of the same article);
  • request the limitation of the processing (if one of the conditions occur pursuant to art. 18, paragraph 1 of the Regulation);
  • get a copy of personal data in a structured and legible format from an automatic device (if the legal basis of the processing is the Contract or if the consent and the contract are carried out by automated means – i.e. right to the portability of personal data);
  • oppose the processing in the event of particular situations concerning him;
  • withdraw consent (limited to the cases in which the treatment is based on consent).

10. Exercise of rights

Personal data, uploaded by Users on BarberApp, can be modified or subject to cancellation by Users themselves with access to their profile page.

However, to exercise the rights indicated in the previous paragraph, as well as to receive more information, the interested party can turn to the Controller, by writing at the email:

The interested party, if there is an illicit data processing or the Controller does not guarantee the exercise of the rights pursuant to the previous paragraph, can lodge a complaint or appeal to the Data Protection Authority pursuant to art. 77 of the Regulation (UE) 2016/679, following the procedures and the forms published on the website

The interested party, moreover, can always turn directly to the ordinary judiciary as required by art. 79 of the Regulation (UE) 2016/679.