← Back to home

Privacy Policy

Last updated: 30 April 2026

1. Who We Are

The Skin Protocol is a digital skincare education brand operated by:

  • Business name: NADALO di Andrea Nadalutti (sole proprietorship)
  • Registered address: Borgata Dalmassi 36, 10094 Giaveno (TO), Italy
  • VAT number (P.IVA): IT 13294200012
  • Tax code (C.F.): NDLNDR01P09H355S
  • PEC: andrea01.nada@pec.it
  • Email: the.skinprotocol.help@gmail.com

This website sells a digital guide (PDF) delivered electronically after purchase. Our checkout and payment processing is handled by Shopify.

Data controller: Andrea Nadalutti, contactable at the addresses above.

2. Data We Collect

Purchase data (collected by Shopify on our behalf):

  • Name and email address
  • Payment information (processed securely by Shopify — we never see your full card details)
  • IP address and browser information (for fraud prevention)

Analytics & advertising data (only if you accept the cookie banner):

  • IP address, user agent, and the URL of the page you are visiting
  • Meta Pixel cookies (_fbp, _fbc) used to attribute conversions to ad campaigns
  • Interaction events: page views, content views, checkout starts, add-to-cart

We do not send your name, email, or any direct identifier to Meta from this landing page. Events are transmitted both from your browser and from our server (Meta Conversions API) under the same consent.

3. How We Use Your Data

  • To deliver your digital purchase
  • To send order confirmation and delivery emails
  • To respond to support requests
  • To measure the performance of our advertising campaigns and improve them (only with your consent)

We do not sell or rent your personal data. We share advertising-event data with Meta only as described in section 7, and only after you opt in.

4. Cookies

We use the minimum number of cookies needed to run the site and, with your explicit consent, a small set of advertising cookies.

Essential cookies (always active):

  • tsp-cookie-consent — stores your cookie choice (accepted / declined) so we don't ask you again.
  • Cookies set by Shopify on the checkout pages for security, fraud prevention, and to keep your cart working.

Advertising & measurement cookies (only after you click "Accept"):

  • _fbp, _fbc — set by the Meta (Facebook) Pixel to measure how our ads on Facebook and Instagram lead to visits and purchases, and to optimise future campaigns.

If you click "Decline", the Meta Pixel script is not loaded and no advertising cookies are set. If you accept, the same events are also sent server-to-server to Meta via the Conversions API to improve measurement accuracy — this happens under the same consent and is not an additional collection.

How to withdraw your consent: clear the cookies for this site in your browser (this will remove your stored choice and the banner will reappear), or email us at the.skinprotocol.help@gmail.com and we will help.

5. Your Rights (GDPR)

If you are located in the European Economic Area, you have the right to:

  • Access the personal data we hold about you
  • Request correction or deletion of your data
  • Object to or restrict processing of your data
  • Request data portability
  • Withdraw your consent to advertising cookies at any time, without affecting the lawfulness of processing carried out before withdrawal
  • Lodge a complaint with the Italian Data Protection Authority (Garante per la protezione dei dati personali)

To exercise any of these rights, contact us at the.skinprotocol.help@gmail.com or via PEC at andrea01.nada@pec.it.

6. Data Retention

We retain your purchase data for as long as necessary to fulfil our legal and accounting obligations, typically up to 7 years. Advertising-event data shared with Meta is retained according to Meta's data retention policies. You may request deletion of the data we hold at any time.

7. Third-Party Services

We rely on the following processors:

  • Shopify International Ltd. — e-commerce platform, checkout and payment processing. Privacy policy: shopify.com/legal/privacy.
  • Meta Platforms Ireland Ltd. — advertising measurement via Meta Pixel and Conversions API. Data is shared only after you accept the cookie banner. Privacy policy: facebook.com/privacy/policy.

Legal basis: performance of contract (art. 6.1.b GDPR) for purchase data; your explicit consent (art. 6.1.a GDPR) for advertising cookies and Meta data sharing.

8. Changes to This Policy

We may update this privacy policy from time to time. Changes will be posted on this page with an updated date.