Istituto Gentili S.r.l., in its capacity as Data Controller, wishes to provide the following specific information relating to the management methods of the sites (www.istitutogentili.com) with reference to the processing of the personal data of users who consult it. It is also an information provided pursuant to art. 13 of EU Regulation 2016/679 "GDPR" (hereinafter the "Privacy Legislation"), in consideration of the "Guidelines 5/2020 on consent pursuant to Regulation (EU) 2016/679".
Istituto Gentili S.r.l. (P. IVA e Cod. Fisc. 07921350968) with registered office in via San Giuseppe Cottolengo n. 15, 20143, Milan, Italy, e-mail: privacy@istitutogentili.com
The Group DPO can be contacted at the email address dpo@mediolanum-farma.com
The types of data and information collected and processed by Istituto Gentili are:
The computer systems and software procedures used to operate the site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
This information is not collected to be associated with identified data subjects, but by its very nature could, through processing and association with data held by third parties, allow users to be identified.
This category of data includes IP addresses or domain names of the computers used by users who connect to the website, and other parameters relating to the user's operating system and IT environment. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the Site and to check its correct functioning and are kept for the period strictly necessary for statistical analysis. The data could be used to ascertain responsibility in the event of hypothetical computer crimes against the Site.
Istituto Gentili collects the personal data provided voluntarily by users through the site, in the following cases:
For the form or form for the collection of Personal Data, the site provides a specific information.
The Site uses cookies in accordance with the adopted Cookie Policy.
Personal data will be processed for the following purposes:
The Data Controller processes your data: 1) to execute pre-contractual measures adopted at the request of the User/Data Subject; 2) on the basis of the consent expressed by the Data Subject to the processing of his/her personal data for one or more specific purposes; 3) due to the legal obligation to which the Company is subject; (4) for reasons of public interest in the field of public health, such as protection against serious cross-border threats to health or the assurance of high standards of quality and health safety and of medicinal products and medical devices; 5) for the legitimate interest of the Data Controller.
Without prejudice to what is indicated in relation to browsing data, users are free to provide their personal data. Failure to provide them may make it impossible for Istituto Gentili to receive requests for information that may be sent by users through the Contact page or to fulfill the services requested.
Personal data are processed with automated tools and on paper, for the time strictly necessary to achieve the purposes for which they were collected.
Specific security measures are observed to prevent the loss of personal data, illicit or incorrect use and unauthorized access. In particular, the secure https protocol for some reserved parts of the site and applications and the protections against unauthorized access to servers and other computers in use.
Due to the organisational solutions of the Data Processors and Sub-processors used by the Data Controller, the data may be transferred to non-EEA countries, on the basis of the adequacy decision of the European Commission.
Your data have been acquired by entering them on the www.istitutogentili.com websites and may be communicated by Istituto Gentili to subjects specifically appointed as Data Processors for the purposes indicated in this Privacy Policy. The data will be processed by the Data Controller through its representatives.
The user has the right to exercise at any time the rights referred to in articles 12 et seq. of EU Regulation 2016/679, namely:
To exercise the aforementioned rights, make a report or receive information on how personal data is processed, requests can be made by writing to the Data Controller or DPO at the addresses indicated in this Privacy Policy.
We remind you that you also have the right to lodge a complaint with the supervisory authority (Privacy Guarantor) or to take legal action if you believe that the data processing is in violation of the provisions of the GDPR.
Information not contained in this policy
Further information in relation to the processing of Personal Data may be requested at any time from the Data Controller using the contact details.
The Data Controller periodically checks its privacy and security policy and, if necessary, revises it in relation to changes in the law, organisation or dictated by technological evolution. In the event of changes to the policies, the new version will be published on this page of the website.
If the changes concern processing whose legal basis is consent, the Data Controller will collect the User's consent again, if necessary.