Privacy Policy

Istituto Gentili S.r.l., in its capacity as Data Controller, wishes to provide the following specific information relating to the management methods of the sites (www.istitutogentili.com) with reference to the processing of the personal data of users who consult it. It is also an information provided pursuant to art. 13 of EU Regulation 2016/679 "GDPR" (hereinafter the "Privacy Legislation"), in consideration of the "Guidelines 5/2020 on consent pursuant to Regulation (EU) 2016/679".

DATA CONTROLLER

Istituto Gentili S.r.l. (P. IVA e Cod. Fisc. 07921350968) with registered office in via San Giuseppe Cottolengo n. 15, 20143, Milan, Italy, e-mail: privacy@istitutogentili.com

DATA PROTECTION OFFICER

The Group DPO can be contacted at the email address dpo@mediolanum-farma.com

TYPE OF DATA PROCESSED

The types of data and information collected and processed by Istituto Gentili are:

  • browsing data (collected automatically);
  • data provided by the user voluntarily, for authentication in the "Medical Area" section (username/email and password) in order to be authenticated through the "OneKey" system. Failure to provide such data does not allow the request to be forwarded and, consequently, makes it impossible for the Company to receive requests for information and to respond to them;
  • data collected through the use of cookies;
  • for reports relating to adverse events at the address phv@istitutogentili.com please refer to the link https://www.istitutogentili.com/it/farmacovigilanza/

BROWSING DATA

The computer systems and software procedures used to operate the site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.

This information is not collected to be associated with identified data subjects, but by its very nature could, through processing and association with data held by third parties, allow users to be identified.

This category of data includes IP addresses or domain names of the computers used by users who connect to the website, and other parameters relating to the user's operating system and IT environment. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the Site and to check its correct functioning and are kept for the period strictly necessary for statistical analysis. The data could be used to ascertain responsibility in the event of hypothetical computer crimes against the Site.

DATA PROVIDED VOLUNTARILY BY THE USER

Istituto Gentili collects the personal data provided voluntarily by users through the site, in the following cases:

  1. sending, by users, to the address, e-mail address, indicated on the "Contacts" page of messages with the request for information;
  2. spontaneous release, by users, of their data, by filling in the appropriate form, for registration in the area reserved for doctors.
  3. sending, by users, to the e-mail address indicated on the "Work with us" page, of their personal data in the form of a Curriculum Vitae.
  4. For reports of adverse events at phv@istitutogentili.com please refer to the link https://www.istitutogentili.com/it/farmacovigilanza/.

For the form or form for the collection of Personal Data, the site provides a specific information.

USE OF COOKIES

The Site uses cookies in accordance with the adopted Cookie Policy.

PURPOSE OF THE PROCESSING

Personal data will be processed for the following purposes:

  1. for the purpose of allowing navigation and consultation within the site and to comply with legal obligations;
  2. purposes related to the provision of the services requested (e.g. answers to questions; use of online web services; selection of personnel) as well as to comply with any legal and tax obligations related to them;
  3. defensive purposes in the event of abuse in the use of the site or attempts at fraud;
  4. internal controls, management control, certification, reporting to Group companies
  5. statistical and market research purposes with anonymised data,
LEGAL BASIS OF THE PROCESSING

The Data Controller processes your data: 1) to execute pre-contractual measures adopted at the request of the User/Data Subject; 2) on the basis of the consent expressed by the Data Subject to the processing of his/her personal data for one or more specific purposes; 3) due to the legal obligation to which the Company is subject; (4) for reasons of public interest in the field of public health, such as protection against serious cross-border threats to health or the assurance of high standards of quality and health safety and of medicinal products and medical devices; 5) for the legitimate interest of the Data Controller.

NATURE OF DATA PROVISION

Without prejudice to what is indicated in relation to browsing data, users are free to provide their personal data. Failure to provide them may make it impossible for Istituto Gentili to receive requests for information that may be sent by users through the Contact page or to fulfill the services requested.

METHODS OF PROCESSING

Personal data are processed with automated tools and on paper, for the time strictly necessary to achieve the purposes for which they were collected.

Specific security measures are observed to prevent the loss of personal data, illicit or incorrect use and unauthorized access. In particular, the secure https protocol for some reserved parts of the site and applications and the protections against unauthorized access to servers and other computers in use.

ANY TRANSFERS OUTSIDE THE EU

Due to the organisational solutions of the Data Processors and Sub-processors used by the Data Controller, the data may be transferred to non-EEA countries, on the basis of the adequacy decision of the European Commission.

PERSONS AUTHORISED TO PROCESS

Your data have been acquired by entering them on the www.istitutogentili.com websites and may be communicated by Istituto Gentili to subjects specifically appointed as Data Processors for the purposes indicated in this Privacy Policy. The data will be processed by the Data Controller through its representatives.

RIGHTS OF THE DATA SUBJECTS

The user has the right to exercise at any time the rights referred to in articles 12 et seq. of EU Regulation 2016/679, namely:

  1. access to personal data;
  2. to obtain the rectification or erasure of the same or the limitation of the processing of personal data concerning him/her;
  3. to object to the processing;
  4. data portability;
  5. to withdraw consent without prejudice to the lawfulness of the processing based on the consent given before the withdrawal.

To exercise the aforementioned rights, make a report or receive information on how personal data is processed, requests can be made by writing to the Data Controller or DPO at the addresses indicated in this Privacy Policy.

We remind you that you also have the right to lodge a complaint with the supervisory authority (Privacy Guarantor) or to take legal action if you believe that the data processing is in violation of the provisions of the GDPR.

MORE INFORMATION ABOUT THE TREATMENT

Information not contained in this policy
Further information in relation to the processing of Personal Data may be requested at any time from the Data Controller using the contact details.

Changes to this Privacy Policy

The Data Controller periodically checks its privacy and security policy and, if necessary, revises it in relation to changes in the law, organisation or dictated by technological evolution. In the event of changes to the policies, the new version will be published on this page of the website.
If the changes concern processing whose legal basis is consent, the Data Controller will collect the User's consent again, if necessary.