(Art. 13 European Regulation 2016/679 – GDPR)
PROCESSING OF PERSONAL DATA CONTROLLER
Pursuant to current legislation and the provisions of art. 13 of EU Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data, as well as on the free movement of such data (hereinafter “Regulation”), we inform you that the Data Controller you provide is Imithi Srl (hereinafter the “Company” or “Imithi”) established in Via Caravaggi n. 11, Albignasego (PD) Italy, Fiscal Code and VAT number n. 05237350284.
The computer systems and computer programs used to operate the site www.endocorelab.org (the “Site”) collect some personal data whose transmission is implicit in the use of Internet communication protocols (eg IP addresses or domain names of computers used by users connecting to the site, URI addresses – Uniform Resource Identifier – of the requested resources, time of request, method used in the submit the request to the server, file size obtained in response, numerical code about the status of the response made by the server – good end, error, etc. – and other parameters related to the operating system and the user’s computer environment). Although it is information that is not collected to be associated with identified individuals, by their nature they could, through processing and association with data held by third parties, allow users to be identified.
These data are used for the sole purpose of obtaining statistical information not associated with any user identification data on the use of the Website and to check its correct functioning and are deleted immediately after processing. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the Site.
DATA PROCESSED, CONFIRMATION AND REFUSAL
For the consultation of the Site, no provision of personal data by the user is required. However, any contacts with the Company, e.g. through the consumer service, or the optional, explicit and spontaneous sending of messages, e-mail or traditional, to the addresses of the Company indicated on the Site entail the subsequent acquisition of the address, including e-mail, the sender or the related telephone numbering , necessary to respond to requests, as well as any other personal data included in the related communications. The provision of personal data in these ways is optional, however please note that failure to provide such data could make it impossible for the Company to meet your requests.
The processing of data will be carried out by staff appointed by the Data Controller EndoCore Lab with appropriate procedures, technical and IT tools to protect the confidentiality and security of your data and consists in their collection, registration, organization, conservation, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, dissemination, cancellation, destruction of the same the combination of two or more of the aforementioned activities.
PURPOSE AND LEGAL BASIS OF TREATMENT
Personal Data provided by users who voluntarily register themselves or send requests for information material (newsletters, replies to queries, etc.) are used to perform the service or provision requested and may be disclosed to third parties only in the case where this is necessary for this purpose. (if present) For example, the personal data provided for the subscription to the newsletter will be used by the Company for the sole purpose of executing the user’s request. For the processing of data for these purposes, your consent is not required, as the processing is necessary for the execution of a contract of which you are a part or for the execution of pre-contractual measures adopted upon your request, as well as, where applicable, to fulfill a legal obligation.
DURATION OF DATA CONSERVATION
Users’ personal data are kept only for the time strictly necessary to provide the requested service to the user and are eliminated immediately thereafter, without prejudice to further legal conservation obligations. Users’ personal data will not be disseminated.
Users are encouraged not to provide data included in the particular categories of personal data (for example, data suitable for revealing health status or sexual preferences, racial or ethnic origin, political or religious convictions, etc.). In the eventual case that the Company becomes aware of particular categories of personal data through the messages sent by users, it will abstain from the processing of such data and will proceed promptly to the cancellation of such data.
The Company does not process personal data of minors. Please contact the Company if there is any doubt regarding data that could refer to a minor and the Company will carry out the investigations necessary to remove the data relating to the minor.
As part of its activity and for the purposes set out above EndoCore Lab may use services rendered by third parties operating on its behalf and according to its instructions, such as responsible for the treatment. These are subjects that provide a titled treat EndoCore Lab processing or instrumental services (eg consumer service, computer services for the functioning of the Site). You can request a complete and up-to-date list of the persons nominated responsible for the treatment by contacting one of the contacts listed below.
TRANSFER OF DATA ABROAD
The data may be transferred within the European Union, where the Company or its suppliers are based or have their servers in those countries. Data will not be transferred outside the European Union.
RIGHTS OF THE INTERESTED PARTY
In your capacity as a User you are entitled, in relation to your personal data:
– to request access to the Data Controller (Art. 15 GDPR)
– to obtain the correction (Article 16 of the GDPR), the cancellation (Article 17 of the GDPR “Right to be forgotten”), the limitation (Art. 18 GDPR)
– to obtain them in a structured format, commonly used, and readable by automatic device (Article 20 “Right to data portability”)
– to exercise the right of opposition (Article 21 GDPR)
– to revoke their consent to treatment at any time (Art. 7 GDPR)
– to propose a complaint to the Supervisory Authority (Article 77 GDPR)
The exercise of these rights may be exercised by sending communications to the following e-mail address: firstname.lastname@example.org