POLICY FOR THE MANAGEMENT OF DATA OF THE PARTIES CONCERNED

In accordance with the provisions of the GDPR (Reg. 769/2015), the Data Controller, Nex Medical Antiseptics s.r.l, constantly strives to ensure that the personal data of the individuals interacting with the Company are:

(a) processed lawfully, correctly and transparently;

(b) collected for specified, explicit and legitimate purposes, and subsequently processed in ways that are not incompatible with those purposes;

(c) adequate, relevant and limited to what is necessary with respect to the purposes for which they are processed;

(d) accurate and, if necessary, updated;

(e) stored for a period of time not exceeding the achievement of the purposes for which they are own;

(f) processed, through appropriate technical and organizational measures, so as to guarantee their safety;

(g) processed, if by consensus, by decision freely taken by the party concerned, on the basis of a request submitted in a manner clearly distinguishable from the rest, in a comprehensible and easily accessible form, using a simple and clear language.

The Data Controller shall take appropriate technical and organizational measures in order to ensure the protection of personal data from the design stage and to ensure that, by default, only the data necessary for each specific processing purpose are processed.

The Data Controller collects and holds in the utmost consideration indications, observations and opinions of the Customer/party concerned sent to the above-mentioned addresses, in order to implement a dynamic privacy management system that ensures effective protection of people, with regard to the processing of their data.

Nex Medical s.r.l pays close attention to the parties concerned and wants to maintain full transparency with them, thus carrying out only processing for legitimate, express and limited purposes.

It is company policy to promote procedures to ensure that the data are accurate and, if necessary, updated and to take all reasonable steps to delete or correct inaccurate data in a timely way for the purposes for which they are processed.

The data will be processed in such a way as to guarantee adequate security, including protection, by means of appropriate technical and organizational measures, unauthorized or unlawful processing and loss, destruction or accidental damage.

It is the corporate policy that the parties concerned are always entitled to receive clear, transparent, detailed and comprehensible information about the processing operations to which their personal data will be subjected.

It is specified right now that Nex Medical s.r.l can act:

• on behalf of customer companies, data controllers, who have entered into a contract of collaboration for outsourcing services in the areas of our business with Nex Medical s.r.l. In this case, Nex Medical s.r.l will act as the controller of the processing of personal data by virtue of an appointment document received by the Data Controller. Parties concerned are invited to view the information provided by the Data Controller.
• directly, on a contractual basis and for legitimate interest.

In this case, Nex Medical s.r.l will act as the Data Controller. Parties concerned are invited to view the information published on the website.

Nex Medical s.r.l employs external collaborators and suppliers for outsourcing services. It is our commitment to qualify the designated data processors also in view of the guarantees provided to protect the confidentiality of data.

It is the corporate policy to provide its employees with clear instructions and increase awareness.

We invite the parties to view the reference information. We remain available for any further information, clarification and suggestion.

We have prepared information as clear and transparent as possible for each area of activity.

Casorezzo, 17 May 2018

The Management
(Eng. Silvio Daneluzzi)