POLICY ON THE PERSONAL DATA PROTECTION
– website visitors –
Nex Medical Antiseptics s.r.l is committed to being transparent also regarding the data we collect, the way we use it and the people we share data with. It is our will to make sure that our visitors choose us for the guarantees of experience, ability and reliability to ensure full compliance with the current provisions on data protection, including the security profile.
Given the above, we inform you that the visit to our website involves the processing of your personal data. Your personal data will be used only for the purposes and the methods shown below.
The Data Controller of personal data is NEX MEDICAL ANTISEPTICS S.R.L., Via per Arluno 37/39, 20010 Casorezzo (MI), Tel. +39 02 9029 7821 Fax. +39 02 9038 3137 Email: firstname.lastname@example.org – VAT 08555480964
PURPOSE AND LEGAL BASIS OF THE PROCESSING
The personal data provided are collected for the implementation of measures to control access to the website and for statistical commercial purposes.
The processing may concern personal data for the geolocation of the visitor, the storage and pre-selection of the language and number of visitors.
The legal basis that legitimizes the processing is therefore the legitimate interest to facilitate the navigation of the website, thus pre-selecting the language and providing statistics on the opportunity to translate the website into other languages.
The computer systems and software procedures used to operate the website collect, during their normal operation, some personal data, whose sending is implicit in the use of Internet communication protocols. This is information that is not collected to be associated with identified subjects, but that, by its very nature, could allow the identification of the Data Subject. This category of information includes data of IP addresses, type of browser, operating system, domain name and addresses of websites from which access or exit were performed, information on pages visited by users within the website, time of access, permanence on the single page, analysis of the internal path and other parameters related to the operating system and the user’s computer environment. It is therefore information that, by its very nature, allows users to be identified.
Through the use of the two cookies specified below, the following data are processed:
- IP address of the visitor;
- Choice of language upon the first visit of a new IP address.
The visit to the website does not include the possibility of processing particular categories of personal data (Article 9 of the Reg.), with particular reference to data relating to the state of health as well as legal, religious data.
WHAT ARE COOKIES?
Cookies are small text files that are automatically placed on the browser’s PC. They contain basic information on browsing the Internet and thanks to the browser are recognized every time the user visits the website.
Within our website we have provided a system to allow you expressing a preference upon the first access, thus allowing or not allowing the installation of some cookies. The preference can be changed at any time when the tool allows it, while the cookies on your computer can be deleted at any time through a procedure provided by the browser you use to browse the Internet (for instructions, please see the guide of your specific software).
Below are all the cookie settings installed by this website and the necessary instructions on how to manage your preferences.
Cookies used by this website
(2a) Technical cookies: The technical cookies described below do not require consent so they are installed automatically as a result of access to the website. Cookies necessary for operation: cookies that allow the website working properly, also allowing the user to have a functional browsing experience. For example, they keep the user connected while browsing, thus preventing the website from requesting to log in multiple times to access the next pages. Cookies for saving preferences: cookies that allow you remembering the preferences selected by the user while browsing, for example, allowing you setting the language. Cookie for Statistics and Audience Measurement: cookies that help to understand, through data collected anonymously and in aggregate, how users interact with the website providing information on the sections visited, the time spent on the website, any malfunctions.
(2b) Third-party cookies: these cookies provide anonymous/aggregate information on how visitors navigate the website. Below is a list of cookies of this type, with: company name, service offered, type of cookies.
Google Analytics: system of statistics. Servers also outside the EU but guaranteed in accordance with the GDPR. They record the statistics of access to the website (IP address of the visitor, the tool used to access the website, the place of navigation …). The cookie is stored on the user’s computer and the data is stored on the servers of google analytics.
WPML: for the choice of language. Servers also outside the EU but guaranteed in accordance with the GDPR. The cookie is stored on the user’s computer, and when it connects again to the website, the system recognizes and automatically directs it to the correct navigation language.
INTERNAL/EXTERNAL PROCESSING MANAGER
The personal data collected for the operation of the website may be disclosed to, and then processed on a specific appointment:
– third parties in charge of IT management: InGrandiMenti (remote access website in UE), Google Analytics (server also outside the EU but guaranteed in accordance with the GDPR), WPML (servers also outside the EU but guaranteed in accordance with the GDPR).
The recipients listed above are appointed as Data Processors. Nex Medical Antispetics s.r.l does not authorize processing in third countries without adequate guarantees. The Data Subject can ask the owner, at any time, the name of the recipients of personal data.
Nex Medical Antiseptics s.r.l will also define in writing, and from the point of view of the essential principles established by current legislation, internal persons authorized to process personal data under their direct authority. Nex Medical Antiseptics s.r.l undertakes to qualify the designated Internal Managers also in view of the guarantees provided to protect the confidentiality of data. Specifically, the Internal Manager for personal data relating to visitors is the Management.
The collected data will be processed using electronic or automated, computerized and telematic means, or through manual processing with logic strictly related to the purposes for which the personal data were collected and, in any case, in such a way as to guarantee their security.
The processing of data will last from the beginning of the visit to the website until the expiration date for the cookie.
The legitimate interests of the Data Controller or third parties may constitute a valid legal basis for processing, provided that the interests or the essential rights and freedoms of the Data Subject do not prevail. In general, such legitimate interests may exist when there is a relevant and appropriate relationship between the Data Controller and the Data Subject concerned, for example when the Data Subject is a customer of the Data Controller. In particular, it is the legitimate interest of the Data Controller to process personal data of the Customer/Data Subject: for fraud prevention purposes, for direct marketing purposes, to ensure the free circulation of the same data within the business group to which the Data Controller belongs, or relating to traffic, in order to ensure network and information security, that is to say the ability of a network or a system to resist unforeseen events or illegal acts that could jeopardize the availability, authenticity, integrity and confidentiality of data.
ESSENTIAL RIGHTS OF THE DATA SUBJECT
The Data Subject, pursuant to Art. 15 of EU Regulation 679/2016, has the right to obtain from the Data Controller confirmation that it is or is not undergoing processing of personal data concerning him/her and, in this case, to obtain access to his/her personal data and the following information: Purposes of processing, categories of personal data, categories of recipients to whom the data were or will be disclosed, the storage period of the data or the criteria used to determine such period.
The Data Subject also has the right: pursuant to Art. 16, to obtain from the Data Controller the correction of inaccurate personal data concerning him/her, without unjustified delay; pursuant to Art. 17, to obtain from the Data Controller the cancellation of personal data concerning him/her without unjustified delay; pursuant to Art. 18, to obtain from the Data Controller the limitation of processing when one of the following hypotheses occurs:
- a) the Data Subject disputes the accuracy of personal data for the period necessary for the Data Controller to verify the accuracy of such personal data;
- b) the processing is illegal and the Data Subject opposes the cancellation of personal data and asks instead that their use is limited;
- c) although the Data Controller no longer needs them for processing purposes, personal data are necessary for the Data Subject to verify, exercise or defend a right in court;
- d) the Data Subject has opposed the processing pursuant to Article 21 (1), pending verification of any prevalence of the legitimate reasons of the Data Controller with respect to those of the Data Subject; pursuant to Art. 20, to receive personal data concerning him/her in a structured format, commonly used and readable by automatic device pursuant to Art. 21, to oppose at any time the processing of personal data concerning him/her for marketing purposes (commercial communications sent by the owner).
To exercise his/her rights, the Data Subject can send a specific request to email@example.com. The holder will inform him/her of the receipt and will respond to his/her request within 72 working hours.
Pursuant to Art. 19, the requests relating to the rights referred to in Articles 16, 17 and 18 will be sent by the Data Controller to the recipients shown above.
The Data Subject also has the right to lodge a complaint with the competent supervisory authority.
NEED AND CONSEQUENCES TO REFUSE PERSONAL DATA
Failure to provide the data for the purposes indicated above will prevent the Data Controller from facilitating the user in viewing the website, which will remain usable without the help of cookies.
The Data Controller will review the information in the event of a change in the processing methods listed or due to regulatory requirements.
To this end, the Data Controller invites the Data Subject to frequently consult its website ww.nexmedical.com
For all the definitions, please refer to the binding standard with particular reference to the European Regulation 679/2016.
Casorezzo, 17 May 2018
(Eng. Silvio Daneluzzi)