Dear User, Pharma cos Srl has great respect for the privacy of its Users. Any data communicated by the User to Pharma cos Srl. through the Website will be handled with maximum care and using all tools designed to guarantee security, in full compliance with current legislation intended to protect the confidentiality of data. We wish to inform you that the “Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data” (hereinafter “GDPR”) recognises the protection of natural persons in relation to the processing of personal data as a fundamental right. Pursuant to article 13 of the GDPR, we therefore inform you that:
CATEGORIES OF DATA:
Pharma cos Srl shall process your personal data, including:
a. Data collected automatically. Information systems and applications enabling this website to function, during the normal course of their operation, acquire certain data (the transmission of which is implicit in the use of Internet communication protocols) that may potentially be associated with identifiable users. The type of data collected includes the IP addresses and domain names of computers used by users that connect to the site, the URI (Uniform Resource Identifier) addresses of requested resources, the method used to submit the request to the server, the size of the file received in response, the numeric code indicating the status of the response provided by the server (successful, error, etc.) and other parameters relative to the operating system, browser and computer environment used by the user, the name of the internet service provider (ISP), the date and time of the visit, the referral website and exit page.
SOURCE OF PERSONAL DATA:
The personal data in the possession of Pharma cos Srl is collected directly from the data subject.
The data controller is Pharma cos Srl, Via Volta, 7, 24043 Caravaggio (BG), Partita IVA 01326070198, contactable via phone on 0322.214.171.124 or via email at firstname.lastname@example.org
PURPOSE AND LEGAL BASIS OF DATA PROCESSING:
The purpose and legal basis for the processing of your data is:
For data collected automatically, the legal basis is the legitimate interest of the controller and the purpose is to guarantee and improve the web browsing experience.
For cookies and plug-ins: see the specific cookies policy.
Within the limits of the described purpose of processing, your data may be communicated to partners, consultancy firms, private companies, third-party suppliers of technical services, hosting providers, IT companies, communication agencies…
DATA TRANSFER TO THIRD COUNTRY:
Your data will not be transferred to third countries/This site may share some of the collected data with localised services outside the European Union. In particular with Google, Facebook and Microsoft (LinkedIn) through social plug-ins and the Google Analytics service. The transfer is authorised and strictly governed by article 45, sub-section 1 of the Regulation (EU) 2016/679 and therefore does not require specific authorisations. The above-listed companies guarantee their adhesion to the Privacy Shield. The Controller guarantees that data will never be transferred to Third Countries that do not comply with the terms set forth by article 45 and following of the Regulation (EU).
Based on the principle of storage limitation (art.5, GDPR), the obsolescence of stored data in relation to the purposes for which it was collected is periodically checked. In particular:
data collected automatically is processed, strictly for the necessary period of time, for the sole purpose of obtaining statistical information on use of the site and to check its regular operation, and also for the purposes of security or in accordance with expiration dates set forth by the law.
Data voluntarily supplied by the user will be stored for a period of time no longer than the fulfilment of the purposes for which it is processed or in accordance with expiration dates set forth by the law.
DATA SUBJECT RIGHTS:
The data subject always has the right to ask the Controller for access to his/her personal data, to request its rectification or cancellation, the restriction of processing or the possibility to oppose its processing, to request data portability, to revoke his/her consent for processing, exercising these and other rights granted by the GDPR by way of simple communication to the Controller. The data subject may also make a claim to a Data Protection Authority.
OBLIGATORY OR DISCRETIONARY NATURE OF CONSENT:
The provision of your personal data is obligatory when browsing our website in relation to points E.1 and E.2 of the above-described purposes, in order to allow the correct fulfilment of the service. The granting of consent for the processing of your personal data for points E.3 is optional and shall in no way compromise the fulfilment of the service.
DATA PROCESSING METHODS:
The personal data you provide shall be the object of processing operations in compliance with the above-mentioned legislation and obligation for confidentiality, which guides the Controller’s activities. The data is processed both using digital tools and on paper supports, as well as all other types of suitable supports, in compliance with appropriate security measures pursuant to art. 5 para. 1 lett. F of the GDPR.
FINAL NOTES AND UPDATING METHODS: