This page describes how the website www.dompe.com (the “Website”) manages the processing of personal information of the users who visit it or register with it.
This information is also provided pursuant to art. 13 of the General Data Protection Regulation (GDPR) EU 2016/679 and local applicable law for those who interact with the web services provided through the aforementioned Website.
The term “processing” refers to the a number of operations performed on personal information, such as their collection, processing, comparison, deletion, modification, communication or disclosure.
This Policy is also based on Recommendation No. 2/2001 adopted on 17th May 2001 by the European authorities, gathered in the Group established by Art. 29 of Directive No. 95/46/EC for the protection of personal information, to identify some minimum requirements for the online collection of personal information and, in particular, the manner, timing and nature of the information that data controllers must provide users with when they link to web pages, regardless of the purposes of the connection.
This Policy is only provided for the Dompé Website and not for other websites that user may visit through links.
No information deriving from the web service may be communicated or disclosed, except when expressly provided for by law.
The personal information provided by the users is only used to perform the service or provision requested and is only disclosed to third parties if necessary for said purpose.
DATA CONTROLLER AND DATA PROTECTION OFFICER (DPO)
The Data Controller and Data Protection Officer (DPO) for the Website is Dompé farmaceutici S.p.A. ("Dompé"), headquartered in Via San Martino 12-12a, 20122 Milano, Italy.
The appointed email address is firstname.lastname@example.org.
Data Protection Officer can be contacted via email at: DPO@dompe.com
TYPES OF PROCESSED INFORMATION
During their normal operation, the computer systems and software procedures used to operate the Website acquire a number of personal information, the transmission of which is implicit in the use of Internet communication protocols.
This information is not collected with the purpose of matching it with identified interested parties; however, by its very nature, it could allow users to be identified through processing and combining with data held by third parties.
This category includes the IP addresses or domain names of the computers used by the Website visitors, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the response from the server (successful, error, and so on) and other parameters relating to the operating system and the user’s IT environment.
Such data is used for the sole purpose of obtaining anonymous statistical information on the use of the Website and to check its proper operation and it is maintained for the minimum period required by applicable law.
The data could be used to establish liability in computer crimes, if any, against the Website.
Information voluntarily provided by the user
The optional, explicit and voluntary act of sending electronic mail messages to the addresses listed on the Website entails the subsequent acquisition of the sender’s address, necessary in order to reply to the requests, as well as of any other personal information submitted. The processing of sensitive and legal data is excluded and, if such data is provided by the user, it will be deleted. Specific summary information used for particular on-request services will be gradually provided or displayed on the Website pages.
OPTIONALITY OF DATA TRANSMISSION
DATA PROCESSING METHODS
Personal information is processed through automated systems for the time that is strictly necessary to attain the purposes for which the data has been collected and in order to fulfil any legal obligations. The information collected through the Website can be processed - even occasionally - by staff appointed by Dompé for the processing and/or consulting firms to which Dompé may outsource some services.
The personal data of third parties conferred through the registration procedure found in some areas of the website will be processed by Dompé for the exclusive purpose of perfecting the user’s registration and enabling the services requested by the user. Personal and/or identification information required to access the Website and its services is limited to the minimum required to reach the user by e-mail and/or to carry out the services requested by the user.
Personal information provided by users via their requests of informative material (brochures, information, and so on) is used for the sole purpose of perfecting the requested service and is communicated to third parties only if necessary for said purpose (as with companies providing enveloping, labelling, shipping services).
Also, in case users wish to use communication services such as our e-newsletter, they will have the right to cancel your registration at any time by following the instructions provided in each individual communication. If you decide to cancel your subscription to a service or communication, Dompé will immediately delete your data.
DATA SHARING, COMMUNICATION AND DISCLOSURE
The Data Controller may be required to hand out the information referred to in this Policy to law enforcement authorities carrying out legitimate investigation and/or judicial police activities (either on their own initiative in the case of preliminary investigations or under a public prosecutor or state attorney’s direction). Outside these cases and the hypotheses expressly governed by the individual information on the pages of this Website, information will not be disclosed or transferred to any party.
However, it is the user’s responsibility to ensure that their computer is properly secured and protected from harmful software such as viruses, worms and “Trojan horses”: as a matter of fact, without adequate security measures (for example, a secure configuration of the web browser, an updated antivirus program, a software firewall or the use of software of doubtful origin), there is a risk that the data and passwords used to prevent access to their own data are disclosed to unauthorized third parties.
DATA DISCLOSURE AND TRANSFER ABROAD
The users’ personal information may be disclosed to third parties in the following cases:
- sale, assignment or other type of transfer of the activity of the Website to which the data are linked;
- when required by laws, government regulations or court orders or to respond to a specific request from a public authority;
- when they are required for company audits or to assess or respond to a complaint or a security threat.
RIGHTS OF DATA SUBJECTS
Articles 15 and subsequent of EU Regulation 2016/679 grant users a number of rights which should be carefully evaluated. Among these are, for example, the right to (at any time) access their personal information, verify their contents, source and accuracy and ask them to be integrated, updated, changed, deleted, blocked in case of a law infringement. Also, the data subject has the right to request the data processing, portability, cancellation and transformation into anonymous form to be restricted or the processed data to be blocked in the event of a law infringement and the right to oppose in any case to the processing of such data, for legitimate reasons.
The data subject can also issue a complaint with the supervisory authority in the event of infringements of the personal data protection regulations. To exercise such rights, the user can reach out to the Data Controller and Data Protection Officer (DPO) at any time.
Requests should be emailed to: email@example.com