The Company Istituto Lusofarmaco d’Italia S.p.A. (“Company”) takes your privacy very seriously, and commits to respect it in accordance with the applicable law (Italian D. lgs. 196/2003 – Privacy Code, and Regulation 2016/679/EU).
The Data Controller is Istituto Lusofarmaco d’Italia S.p.A. headquartered in Strada 6, Edificio L, 20089 Milanofiori Rozzano (MI), ITALY (“Data Controller” or “Company”).
Purposes and methods of the personal data processing
The Data Controller may process your personal data including the sensitive personal data for the following purposes: management of the requests submitted through the Website, including job applications and pharmacovigilance notifications, fulfilment of the legal obligations stemming from laws, regulations, EU law.
Provision of Personal Data
Categories of processed personal data
Some of your personal data are necessary to manage the communications and the requests you submit. Such type of data are marked by an asterisk [*], which means that providing them is necessary to enable the Company to handle the query –otherwise, we would not be allowed to process it. Conversely, submitting data not marked by an asterisk is optional: if you do not wish to submit them there will be no consequence.
The data that may be processed are:
1) the personal and sensitive data which you may provide when you interact with our Website and/or request some services (including registration to restricted access areas, participation to prize contests or other initiatives, use of Apps, information requests and other communications, including those submitted by means of our contact forms, etc.
2) Cookies and navigation data, as specified under the following section.
Navigation data and cookies
When you simply visit our Website (i.e. without sending any communication or using any of the services/functions available) we will only process your navigation data, i.e. the data transmitted to the Website and required to operate the computerised systems set up for the Website’s management, as well as Internet communication protocols. By way of example, the IP addresses or the domain names of the computers used to visit the Website and the other parameters relating to the operating system used to connect to the Website all fall in this category. The Company collects such and other data (for example, the number of visits and the time spent on the Website) for truly statistical purposes and in an anonymous manner in order to monitor the functioning of the Website and to improve it. In principle, the data in question are neither collected to be associated with other information of yours nor do they make your identification; however, due to their nature, such data may potentially lead to your identification if processed and associated with other data held by third parties. For this reason, navigation data are immediately de-identified after processing and may only be retrieved by the Company to ascertain, as well as identify the authors of, potential IT-related offenses committed to the detriment of the Website or through the Website. Notwithstanding the latter exception, navigation data as described above are only kept for a limited time, in compliance with the applicable legal provisions.
Cookies are small files memorised on the hard disk of your computer. There exist two macro-categories of cookies: technical and profiling cookies.
Technical cookies are necessary to ensure the correct functioning of websites and to enable you to browse the Website; without them, you would be unable to correctly view the Website’s pages or to use some of its services.
Profiling cookies are designed to create user profiles with the aim of sending commercial ads in line with the preferences expressed when surfing the internet.
Cookies –whether “technical” or “profiling”- may further be classified as:
- “session” cookies, which are deleted as soon as the browser is closed;
- “Persistent” cookies, which are stored in the browser for a certain timeframe; such cookies are used, by way of example, to recognize the device which logs on to a website, speeding up the user’s authentication process;
- “proprietary” cookies, created and managed directly by the entity that runs a given website;
- “third-party” cookies, created and managed by entities other than that which runs a given website.
The types of cookies used on the Website.
The Website uses technical cookies, and specifically the following categories:
(i) “proprietary” cookies, both session and persistent, required for purposes of internal security and system administration and/or to make navigation on the Website possible;
(ii) persistent, third party cookies, used by the Website to send statistical information to the system Google Analytics, through which the Company may perform statistical analyses of access/visits. These cookies are used only for statistical purposes, and are able to collect only aggregated information. By using a session and a persistent cookie (which expire as soon as the browser is closed), Google Analytics also creates a register, where the timing of the beginning and end of all visits to the Website is recorded. To inhibit Google from tracking down such information and the subsequent processing, you may download a browser plug-in from the following URL: https://tools.google.com/dlpage/gaoptout?hl=en-GB
The majority of cookies on the Website may be disabled by changing your browser’s settings or by following the instructions available on the websites of the companies which manage the cookies. In any case, please be aware that disabling cookies may impair your ability to use the Website and/or to take advantage of the available functions and services.
First Party -
Session and persistent
Cookies required to make navigation on the Website possible, for internal security and administration purposes, as well as to memorize the language selected by the user
Third Party - persistent
Cookie for the Google Analytics service
How to disable cookies in the browser’s settings
A guide to how to manage cookies in the most common browsers is provided below
Links to other Websites
Retention and Storage of Personal Data
The Company ensures that the settings of its IT systems and programs are designed to minimise the use both of personal data and of any other information which may lead to your identification; all these sets of data are processed exclusively to achieve the goals for which they were obtained at the time of collection; in any event, the criteria used to determine the data’s storage period are based on the deadlines prescribed by the law, as well as on the principles of data minimisation and efficient management of our data bases.
Security and quality of personal data
The Company undertakes to protect the security of your personal data and to implement the safety measures established by the Privacy Code (with particular, but not exclusive, reference to Annex B to the Privacy Code -“Technical Disciplinary Guidelines on minimum security measures”-) and by all other applicable legal provisions in order to prevent data loss, illegal or illicit use and/or unauthorised access to your data. The Company implements appropriate technical measures, such as multiple, advanced safety technologies and procedures, to protect your personal data: for example, storing the data on servers located in rooms with restricted access and subject to controls. You may help the Company to keep the data up to date by informing it of any change to your own address, professional qualifications, contact information, etc.
Access to personal data
Your personal data are accessible within the company to those members of the staff who have been appointed as “persons in charge of the processing” and who may need to process such data in order to answer your queries or to deliver the services/functions available on the Website; in any case personal data processing is carried out only as far as necessary for the above purposes.
Data may be communicated -even in Third Countries- to other companies of the Menarini Group for the same purposes as stated above and/or for administrative purposes, pursuant to art. 34.1-ter of the Privacy Code, art. 6.1.f and the Preamble’s 48th Recital of Regulation 2016/48//EU.
As far as the potential transfer towards Third Countries is concerned --including transfers to Third Countries which may not ensure the same level of protection afforded by the Privacy Laws- the Controller informs that processing will take place in accordance with one of the methods set forth under Chapter V, Regulation 2016/679/EU.
You may at any time exercise the rights afforded by art. 7 of the Privacy Code and by arts. 15 (and following) of Regulation 2016/679/EU, such as, by way of example, receive the updated list of those who may access your Data; receive confirmation any of your personal Data is being processed by the Controller; verify their content, origin, exactness, location (including, where applicable, the Third Countries where the data might be), ask that the data are supplemented, updated, deleted, anonymised, frozen (if processed against the law), or to oppose to their processing for legitimate reasons, as well as to lodge a complaint with the competent Supervisory Authority. At any time, you may withdraw the consent you have previously conferred.
For any requests concerning the processing of personal data by the Company, the rights afforded by the applicable law or the updated list of individuals/entities which have access to the data, you may contact the Data Controller at the addresses indicated above.