Data Controller identity and contact information
The Data Controller is GERMO S.p.A., with registered office at via Giotto 19/21 – 20032 Cormano (MI).
Data Protection Officer (“DPO”) contact information
You can contact the DPO designated by the Company at:
– e-mail: firstname.lastname@example.org ;
– by mail: GERMO SPA – Via Giotto, 19/21 – 20032 – Cormano (MI) – Italy
Which data we process
We may process:
2) Sensitive personal data such as health conditions or special categories of data pursuant to Article 9 of the Regulation. If this happens, the data is processed based on your consent, to comply with the obligations related to reporting adverse events, to comply with the obligations set out by the law or regulations, or to comply with contractual or pre- contractual obligations regarding the provision of goods or services (including requests for information about our products and their proper use). In any case, the lawful basis for processing special categories of data is Art. 9.2 letters (a), (g) and (i) of the Regulation, which is the consent; or, in order to fulfill the legal obligations related to health or social diagnosis, assistance or therapy, or to the management of health or social systems and services; or treatments delivered in relation to a public interest in the area of public health.
Necessary treatments and optional treatments
The forms to be filled on this Site include both data that are strictly necessary to manage communications and user requests, marked with the symbol [*], whose failure to indicate does not allow to follow up on the requests themselves, and optional conferment data which are not strictly necessary to respond to the requests of the interested parties. Failure to provide the latter will not entail any consequences.
Why we process your personal data and how
With you consent the Company may process your ordinary personal data to allow the use of Website services and functions and optimize its functioning, to run statistical analyses on the visits, to manage requests and reports received through the Website, to register to any reserved areas or initiatives such as contests and the like, as set out in Article 6.1.(a) of the Regulation. The Company may also process your personal data to comply with the legal obligations required by laws, regulations, EU legislation: the lawful basis for processing data for these purposes is set out by Article 6.1.(c) of the Regulation.
With your optional consent, ordinary and/or sensitive personal data can also be processed to handle applications pursuant to Articles 6.1.(a) and 9.2.(a) of the Regulation.
The user’s common and sensitive data may also be processed to manage and carry out the obligations related to reports of adverse events, pursuant to Article 9.2. Letters (a), (g) and (i) of the Regulation.
Also, with your optional consent, ordinary personal data may also be used to send institutional communications (newsletters included) or perform promotional activities (marketing), meaning sending promotional materials and/or commercial communications regarding the services provided by the Company to the addresses specified, both via traditional methods and/or means of contact (such as paper mail, phone calls with operators, etc.) and automatic ones (such as communications over the Internet, fax, e- mails, text messages, applications for mobile devices such as smartphones and tablets – so-called APPS – social media accounts, such as via Facebook – etc.). The lawful basis for processing for these purposes is Article 6.1.(a) of the Regulation.
Personal data is processed using both automatic and non-automatic tools according to the very purpose of the processing and, in any case, with methods and procedures that guarantee the safety and confidentiality of the data.
Links to other websites
How we store data and for how long
In compliance with the provisions set out by Article 5.1.(c) of the Regulation, the way the IT systems and programs used by the Company are set up allows to minimize the use of personal and identification data; this data is processed only to the extent necessary to achieve the purposes specified in this Policy; the data will be stored for as long as necessary to fulfill the purposes that are actually pursued and, in any case, the criteria used to determine the storage duration comply with the terms allowed for by the applicable laws and the principles of data minimization, storage limitation and rational records management. In order to determine the right retention period for the personal data stored by the Website upon your consent, the controller also considers the following criteria: the specific purposes described in the policy for which the website stores the personal data; the type of current relationship with you (how frequently you log in to your account; if you submit requests using the contact form; if you continue to receive newsletters or commercial communications; how regularly you browse the website, etc.); any specific request to erase your data or consent withdrawal by you; the data controller’s legitimate business interest.
How we guarantee safety and the quality of personal data
The Company commits to protect the safety of your personal data and complies with the applicable safety provisions to prevent data loss, unlawful or illegal use of and any unauthorized access to the data, with special but not exclusive reference to Articles 25-32 of the Regulation. The Company uses multiple advanced safety technologies and procedures to protect the personal data of users; for example, personal data is stored in safe servers located in places with access control and protection measures in place. You can help the Company update and keep your personal data correct by communicating any change to your address, qualification, contact information, etc.
Who can access data
Personal data will only be made available to those who may need it because of their tasks or positions held in the Company. These subjects, whose number will be as low as possible, will be trained appropriately in order to prevent losses, destruction, unauthorized access to or unauthorized use of the data.
Additionally, the data may be communicated to: (i) institutions, authorities, public entities for their institutional purposes; (ii) professionals, self-employed workers, even if associated; third parties and vendors hired by the Company to receive commercial, professional and technical services aimed at managing the Website and its functions (for example IT service and Cloud Computing providers), pursuing the purposes specified above and providing the services to you; (iii) third parties in case of mergers, acquisitions, company or branch transfers, audits or other extraordinary operations. These subjects will only receive the data necessary for their functions and will commit to use it for the purposes above only, and to process it in compliance with the applicable privacy regulations. The data may also be communicated to legitimate recipients pursuant to the
applicable laws. Exception made for the above, data is not shared with third parties, either physical or legal persons, who do not perform any commercial, professional or technical functions for the Controller and will not be disclosed. The subjects who receive the data will process it as Controllers, Processors or people authorized to process personal data, as the case may be for the purposes specified above and in compliance with the applicable privacy laws.
About the transfer of data to a third Country, including Countries that may not guarantee the same level of protection set out by the applicable regulations, the Controller informs that the processing will still occur in compliance with one of the methods allowed for by the Regulation, such as the user’s consent, the adoption of Standard Clauses approved by the European Commission, the selection of subjects which have joined international frameworks for the free movement of data (e.g. EU-USA Privacy Shield) or operate in Countries the European Commission considers safe.
Rights of users
The users to whom the data refers have the right to obtain the confirmation as to whether their personal data exist or not and to know its content and the source, check that it is correct or ask for it to be integrated or updated, or rectified, erased or restricted, or to oppose against its processing, to lodge a complaint with a supervisory authority pursuant to Article 15 of the Regulation. Additionally, pursuant to Articles 7, 15, 16, 17,18, 19, 20, 21, 22 and 77 of the same Regulation, each user has the right to ask for information about the collection and use of their personal data, to access it, rectify it, erase it (right to be forgotten), restricted processing, the notification obligation regarding rectification or erasure of personal data or restriction of processing, data portability, the anonymous transformation or the block of data processed against the law, as well as the right, in the cases set out by the law, to oppose to its processing, to lodge complaints regarding the collection and processing of personal data with the competent Supervisory Authority, to withdraw the consent to the processing of personal data at any times, without prejudice to the legitimate processing performed until then based on the consent withdrawn.
If you have any requests about personal data processing by the Company, to exercise the rights recognized by the applicable regulations, as well as to know about the updated list of subjects who can access the data, you can contact the Controller and/or the DPO using the contact details above.
What are cookies
Cookies are small text files which the websites visited by you send and store on your computer or mobile device and are then sent to the same websites on later visits. Cookies allow websites to remember your actions and preferences (such as login data, language selection, font size, other view settings and more) so that they don’t need to be specified again when you come back to visit said website or browse its pages. So, cookies are used for login, monitoring sessions and storing information about your the activities of the users who access a website, and may also include a unique ID which allows to track your browsing experience on the website for statistical or advertising purposes. While browsing a website, you may receive cookies on your computer or mobile device from websites or web servers other than the one you are currently visiting (so-called “third-party” cookies). Some tasks could not be possible to perform without using cookies, which sometimes are technically necessary for the very functioning of a website.
There are several types of cookies, based on their characteristics and functions. These can be stored on your computer computer or mobile device for different duration periods: session cookies are automatically erased when you close the browser; persistent cookies stay in your equipment until a preset expiry date.
The Italian Personal Data Protection Authority (see Decision about Simplified Arrangements to Provide Information and Obtain Consent Regarding Cookies – 8 May 2014, hereinafter “Decision”) has included the following cookies among the technical cookies that do not require the express consent for their use:
• “Analysis cookies” if they are used by the website manager directly to collect aggregate information on the number of users and their browsing patterns on the website;
• Browsing or session coolies (to log in);
• Function cookies, which allow your browsing based on a series of selected criteria (for example, the language, the products selected for purchase) to provide a better service. On the contrary, “profiling cookies”, which are those used to create profiles about you and to send advertisements that match the preferences expressed by you during web browsing, require your prior consent.
Types of cookies used by the Website
The Website uses the following types of cookies and allows to disable them, except for third-party cookies, for which you should refer directly to the enabling and disabling methods of the respective cookies specified via link:
• Technical cookies – browsing or session cookies – which are strictly necessary for the functioning of the Website or to allow you to enjoy the contents and services you request.
• Analysis cookies, which allow the Website manager to understand how it is used by the users. These cookies do not collect information about your identity or any of your personal data. The information is processed in an aggregate and anonymous way.
• Function cookies, used to enable specific functions on the Website and a series of selected criteria (for example, the language, the products selected for purchase) to provide a better service.
ATTENTION: by disabling technical and/or function cookies, you may not be able to visit the Website, or some services or specific functions of the website may not be available or work properly, and you may need to change or enter certain information or preferences manually each time you visit the Website.
• Third-party Cookies, which are cookies of websites or web servers other than the Controller’s used for the specific purposes of those third parties, including analysis and profiling cookies. Please remember that said third parties, which are listed below along with the links to their privacy policies, act as independent controllers of the data collected through the cookies sent by them; therefore, you have to refer to their personal data processing policies, notices and any consent form (enable and disable the respective cookies).
The cookies sent directly by the Controller through the Website are detailed below:
• tuuid (adbrn.com)
• uid, uvc, uit, dt, bt, loc, bt2 (addthis.com)
• sess, uuid2 (adnxs.com)
• ATTACID (at.atwola.com)
• id (doubleclick.net)
• jtc-mdwbtbh (jumptap.com)
• uuid, uuidc (mathtag.com)
• ASP.NET_SessionId, mk (ssl.medikey.it)
• TapAd_TS, TapAd_DID (tapad.com)
• _tmid (tubemogul.com)
• rrs, rds, rv, mpc, uid (turn.com)
• guest_id (twitter.com)
How to manage cookie preferences also through the browser
If you don’t know the type or version of your browser, click on “Help” at the top of the browser window to check out all the information you need. Below are the pages of browser providers which explain in detail how to set privacy and tracking preferences based on the browser you use:
• Mozilla Firefox: Bloccare i cookie
• Google Chrome: Gestione dei cookie e dei dati dei siti
• Safari 6/7 (Mavericks): Gestire cookie e altri dati dei siti web
• Safari 8 (Yosemite): Gestire cookie e dati dei siti web
• Internet Explorer: Bloccare o consentire i cookie
• Opera: Cookie
• Safari iOS (mobile): Impostazioni web per Safari su iPhone, iPad, o iPod touch