1) Personal data collected by the Application
The Owner collects the following types of personal data:
A) Data and contents acquired automatically during the use of the Application:
Technical data: the computer systems and software procedures used to operate this Application may acquire, during their normal operations, some Personal Data, whose transmission is implicit in the use of Internet communication protocols. These are information that are not collected to be associated with identified Users, but which could allow Users to be identified, through processing and association with data held by third parties. This category includes IP addresses, or domain names used by Users who connect to the Application, the addresses in URI (Uniform Resource Identifier) notation of the requested resources, the time of the request, the method used to submit the request to the server.
B) Personal data collected through cookies or similar technologies:
Cookies are not used to transmit information of a personal nature, nor persistent cookies of any kind are used, or systems for the treatment of Users. Therefore, the Personal Data of Users with these technologies are not acquired by the Application.
The use of session cookies (which are not stored permanently on the User's computer and disappear when the browser is closed) is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to allow the safe and efficient exploration of the Application.
The session cookies used in this Application avoid the use of other IT techniques that are potentially prejudicial to the confidentiality of the Users' navigation and do not allow the acquisition of the User's Personal Identification Data.
The Personal Data collected can be used for the execution of contractual and pre-contractual obligations and for legal obligations, as well as for the following purposes:
Support and contact with the User: to respond to the User's requests and help in case of problems.
3) Processing methods
The processing of Personal Data is carried out using IT and / or telematic tools, with organizational methods and with a logic that is strictly related to the indicated purposes.
In some cases, subjects involved in the organization of the Data Owner may also have access to Personal Data (such as, for example, personnel management staff, services providers, system administrators, etc.) or external subjects (such as IT companies, suppliers of services, postal couriers, hosting providers, etc.). If necessary, these subjects may be appointed as Data Processors by the Data Owner, as well as they may have access to the Personal Data of the Users whenever necessary and will be contractually obliged to keep the Personal Data confidential.
The updated list of Managers can be requested via email at firstname.lastname@example.org
4) Legal basis of the processing
The processing of Personal Data related to the User is based on the following legal bases:
- the consent given by the User for one or more specific purposes;
- the processing is necessary for the execution of a contract with the User and / or for the execution of pre-contractual measures;
- the processing is necessary to fulfill a legal obligation to which the Data Owner is subject;
- The processing is necessary for the execution of a task of public interest or for the exercise of public powers of which the Data Owner is invested;
- The processing is necessary for the pursuit of the legitimate interest of the Data Owner or third parties;
- the processing is necessary for the pursuit of a vital interest of the Data Owner or third parties.
However, it is always possible to ask the Data Owner to clarify the legal basis of each treatment at email@example.com
Personal Data are processed at the Data Owner's operating offices and in any other places where the parties involved in the processing are located. For further information, contact the Data Owner at the following email address: firstname.lastname@example.org, or at the following postal address: Via Gioacchino Quarello 15/A, 10135 - Turin, Italy
6) Security measures
The processing is carried out in a manner and with suitable tools that guarantee the security and confidentiality of the Personal Data, since the Data Owner has adopted adequate technical and organizational measures that allow to demonstrate that the Processing is carried out in compliance with the relative Italian legislation.
7) Data retention period
Personal Data will be kept for the period of time necessary to fulfill the purposes for which they were collected.
In particular, the Personal Data will be kept for the entire duration of the contractual relationship, for the execution of the related and consequent obligations, for compliance with the applicable legal and regulatory obligations, as well as for own or third party defensive purposes.
If the processing of Personal Data is based on the User's consent, the Data Owner may keep the Personal Data until the consent is revoked.
Personal Data may be kept for a longer period if necessary to fulfill a legal obligation or because of order of an authority.
All Personal Data will be deleted or stored in a form that does not allow identification of the User, within 30 days from the end of the retention period. At the expiry of this term, the right of access, cancellation, rectification and the right to the portability of Personal Data can no longer be exercised.
8) Automated decision-making processes
All Personal Data collected will not be subject to any automated decision-making process, including profiling, which may produce legal effects for the person or which may significantly affect it.
9) User rights
Users can exercise certain rights with reference to the Personal Data processed by the Data Owner. In particular, the User has the right to:
- withdraw his/her consent at any time;
- oppose the processing of their Personal Data;
- access their Personal Data;
- verify and ask for rectification;
- obtain the limitation of the processing;
- obtain the cancellation of their Personal Data;
- receive their Personal Data or have them transferred to another owner;
- propose a complaint to the supervisory authority for the protection of Personal Data and / or take legal action.
To exercise their rights, Users can direct a request to the contact details of the Owner indicated in this document. Requests are made free of charge and processed by the Data Controller as soon as possible, in any case within 30 days,
10) Owner of the Treatment
The Data Owner is Drug Discovery and Clinic, email address email@example.com