Regulation EU 2016/679 | GDPR
Privacy Policy of www.mpr-italy.it
This Application collects Personal Data from its Users.
Data Controller
Medical Products Research Srl
Via Novara 68 – 20025 Legnano (MI), Italy. VAT no. 04984420960
Data Controller Email Address: info@mpr-italy.it
As the Data Controller of personal data, Medical Products Research informs Data Subjects that personal data shall be processed in compliance with the principles of protection established by EU Regulation no. 2016/679 (GDPR).
Collected Data Processing Purposes
The Data Subject's personal data is collected to allow the Data Controller to provide its services and/or fulfil contractual obligations.
As such, the data processing has the following purposes:
- To allow you to use any services you may have requested;
- To process a contact request;
- To fulfil legal obligations related to business relationships;
- To fulfil tax or accounting obligations;
- For marketing purposes;
- For statistical analyses and market surveys in anonymous form;
- For checks on the level of customer satisfaction with the products.
Any refusal to permit data processing shall render it impossible to use the service requested by the Data Subject.
Details on Personal Data Processing
Personal Data is collected for the following purposes and used in the services outlined below.
Contact Management and Message Sending
This type of service allows us to manage a database of email contacts, telephone contacts or any other type of contact used to communicate with the User.
These services may also collect data about the date and time you view messages, as well as your interaction with them, such as information about clicks on links in messages.
Interaction with Social Media Networks and External Platforms
This type of service facilitates interaction with social media networks or other external platforms, directly from the pages of this Application.
The interaction and any information obtained via this Application is always subject to the privacy settings selected by the User on each social media network.
In the event that a service for interacting with social media networks is installed, it is possible that, even if Users do not utilise the service, it collects traffic data relating to the pages on which it is installed.
Hosting and Backend Infrastructure
These types of services are used to host data and files that allow this Application to operate, facilitating its distribution and making available infrastructure that is ready-to-use to supply specific functionalities for this Application.
Some of these services function through servers geographically located in various places, rendering it difficult to determine the exact place where the Personal Data is stored.
Statistics
The services referred to in this section allow the Data Controller to monitor and analyse traffic data and keep track of User behaviour.
Google Analytics (Google Inc.)
Google Analytics is a web analysis service provided by Google Inc. (“Google”). Google utilises the Personal Data collected in order to track and examine the use of this Application, compiling reports and sharing them with other services developed by Google.
Google may use the Personal Data to contextualise and personalise the advertisements of its advertising network.
Personal Data collected: Cookies and Usage Data
Place of processing: USA – Privacy Policy – Opt Out
Spam Protection
This type of service analyses this Application's traffic, which potentially contains the User's Personal Data, in order to filter it from parts of traffic, messages and content that are recognised as spam.
Google reCAPTCHA (Google Inc.)
Google reCAPTCHA is a service that protects against spam, provided by Google Inc.
Use of the reCAPTCHA system is subject to Google's Privacy Policy and Terms of Use.
Personal Data collected: Cookies and Usage Data
Place of processing: USA – Privacy Policy
Viewing content from external platforms
This type of service allows you to view content hosted on external platforms directly from the pages of this Application and to interact with them.
When this type of service is installed, even if the User does not use it, the service may collect traffic data from the pages on which it is installed.
Google Fonts (Google Inc.)
Google Fonts is a font library service provided by Google Inc. that allows this Application to incorporate content of this kind within its pages.
Personal Data collected: Usage Data and various types of Data, as specified in the Privacy Policy of the service.
Place of Processing: USA – Privacy Policy
Widget Google Maps (Google Inc.)
Google Maps is a map viewing service provided by Google Inc. that allows this Application to incorporate content of this kind within its pages.
Personal Data collected: Cookies and Usage Data
Place of Processing: USA – Privacy Policy
Widget YouTube (Google Inc.)
YouTube is a web platform that facilitates the sharing and viewing of videos on the network (video sharing), managed by Google Inc., allowing this Application to integrate such videos within its pages.
Personal Data collected: Cookies and Usage Data
Place of Processing: USA – Privacy Policy
Further information on Personal Data
Cookie Policy
This Application uses Cookies. To find out more and for detailed information, please consult the Cookie Policy.
Further Information on Data Processing
Legal defence
The User's Personal Data may be utilised by the Data Controller in legal proceedings or in the preparatory stages for defending against the User's misuse of this Application or related Services.
The User declares to be aware that the Data Controller may be asked by the authorities to reveal their Personal details.
Specific Policy
At the User's request, in addition to the information contained in this Privacy Policy, this Application may provide the User with additional and contextual information regarding specific services or the collection and processing of Personal Data.
Maintenance and System Logs
For needs related to operation and maintenance, this Application and any third-party services used by it may collect system logs, which are files that record interactions and may also contain Personal Data, such as the User's IP address.
Information Not Contained in this Policy
Further information in relation to the processing of Personal Data may be requested at any time from the Data Controller utilising the contact information.
Processing Methods
The Data Controller adopts appropriate security measures to prevent the unauthorised access, disclosure, rectification or destruction of Personal Data. The processing is carried out using computer and/or telematic and/or paper tools, with organisational methods and logics strictly related to the purposes.
Legal basis
The conferment of data is mandatory for all that is required by legal and contractual obligations and thus any refusal to provide such in whole or in part may give rise to the impossibility of providing the services requested.
The Company processes the User’s optional data on the basis of consent, meaning by explicit approval of this Privacy Policy and the relative methods and purposes described below.
Categories of Recipients
In the management of the data, moreover, the following categories of authorised persons and/or external Data Processors identified in writing and who have been provided with specific written instructions on data processing may become aware of its contents:
- Authorised employees;
- Designated external Data Processors who carry out outsourcing activities on behalf of the Data Controller (hosting providers, IT companies, communication agencies). An updated list of internal appointees and external Data Processors can always be requested from the Data Controller.
Communication of Data
Without the express consent of the Data Subject, the Data Controller may communicate the data for the aforementioned purposes to Supervisory Bodies, Judicial Authorities as well as to all other parties to which communication is obligatory by law for the fulfilment of said purposes.
Your data shall not be subject to disclosure.
Retention Period
The Data is processed and retained for the time required by the purposes for which it is collected:
- The mandatory data for contractual and accounting purposes is retained for the time necessary to fulfil the commercial and accounting relationship;
- The data of those who do not buy or use products or services – even if they have had previous contact with company representatives – shall be immediately erased or processed anonymously where the retention of such data is not otherwise justified unless informed consent of the Data Subject has been validly acquired regarding subsequent promotional or market research activities. The data retention period is: 10 years from the end of the relationship.
Rights of the Data Subject
Pursuant to European Regulation 679/2016 (GDPR) and national legislation, the Data Subject may, in accordance with the procedures and within the limits established by current legislation, exercise the following rights:
- Request confirmation of the existence of personal data concerning them (right of access);
- Receive information on the source of the data;
- Receive communication of such data in intelligible form;
- Be informed on the logic, methods and purposes of processing;
- Request the updating, rectification, integration, erasure, transformation into anonymous form, blocking of data processed in violation of the law, including data no longer necessary for the pursuit of the purposes for which it was collected;
- In the cases in which data processing is based on consent, receive the data from the Data Controller in a structured, commonly-used format, readable by an automatic device;
- The right to file a complaint with the Supervisory Authority.
How to Exercise your Rights
You may exercise your rights at any time by sending:
- A registered letter with return receipt to Medical Products Research at Via Novara 68 – 20025 Legnano (MI), Italy;
- An e-mail to info@mpr-italy.it.
Changes to this Policy
This Privacy Policy may be subject to change. We therefore recommend that you regularly check this Policy and refer to the latest version.