PRIVACY POLICY REGARDING THE WEB PROCESSING OF DATA

Pursuant to Article 13 of the EU regulation 2016/679 (“GDPR”), we hereby inform you that Aptiva Medical Srl (the “Company” or the Data Controller) will process the personal data you supply (“Data”) acting as Data controller.

This privacy policy shall only be applied to online activities on this web site and that are in affair with Aptiva Medical Srl, whether they are employees, supplier, clients, potential clients or simple visitors of this web site. It shall not be applied to any information collected through any channels other than this web site, which channels can be found through hyperlinks included in any website referring to any resource not belonging to our domain.

 1. Data Collected

• Biographical data (Name and Surname, age, gender); Contact details (address, post code, city, state/county, country, email address) Bank Details
• Operating system and internet browser used
• Demographic information, such as preferences and interests
• Product reviews and opinions

2. Processing Methods

The data collected by aptiva medical s.r.l. are used solely for continual improvement of the expected services. The processing methods are collection, registration, organization, storage, consultation, use, communication and cancellation.

This Web Site is a processing the users’ Data while applying appropriate safety measures in order to prevent any unauthorised access, disclosure, alteration or destruction of the Data. Data shall be processed lawfully, fairly and in a transparent manner in relation to the data subject, by way of computer and/or computerised systems, as well as according to organisational methods and logic strictly related to the purposes stated. In some circumstances, different staff representatives involved in the Web Site organisation (such as administrative, commercial, marketing, legal affairs staff and system administrators) or external third parties (such as third-party technical service providers, hosting providers, computer companies and communication agencies) may access to Data in addition to the Data Controller. The updated list of the responsible for processing data, can always be requested to the Data Controller.

3. Legal basis and purposes of the processing

Your Data shall be processed by the Data Controller based on your consent. By using or visiting this Web Site, both visitors and users explicitly approve this privacy policy and consent to the processing of Data related to them according to the following terms and purposes, they hereby approve and consent to the disclosure to third parties, if requires for a service to be rendered.

Pursuant to Article 5 of the GDPR, both Data supply and the relevant consent to collect and process such Data are voluntary. A web user may deny his/her consent and he/she is allowed to revoke any existing consent at any time (by registered mail to Data Controller). However, should the web user deny his/her consent, some services might not be provided and such denial might prejudice his/her navigation experience. This Web Site also processes some Data even for legitimate interests of the Data Controller. Data collected for purposes related to the Data Controller’s legitimate interest shall be held until such interest is met.

Therefore, the Company shall process Data for information and promotion of consulting activities related-purposes, including the use of such Data for future surveys or similar activities, such activities being in line with the main purposes of this processing.

Any voluntary and deliberate transmission of messages to the Data Controller addresses, as well as any willing completion and submission of Web Site forms included on the Web Site being completed and sent shall result in collecting the sender’s contact details, together with all his/her personal details included in his/her communications. Personal data supplied by the data subject in order to make use of the services offered on the Web Site shall be processed to act on his/her request in compliance with this policy and the specific privacy policies delivered during the acceptance of each service. Such Data shall be stored for a period enabling the supply of the service requested and/or necessary to handle any claims

4. Integration into the privacy policy document relating to the Google Analytics SERVICE

Google Analytics (hereafter simply “Analytics”) is a statistical service offered by Google Inc., whose head office is 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States. Its aim is to track access to websites and web resources. Its administrators are able to generate and display aggregated and anonymous data for statistical purposes. In order to function, Google Analytics requires the site pages to include a tracking code that identifies the pages visited by users, the domain names and the type of browser of the computers used etc. This data is considered anonymous, since it does not enable identification of the user.

The data collected is used by Google for statistical purposes in order to assess correct use of the site and improve its efficiency.

The processing of the data collected is handled by Google Inc. using IT and telematic tools with logics strictly related to the purposes indicated below. Data security and confidentiality are ensured in all cases. In order to function, Google Analytics uses cookies, and the information they generate on use of the site by visitors is transmitted to Google and stored on its servers in the United States. Google will not associate the IP address used by the user for navigation with any other data relating to it, and possibly owned by it, unless the user specifically accepts the Google Inc. privacy policy and terms of service. These activities and services are to be considered unrelated to the use of the site, which is not responsible for the processing of personal data. Data collected by the Analytics service is transferred to the Google Inc. server and processed there. Google may also transfer this information to third parties if required to do so by law, or when information is processed by third parties on Google’s behalf.

5. Storage Period

The Data will be entered in the company database and kept for the time necessary for the purposes of the processing. After the time-limit on data storage, the Data will be destroyed or anonymized.

6. Rights of the Data Subject/Users

The user, according to the EU General Data Protection Regulation (GDPR), shall have the right to :

• Transparent information, communication and modalities for the exercise of the rights of the data subject.
• Right to revoke consent. The data subject can exercise its right to revoke consent towards processing of his/her data.
• Right to object. The data subject shall have the right to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her which is based on point (e) or (f) of Article 6(1), including profiling based on those provisions.
• Information and access to personal data. The data subject shall have the right to obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data.
• Right to rectification anytime. The data subject shall have the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her.
• Right to restriction of processing. The data subject shall have the right to obtain from the controller restriction of processing
• Right to erasure (‘right to be forgotten’). The data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay under certain conditions.
• Right to lodge a complaint. Every data subject should have the right to lodge a complaint with a single supervisory authority, and the right to an effective judicial remedy in accordance with Article 47 of the Charter.
• Right to data portability. The data subject shall have the right to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided.
• Or, as well as, more widely, you can exercise all rights that are recognized by the legal provisions in force.

7. How to exercise you Rights

Users to exercise the rights can make a request to the Data Collector contacts, indicated in this document. The requests are filed for free and processed by the Data Collector as soon as possible.

8. Place of processing and Data Controller

Aptiva Medical s.r.l.
Via Gadames, 57/7 20151 Milan (Italy)
Tel.: +39 02 48714472
E-mail:  info@aptiva.info

Data collected through the web site shall be processed by Data Controller at the registered office and on locations where aptiva medical srl operate according to GDPR. For more information, contact the Data Controller.

9. Cookies

Users may disable the use of cookies from their browser at any time; this choice could cause difficulties in navigating the site. However, the user may not decline the partial collection of data by the Google Analytics software. In such cases users are kindly requested to stop browsing the site.