We care about your privacy and want you to feel comfortable using our services. Therefore, below we present the most important information about rules for the processing of your personal data by us and about the cookies used by our Store. This information has been drawn up taking into account the GDPR, or the general regulation on data protection, and the processing of your data will take place in compliance with the canons of lawfulness, correctness and transparency and in order to guarantee adequate security of personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures.
OWNER OF THE PROCESSING OF PERSONAL DATA
MEDIXA SRL with registered office in Italy. Via Figliola, n. 57, office, first floor place, postal code 80040, San Sebastiano al Vesuvio office, Naples, registered in the Naples Chamber of Commerce with registration number 13064851002, number Rea Na-1004293, If you wish to contact us in relation to the processing of your personal data by us, contact us at the following e-mail address: firstname.lastname@example.org.
The processing of your personal data is carried out by the operations indicated in art. 4 of the Privacy Code and art. 4 n. 2) GDPR and more precisely: collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data. Your personal data are subjected to paper and electronic and / or automated processing. The Data Controller will process personal data for the time necessary to fulfill the aforementioned purposes.
ACCESS TO DATA
Your data may be made accessible for the purposes indicated below to employees and collaborators of the Data Controller or of the companies that collaborate with the Data Controller in Italy and abroad, in their capacity as persons in charge and / or internal managers of the processing and / or administrators of system; to third-party companies or other subjects (by way of example, credit institutions, professional firms, consultants, insurance companies for the provision of insurance services, etc.) who carry out outsourced activities on behalf of the Data Controller, in their capacity as external managers of the treatment.
INFORMATION OBLIGATIONS AND RIGHTS OF THE DATA SUBJECT
You have the right to:
• request access to your personal data, including obtaining a copy of your data (article 15 of the GDPR or – if applicable – article 13 (1) (f) of the GDPR),
• rectification (article 16 of the GDPR),
• withdraw consent at any time, without prejudice to the lawfulness of the processing based on the consent given prior to its withdrawal;
• cancellation (article 17 of the GDPR),
• limitations on processing (Article 18 of the GDPR),
• transfer of data to another administrator (Article 20 of the GDPR), the so-called right to portability – that is, the right to receive personal data concerning him, which he has provided to the data controller, in a structured format, commonly used and readable by the automatic device, as well as the right to transmit such data to another data controller without impediment by the data controller to whom the personal data were provided, where: the processing is based on consent pursuant to Article 6, paragraph 1, letter a), or Article 9, paragraph 2, letter a), or on a contract pursuant to Article 6, paragraph 1, letter b); and the processing is carried out by automated means.
• to oppose the processing of your data at any time
• for reasons connected to your particular situation – in relation to the processing of personal data concerning you, based on art. 6 seconds 1 lit. f GDPR (i.e. on the legitimate interests pursued by us), including profiling (Article 21, paragraph 1, GDPR);
• if the personal data are processed for direct marketing purposes, including profiling, to the extent that the processing is connected to such direct marketing (Article 21, paragraph 2, of the GDPR).
• Submit a complaint (pursuant to art. 77GDPR) to the supervisory authority (pursuant to art. 51 of the GDPR). if you believe that your data are being processed unlawfully.
PERSONAL DATA AND PRIVACY – PURPOSE OF THE TREATMENT
Below you will find detailed information on how your data is processed based on your actions.
1. TO ESTABLISH CONTACT WITH US (for example ask a question). – Your personal data is collected and stored by Medixa to manage your requests and / or notifications in relation to a contract of which we are or could be a party. Our legitimate interest in the processing of your data is to allow the data controller to contact you in order to provide you with clarifications and / or communications of interest. Medixa will keep your personal data until the consent is revoked or until the end of the period in which it is possible to assert the complaints or until we take into account your opposition to the treatment. In the event that you do not consent to the processing of data, we will not be able to follow up on your requests. By expressing consent, you declare to be over 18 years old, to have understood its content and accepted the terms
2. PLACE AN ORDER – Your personal data are collected, managed and stored by Medixa to fulfill your order and to adapt the Store to the needs of Users, as well as improve the quality of our services, thanks to the opinions issued by Buyers through the format of the satisfaction survey. Our legitimate interest in the processing of your data is to conduct research on your satisfaction with our services (Article 6 (1) (f) of the GDPR and to allow the data controller to conclude a sales contract (Article 6 co 1 letter b) of the GDPR) and the related legal obligation related to accounting (Article 6 co 1lett. F) GDPR). Medixa will keep your personal data for the duration of the contract and in any case until the legal obligation relating to accounting expires. In any case, your personal data will be processed until consent is revoked or until the end of the period in which it is possible to assert complaints or until we take into account your opposition to the processing. In the event that you do not consent to the processing of data, we will not take into account your opinion regarding our Store in progress on its further development, it will your order be followed up. By expressing consent, you declare to be over 18 years old, to have understood its content and accepted the terms.
4. TAKING AN ACTION OR OMISSION THAT MAY LEAD TO CLAIMS RELATING TO THE STORE OR OUR SERVICES – Your personal data is collected, managed and stored by Medixa to ascertain, investigate or defend any claim relating to the contract concluded or to services provided. Our legitimate interest in the processing of personal data for the aforementioned purpose (Article 6 (1) (f) of the GDPR) will be until the expiry of the limitation period for complaints or until we take into account your opposition to the processing. . In the event that you do not consent to the processing of data, we will have no possibility to assert or defend claims. By expressing consent, you declare to be over 18 years old, to have understood its content and accepted the terms
Within the Store, we perform profiling – it will only take place with your consent to this activity. This profiling is based on an automatic evaluation of which products or services you may be interested in, using information on the content you view and / or on the basis of data you provide on the occasion of a request or on an order made. Consequently, the advertisements for products or services displayed within the online services you use will be customized according to your needs.
The profiling we carry out will not lead to any decision on our part having legal effects on you or affecting you in an equally significant way.
As part of the Store, we carry out analytical activities aimed at increasing its intuitiveness and accessibility. These activities will be carried out only with consent. As part of the analysis, we will take into account how you browse the Store, such as how much time you spend on a particular subpage or which points in the Store you click. Thanks to this, we can adapt the layout and appearance of the Store and the contents published in it to the needs of the Users.
When we process your personal data, we use organizational and technical measures in accordance with applicable law, including encrypting the connection with an SSL certificate.
TRANSMISSION OF PERSONAL DATA TO COUNTRIES OUTSIDE THE EUROPEAN UNION
** In relation to the above, your personal data are stored on servers located within the European Union. In any case, it is understood that the Data Controller, if necessary, will have the right to move the servers even outside the EU. In this case, the Data Controller ensures from now on that the transfer of data outside the EU will take place in accordance with the applicable legal provisions, subject to the stipulation of the standard contractual clauses provided for by the European Commission..