Privacy Policy
In compliance with the obligations deriving from national legislation (Legislative Decree no. 196 of 30 June 2003, Personal Data Protection Code) and Community legislation (European Regulation for the protection of personal data no. 679/2016, GDPR) and subsequent amendments, this website respects and protects the privacy of visitors and users, making every possible and proportionate effort not to infringe the rights of users.
This privacy policy applies only to the online activities of this website and is valid for visitors/users of the website. It does not apply to information that may be collected through channels other than this website.
The purpose of the privacy policy is to provide maximum transparency regarding the information the website collects and how it uses it.
Legal basis of processing
This site processes data on the basis of consent. By using or consulting this site, visitors and users explicitly approve this privacy policy and consent to the processing of their personal data in relation to the methods and purposes described below, including possible disclosure to third parties if necessary for the provision of a service.
The provision of data and therefore Consent to the collection and processing of data is optional, the User may deny consent, and may revoke at any time a consent already provided by sending an email to the following address: info@mediplant.it
However, denying consent may result in the inability to provide certain services and the experience of browsing the site may be impaired.
As of 25 May 2018 (date of entry into force of the GDPR), this site will process some of the data based on the legitimate interests of the data controller.
Data collected and purpose
Like all websites, this website makes use of log files in which information collected automatically during user visits is stored. The information collected may be as follows:
- internet protocol (IP) address;
- browser and device parameters used to connect to the site;
- name of the internet service provider (ISP);
- date and time of visit;
- the visitor's source (referral) and exit web pages;
- country of origin;
- possibly the number of clicks.
Data and information are collected for the following purposes:
- in an exclusively aggregate and anonymous form for the purpose of verifying the correct operation of the site. None of this information is related to the physical person-User of the site, and it does not allow in any way their identification (as of 25 May 2018, this information will be processed according to the legitimate interests of the owner);
- for security purposes (spam filters, firewalls, virus detection), automatically recorded data may also include personal data such as the IP address, which could be used, in accordance with applicable laws, to block attempts to damage the site itself or to harm other users, or in any case harmful or criminal activities. This data is never used to identify or profile the user, nor is it cross-referenced with other data or provided to third parties, but only used for the purpose of protecting the site and its users (from 25 May 2018, this information will be processed according to the legitimate interests of the owner);
- disclose the data to third parties who perform functions necessary or instrumental to the operation of the service, such as the management of comments on the site.
If the site allows the insertion of comments, or in the case of specific services requested by the user (via the Contacts section), the site automatically detects and records some personal data identifying the user, including the e-mail address and nickname. This data is understood to be voluntarily provided by the user at the time the service is provided, and is processed on the basis of consent. By entering a comment or other information, the user expressly accepts the privacy policy, and in particular agrees that the contents entered may be freely viewed by other visitors.
The data received will be used exclusively for the provision of the requested service and only for the time necessary for the provision of the service.
The information that users of the site decide to make public through the services and tools made available to them is provided by the user knowingly and voluntarily, exempting this site from any liability for any breach of the law. It is up to the user to verify that he or she has the permissions to enter personal data of third parties or content protected by national and international regulations.
If comments are managed via an external service, please refer to the service's policies.
The data collected by the site during its operation are used exclusively for the purposes indicated above and stored for the time strictly necessary to carry out the activities specified. In any case, the personal data collected by the site will never be provided to third parties for any reason whatsoever, unless it is a legitimate request by a judicial authority and only in the cases provided for by law. However, the data may be provided to third parties if this is necessary for the provision of a specific service requested by the User (e.g. management of comments), or for the performance of security checks or site optimisation.
Data may be collected on the website and more specifically on the shopping pages
The data will be processed according to the methods indicated on the page itself for the purposes of the sale, and whether the sale is successful or unsuccessful, the data collected will be stored but never disclosed to third parties.
Security measures
This site processes user data in a lawful and correct manner, adopting appropriate security measures to prevent unauthorised access, disclosure, modification or destruction of data. The processing is carried out using computer and/or telematic tools, with organisational methods and logics strictly related to the purposes indicated. In particular, the site management software is constantly updated and regularly scanned for viruses and dangerous codes.
In addition to the owner, in some cases, categories of people in charge of organising the site (administrative, commercial, marketing, legal, system administrators) or external subjects (such as third-party technical service providers, postal couriers, hosting providers, IT companies, communication agencies) may have access to the data.
User's rights
Pursuant to European Regulation 679/2016 (GDPR) and Article 7 of Legislative Decree no. 196 of 30 June 2003 https://www.garanteprivacy.it/regolamentoue/DPIA, the User may, in the manner and within the limits provided for by current legislation, exercise the following rights:
- object in whole or in part, on legitimate grounds, to the processing of personal data concerning him/her, where it is carried out for the purpose of sending advertising materials or direct selling or else for the performance of market or commercial communication surveys;
- request confirmation of the existence of personal data concerning him/her (right of access);
- know its origin
- receive intelligible communication of such data
- obtain information on the logic, methods and purposes of the processing;
- request the updating, rectification, integration, cancellation, transformation into anonymous form, blocking of data processed in violation of the law, including those no longer necessary to achieve the purposes for which they were collected;
- in the case of processing based on consent, to receive, at the sole cost of the eventual support, your data provided to the data controller, in a structured and machine-readable form and in a format commonly used by an electronic device;
- the right to lodge a complaint with the Supervisory Authority (Garante Privacy - link to the Garante's page);
- as well as, more generally, to exercise all the rights that are recognised by the applicable provisions of law.
Where data are processed on the basis of legitimate interests, the rights of data subjects are nevertheless guaranteed (except for the right to portability which is not provided for by the rules), in particular the right to object to the processing which can be exercised by sending a request to the data controller.
Requests should be addressed to the Data Controller.
Data Controller
The data controller in accordance with the laws in force is the site administrator, Mediplant.