(Articles 13 and 14 EU Reg. 2016/679 and Legislative Decree 196/2003 et seq.)
Dear user,
below we provide you with some information that it is necessary to bring to your attention, not only to comply with legal obligations, but also because transparency and fairness towards the stakeholders are fundamental aspects of our business.
This policy describes the methods of processing personal data of users who visit this website, accessible online at the following address: endocorelab.org.
These informations do not apply to other websites, pages or online services accessible through hypertext links that may be published on the website but refer to external resources outside the present domain.
| Data controller | The data controller (the subject who determines the purposes and methods of processing personal data) is EndoCore Lab S.r.l. P.IVA: IT05008930280 Headquarters:Via San Bellino n.44 – 35020 Albignasego (PD) Telephone: +39 353 439 0427 E-mail: administrator@endocorelab.org For processing that includes posting content on social networks, the Data Controller has concluded standard co-ownership agreements with the owners of the social platforms. |
| Data categories | - Data related to the provision of an electronic communication service: traffic data, internet browsing data, IP addresses or domain names of computers used by users connecting to the website; time of the request; method used in submitting the request to the server; numeric code indicating the status of the response given by the server (successful, error, etc.); other parameters related to the operating system and browser used by the user - Personal and contact informations - Any other data that is voluntarily provided by the user to the data controller |
| Data source | Personal data are provided by the data subject during browsing (see also the cookie table) or through communications sent by the data subject and/or from publicly accessible sources such as social networks or websites. |
| Provision | Where indicated, the provision of your data is a necessary requirement to pursue the purposes indicated below. Therefore, if you fail to provide such data, we may not be able to carry out the related processing. |
Your personal data are collected and processed using automated, semi-automated and non-automated methods, as specified below:
| Purposes | Legal basis | Data retention |
| Enable the full use of the website's features | Pre-contractual or contractual measures (performing the requested service or performance) | The duration is related to each individual cookie and can be found in the relevant policy |
| Follow up on data subject’s requests and handle pre-contractual or contractual obligations | Pre-contractual or contractual measures (performing the requested service or performance) | 10 years from the year of the request |
| Marketing (market analysis and surveys) Sending informational and/or promotional material (ex. newsletter) | Consent of the data subject** | Until the withdrawal of consent. Then the processing will be limited to mere retention for 10 years from the year in which consent was withdrawn. |
| Data protection compliance management | Fulfillment of a legal obligation | For the time strictly necessary for the implementation of the purpose. |
| Preventing and/or detecting any potential abuse and defending the rights and interests of the data controller | Legitimate interest in protecting one’s rights and interests in in litigation or in the preliminary stages leading up to its potential initiation. | Data will be retained for as long as the Data Controller has an interest in exercising its own right or interest. |
| Management and maintenance of network and computer system | Pursuing the legitimate interest of the Data Controller | 2 years from the year of termination of the contractual relationship for accounts. 18 months regarding compliance obligations for system administrators |
| Disclosure of Data | Personal data will not be disclosed and will be communicated, for the stated purposes, exclusively to subjects that carry out activities on behalf of the Data Controller, duly appointed as data processors. Upon explicit request, personal data may be communicated to public authorities. |
| Extra-UE Data transfer | Although the Data Controller is committed to selecting services that minimize the processing of personal data of its users, the processing of personal data for the aforementioned purposes, which involves the use of cookies and other tracking tools, may involve the transfer of certain indirectly identifiable data of the data subject to countries outside the territory of the EU or the European Economic Area (EEA), in particular to the United States, where the data subject may not enjoy similar rights and protections as those guaranteed within the Union’s territory. Therefore, by consenting to tracking through cookies for statistical and advertising purposes, including profiling, the data subject consents to the potential processing of its data outside the EU/EEA. For the other purposes described above, personal data will not be transferred to countries outside the EU or the EEA. If such transfer becomes necessary, it twill only occur with adequate safeguards in compliance with applicable regulations. |
| Rights of the data subject | The data subject has the right, in accordance with the provisions of Articles 15 et seq. of EU Reg. 2016/679, to request from the Data Controller access to their personal data, as well as their rectification and erasure or forgetfulness. The data subject also has the right to request data portability, restriction of processing or to oppose to processing. Furthermore, the data subject has the right to be informed of the essential contents of joint data controller agreements. For processing based on consent, the data subject has the right at any time to withdraw his or her consent, without affecting the lawfulness of the processing based on the consent given before its withdrawal. To exercise their rights or to request additional information, the data subject can contact the Data Controller using the contact information mentioned above. |
| Compliant to the Guarantor | The data subject may also bring a complaint to the Italian Data Protection Authority, based in Piazza Venezia 11, 00187 – Rome – protocollo@pec.gdpd.it |
| Site usage by minors | The website and associated services are not directed towards minors; therefore, no personal information will be knowingly collected from them. If it comes to the attention of the Website Owner that information has been unknowingly collected from or about minors, reasonable measures will be taken to delete such information as soon as possible, unless there is a legal obligation to retain it. The Website will review any reports regarding the unintentional collection of information from or about a minor; users are requested not to provide data regarding minors and to report any accidental collection resulting from the use of our services. |
| Disclosure update | The data controller reserves the right to make changes to this privacy policy at any time, providing notice to users on this page. Visitors are therefore encouraged to check this page frequently, keeping as a reference the date of the last modification indicated at the bottom. |
Last Update 06/12/2023
