PRIVACY INFORMATION NOTICE RESERVED AREA AND APP
To access the service it is necessary to declare to have read the privacy information notice by clicking on the link at the bottom of this page
1. Data Controller and DPO
Data Controller is Fondazione Internazionale Menarini with registered offices in Strada 6 - Edificio L, Centro Direzionale Milanofiori, 20089 Rozzano, Milano (“Controller”).
The Data Protection Officer (“DPO”) can be contacted at: firstname.lastname@example.org
2. The data we process
With your consent, we process the following personal data which you provide when you interact with the Website and use the related services and functions. These data include, in particular name and surname, contact details (email and phone number), job title, interests, Linkedin account (optional), and the additional data which the Controller may acquire, also from third parties, in the course of business (“Data”).
If you register for congresses and events, the following Data will also be processed: details of the event, your image, your phone number and voice (if the event is recorded or in case of webinar), any presentations and contributions you made during the event.
If you consent (optional) for profiling purposes, the following data will also be processed: user; session; date and time; page visited; time spent on the page; video execution, downloaded journals and viewed articles (if any)
In order to enable us to manage your registration with the restricted access area, it is necessary to consent to the processing of the data marked with an asterisk (*). Without those mandatory data or your consent we cannot proceed any further. Conversely, the information requested in fields not marked with an asterisk are optional: failure to provide them shall have no consequence.
Consent to profiling is also optional: if you don’t provide it, or if you to revoke it, only anonymous information about your browsing activities in the restricted access area will be collected.
In any event, even without your prior consent, the Controller may process your data to comply with legal obligations stemming from laws, regulations and EU Law, to exercise rights in legal proceedings, to pursue its own legitimate interests and in all cases provided by Articles 6 and 9 of the GDPR, where applicable.
Processing shall take place both using computers and on paper, and shall always entail the implementation of the security measures provided by current law.
3.Why and how we process your data
The Data are processed to manage your requests for information/registration with restricted access areas submitted through the Website and Form; the legal basis of the personal data processing for this purpose is your consent (art. 6.1.(a) and art. 9.2.(a) of the Regulation).
Moreover, we will process your personal data to sign you up for events and congresses, to handle your requests for information, to check you in and out events and congresses, as well as to issue your certificate of attendance. The legal basis is your consent, that you confer by signing up for the event.
The events may be audio and video recorded. To this end we will ask you to authorise the use of your image by accepting a Release. Your personal data related to the Release (including your image and your voice) are required to fully perform the Release, which constitutes the legal basis of the processing. In that respect you have an obligation to confer the data in question: should you decide to withhold them, you may not take part in the Congress where the audio-video recordings are made as described in the Release.
Furthermore, but only with your optional consent, which constitutes the legal basis of the processing pursuant to Article 6.1.a. of the GDPR, the data are processed:
- to receive Newsletters from Fondazione. Please be informed that our Newsletters may contain a “Pixel Tag”, by which the Controller detects some information, such as if and when you have opened and/or deleted the email, which links contained in the newsletter you have clicked on, your email client, if the email has been opened by more of one IP address, as well as aggregate and anonymised information about your approximate location, etc. The Controller processes such information to verify the effectiveness of its informational campaigns, based on art. 6.1.(f) of the Regulation. Many email service providers and clients feature a specific setting whereby you may disable such detection – please check the specific settings if you do not wish that the Controller detects the mentioned information;
- to receive other publications or materials you have expressly requested through the restricted access area, such as, for example, the journal “Minuti” –Scientific Edition (if you are legally entitled to prescribe medicines) or ”Minuti” –Arts Edition.
- to create profiles based on your needs, interests and preferences, aimed at improving the service and offering personalized content (“profiling”).
By selecting the relevant options and by ticking the consent box, you agree to the processing of your personal data for the above purposes, as described in this information notice.
You may at any time revoke the consent(s) you conferred for the above purposes – to do so, please proceed as follows:
- event participation: send a consent withdrawal request via the dedicated section
- newsletter subscription: use the unsubscribe link displayed in each newsletter you receive from us, or by following the instructions at the link Newsletter
- profiling: remove the tick in the box where you conferred your consent;
- terminate your restricted access area account: send an account termination request via email to email@example.com, or use the link to our contact form: Contact form
Your data may in any case be processed, even without your consent, for the purpose of complying with laws, regulations, EU Law (art 6.1.(c) of the GDPR, to perform statistics on the Website’s usage and ensure its proper functioning (art. 6.1.(f) of the Regulation), to enforce the Code of Conduct of the Menarini Group and to establish or defend the legal claims in the interest of the Company (art. 6.1.(f) and art. 9.2.(f) of the Regulation)
The personal data are entered into the Company computer system in full compliance with data protection law, including security and confidentiality profiles and based on principles of correct practice, lawfulness and transparency in processing.
Data shall be stored for as long as strictly necessary for the attainment of the purposes for which they were collected (e.g. until you unsubscribe from the newsletter or the reserved area) and in any in compliance with the time limits set by law and with the principles of data minimisation, storage limitation and rational management of archives.
All your data will be processed on paper or by means of automated instruments, which in any case ensure an appropriate level of security and confidentiality. With reference to profiling, we inform you that the navigation data will be deleted after 12 months from their collection.
4.Persons who have access to the Data
The Data are processed electronically and manually according to procedures and logics relating to the abovementioned purposes and are accessible by the Controller’s staff authorised to process personal Data and their supervisors, and in particular to staff belonging to the following categories: technical, IT and administrative staff, product managers, as well as other individuals who need to process the data to perform their job duties, including members of the Supervisory Board in the pursuit of its supervisory activities and for the enforcement of the Menarini Group Code of Conduct, pursuant to Article 6.1.f and Recital 48 of the GDPR. The Data may be communicated, also in countries outside the European Union (“Third Countries”) to: (i) institutions, authorities, public bodies for their institutional purposes; (ii) professionals, independent consultants –individually or in partnerships- and other third parties and providers which supply to the Controller commercial, professional or technical services required to operate the Website (e.g., provision of IT and Cloud Computing services), in order to pursue the purposes specified above and to support the Company with the provision of the services you requested (e.g. co-organisers of the events or service providers); (iii) third parties in the event of mergers, acquisitions, transfers of business -or branches thereof-, audits or other extraordinary operations.
The mentioned recipients shall only receive the Data necessary for their respective functions and shall duly undertake to process them only for the purposes indicated above and in compliance with data protection laws. The Data can furthermore be communicated to the other legitimate recipients identified from time to time by the applicable laws. With the exception of the foregoing, the Data shall not be shared with third parties, whether legal or natural persons, who do not perform any function of a commercial, professional or technical nature for the Controller and shall not be disseminated. The individuals who receive the data shall process them, as the case may be, in the capacity as Controller, Processor or person authorised to process personal data, for the purposes indicated above and in compliance with data protection law.
Regarding any transfer of Data outside the EU, including in countries whose laws do not guarantee the same level of protection to personal data privacy as that afforded by EU Law, the Controller informs that the transfer shall in any event take place in accordance with the methods permitted by the GDPR, such as, for example, on the basis of the user’s consent, on the basis of the Standard Contractual Clauses approved by the European Commission, by selecting parties enrolled in international programmes for free movement of data or operating in countries considered safe by the European Commission.
When you participate in events or congresses, your identification data, audio/video recordings and presentations may be disseminated via the Internet through our website.
By contacting the Controller at the addresses indicated above you can, at any time, exercise the rights pursuant to Articles 15-22 of the GDPR such as, for example, obtaining an updated list of the individuals who can access your data, obtain confirmation of the existence or otherwise of personal data which relates to you, verify their content, origin, correctness, location (also with reference to any Third Countries ), request a copy, request their rectification and, in the cases provided by the GDPR, request the restriction of their processing, their erasure, oppose. You may also revoke your consent at any time as set out at paragraph 3. Likewise, you can always report observations on specific uses of the data regarding particular personal situations deemed incorrect or unjustified by the existing relationship to the DPO or submit complaints to the Data Protection Authority. You may withdraw your consent at any time - however that shall not impair the lawfulness of the processing carried out before consent withdrawal.
RELEASE FOR THE USE OF IMAGE(S)
This disclaimer applies only if you register for conferences through the Website.
With reference to the applicable regulations on my image rights and other related rights, I hereby authorise the recording of my image and its subsequent use and dissemination, also on the web (www.fondazione-menarini.it) and/or Social Networks (e.g Linkedin, Youtube, etc)., by the Fondazione Internazionale Menarini (“Fondazione”).
I also authorise duplication, use, processing, editing, media reproduction, public broadcasting, in any manner whatsoever (including but not limited to, articles, brochures, essays and presentations, publication on websites and any other communication channels of the Company).
I hereby waive the exercise of any right of approval for the uses described above (to the extent that said uses do not harm the honour, reputation or dignity of the undersigned). It being understood that the recording and use of my image are granted on a gratuitous basis.
I acknowledge that Fondazione shall not be liable in the event that such images are illegally used by third parties, with the sole exception where such use is due to intentional misconduct or gross negligence by Fondazione