This page describes how the site is managed with regard to the processing of users’ personal data.
This information is also provided pursuant to art.13 of Regulation (EU) 679/2016 (hereinafter, the “Regulation”) to those who interact with the web services of Lofarma S.p.A. (hereinafter, also referred to as the “Company”) accessible by electronic means from the address: www.lofarma.it. This information is provided only for this site and not for any other websites that may be reached by the user via links on it.
This information is also based on Recommendation No. 2/2001 which the European authorities for the protection of personal data, meeting in the group set up by art. 29 of Directive No. 95/46/EC, adopted on 17 May 2001 to identify the minimum requirements for collecting personal data on-line and, in particular, the methods, timing and nature of the information that data controllers must provide to users when they connect to web pages, regardless of the purpose of the connection.
Terms and conditions of use
The purpose of the site is to present the Company’s services and products to its recipients, whether they are companies, employees of companies, organisations, bodies or individuals (hereinafter, the users).
Moreover, the site also provides the following possibilities:
- sales of services and/or products of the Company;
- registration on the site and use of the services linked to the Company;
- assistance to customers/users on products and services;
- e-commerce assistance.
Some of the contents of the site are confidential and accessible only by using appropriate authentication credentials (username and password). Any use of such content without the right to hold the credentials constitutes illegal use and may be prosecuted in the appropriate courts.
All rights to the content (e.g., site text, images, architecture) are reserved in accordance with current legislation. The contents of the site pages may not, either in whole or in part, be copied, reproduced, transferred, uploaded, published or distributed in any way without the prior written consent of the Company, without prejudice to the possibility of storing them on one’s own computer or printing extracts from the pages of this site for personal use only.
Any kind of link to this site inserted by third parties shall not damage the Company’s reputation and activities. Deep linking, i.e., the non-transparent use of parts of this site on the sites of third parties, is forbidden.
Any failure to comply with these provisions, unless expressly authorised in writing, will be prosecuted in the competent civil and criminal courts.
Limitation of liability
Lofarma S.p.A. cannot be held in any way liable for damages of any kind caused directly or indirectly from access to the site, inability or impossibility of accessing it.
Lofarma S.p.A. reserves the right to modify the content of the site and this page at any time and without prior notice.
Any links to external sites do not imply any type of approval or sharing of responsibility by the Company in relation to the completeness and correctness of the information contained in the related sites.
The “Data Controller” is Lofarma S.p.A., with registered office in Milan, Viale Cassala 40, (hereinafter, also referred to as the “Data Controller” or the “Company”).
For the purposes below, the Company may have recourse to the services of external companies specifically appointed as Data Processors pursuant to Art. 28 GDPR.
Types of data processed, purposes of processing and legal bases
The computer systems and software procedures used to operate this site acquire, in their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
This information is not collected in order to be associated with identified data subjects, but by its very nature could allow users to be identified, through processing and association with data held by third parties carried out only after an explicit request by the judicial authority.
This data category includes the IP addresses or domain names of the computers used by users connecting to the site, the URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user’s operating system and computer environment.
These data, which are deleted immediately after processing, unless express consent is given for the purpose of profiling, in the manner stated in the paragraph “Data collection points” below, are used by Lofarma S.p.A. for the sole purpose of obtaining anonymous statistical information on the site use and to check its correct functioning.
They could be used to ascertain responsibility in the event of any computer crimes against the site: except in that case, data related to web contacts are not currently stored for more than thirty days.
Data provided by the user on a voluntary basis
The Company may collect personal data provided by the user on a voluntary basis. These data may be collected, for instance, when the user purchases a service and/or product, creates an account, requests information.
Data collection points
At each data collection point on the site (e.g., for the purchase of products and/or services, or filling in forms to request information), the Data Controller provides specific detailed information, including – among other information – an indication of the purposes pursued by the processing, the legal bases of the processing, the nature of the provision of the data and the consequences of any refusal to provide them. The data collection points on this site are listed below.
Purchase of products without registration: The site includes an e-commerce section where the user can purchase products from the Company. The user is required to provide their personal data by filling in an on-line form and, at the bottom of it, is provided with specific information pursuant to art. 13 GDPR, which also indicates the purposes of the processing, such as the management of the purchase of products and the fulfilment of related legal obligations.
Purchase of products and/or services with registration: The site includes an e-commerce section where the user can purchase products and/or services from the Company and register on the site. The user is required to provide their personal data by filling in an on-line form and is provided with specific information pursuant to art. 13 GDPR, which also indicates the purposes of the processing, such as the management of the purchase of products, the fulfilment of related legal obligations, the management of the registration request and the provision of the related services.
For the further purpose of carrying out marketing activities (sending communications relating to products/services by letter, telephone, e-mail and SMS), Lofarma requires the user, at the bottom of the information, to give a specific consent. Failure to give the consent does not prevent the user from purchasing the requested products and registering on the site.
Third parties in compliance with a legal obligation or to protect the Company’s rights. The user’s personal data may be disclosed to institutions, law enforcement agencies, judicial, administrative, regulatory or public security authorities as part of legal or administrative proceedings, or in order to fulfil a legal obligation or protect our rights, including in court.
Third parties in case of corporate operations. Disclosure of the user’s personal data may occur on the occasion of events such as mergers, the sale of a business (or a branch) or other extraordinary transactions in which the Company may need to share information with potential purchasers or counterparties and their advisors.
Users under the age of 18 are requested not to register on the site and not to provide personal data.
Cookies do not allow us to access any other information stored on the user’s device, although this is where the cookies are downloaded. Cookies cannot load codes of any kind, carry viruses or malware and are not harmful to the user’s terminal equipment.
This site also uses its own and third-party profiling cookies, aimed at creating profiles of the user and used to display advertising messages and content in line with the preferences expressed by the user while browsing. Profiling cookies require the user’s consent.
The above cookies may be temporary (when they are automatically deleted at the end of the connection), permanent (when they remain stored on the user’s hard drive, unless the user deletes them), first-party (when they are set and managed directly by the site operator) and third-party (when they are managed by a domain other than the one visited by the user).
Processing method and place
Personal data are processed on paper and/or by automated means.
Specific security measures are taken to prevent loss, illegal or incorrect use of data and unauthorised access.
Transfer of data abroad. No personal data will be transferred outside the European Economic Area for the purposes above.
Please note, however, that communications via the Internet, such as e-mail or webmail, may pass through different countries before being delivered to the recipients. The Company cannot be held liable for any unauthorised access or loss of personal information beyond its control.
Data retention time
We only retain the user’s personal data for as long as it is necessary to provide the service for which the data were collected or to comply with legal obligations. For instance, we retain personal data necessary for the exercise of our defence right in case of legal disputes, such as personal data relating to a contract or the provision of a service, for up to 10 years from the conclusion of the service and/or the provision of the product, on the basis of the ordinary limitation period provided for by the Italian Civil Code. After this period, the personal data are deleted or rendered anonymous.
The Company takes safety measures to safeguard the confidentiality of users’ personal data. However, given the nature of the Internet, the constant evolution of technology and other factors beyond our control, the safety of data transmission over the Internet cannot be fully guaranteed. Therefore, we cannot guarantee the safety of any data or information provided to us by the user and the user acknowledges and agrees that such transmission is at their own risk. Moreover, we recommend users to take appropriate precautions when using the site, such as keeping any login credentials strictly confidential, changing their password periodically and keeping their system up to date.
Data subject’s rights
Data Protection Officer (DPO)
Requests from data subjects shall be addressed to Lofarma S.p.A. Data Protection Officer (DPO) to the following address: firstname.lastname@example.org.
Last update: march 2021