The reason for this notice
The methods of managing the website are described on this page with regard to the processing of the personal data of the users who consult it.
This information briefing is also made available, in accordance with article 13 of the European Regulation 2016/679 concerning the protection of physical persons with regard to the processing of personal data (GDPR), to those who interact with the web services of the company Alfasigma Healthscience BV, accessible via digital transmission, starting from the address:
corresponding to the first page of http://www.proxeed.eu/ of Alfasigma Healthscience BV
The information briefing is made available only for the site http://www.proxeed.eu/ and not for any other websites that may be consulted by the user via links.
The information briefing is also in compliance with Recommendation No. 2/2001 for the protection of personal data which the European authorities adopted on 17 May 2001 in order to identify certain minimum prerequisites for the collection of personal data online and, in particular, the methods, times and nature of the information that the data controller must provide to the users when the latter connect to web pages, irrespective of the purposes of the connection.
Data Controller & Data Protection Officer
Following consultation of this website, data may be processed concerning identified or identifiable persons. The Data Controller is Alfasigma HealthScience BV with registered office and administrative headquarters in Groenewoudsedijk 55, 3528 BG Utrecht - Netherlands Email info.HS@alfasigma.com.
The Company has identified the Data Protection Officer in accordance with Article 37 of the Regulation; DPO can be contacted for questions concerning the processing of your data, through the following by e-mail: firstname.lastname@example.org.
Data processing purposes & types of data processed
a) Browsing data
The computer systems and the software procedures assigned to the functioning of this website acquire, in the course of their normal operation, certain personal data whose transmission is implicit in the use of Internet communication protocols.
This is information that is not collected in order to be associated with identified interested parties but which, by its very nature, could, through processing and association with data held by third parties, allow the identification of the users.
This category of data includes IP addresses or domain names of the computers used by the users who connect to the site, the addresses in URI (Uniform Resource Identifier) notation of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the reply given by the server (correct outcome, error, etc.) and other parameters regarding the operating system and the digital environment of the user.
These data are used for the sole purpose of extracting anonymous statistical information on the use of the site and to check its proper functioning and are deleted immediately after processing. The data could be used to ascertain liability in the theoretical event of digital crimes to the detriment of the site: apart from this eventuality, the data on web contacts are currently retained for no more than seven days.
b) Data supplied voluntarily by the user
The optional, explicit and voluntary sending of emails to the addresses indicated on this website, the compilation of the information and contact request forms, registrations and/or regarding the newsletters shall lead to the subsequent acquisition of the address of the sender, required to respond to the requests, as well as any other personal data entered in the communication or on the basis of the service requested.
Specific summary information will be gradually reported or displayed on the website pages provided for particular services on request.
Data processing nature & legal basis of processing
Apart from what is specified for navigation data, the user is free to provide personal data through the sending of emails to the addresses indicated on this website, the compilation of information and contact request forms, registrations and/or regarding the newsletters, spontaneous sending of CVs for the selection of candidates.
Failure to provide this data may make it impossible to obtain what has been requested.
The personal data provided by the user are processed by Alfasigma with different methods and legal bases:
·the user has given consent to the processing of his or her personal data
·processing is necessary for the performance of a contract to which the user is party or in order to take steps at the request of the data subject prior to entering into a contract;
·processing is necessary for compliance with a legal obligation to which the controller is subject
·processing is necessary for the purposes of the legitimate interests pursued by the controller
Data processing modalities
The personal data is processed with automated instruments for the time strictly necessary to achieve the purposes for which they were collected.
Specific security measures are followed in order to prevent data loss, illegal or improper use and unauthorised access.
Data recipients or categories of recipients of the personal data
Data collected are processed by Alfasigma’s personnel under the authority of the controller according to instructions provided by the Controller pursuant to Art. 29 of Regulation, and can be communicated to third parties appointed as Data Processor pursuant to Art. 28 of Regulation, for purposes described in this Privacy Notice.
The Company Apex Srl has been appointed as data processor pursuant to article 28 of the Regulation since it is responsible for the maintenance of the website's technological part.
The complete list of the subjects to which your personal data have been or may be communicated is available on demand at the address privacy.HS@alfasigma.com.
Transfer of personal data
The management and retention of the personal data shall take place on servers, located within the European Union, of the Data Processor and/or third-party companies duly appointed as Data Managers. Currently, the servers are located in Italy. The data are not currently subject to transfer outside the European Union.
In any event, it remains understood that the Data Controller, should it be necessary, shall have the right to change the location of the servers, in Italy, within the European Union and/or to countries outside the EU.
In this case, the Data Controller ensures henceforth that the transfer of the data outside the EU shall take place in compliance with articles 44 and subsequent of the Regulation and the applicable legal measures stipulating, where necessary, agreements that ensure an adequate level of protection.
Data retention period
The data concerning you shall be retained in accordance with the following criteria:
- for a period of time no longer than that necessary to attain the purposes for which they are processed;
- for a period of time no longer than necessary to fulfil regulatory obligations.
Data subjects rights
We inform you that at any time in relation to your data, you can exercise the rights under Articles 15 to 22 of the GDPR.
(a) You have the right to obtain from the Company confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data and the following information:
- The purposes of the processing;
- The categories of personal data concerned;
- The recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations;
- The period for which the personal data will be stored;
- Where the personal data are not collected from the data subject, any available information as to their source;
- The existence of automated decision-making, and, at least in those cases, meaningful information about the logic;
- The appropriate safeguards pursuant to Article 46 of the GDPR relating to the transfer.
(b) Moreover you have the right of the:
- Access, update, rectification, integration or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing;
- Obtain the data portability;
- Withdraw consent to the processing of personal data, if applicable;
- To lodge a complaint with a supervisory authority.
In order to exercise your rights, please contact the data Controller with a written request, filling the form that you can download from our website http://www.alfasigma.com/en/privacy-policy , and send it at the following address privacy.HS@alfasigma.com.
The Data Controller will provide information on action taken on a request under Articles 15 to 22 to you without undue delay and in any event within one month of receipt of the request. That period may be extended by two further months where necessary, taking into account the complexity and number of the requests. The Data controller will inform you of any such extension within one month of receipt of the request, together with the reasons for the delay.
Changes to this privacy notice
This Privacy Notice may undergo changes. It is therefore recommended that you regularly check this Privacy Notice and refer to the most up-to-date version.