PTP Science Park – via A. Einstein – 26900 Lodi (ITALY)
+39 0371 4662 667
mailbox@bsdpharma.it

Sensitive Data Policy

Information pursuant to art. 13 of Regulation (EU) no. 2016/679 (“GDPR”) and Italian Legislative Decree no. 101/2018.

This document (hereinafter also only the “Information“) refers to the processing of personal data of all those who consult or connect, directly or through a link from another site (hereinafter also only the “User” or “Users“) to the website of BSDpharma s.r.l. (hereinafter also only the “Site“”) and informs them about the ways in which BSDpharma s.r.l. processes their personal data provided through the Site.

BSDpharma s.r.l. undertakes to respect the privacy and personal confidentiality of Users of the Site and guarantees compliance with the strictest security standards, in full compliance with applicable data protection regulations. BSDpharma has appointed the Data Protection Officer who can be contacted by writing an e-mail to the following address: mailbox@bsdpharma.it.

1. General information

This Policy may be modified at any time and without notice; therefore, the User is required to consult it periodically through the Site.

2. Type of Users

The site was created for professional users or companies only, however, public access is not prevented.

3. Nature and type of personal data we process

It should be noted that personal data will be collected and processed exclusively limited to the products or services provided by BSDpharma.

Requests, information and communications relating to products or if defects not relevant to BSDpharma will be rejected and discarded. A copy will be retained only for any judicial reasons.

Through the Website BSDpharma s.r.l. may process the following personal data:

a. Navigation data

In general, the Site is accessible to Users without the need to provide their personal data or register. However, when the User interacts with the features of the Site, following access and navigation on the Site, he may provide personal data, meaning all information that can be used to identify, directly or indirectly, a natural or legal person. Such personal data may include date of birth, name and surname, e-mail address, telephone number, access times, pages consulted, the browser used, the search engine and the words used to find the Site and other parameters relating to the operating system in use by the User.

The computer systems and software procedures for the operation of the Site may therefore acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.

Although such data is not collected to be associated with other information about Users, it, by its very nature, could allow Users to be identified.

With regard to such navigation data, BSDpharma s.r.l. informs that their processing takes place only for statistical purposes and anonymously, also in order to check the functioning of the Site and improve its functionality.

BSDpharma s.r.l. also undertakes to immediately delete, in compliance with applicable legislation, these data after processing, reserving the right to store and use them in order to check the correct functioning of the Site or to ascertain responsibility in case of hypothetical computer crimes against the Site or through the Site.

b. Data provided voluntarily by the User

The User is free to provide personal data to the addresses indicated on the Site or through the contact form on the Site itself (e.g., to request information or send reports or to report adverse events on BSDpharma products, to send applications, etc.). The optional, explicit and voluntary sending of information in this way entails the subsequent acquisition of the personal data provided.

It should be noted that specific privacy policies, which supplement this Information, will be progressively reported or displayed on the pages of the Site prepared for particular services on request.

c. Sensitive personal data

“Sensitive personal data” is considered information relating to the state of health, or belonging to the special categories of personal data provided for pursuant to art. 9 of the EU Regulation. If this happens, the processing is carried out for the obligations related to the reporting of adverse events, to fulfill the obligations deriving from law or regulations.

4. Necessary treatments and optional treatments

The contact form to be filled in on the Site provides both data that are strictly necessary to manage the User’s communications and requests, marked with an asterisk symbol [*], the failure to indicate which does not allow to follow up on the requests themselves, and optional conferment data that are not strictly necessary to follow up on Users’ requests. Failure to provide the latter will not entail any consequence.

5. Why we process personal data

In general, BSDpharma s.r.l. uses the User’s personal data on the basis of its legitimate interests in communication and marketing of its products and services, as well as to make the functionality of the Site available and accessible to Users.

Specifically, the User’s personal data may be processed for the following purposes: to allow the User to view the contents of the Site; to optimize the operation of the Site; to carry out visit statistics; to monitor the activity of the Site; to count the number of visitors to the different sections of the Site.

With the consent of the User (art. 6.1.(a) EU Regulation), personal data may be processed to provide the User with the specific information requested through the Site and to manage any requests or reports received through the Site.

In any case, personal data may be processed to fulfill obligations deriving from laws, regulations or community regulations (art. 6.1.(c) EU Regulation); to safeguard the vital interests of the User or other natural person (art. 6.1.(d) EU Regulation).

In the case of special categories of personal data (Article 9 of the EU Regulation, sensitive personal data), the processing will take place on the basis of the explicit consent of the User (art. 9.2.(a) EU Regulation). Furthermore, their processing may also take place if it is necessary to protect a vital interest of the User or of another natural person (art. 9.2.(c) EU Regulation), for reasons of public interest (art. 9.2.(g) EU Regulation) also in the field of public health (art. 9.2.(i) EU Regulation) and for the obligations related to adverse event reporting.

Finally, the User’s common and/or sensitive personal data may be processed by BSDpharma s.r.l. to protect its legal rights (arts. 6.1.(f) and 9.2. (f) EU Regulation).

BSDpharma s.r.l. may also use anonymous data that do not allow either directly or indirectly the identification of the interested party. These data are processed solely for statistical or demographic purposes, also in order to improve the quality of the products and services of BSDpharma s.r.l., to develop new features of the Site, as well as for further general research purposes. These data may be shared with third parties, always guaranteeing the privacy and confidentiality of the User’s personal data.

6. How we use and store personal data

The User’s personal data may be processed with automated and non-computerized, telematic and manual tools, in full compliance with the EU Regulation and the Privacy Code, applying the security measures appropriate to the risk, as defined within the corporate organization of BSDpharma s.r.l.

The processing may also be carried out by third parties formally authorized by BSDpharma s.r.l. (e.g., employees, Site maintenance service providers, etc.).

Personal data will be kept – depending on the type of data processed – exclusively for the time strictly necessary to achieve and fulfill the specific purposes for which they are processed, in accordance with the criteria of relevance and proportionality.

BSDpharma s.r.l. may still retain personal data for as long as necessary under a contract or applicable law.

7. Who can access personal data

In general, BSDpharma s.r.l. will not make any communication to third parties or dissemination or disclosure of the User’s personal data, without his prior consent.

In any case, BSDpharma s.r.l. may disclose and make accessible the personal data of Users to those who, within the company, need it due to their job or company role (administrative, IT technicians, quality assurance managers, etc.).

Furthermore, BSDpharma s.r.l. may disclose and make accessible the personal data of Users also to professionals, independent collaborators and suppliers of which BSDpharma s.r.l. uses for the provision of professional and technical services functional to the management of the Site.

The subjects who receive the User’s personal data will process them, depending on the case, as Appointees or Managers, only for the specific purposes identified and in full compliance with the applicable privacy legislation.

Except for the foregoing, the User’s personal data are not shared with third parties, natural or legal persons, who do not perform any commercial, professional and technical function for BSDpharma s.r.l., and will not be disclosed.

BSDpharma s.r.l. specifies that it will not share personal data provided by Users to third parties located outside the European Economic Area.

Personal data may be disclosed to third parties in the following cases:

  • sale, transfer or other type of transfer of the site to which the data are linked;
  • when required by law, government regulation, or court order or to respond to specific requests from a public authority;
  • when they are necessary for company audits, to investigate or respond to complaints or security hazards related to BSDpharma products.

8. How we protect data security and confidentiality

To ensure the security and confidentiality of personal data collected by BSDpharma s.r.l. through the Site and to comply with the confidentiality provisions of the applicable legislation in order to avoid data loss, illegitimate or illicit use of data or unauthorized access to the same, BSDpharma s.r.l. undertakes to use systems for protected data, among other things, from special firewalls and passwords, in accordance with the provisions of the Privacy Code and current legislation.

9. Rights of Users as Data Subjects

The legislation on the protection of personal data expressly provides for certain rights for the subjects to whom the data refer (so-called Data Subjects). In particular, pursuant to Articles. 15 et seq. of the EU Regulation, each interested party has the right, at any time:

consult BSDpharma s.r.l. regarding the processing of personal data; obtain confirmation of the existence or not of data concerning him;

obtain an indication of the origin and the purposes and methods of processing;

request the updating, modification, rectification, integration and / or cancellation of their personal data; request the restriction of the processing of your personal data or to object to such processing. Furthermore, each interested party has the right to lodge a complaint with the supervisory authority if their data protection rights are violated or if they have suffered the consequences of unlawful processing of their personal data. For any request relating to the processing of personal data by BSDpharma s.r.l., to exercise the rights recognized by the applicable legislation, as well as to know the updated list of subjects to whom the data are accessible, the User can contact BSDpharma s.r.l., by sending an e-mail message to the address mailbox@bsdpharma.it indicating the term “privacy” in the subject. BSDpharma s.r.l. will examine and evaluate the request and contact the User.

10. Jurisdiction

The Court of Milan (Italy) will have exclusive jurisdiction for any dispute related to this Information. BSDpharma s.r.l. reserves the right to obtain urgent remedies from any Court or Court, even abroad, to protect its interests and enforce its rights.

11. Links to other sites

This Site may contain links or links to access other websites. BSDpharma s.r.l. does not control cookies from other websites and assumes no responsibility in this regard.

12. Children policy

BSDpharma products and services are not addressed to persons under the age of 18. We will not knowingly collect, use or disclose Personal Data from minor under the age of 18 without obtaining prior consent from a parent or a guardian.

13. Updating this Policy

BSDpharma s.r.l. may modify or update this Policy. Any changes will be available to the User by consulting the appropriate page of the Site.

This Policy is updated on 27/01/2022