- “DATA CONTROLLER"
- PLACE OF DATA PROCESSING
- TYPES OF DATA PROCESSED
- - Navigation data
- - Data provided voluntarily by the user
- - Cookies
- PURPOSE OF THE PROCESSING
- NATURE OF THE COMMUNICATION
- METHOD OF PROCESSING
- SCOPE OF PROCESSING
- REDIRECTING TOWARDS EXTERNAL SITES
- RIGHTS OF INTERESTED PARTIES
- CHANGES TO THE POLICY
WHY THIS NOTICE?
This page describes how the site is managed in relation to the processing of personal data of users who consult it.
This information is provided pursuant to Article 13 of the General Regulation on the Protection of Personal Data (EU Reg. 2016/679) of those who interact with the web services of the Centro Cardiologico Monzino (hereinafter also the “Company”), accessible electronically at the web address www.cardiologicomonzino.it (hereinafter the “Monzino website”) corresponding to the landing page of the official website of the Company.
Information on the processing of detailed personal data is provided, where necessary, on the pages relating to the individual services offered. This information is aimed at defining the limits and methods of processing the data of each service, on the basis of which, the visitor can freely express his consent and authorise the collection of data and its subsequent use.
The information is provided only for the aforementioned websites of the Company and not for other websites that may be consulted by the user via computer links.
1 DATA CONTROLLER
Following consultation of this site, data relating to identified or identifiable persons may be processed.
The controller of their processing is the Centro Cardiologico Monzino with registered office in Via Filodrammatici 10, 20121 Milan, and with operational offices, in Milan, in Via Carlo Parea 4 - 20138 e Via San Barnaba 30 - 20122.
2 PLACE OF DATA PROCESSING
The processing operations connected to the web services of this site take place at
- Episerver AB, a company incorporated under Swedish law (Company number 556208-3435) with registered office at Regeringsgatan 67, 103 86 Stockholm (Sweden), which acts as data processing supervisor on behalf of Monzino.
3 TYPES OF DATA PROCESSED
The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
This information is not collected to be associated with interested parties identified, but by their very nature could, through processing and association with data held by third parties, allow users to be identified.
This category of data includes the IP addresses or domain names of computers used by users connecting to the site, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numeric code indicating the status of the response given by the server (success, error, etc.) and other parameters relating to the operating system and the IT environment of the user.
This data is used only to obtain anonymous statistical information on the use of the site and to check its correct functioning, and is deleted immediately after processing. The data could be used to ascertain responsibility in the case of hypothetical computer crimes against the site.
Data provided voluntarily by the user
The optional, explicit and voluntary sending of electronic mail to the addresses indicated on this site as well as the compilation of the data collection forms present on the site, involves the subsequent acquisition of the sender's address and/or of the information provided and information necessary to respond to the requests; following correspondence, any other personal data included in the message will be acquired.
The specific summary information statement is progressively reported or displayed on the website pages set up for particular services upon request.
For information on cookies on the Monzino website, see the cooky policy
4 PURPOSE OF THE PROCESSING
The personal data requested through the Monzino website is collected and processed for the following purposes:
a) carrying out your requests and therefore manage the relationship you wish to establish with our Company or the existing one between you and the Company itself;
b) for administrative purposes, in any case, connected with the fulfilment of the relative contractual obligations, for the fulfilment of legal obligations such as, for example, those of an accounting, fiscal nature, or to execute requests from a judicial authority;
c) in the case of consent, checking the level of patient satisfaction and proposing (by post, e-mail, telephone, fax) services similar to those already provided through the periodic sending of newsletters, invitations to prevention campaigns, fundraising initiatives to support research conducted by the Monzino and/or IEO-Monzino Foundation, scientific information related to new therapies, clinical studies, etc. in general of commercial communications and advertising material.
5 NATURE OF THE COMMUNICATION
The provision of data with respect to the purposes referred to in letter a), and b) is optional, but refusal will result in the impossibility for the Company to proceed with the contractual commitments undertaken. Regarding instead the purposes referred to in letter c), the provision of personal data is optional and its use is conditional upon your issuing explicit consent (see consent form at the bottom of the specific summary information statements). Any refusal to grant consent does not have any other effect than not being able to analyze your consumer habits and not being able to duly inform you about Company initiatives that could be of interest to you.
6 METHOD OF PROCESSING
The personal data collected through the Monzino website is processed by automated tools for the time strictly necessary to achieve the purposes for which it was collected.
Specific security measures are observed to prevent the loss of data, illicit or incorrect use and unauthorised access.
7 SCOPE OF PROCESSING
The processing of your personal data is carried out by internal personnel of the Company appointed for this purpose as Managers or persons in charge of the processing; The Managers in charge of processing the data collected through the Monzino website are, for their respective competences, the temporary managers of the Company Departments. The data collected, if it is necessary or instrumental for the execution of the aforementioned purposes, may be processed by third parties, designated for that purpose Managers of external processing, or, as the case may be, communicated to them as autonomous data controllers, and more precisely:
(i) companies controlled by Monzino for the specified purposes;
(ii) persons, companies, associations or professional firms that provide assistance and consultancy services to our Company, for the purposes referred to in letters b), c);
(iii) companies, organisations, associations that perform services connected and instrumental to the execution of the aforementioned purposes (travel agency, booking service, market analysis and research service, credit card payment management, IT system maintenance) for the purposes referred to in letter a).
Personal data related to you will not be subject to disclosure
8 REDIRECTING TO EXTERNAL SITES
The Monzino website uses a so-called “social plug-in”. Social Plug-ins are special tools that allow you to incorporate the features of the Social Network directly in the website (e.g., the “like” function of Facebook).
All social plug-ins on the site are marked with the respective logo owned by the social network platform.
When you visit a page on our site and interact with the plug-in (e.g., by clicking the “Like” button) or decide to leave a comment, the corresponding information is transmitted from the browser directly to the social network platform (in this case Facebook) and memorised by it.
9 DATA SUBJECTS’ RIGHTS
To specifically exercise all their rights regarding access, rectification, cancellation, limitation, opposition, portability of personal data; to know the name of the companies or third parties that will process your personal data, to investigate the issue of data retention or to know your right to complain to a supervisory authority, you may contact directly the Personal Data Protection Manager, using the following contact details:
• Phone +39 02.57489285
• E-Mail email@example.com / firstname.lastname@example.org
• PEC email@example.com
10 CHANGES TO THE POLICY
The possible entry into force of new sector regulations, as well as the constant examination and updating of user services, may entail the need to change the methods of processing personal data of users. It is therefore possible that our policy may change over time, and so we invite visitors to consult this page periodically. For this purpose, the policy document highlights the date of updates.
Last update 27th July 2018