This page describes the procedures used to manage the reference website with regard to the processing of user personal data. This is an informative note provided as required by art. 13 of Italian Leg. Decree No. 196/2003 – Personal Data Protection Code to those who use the web services provided by MITI S.P.A. accessible using electronic methods from the original website at: http://www.dermaplus.it.
This Informative note is provided in relation to the Company’s own website only; it is not applicable to any third party websites the user may reach via links therein. The Informative Note is based on the Recommendation No. 2/2001 endorsed by the European authorities for the protection of personal data, combined with the Group established by rt. 9 of Directive No. 95/46/EC, adopted on May 17 2001 to identify some of the minimum requirements for collecting personal information on-line and, in particular, the methods, timing and nature of the information that the Data Controllers must provide to users when they visit their website pages, regardless of the reason for such connection.
THE DATA PROCESSING “CONTROLLER”
Upon consulting this website personal data may be processed relative to identified or identifiable persons. The "Data Controller" for all personal data is MITI S.p.A. with registered office in Milan, via Mameli n°6 AER No. VI-333449, F.C. and VAT No. 06411360966 Share Capital 1,500,000 Euro.
SCOPE AND PURPOSE OF DATA PROCESSINGI
The scope and purpose of the processing of personal data are as follows:
CATEGORIES OF PROCESSED DATA
Navigation data
During normal operation, data processing systems and software procedures used by this website acquire some personal data, the transmission of which is implicit when using Internet communication protocols.
This refers to information which is not collected to be associated with identified parties, but due to their nature could, permit the identification of the user if they are elaborated and associated with data held by third parties, under strict explicit request by judiciary Authorities.
This category of data includes IP addresses or computer dominium names used by the users to connect to the website, the URI Uniform Resource Identifier addresses of the requested resources, the time of request, the method used to make the request to the server, the size of the file received in reply, numerical code indicating the status of the reply given by the server (successful, error etc.) and other parameters of the operating system and the environment used by the User. This data are used by MITI S.p.A. for the sole purpose of collecting anonymous statistics on the use of the site and to check it functions correctly and they are cancelled immediately after processing. The data could be used to ascertain responsibility in the case of any hypothetical electronic crimes which damage the website: apart from this possibility, the web contact data does not remain stored for more than seven days.
Data provided spontaneously by the User
Optional, explicit or voluntary sending of personal data (e.g.: name, surname, date of birth, fiscal code, gender, address, telephone, email) implies the subsequent acquisition of the supplied personal data.
Specific summary information notes will be progressively displayed or listed on the website pages dedicated to special requested services.
Your personal data may also be communicated to:
1. persons, companies or professional firms who provide consultancy advisory or collaborative services to MITI S.p.A. in the accounting, administration, legal, tax and financial matters related to the provision of services;
2. subjects, bodies or authorities where the communication of your personal data is compulsory according to the laws or regulations in force;
3. subjects assigned and/or appointed by MITI S.p.A. to perform activities strictly related to the provision of services, management and technical maintenance (including maintenance of network equipment and electronic communication networks), as well as those in charge of the IT platform through which such services are provided;
The subjects belonging to the above categories operate as Data Controllers or persons in charge of data processing, or appointed to the same by MITI S.p.A.
As regards the dissemination of your personal data, the personal data required to activate the Services will not be disseminated. It is implicit that, should you decide to use the Services to knowingly disseminate particular information on the Internet (e.g.: publication of your photos and videos), this does not constitute dissemination by the Data Controller. The collection of your data for the activation of services (registration, technical maintenance of accounts etc.) is optional; however failure to grant your consent to the collection of such data will make it impossible for us to enable the requested services.
COOKIES
As regards the use of cookies or tracking/continuous user monitoring systems, we inform you that access to the site may involve sending – by the server to the user's PC terminal – text files to obtain information on your navigation within the website. Please note that the sending of non-persistent cookies is essential in order to enable certain parts of the service to be implemented, those which require the identification of the user’s navigation path through the various website pages. Regardless of the presence of cookies, the following information is recorded each time the website is accessed: type of browser (e.g. Internet Explorer, Netscape), operating system (e.g. Windows, Macintosh), the user’s host and source URL, further to information on the requested page. The data may also be used in an aggregate and anonymous form for website utilisation statistical purposes. To conclude, the use of session cookies (which are not permanently stored on the user’s computer and which are cancelled when the browser is closed) is strictly limited to the transmission of session identification data (consisting in random numbers generated by the server) which is required in order to ensure the website remains secure and efficient. It is always possible to quickly and easily block the use of cookies, using the configuration settings for the browser in use.
LOCATION AND PROCESSING METHODS
The Processing methods related to the web services provided by this website are performed at the Data Controller’s own headquarters. Personal data is processed using computer-based and/or hard copy systems for the time required to fulfil the purpose they were collected for.
Specific security measures are implemented to prevent the loss of data, illicit or incorrect use of the same or unauthorised access. Please be informed that communications via the internet, such as emails/webmails, could transit through different countries before being delivered to the recipients. MITI S.p.A. is under no circumstance liable for any unauthorised access nor loss of personal data due to situations beyond its control.
In any case, personal data will be collected, processed and retained in accordance with the Personal Data Protection Code requirements (the full text of which can be accessed on the Data Protection website www.garanteprivacy.it) and the confidentiality obligations adopted by MITI S.p.A.
PROCESSING OF SENSITIVE DATA
Sensitive data that reveals the racial and ethnical origin, religious, philosophical or other beliefs, political opinions, memberships with political parties, trade unions, religious, philosophical or trade union associations or organizations, health conditions and sexual orientation, can only be processed upon receiving written consent of the Data Subject. The scope and purpose of such processing, along with the method, communication and dissemination of this data are the same as indicated in the paragraph above.
RIGHTS OF THE INTERESTED PARTY
The subjects to whom the data refer is entitled at any time to request confirmation as to whether or not such data exits, and to be informed on the content and origin, check the accuracy or request integration, updating or rectification of the same (art. 7 of Italian Leg. Decree No. 196/2003).
Pursuant to this Article, the Data Subject is entitled to request the erasure, anonymisation or blocking of data which have been processed unlawfully, writing to MITI S.p.A. at its registered office in Via Mameli, 6 Milan, and oppose in any case, on legitimate grounds, the processing of the same.
AMENDMENTS TO THE PERSONAL DATA PROTECTION CODE
MITI S.p.A. may amend or simply update all or part of the www.dermaplus.it Personal Data Protection Code also when amendments are made to laws or regulations that govern protection of personal data and your rights. Amendments and updates to the www.dermaplus.it Personal Data Protection Code will be notified to users on the homepage of the www.dermaplus.it website as soon as the same are adopted and shall be binding once posted on the website in this section. We therefore recommend that users access this section regularly in order to check the most recent and updated version of the www.dermaplus.it Personal Data Protection Code.