WEBSITE PRIVACY POLICY

https://leadingmed.it/

Notice pursuant to Article 13 of EU Regulation 679/2016 (GDPR)

Leading Med Srl, as the Data Controller of the website https://leadingmed.it/and in the context of all its activities, provides you with the following information regarding the processing of personal data in relation to browsing and using this website. The Data Controller is committed to protecting the privacy and rights of the Data Subject in accordance with the principles of fairness, lawfulness, and transparency.

 

1. Data Controller

The Data Controller of the data covered by this privacy notice is Leading Med Srl, with its registered office at Via Tosco Romagnola, 85 – 56012 Calcinaia (PI), VAT no. 01911370490. The Data Controller has not appointed a Data Protection Officer (DPO) and can be contacted at info.leadingmedsrl@gmail.com.

 

2. Categories of Data, Purposes of Processing, and Legal Basis

The Data Controller, through the user’s use of the website, will process the following categories of data:

• Necessary browsing data: the computer systems and software procedures used to operate this website acquire, during their normal operation, certain personal data whose transmission is implicit in the use of Internet communication protocols. This information does not make it possible to identify the data subject, but by its very nature could allow users to be identified if processed and combined with data held by third parties. Such data, necessary for the use of web services, are processed for the following purposes:
  1. to obtain statistical information on the use of services (e.g., most visited pages, number of visitors by time slot or daily, etc.);
  2. to check the proper functioning of the services offered;
  3. to ascertain responsibility in the event of cybercrimes.

Personal data will be processed by the Data Controller pursuant to Article 6, paragraph 1, letter f) GDPR.

• User data: The Data Controller may process personal data relating to the user in connection with its business activities (e.g., name, surname, tax code, VAT number, contact details, banking and payment information) for the conclusion and management of the related relationships, always lawfully and fairly, and storing the data in compliance with the security obligations set out in EU Regulation 2016/679. The Data Controller may process:
  1. personal data provided through the completion of the dedicated sections on the website for information requests, in order to respond to the user’s inquiries;
  2. data necessary to carry out all administrative, accounting, and tax activities related to the purpose referred to in letter a), as well as to comply with national and foreign laws and regulations, or to comply with an order from the judicial authority or other authorities to which the Data Controller is subject;
  3. data required to exercise the rights of the Data Controller, in particular the right of defense in legal proceedings.

The above-mentioned personal data will be processed by the Data Controller in order to execute pre-contractual and contractual measures of which the data subject is a party, pursuant to Article 6, paragraph 1, letters b) and c) GDPR.

The provision of data for the purposes referred to in point 2 is optional; however, failure to provide such data and/or the explicit refusal of processing will result in the Data Controller being unable to provide the requested services.

• Newsletter: name and email address provided by completing the newsletter subscription form, for the purpose of sending communications relating to the promotion of products and services, as well as the distribution of informational, advertising, and promotional material. The Data Controller reserves the right to send newsletters or surveys directly to the data subject only if the latter has given specific consent to receive personal messages by subscribing to our newsletter. At any time, you may withdraw your consent to the processing or exercise one of the rights under Articles 15–22 GDPR by contacting the Data Controller directly at info.leadingmedsrl@gmail.com:;
• Personalized marketing: data relating to the data subject’s preferences for the purpose of carrying out analyses, through an automated process, aimed at improving the user’s purchasing experience on the website, adapting the Data Controller’s marketing activities and the content of personalized offers.

The above-mentioned data may be processed by the Data Controller only with the prior consent of the data subject, who may withdraw consent and stop the processing at any time. For further information, please refer to the relevant Cookie Policy.

The provision of data for the purposes referred to in points 3 and 4 is optional; however, failure to provide such data and/or the explicit refusal of processing will result in the Data Controller being unable to provide only the requested services.

• Cookies: With regard to the cookies used by https://leadingmed.it/please refer to the relevant Cookie Policy. Processing carried out through tools such as technical cookies does not involve the collection of personal data relating to individual users and therefore does not require the data subject’s consent or any other legal basis. Such cookies are necessary to enable the Data Controller to provide and improve the website.

With regard to non-technical cookies, the legal basis is the consent of the data subject. Any data not necessary for the purposes described above will not be processed by the Data Controller and will be promptly deleted.

• Aggregated data: anonymous and aggregated analysis of the use of the services provided, in order to identify user habits and preferences for statistical purposes and to improve the quality of the services offered. The Data Controller will process this data in pursuit of a legitimate interest pursuant to Article 6, paragraph 1, letter f) GDPR.

 

3. Methods of Processing

Personal data will be processed in accordance with the principles of fairness, lawfulness, and transparency, primarily in digital form. Processing will be carried out directly by the Data Controller or by individual professionals working on its behalf: recipients of your personal data may also include other authorized persons, such as the Controller’s collaborators, administrative staff, and personnel assigned to specific functions related to the management of the website. These individuals are constantly identified, properly trained, and duly appointed and authorized. Processing may be carried out with or without the use of electronic or automated tools, while ensuring the protection of data against intrusions, unauthorized access, alteration, and data loss through the adoption of appropriate security measures.

4. Data Retention Periods

Personal data will be retained for the time necessary to pursue the purposes for which they were processed, without prejudice to any longer retention period required to comply with legal obligations, depending on the nature of the data or the document. Personal data relating to the newsletter service will be retained until consent is withdrawn by the data subject.

Once the retention periods have expired, the Data Controller will adopt measures to delete or anonymize the data, unless their retention is required by law.

5. Categories of Data Recipients

Your data may be disclosed to:

1. Collaborators of the Data Controller, specifically appointed within the scope of their respective duties;
2. Debt collection companies and/or credit institutions;
3. IT consulting firms, marketing agencies, platforms providing online payment services, entities belonging to Leading Med Srl, and other parties providing services or assistance and consulting activities to the Data Controller in various capacities;
4. Judicial, administrative, or supervisory authorities.

The above-mentioned entities operate in full autonomy as separate Data Controllers or as Data Processors specifically appointed by the Data Controller, who keeps the relevant list available at its registered office.

Your personal data may also be disclosed or disseminated in cases provided for by law.

No processing activities involving minors’ data are envisaged.

6. Rights of the Data Subject

Pursuant to Articles 15–22 of the GDPR, the rights granted to you regarding the processing of your data through this website include the right to:

• access your personal data and obtain a copy thereof;
• obtain the rectification and integration of your data;
• obtain the erasure of your data, in cases provided for by law;
• obtain the restriction of the processing of your personal data under certain conditions;
• exercise the right to data portability, where applicable;
• object to the processing of personal data where reasons related to your particular situation exist;
• not be subject to automated decision-making;
• withdraw consent to processing at any time;
• odge a complaint with the Data Protection Authority by visiting https://www.garanteprivacy.it.

You may exercise the above rights by contacting the Data Controller at the following email address: info.leadingmedsrl@gmail.com