Privacy policy

This document regards the privacy policies on personal data processed by Ambimed Srl - Corso Italia 1, 20121 Milan (MI) VAT Reg. No. 11500980963, the Data Controller (hereinafter the Data Controller or Ambimed) who, through TECNASOFT srl (based in Rome, Italy), manages the website:

https://my.ambimed-group.com

The text describes, in accordance with the applicable legislation on personal data protection, including Reg (EU) 2016/679 (GDPR) and the Italian Privacy code (Legislative Decree 196/2003) as amended by Legislative Decree 101/18, the methods used for managing the processing of personal data of users and visitors to our site, as well as the processing of personal data carried out by the Data Controller who can be contacted using the following e-mail addresses: info@ambimed-group.com or dpo@ambimed-group.com.

The information shown here is not valid for other websites that may be consulted through our links, for which the Data Controller is in no way responsible.

The Data Controller applies the following data policy, as required by Article 12 of the GDPR, as a measure to provide the data subject with the information referred to in Articles 13 and 14 of the GDPR and the communications referred to in Articles 15 to 22 and 34 of the GDPR, relating to the processing of the data provided. This data policy is to be understood as general, provided to all those who interact with the site. It is accessible electronically and corresponds to the home page of the official site.

Information on Data processing. The Data Controller informs the data subject that the Personal Data provided by entering into contact with the Data Controller, including (i) data not falling within the particular categories of personal data as listed in art. 9 GDPR, and (ii) the particular type of data referred to in art. 9 of the GDPR, concerning the same (including the case of a data subject operating as an individual business, small business owner, professional) or its employees, agents, representatives or collaborators (the "Data"), will be treated in accordance with the provisions of the GDPR, the privacy code as amended by Legislative Decree 101/2018 and the relevant national legislation. The processing is carried out on the basis of the conditions of lawfulness established pursuant to article 6 of the GDPR, for the purposes inherent to the relationship established with the Data Controller; therefore, its legal basis, as required pursuant to article 13 lett. c) of the GDPR, is justified by the reasons for which the relationship with the Data Controller is established and, in this case, in relation to the data subject browsing on this Site and/or completing the relevant contact form. The legal basis relating to the particular data conveyed through the platform or sent via e-mail will be as provided for pursuant to art. 9 par. 1 letter a), the consent referred to in art. 6 paragraph 1 letter. a), as well as art. 9 par. 2 lett. b and h).

Therefore the data will be acquired and processed:

a) For navigation data. Following the visit to https://my.ambimed-group.com and the related pages visited starting from the home page address, the computer systems and software procedures used to operate this website acquire, in the course of their normal activity, some personal data whose transmission is implicit in the use of Internet communication protocols. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning; they are deleted immediately after processing. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the site.

b) Data sent through the form on the contact page, using the e-mails indicated on the website, or by making purchases through the platform.

The processing of the data provided to the Data Controller will include: the management, organisation, use, storage, creation of the database, processing throughout the EU and non-EU territory (countries falling within the cases pursuant to articles 45 and 46 of the GDPR), statistical analyses, the sending of our newsletter (from which you can unsubscribe at any time, after receiving the first issue and at any subsequent time), the communication to the partners with whom the initiatives will be developed - subjects who will be appointed external managers pursuant to art. 28 of the GDPR, in the event that personal data will be communicated to them, or joint data controllers for specific services (for which additional information will be provided).

Please note that although consent is also required for marketing relating to Ambimed's services, the processing carried out is always and only in favour of the user, without aggressive marketing purposes and with the possibility of not joining the proposed initiative, including at a later date. The processing will also include the cancellation and modification of the data processed following notification by the data subject, consultation, communication of our future initiatives, processing, soft spam by e-mail and light marketing, or monthly newsletter, the creation of statistics, the sending of promotional material as well as use to promote conferences and meetings.

Please remember that the processing of data connected to the web services offered by this site physically placed in Hosting at hosting companies (whose name will be communicated upon request) are carried out only by employees, collaborators, authorised third parties in the case of occasional maintenance operations or by our provider.

The data will be processed in paper and/or electronic form by persons specifically authorised to process them. The provision of data is optional. Some navigation data (on this point, see our cookies policy) are instead acquired automatically by the system and it is therefore understood that, by continuing to browse and not disabling cookies, consent will still be considered granted pursuant to art. 4 paragraph 11 of the GDPR. The Data Controller does not carry out any processing based on automated decision-making processes.

Data retention. The data will be kept for a maximum of 5 years and in any case for the time necessary to satisfy the purpose of the collection and in any case the legal requirements.

Rights of the data subject. The Data Controller also communicates that the following rights are guaranteed: right to rectification (pursuant to article 16 of the GDPR), the right to be forgotten (article 17 of the GDPR), the right to restrict processing (article 18 of the GDPR) as well as the right of access to the personal data provided and to all consequential information as listed under article 15 of the GDPR.

The data subject also has the right to:

  1. Ask the Data Controller for access to personal data and the correction or cancellation of the same or the restriction of processing concerning him/her or
  2. To object to their processing;
  3. To the portability of data pursuant to Article 20 of the GDPR (where technically possible);
  4. If the processing is based on Article 6, paragraph 1, letter a), or on article 9, paragraph 2, letter a) to withdraw the consent at any time without prejudice to the lawfulness of the processing that occurred before consent was withdrawn;
  5. Make a complaint to a supervisory authority;

To exercise the rights listed above or for more information, simply send an e-mail to the following e-mail address: dpo@ambimed-group.com

indicating in the subject: "exercise of rights pursuant to the GDPR" and inserting in the body of the email the right to be exercised, as well as name, surname and the email address where you want to receive the response from Ambimed. After processing the email, the Data Controller will send a reply within the terms indicated in Article 12 of the GDPR.

In specific situations, the Data Controller adopts specific data policies accompanied by the relative consents to be given in order to allow data processing. The Data Controller would like to inform you that if it intends to further process personal data for a purpose other than that for which they were collected, before such further processing, it will provide the data subject with information regarding this different purpose and any further relevant information, obtaining a specific consent for this case.

Please note that sending e-mail messages to the site, to the addresses indicated therein for the purposes specified each time, involves the acquisition and subsequent processing of the sender's address and other personal data entered in the message with the methods and for the purposes already indicated in the data policy mentioned above. Sending these emails will also imply acknowledgement and acceptance of this privacy policy.

Cookies A cookie is a small text file that is stored by a website on the hard drive of the user's device; cookies uniquely identify the browser of the navigator in this way. Cookies do not harm your computer and do not contain viruses. The cookies’ function is to streamline the analysis of web traffic or to signal when a specific site is visited and allow web applications to send information to individual users.

Only the user can decide to manually delete cookies from their device or to automatically delete them when the installed browser is closed.

For more information, we recommend that you visit our cookies policy.

Copyright All the contents of this site are protected by the provisions of the law on copyright and intellectual property. Reproduction, even partial, in any form is prohibited. The Owner does not grant any license on copyrights, patents or any other intellectual property right

Responsibility The Owner assumes no responsibility towards the visitors of the site with regard to the content of what is published (accuracy and completeness of the information provided) or to the use that third parties may make of it. The material and information on the site are subject, without notice, to changes or updates by the Owner.

Application of the law The Owner regularly updates this information and in general its compliance with the Privacy Regulations, adapting them with the new provisions issued. For any questions or concerns regarding this Privacy Policy, you can contact us at any time by writing to: dpo@ambimed-group.com

Complaints. We will respond to users who send formal written questions and/or complaints to this address dpo@ambimed-group.com to investigate the reported problem. We undertake to collaborate with the competent authorities to settle any complaints regarding the processing of personal data that are not resolved directly between the Data Controller and individuals.