INFORMATION EX REG: 2016/979
Pursuant to art. 13 of Regulation (EU) 2016/679 ("the Regulation" or "GDPR"), we wish to inform users about the methods and purposes of the processing of personal data of those who interact with our website: www.farmalabor.it
The information is not to be considered valid for other websites that may be consulted through links on the owner's domain, which is not to be considered in any way responsible for the websites of third parties.
The owner of the processing of personal data collected through this site is FARMALABOR S.R.L., VAT no.: 05676410722, with registered office in Via Pozzillo II traversa a sx, 1 - 76012, in Canosa di Puglia (BT) - Italy, tel: +39 0883 1975 111, toll free number: 800 085 708, hereinafter "The Owner" or "Farmalabor".
Data Protection Officer (DPO)
Farmalabor has appointed a personal data protection officer: Francesca Pastore, who can be contacted at the following email address: firstname.lastname@example.org
Purposes of processing, legal basis, nature of conferment
For the purposes expressed in this information notice, non-particular personal data will normally be processed. The data will be processed in compliance with the conditions of lawfulness pursuant to art. 6 of the Regulation, in order to
allow navigation on this website and the technical management of connections to it
The computer systems responsible for the functioning of the websites acquire, during their normal operation and only for the duration of the connection, some personal data whose transmission is implicit in the use of internet communication protocols. This information is not collected in order to be associated with identified interested parties, but by its very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes, for example: IP addresses or the names of the computers used by users who connect to the websites, the URI (Uniform Resource Identifier) addresses of the resources requested, the characteristics of the browser used for navigation, the screen resolution of the device used to run the browser, and other parameters relating to the user's operating system and computer environment.
These data are used for the sole purpose of obtaining anonymous statistical information on the use of the sites and to check their correct functioning, and are deleted immediately after processing. The data could be used to ascertain responsibility in the event of any computer crimes committed to the detriment of the site.
Legal basis for processing: the legitimate interest of the Data Controller (Art. 6 paragraph 1 letter f of the GDPR).
The data requested for the purposes indicated are necessary to enable navigation on the site.
to follow up on requests for information or contact and other types of requests made by customers/users regarding the services offered by the Controller
The voluntary sending of e-mails to the e-mail addresses indicated on the above-mentioned website, the filling in of one of the contact forms on the site entails the subsequent acquisition of the User's Name and Surname, his/her e-mail address and any other data included in the communication.
Registration in the reserved area for customers will lead to the acquisition of further data, such as address, VAT number and telephone numbers.
These data are necessary in order to respond to requests,
Legal basis of the processing: performance of a contract to which the data subject is party or the execution of pre-contractual measures taken at the request of the same (Art. 6 paragraph 1 letter b of the GDPR) and legitimate interest of the Controller (Art. 6 paragraph 1 letter f of the GDPR).
The data requested for the purposes indicated are necessary to be able to follow up on the requests of the person concerned. Failure to provide the data will only result in the impossibility of sending and/or receiving and/or responding to the data subject's request.
Managing the selection process in case of candidacy and spontaneous sending of curriculum vitae
The user is also free to provide his/her personal and particular data (exclusively for the above purposes), through online forms and contact forms, in order to send his/her CV or submit specific applications.
Legal basis of the processing: the performance of pre-contractual or contractual obligations (art. 6 paragraph 1 lett. b GDPR) and consent for special data (art. 9 lett a GDPR).
The data requested for the purposes indicated are necessary in order to initiate the personnel selection procedure. Failure to provide the data will make it impossible to include the candidate in the selection process and consequently to assess his/her employment.
Personal data will not be processed using the automated decision-making processes referred to in Article 22 of the GDPR.
The information pursuant to art. 13 GDPR will be provided at the time of the "first useful contact", following the sending of the curriculum pursuant to Legislative Decree 101/2018
Within the limits of the purposes established by Article 6(1)(b) of the GDPR, the candidate's consent to the processing of personal data contained in the curriculum is not required.
Sending newsletters and carrying out direct marketing purposes, only after obtaining specific and distinct consent from the User, in accordance with Article 7 of the GDPR, for the following activities:
Sending newsletters and communications having commercial and promotional, informative and/or advertising content in relation to Farmalabor's products or services.
Legal basis of the processing: specific and express consent, by the data subject (User), to the processing of their personal data for the activities of sending newsletters and direct marketing activities of the owner (art. 6 paragraph 1 lett. a of the GDPR).
The provision of data for this purpose is optional and failure to consent has the sole effect of making it impossible to send and/or receive and/or follow up these activities.
If you want to authorize the activities referred to above and then do not want to receive further communications from Farmalabor or want to limit the ways in which to be contacted, you can stop these communications at any time by simply clicking on the appropriate link "unsubscribe" at the bottom of each communication or by contacting Farmalabor, writing to the addresses listed above.
Please note that you may receive further communications from Farmalabor even after you have submitted your unsubscribe request, as some mailings may have already been scheduled, and the computer systems may take some time to process your unsubscribe request.
Your data may also be processed in order to allow Farmalabor to carry out security checks for the purpose of prevention and protection from fraudulent activities, from counterfeiting and abusive behavior (also by third parties) in conflict with the rules in force, the contractual provisions applicable to the Site and its services, the rules of fairness and good faith. These processing activities are based on the legitimate interest of Farmalabor.
Personal data will not be processed using automated decision-making processes pursuant to Article 22 of the GDPR.
Methods of data processing
The treatment will be carried out with manual, computer and telematic tools in compliance with the rules in force and the principles of correctness, lawfulness, transparency, relevance, completeness and not excessive, accuracy and with logics of organization and processing strictly related to the purposes pursued and in any case in such a way as to ensure the security, integrity and confidentiality of data processed, in compliance with the organizational, physical and logical measures provided by the provisions in force.
Period of data retention
In compliance with the provisions of Article 5 paragraph 1 letter e) of EU Reg. 2016/679, the personal data collected will be stored in a form that allows the identification of the data subjects for a period of time not exceeding the achievement of the purposes for which the personal data are processed. The retention of data of a personal nature provided depends on the purpose of the processing:
for contact and information requests, they will be deleted within one month of the reply if they do not result in the performance of a contract.
personnel selection process, maximum 1 year.
newsletter subscription: until the data subject unsubscribes.
After these terms, the data will be cancelled or transformed into anonymous form, unless their further storage is necessary to fulfil contractual obligations that have arisen, legal obligations or to comply with orders issued by public authorities and/or supervisory bodies.
Nature of data provision
Users are free to provide their personal data. Failure to provide data may make it impossible to obtain what has been requested or to use the web services of the Data Controller.
Recipients of data or categories of recipients
For the pursuit of the purposes described, or in the event that this is indispensable or required by law or by authorities with the power to impose it, the Data Controller reserves the right to communicate the data to recipients belonging to the following categories
subjects that perform computer maintenance services or similar;
subjects that provide services for the management of the information system used by the Data Controller and of the telecommunications networks, including e-mail and website management;
Authorities and supervisory and control bodies and, in general, public or private entities with public functions (e.g.: Prefecture, Police Headquarters, Judicial Authorities, in any case only to the extent that the conditions established by the applicable legislation are met);
other companies in the group to which the Data Controller belongs, or in any case parent companies, subsidiaries or associated companies, pursuant to Article 2359 of the Italian Civil Code;
professional firms or companies within the scope of assistance and consultancy relationships;
the data may also be known, in relation to the performance of assigned tasks, by the Controller's staff, including interns, temporary workers, consultants and employees of companies outside the Controller, all of whom are specifically authorised to process the data.
Transfer of data abroad
The user's data will not be transferred to countries outside the EU.
User data will not be disseminated.
Use of Social Networks
From the website it is possible to connect to the company's pages on Social Networks, through the respective icons (Facebook).
As is well known, Social Networks independently manage the privacy of those who navigate, publish posts and communicate through them, being in this case the main data controllers.
We therefore invite the user to visit the following links for further information:
You tube: https://policies.google.com/privacy?hl=it
However, when the user is on the social pages managed by the Owner and communicates, in various ways, their personal data (e.g. through a private message or commenting on a post or leaving a review), or when social networks provide some statistics on the use of pages in a non-anonymous way (and therefore related to the activity on the page by the specific person), Farmalabor becomes the data controller.
The data processing is carried out exclusively for the ordinary management of the pages and for the verification of the contents entered by the users (e.g., if a comment is posted in which other users are insulted, the Owner may decide to remove it from the page as illegal) and to answer user questions (both public and private) about the characteristics of the goods or services provided.
In this case, the legal basis of the processing is the legitimate interest of the Owner in proposing to the user and illustrating its services and their characteristics, as well as the need to answer any possible questions from the user.
The processing of the user's personal data will take place by means of the tools made available by the Social Networks themselves.
In this phase of simple contact, the Owner will not transfer or communicate the user's personal data to other subjects.
The user is always free to decide when to remove a like, delete a comment, a review, etc., by simply returning to the page of the relevant Social Network and directly deleting it.
Private messages are kept for a maximum of 6 months after the last contact, after which they are deleted.
Users are always free to provide their personal data. Failure to provide data may make it impossible to obtain what has been requested or to use the Controller's services.
Rights of the interested party
Articles 15, 16, 17, 18, 20 and 21 of the GDPR grant the data subject specific rights that may be exercised vis-à-vis the Data Controller.
In particular, the user, under the conditions set out in the GDPR, may exercise the following rights:
right of access: right to obtain confirmation as to whether or not personal data concerning him/her are being processed and, if so, to obtain access to his/her personal data, including a copy thereof;
right of rectification: right to obtain rectification of inaccurate personal data concerning him/her and/or integration of incomplete personal data;
the right to erasure (right to be forgotten): the right to obtain the erasure of personal data concerning him/her, if they are no longer necessary for the purposes pursued by the Controller, in case of revocation of his/her consent (and since there is no other legal ground for processing) or his/her opposition to processing, in case of unlawful processing, or if there is a legal obligation to erase. The right to erasure does not apply to the extent that the processing is necessary for compliance with a legal obligation or for the performance of a task carried out in the public interest or for the establishment, exercise or defence of legal claims.
Right to restriction of processing: the right to obtain the restriction of processing when: a) the data subject contests the accuracy of the personal data; b) processing is unlawful and the data subject objects to the erasure of the personal data and requests instead that their use be restricted; c) the personal data are necessary for the establishment, exercise or defence of legal claims;
right to data portability: the right to receive, in a structured, commonly used and machine-readable format, the personal data concerning him/her provided to the Controller and the right to transmit them to another controller without hindrance, where the processing is based on consent and is carried out by automated means;
the right to object: the right to object, at any time, to the processing if the personal data are processed for purposes other than those for which the data subject has consented to the processing.
Pursuant to Article 77 of the Regulation, the data subject has the right to lodge a complaint with a supervisory authority, namely in the Member State where he/she usually resides, works or where the alleged breach occurred, which in Italy corresponds to the Italian Data Protection Authority, whose contact details can be found at www.garanteprivacy.it.
In addition, the GDPR gives the data subject the right to withdraw consent given at any time and with the same ease with which it was given.
The exercise of the data subject's rights is free of charge in accordance with Article 12 GDPR. However, in the case of requests that are manifestly unfounded or excessive, including due to their repetitiveness, the Data Controller may charge a reasonable expense contribution, in light of the administrative costs incurred in handling the request, or deny satisfaction of the request.
The data subject's rights may be exercised by using the attached form which must be sent in paper form to the Controller's address, or by email or fax to the addresses set out in this Policy.
This Policy was updated on 03/22/2022
Any updates will always be published on this page.
The Data Controller