INFORMATION ON PERSONAL DATA PROCESSING
for users visiting EVERmed Srl’s website
In accordance with Article 13 of EU Regulation 2016/679



WHY THIS INFORMATION
In accordance to (EU) Regulation 2016/679 (hereafter referred to as “Regulation”), this page describes the procedures for processing the personal data of users visiting EVERmed Srl’s website, to be accessed at the following links:
http://www.evermed.it
This information does not relate to other websites, pages or online services to be accessed by links possibly available on this website but referred to sources external to EVERmed’s domain.

DATA CONTROLLER
After visiting this website, data about identified or identifiable subjects can be processed. The data controller is EVERmed Srl, with headquarters in Via Galileo Galilei, 2 - MOTTEGGIANA (MN) – Italy.

PLACE OF DATA PROCESSING
Processing related to the web services of this website is carried out at the headquarters of EVERmed Srl and is handled only by technical personnel designated by EVERmed Srl. They will operate on the basis of specific instructions given by the headquarters of the company and related to the purposes and modalities of the processing at the domain and hosting server’s headquarters Aruba - Ponte San Pietro (BG), Via San Clemente n. 53.

LEGAL BASIS FOR DATA PROCESSING
The personal data indicated on this page or connected to it is processed by EVERmed while carrying out its activities with the aim of popularizing it among the internet users and for promotional purposes by means of explicit consent from subjects (in accordance with Directive 2002/58/EC).

TYPES OF PROCESSED DATA
Web surfing data
IT systems and software procedures relevant for the functioning of this website acquire, as part of their normal processing operations, some personal data that is subsequently implicitly transmitted as part of internet communication protocols.
In this category of data are the IP addresses or computer domain names of users who connect to the website, URI (Uniform Resource Identifier) addresses of the required resources, the time of the requests, the methods used to place the request on the server, the size of the file containing the answer, the numerical code indicating the state of the response given by the server (successful, failed) and other parameters relevant to the operating system and the general IT system of the user.
This data, which is necessary to gain access to web services, is also processed in order to:
gather anonymous statistical information on the use of the website (most visited pages, number of visitors per time slot or daily, users’ geographical areas, etc.);
check the correct functioning of the offered services.
This data does not persist for more than 7 days and is immediately deleted after its aggregation (except in case of detection of possible criminal offences by law enforcement authorities).

Data voluntarily submitted by users
The elective, explicit and voluntary transmission of messages to the addresses indicated on this website, as well as the filling in and forwarding of the forms available on the website, results in the capture of the senders’ contact data, which is needed to reply to requests, as well as of any personal data contained in the messages.
Specific summative information is progressively uploaded and viewed on the pages of the website relevant to particular services.

Cookies and other tracking systems
Cookies are not used to profile users, nor is any other tracking method used.
On the other hand, session cookies (non persistent) are limitedly used to guaranteed safe and efficient browsing on the websites. The storage of session cookies on devices or browsers is controlled by users, in case information about cookies remains stored at the end of HTTP sessions on the server’s service logs. Anyway, storage time is not over seven days, as for any other web surfing data.

Google Analytics
This website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to EVERmed Srl and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf. Google will not associate your IP address with any other data held by Google. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. By using this website, you consent to the processing of data about you by EVERmed Srl and Google in the manner and for the purposes set out above.

DATA PROCESSING SYSTEM
Personal data is processed via automated IT systems for the time that is strictly necessary in order to fulfil the purposes for which it was collected.
Specific safety measures are used to avoid the loss of data, illicit or incorrect use and unauthorised access to the same.

DATA SUBJECT RIGHTS
Where provided for, data subjects have the right to access, correct or delete their personal data, as well as to limit or oppose its processing (Regulation’s art. 15 and following). Data subject can ask Data Controller for the fulfilment of the abovementioned rights by sending their request:
- Per e-mail to the address evermed@evermed.it
- Per fax: +39 0376 550831
In accordance to EU Regulation 679/16, Data Controller will respond to the request within 30 days (in case of complications in the fulfilment of rights, the Controller can ask for 30 additional days).

RIGHT OF COMPLAINT
Data subjects reckoning that the processing of their personal data carried out by this website is in contravention to what is provided for by the Regulation have the right to lodge a complaint, as per art. 77 of the Regulation, or to submit a claim to the court (art. 79 of the Regulation). The motion is to be filed by contacting the supervisory Authority (Italian Data Protection Authority, Piazza di Monte Citorio n. 121, IT-00186, Rome (Italy), email: rdp@gpdp.it).

May 2018