Dear User, in accordance with Article 12 and subsequent articles of the EU Regulation 2016/679 of the European Parliament and Council of the 27th April 2016 (General Data Protection Regulation, “Regulation” or “GDPR”), and in general in accordance with the principle of transparency foreseen in the same Regulation, we are to provide the following information on the processing of personal data (that is, any information concerning an identified or identifiable natural person: “interested party”) made in connection with the browsing on the website www.melittaklinik.com (“website”) and on the related interaction by the User (it is noted that this statement does not therefore concern other websites that may be visited by the user through links on the website).
1. DATA CONTROLLER AND DATA PROTECTION OFFICER
The Data Controller (i.e. the person who determines the purpose and means of processing of personal data, “Controller”) is Melittaklinik srl, based in Bolzano, I-39100, via Laura Conti 2a, Tel. +39 0471 471471, E-Mail: info_at_melittaklinik.com For contacts specifically relating to the protection of personal data, we indicate in particular the e-mail address info_at_melittaklinik.com to which you may address any requests.
The Data Controller has appointed the Data Protection Officer (“DPO”), pursuant to Article 37 of the Regulation. The DPO can be contacted through the following dedicated channel: privacy_at_melittaklinik.com
2. BROWSING DATA OF THE USER
The IT systems and computer programs used for the operation of the website collect some personal data whose transmission is implied in the use of Internet communication protocols (e.g. the IP addresses or the domain names of computers used by users who connect to the website, the URI -Uniform resource Identifier- addresses of the requested resources, the time of the request, the method used to submit the request to the server, the dimension of the file obtained, the numerical code indicating the status of the response sent by the server (successful, error, etc.), and other parameters related to the operating system and the user's computing environment). Although the information is not collected in order to associate it to specific users, by their nature and through processing and association with further data held by third parties, such data may permit to identify users.
Such data shall only be used anonymously for statistical purposes, without associating them to any identifier of the users, to ensure the correct operation of the website and are deleted immediately after processing. Such data may also be used for the purposes of investigating liabilities in the event of information crimes committed against the website.
The legal basis of the processing is therefore the legitimate interest in the operation and security of the website.
3. COOKIES POLICY
Type of Cookies used by the website
As indicated by the information in the banner on the home page, the website only uses technical Cookies that do not collect personal data and therefore do not require the surfer’s prior consent. These Cookies are necessary for the operation of the website and allow access to the relevant navigation functions, mainly Session Cookies. The Cookies allow the Data Controller to collect anonymous navigation data to produce aggregate statistics and to understand and optimise the functionality of the website. In addition, the website uses Functional Cookies that allow us to save preferences and settings and thus improve the browsing experience on our website. In order to ensure the proper functioning of these Cookies and to ensure that preferences are recorded, these Cookies will not be deleted after browsing. Nevertheless, these Cookies will have a period of validity (not exceeding 2 years) after which they will be automatically deactivated. These Cookies and the information they carry will not be used for purposes other than those described above. The installation of technical Cookies does not require the prior consent of the surfer, as they are automatically set on the device. It is possible to disable these Cookies at any time by changing the settings on the browser. However, this may result in the website not being displayed and therefore not being navigated correctly.
The functions performed by the Cookies used on this website are described in the Cookie Settings.
It is possible to disable Cookies by using the settings area of your browser. However, please note that by disabling one or more Cookies, certain functionalities of this website may be impaired (please note that Technical Cookies are necessary for the proper functioning of the basic functionality of the website). The browser configuration related to this choice can be monitored and changed in the browser settings panel. By selecting the browser from those below, you can access information on how to change the relevant Cookie settings.
Mozilla Firefox https://support.mozilla.org/it/kb/Gestione%20dei%20Cookie
Google Chrome https://support.google.com/chrome/answer/95647?hl=it
Internet Explorer http://windows.microsoft.com/it-it/windows-vista/block-or-allow-Cookies
Safari 6/7 Mavericks https://support.apple.com/kb/PH17191?viewlocale=it_IT&locale=it_IT
Safari 8 Yosemite https://support.apple.com/kb/PH19214?viewlocale=it_IT&locale=it_IT
Safari su iPhone, iPad, o iPod touch https://support.apple.com/it-it/HT201265
4. COMMUNICATIONS WITH THE CONTROLLER
No provision of personal data by the user is required in order to consult the site. However, any contact with the Data Controller, or the optional, explicit and spontaneous sending of messages, by electronic or traditional mail, to the addresses of the Data Controller indicated on the site entails the subsequent acquisition of the address, including e-mail, of the sender, necessary to respond to requests, as well as any other personal data included in the relative communications. Such data will be used for the sole purpose of responding to the user's request and may be communicated to third parties only if necessary for that purpose.
The processing of personal data will be done by personnel trained and authorized by the Controller with procedures, technical and information tools suitable to protect the confidentiality and security of the data.
Such personal data are stored for the time strictly necessary to provide the Data Subject with answers to his/her requests, without prejudice to further storage obligations provided for by law.
Personal data will not be disseminated.
5. PROCESSING MODALITIES AND COMMUNICATION OF THE DATA TO THIRD PARTIES
The data are not subject to dissemination and may be communicated to collaborators, suppliers of the Controller, in the context of their duties and/or contractual obligations relating to the execution of the contractual relationship with the interested parties; among the suppliers of the Controller there are, for example, banking and credit institutions, insurance companies, legal advisors; software providers and related assistance, subjects carrying out shipments and delivery; financial administration and other entities for which mandatory communications are foreseen. Processing will be carried out:
- Through the use of manual and automated systems;
- by entities or categories of authorized people in order to fulfil their duties,
- with the use of appropriate measures to ensure the confidentiality of data and to avoid access to them by unauthorised third parties.
Without prejudice to what indicated in the specific sections above, in the context of your activity and for the above-mentioned purposes, the Controller may make use of services rendered by third parties operating either as independent Controllers or on behalf of and in accordance with the instructions of the Controller, as Data Processors pursuant to Article 28 of the Regulation. These are subjects that provide the Controller with processing or instrumental services.
The person concerned may request a complete and updated list of the appointed Data Processors by contacting one of the contacts of the Controller.
All the subjects to which the faculty of access to such data is recognized by virtue of normative measures can have access to such data.
6. TRANSFER OF DATA ABROAD
It is not intended to transfer personal data to non-EU countries or to International Organisations. If, for specific technical reasons, the Controller transfers the data to third countries in order to ensure an adequate level of data protection, this is done in accordance with the following conditions: transfer on the basis of an adequacy decision, transfer subject to adequate safeguards, binding corporate rules or application of exemptions provided for specific situations.
7. CAREER AREA
The career area of the website allows those interested to apply for possible job positions. Personal data is processed as part of the application management process aimed at identifying people to be included in the company's workforce and assessing whether they are in line with company requirements, in order to then proceed with any contact for selection interviews.
The following categories of data may be processed for the needs of the application management process through the Form on the dedicated website: name, surname, residential address, e-mail, telephone, Curriculum Vitae, free information left by the candidate.
The provision of the requested data is optional, but failure to provide such data will make it impossible for the interested party to participate in the personnel selection process implemented by the Data Controller. The processing of the data has its legal basis in the fact that it is necessary in order to carry out pre-contractual measures within the scope of the selection process in which the interested party participates by spontaneously sending his/her information.
8. RIGHTS OF THE INTERESTED PARTIES
The GDPR gives the person concerned the exercise of the following rights with reference to the personal data concerning him/her (the summary description is indicative, the complete statement of the rights can be found in the Regulation, in particular in Artt. 15-22):
- Access to personal data (the concerned person will therefore have the right to have free information about the personal data held by the Controller and about the related processing, and to obtain a copy in an accessible format);
- Rectification of data (we will provide, on recommendation of the concerned person, the correction or integration of your data – which are not an expression of evaluative elements – incorrect or inaccurate, even if they have become so, because they have not been updated);
- Erasure (right to be forgotten) (for example, data are no longer needed with regard to the purposes for which they were collected or processed; they have been illegally processed; they must be deleted in order to fulfil a legal obligation; the concerned person has withdrawn the consent and there is no other legal basis for processing the data; the person objects to processing, if there are the conditions);
- Right to restrict processing (in certain cases – objecting the accuracy of the data, during the time required for verification; objecting the lawfulness of processing with opposition to the erasure; need of use for the rights of defence of the concerned person, while they are no longer useful for processing; if there is objection to processing, while the necessary verifications are carried out – the data will be stored in such a way in order to be able to be restored, but, in the meantime, they are not available to the Controller except in relation to the validity of the restriction request of the concerned person, or with the consent of the person or for the assessment, exercise or defence of a right in court or to protect the rights of another natural or legal persons or for reasons of relevant public interest of the Union or of a member State);
- Right to object to processing carried out on the base of legitimate interest, in full or in part for legitimate reasons, (in certain circumstances the concerned person may however object to processing of his/her data, in particular, if the personal data is processed for direct marketing purposes, he/she have the right to object to processing at any time, including profiling to the extent that it is connected to such direct marketing);
- Data portability (if processing is based on consent or on a contract and is carried out by automated means, on request, the concerned person will receive his/her personal data in a structured format, in common use and readable by an automatic device, and he/she may transmit them to another Controller, unimpeded by the Controller which has provided them and, if technically feasible, the concerned person can obtain that such transmission is made directly by the latter);
- Withdrawal of consent (if the processing takes place by virtue of the consent expressed by the person concerned, he/she may withdraw the consent at any time without prejudice to the lawfulness of the processing provided before the withdrawal);
- Complaint to the supervisory authority (Garante per la protezione dei dati personali – Garante Privacy). The Garante per la protezione dei dati personali can be contacted via the contacts indicated in the website of the Authortity “www.garanteprivacy.it”).
EXCERCISE OF RIGHTS
The Data Subject may exercise the rights by making a request to the Controller at the following addresses:
- by mail: Melittaklinik srl, via Laura Conti 2a, I-39100, Bolzano
- by e-mail: privacy_at_melittaklinik.com
The Controller may modify or update the content in whole or in part, also considering any changes in the rules on the protection of personal data. We therefore invite the persons concerned to consult this page regularly so that they are aware of the processing processes.