- HCP Area
- Probiotic databases
Art. 13 and seq. General Data Protection Regulation no. 2016/679 (“GDPR”)
In light of these processing activities, in compliance with the applicable legislation that requires the protection, confidentiality and security obligations on your data, CLOROFILLA clarifies below the purposes and means defined in its capacity as Data Controller.
Data processing operations will be performed as Data Controller by CLOROFILLA S.r.l., with legal seat in Milan (Italy), via Podgora 12/A, VAT no. IT 05299040963, that can be contacted at the following addresses:
– by writing an e-mail to [email protected];
– by hard mail, at the address of the legal seat as provided above.
Categories of data processed
The categories of data processed through the Website are:
– information related to the User’s browsing activities, including the so-called online identifiers and data related to the device in use;
– personal identification data and contact data (i.e. name, surname, work e-mail address, work telephone number) in case of registration to User’s private account;
– company affiliation, job title,
– other categories of data, in case of further implementation of purposes on the Website.
Purposes, legal basis and data retention periods
Data retention period
User access to the pages of the Website and to its
Performance of pre-contractual and contractual activities
For the duration the user remains on the Website, and in any case for a maximum of 24 months after it.
Feedback to contact requests or information inquiries sent by the user
Exercise of legitimate interest, aimed at maintaining relations with Users of the Website
For a maximum of 10 years from the last interaction between the user and the Data Controller.
Registration, access and use of a User’s personal account, including subsequent interaction with features and tools offered by the Website and the eCommerce platform
Performance of pre-contractual and contractual activities, and (where applicable) fulfilment of a legal obligation
For a maximum of 10 years after the User has requested deletion of his/her personal account.
Analysis of the usage statistics and improvement of the functionality of the Website
User consent and, where applicable, exercise of the legitimate interest of the Data Controller, aimed at improving its services
Until the expiry of the online ID (cookie or other technology as stored), save for User’s requests of cancellation and/or anonymization activities.
User subscription to the newsletter and subsequent management of related communications
For a maximum of 24 months from the User’s registration, except for consent renewal or cancellation requests.
Access to white papers and other resources offered by the Data Controller jointly with Website’s sponsors
Performance of contractual activities (access to a resource by virtue of personal data sharing)
For a maximum of 10 years from the last interaction between the user and the Data Controller, save for cancellation request.
Other information on how we process personal data
If the User wish to receive further information about the balance between the legitimate interests pursued by the Data Controller and the fundamental rights and freedoms of the natural person, he/she can contact the Data Controller at the addresses indicated, and in particular at the e-mail address provided, having the right to receive adequate feedback as soon as possible and in any case within the time required by law.
Consequences of failure to provide data
The provision of personal data from time to time indicated as mandatory is necessary to pursue the related purposes: not providing such data makes it impossible to proceed with the related processing.
Automated decision-making processes
With the expression “automated decision-making processes” the legislation indicates (art. 22 GDPR) “any form of automated processing of personal data” that it uses to evaluate certain aspects of the person, and in particular “to analyze or predict (…) the professional performance, economic situation, health, personal preferences, interests, reliability, behavior, location or movements” of the user in their capacity as ” Data Subject”.
The Website does not process any personal data through automated decision-making processes as described above, except where expressly indicated and based on User’s express and informed consent.
Categories of subjects that process data on behalf of the Data Controller
Within the limits of the obligations, tasks or purposes indicated above, personal data may be made available and / or communicated to:
– employees and / or collaborators of the Data Controller;
– other third parties who provide management, maintenance or intervention services on the Site and / or on other tools used by the Data Controller;
– Judicial, administrative and / or public security authorities.
The complete list of Data Processors and other third parties to whom the data are made available and / or communicated can be requested from the Data Controller at any time, at the indicated references.
Transfer of data outside the European Economic Area
Personal data shall be transferred to countries outside the European Economic Area for technical purposes, in any case to subjects based in countries recognized as “adequate” by the European Commission or that have stipulated specific Standard Contractual Clauses based on the text approved by the European Commission. Where necessary, the Data Controller has performed an assessment over the impact of such processing activities and the risks related to transfers to non-adequate countries.
Rights of the Data Subject
The User, as a “Data Subject” according to the GDPR, can at any time exercise the rights attributed to him by the European Regulation n.2016/679.
In particular, the User has the right to:
– access his/her personal data;
– obtain the correction or cancellation of the same or the limitation of the processing that concerns him/her;
– oppose the processing;
– obtain his/her data portability, where provided by the law;
– withdraw consent, where provided: the withdrawal of consent does not affect the lawfulness of the processing based on the consent given before the revocation;
– lodge a complaint with the supervisory authority.
For Italy – as the Data Controller’s home state – the supervisory authority is the “Autorità Garante per la protezione dei dati personali” based in Rome (www.gpdp.it).
The exercise of the aforementioned rights can take place by sending a request to the Data Controller’s references and in particular to the e-mail address indicated above.
What are cookies and other tools used by the Website
Cookies are small text files that are transmitted from the Website to the devices of Users who visit it, and which are then retransmitted to the Website on subsequent visits; they may have different characteristics and be used for different purposes, both by the Website’s Data Controller and by third parties who provide technical services to the Data Controller or directly to the User.
This Website uses different types of cookies, in compliance with the “Guidelines for cookies and other tracking tools” as issued by the Italian Data Protection Authority with general provision no. 231 of 10 June 2021.
Some of the cookies used by this Website are “technical” – being installed automatically following the opening of the Website – and therefore do not require the user’s consent.
Technical cookies can be “session” cookies, if they are deleted from the device when the browser and / or the navigation tab is closed, or “persistent” cookies, if they remain in the device’s memory even after the Website is closed.
Details of the tools implemented by the Website
The specific and complete list of cookies used by the Website, both first and third party, can be requested to the Data Controller at the address mentioned above.
Herebelow the Data Controller provides a list of third-party tools implemented by the Website:
How to manage cookie settings
To revoke the consent to the installation and usage of cookies, the user can interact with the banner available on the Website’s homepage.
The user can also seek further information on the following websites:
The provision of all cookies can always be deactivated by the user by adjusting the browser settings. It should be noted, however, that intervening on these settings could render the Website unusable if the browser blocks cookies that are technically indispensable for the provision of our services.
In any case, each browser has different settings for deactivating cookies. The links to the instructions for the most common browsers are as follows:
Last updated on: 20 October 2022