PRIVACY POLICY

Dear Data Subject, BAXTER S.r.l. has great respect for the privacy of Users. Any data communicated by the User through the Website will be processed with the utmost care and with all the tools necessary to guarantee its security, in full compliance with current regulations established to protect data confidentiality. We wish to inform you that "European Regulation 2016/679 concerning the protection of individuals with regard to the processing of personal data, as well as the free circulation of such data" (hereinafter "GDPR") provides for the protection of individuals with regard to the processing of personal data as a fundamental right. According to article 13 of the GDPR, therefore, we inform you that:


A.    DATA CATEGORIES: the object of the processing may be your personal data like:
a. Data collected automatically. During their normal operation, the computer systems and applications used to operate this website acquire some data (whose transmission is implicit in the use of Internet communication protocols) that can potentially be associated with identifiable users. The data collected includes IP addresses or domain names of the computers used by users connecting to the website, the addresses in the Uniform Resource Identifier (URI) notation of the requested resources, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (success, error, etc.) and other parameters relating to the operating system, the browser and the user's computer environment, name of the internet service provider (ISP), date and time of the visit, the visitor's web page of origin (referral) and exit.
b. Data provided voluntarily by the user. The voluntary and explicit sending of an email to the addresses specified in the different access channels of this site does not entail a request for consent and involves the acquisition of the sender's address and data, which are necessary to respond to requests as well as any other personal data included in the message. This data is voluntarily provided by the user when requesting the provision of a service. The user expressly accepts the privacy policy by entering a comment or other information, and in particular agrees that the content entered may be freely disseminated to third parties. To the contrary, specific information in summary form will be included or displayed on the pages of the website designed for particular services available on request (forms). The user must therefore explicitly consent to the use of the data entered in these forms in order to send the request.
c. Cookies. The website uses cookies. The data collected through cookies can be used to access parts of the website or for statistical purposes or to make the browsing experience more enjoyable and more efficient in the future, seeking to assess user behaviour and adapting the content offered to their behaviour. For more information, a specific cookie policy is available.
d. Plug-ins. The site also incorporates plug-ins and/or buttons for social networks, in order to allow easy sharing of content on your favourite social networks. These plug-ins are programmed so as not to set any cookies when accessing the page, to safeguard the privacy of users. Cookies can only be set – if envisaged by social networks – only when the user voluntarily makes actual use of the plug-in. Please note that if the user browses the website while logged into the social network in question then he/she has already consented to the use of the cookies conveyed through this website at the time of registration with the social network. The collection and use of information obtained by means of the plug-in are governed by the privacy policies of the respective social networks, to which the user is referred.


B.    DATA CONTROLLER: The data controller is BAXTER S.r.l., VAT number 00913080966, Via Costone 8, 22040 Lurago d'Erba (CO), telephone +39 031.35999, email info@baxter.it


C.    SOURCE OF PERSONAL DATA: The personal data held by the Data Controller is collected directly from the data subject.


D.    DATA PROCESSING PURPOSES AND LEGAL BASIS: The purposes and legal basis for processing your data are as follows:
1.    For data collected automatically, the legal basis is the legitimate interest of the data controller, and the purpose is to ensure and improve the web browsing experience.
2.    For data provided voluntarily by the user, the legal basis is consent, and, for sending emails to our addresses, the purpose is to be able to send responses to specific requests made by the user. For the forms the purpose is specified in the specific notice.
3.    For cookies and plug-ins: see the specific cookies policy.


E.    DATA RECIPIENTS: Within the limits relevant to the processing purposes specified, your data may be disclosed to partners, consulting companies, private companies, third-party technical service providers, hosting providers, IT companies, advertising agencies.


F.      TRANSFER OF DATA TO A THIRD COUNTRY: No transfer of your data to a third country is envisaged.


G.    STORAGE PERIOD: On the basis of the storage limitation principle (art. 5, GDPR), the obsolescence of the data stored in relation to the purposes for which it was collected is carried out periodically. Specifically:
a)    The data collected automatically is processed for the time strictly necessary and for the sole purpose of obtaining statistical information regarding the use of the website and to make sure it is working, as well as for security purposes or on the basis of the expiries established by law.
b)    The data provided voluntarily by the user will be kept for a period of time not exceeding that which is necessary for the fulfilment of the purposes for which it is processed or on the basis of the expiries established by law.


H.    RIGHTS OF THE DATA SUBJECT: The data subject is always entitled to request access to his/her data, to correct or erase it, restrict its processing, or the possibility of objecting to its processing, requesting data portability, withdrawing consent to the processing of the data, asserting these and other rights provided by the GDPR, through a simple communication to the Data Controller. The data subject can also lodge a complaint with a supervisory authority.


I.    MANDATORY NATURE OF CONSENT OR OTHERWISE: The provision of your data is mandatory during the navigation of our website with regard to points D.1 and D.2 of the aforementioned purposes, to allow correct provision of the service. The provision of your data for point D.3 is optional and will not compromise the provision of the service in any way.


J.    METHOD OF DATA PROCESSING: The personal data you provide will be processed in compliance with the aforementioned regulations and the confidentiality obligations adopted by the Data Controller. The data will be processed both with computer tools and on paper and using any other type of suitable support in compliance with security measures pursuant to art. 5 para. 1, sub-section F of the GDPR.


K.    FINAL NOTES AND METHODS OF UPDATING: This policy is valid only for this website and not for other websites that may be viewed by the user through links contained on this website. The policy may change due to the introduction of new regulations, therefore the user is asked to periodically check this page to remain up to date with the latest legislative developments. The previous versions of this policy can always be requested from the Data Controller.