Privacy policy (Pursuant to article 13 of the Regulation (EU) No 679/2016)

By the present policy, pursuant to the EU Regulation No 679/2016 (General Data Protection Regulation, GDPR), AG Pharma Ltd (below “AG Pharma” or “the Controller”), as data controller in the name of the present website, wants to provide to the interested part an adequate policy.

AG Pharma Ltd pays particular attention to data protection and wants the visitors of www.agpharma.eu/en to feel safe, both during web surfing and in case users decide to provide their personal data to benefit from specific services or functionalities.

  1. Identity and data about the controller

AG Pharma Ltd
Via Casale della Marcigliana, 29
00138 Rome
VAT number IT07965410637
Tel. +39 06 8856131
Email: privacyagpharma@agpharma.it

  1. Purposes of processing and legal basis

Your personal data will be treated:

Without your consent (art 6, letters b, c, f of the GDPR) for the following purposes:

  • To perform services or one or more operations agreed by contract, with particular reference to registration to the website www.agpharma.eu/en and the relative use of its services;
  • To fulfil tax obligations;
  • To contact you, through references you communicated, for processing your requests expressed into the form available on the present website;
  • To fulfil law and regulations obligations (national or European ones) or to execute an order of Judicial Authorities or of supervisory bodies;
  • To exercise or defend the right of the controller before the Court;

With your consent (art 7 of the GDPR) for the following purposes:

  • To promote products and services of AG Pharma through the shipping of advertising, information, promotional material, and updates about initiatives and offers, market research activities, economic and statistical analyses;
  • To communicate to third parties to make them send advertising, information, and promotional material concerning their products and services.

Providing data for the above-mentioned purposes (section i.) is compulsory. Data missing or the expressed refusal to data processing will entail the impossibility for AG Pharma to process your requests or competent authorities’ ones.

On the contrary, providing data for the above-mentioned purposes (section ii.) is discretionary. Consequently, you can decide to deny your consent or to revoke it at any moment.

  1. Modality of processing

The processing of your personal data will be implemented with or without the support of informatics systems.

AG Pharma ensures physical and logical protection of data and the privacy of processed personal data, adopting all necessary technical and organizational measures in order to guarantee their safety.

  1. Processed data categories

For the purposes of data processing described above, it is outlined that only personal data will be processed, such as name and surname, tax code, VAT number, residence, domicile, email address or PEC (certified electronic mail), telephone number, and fax. This includes all data necessary to the providing of services into the portal, as well as any other data provided when filling out the form.

  1. Categories of recipients of personal data and flow of data

Personal data provided by users can be accessible for:

  1. AG Pharma’s employees and partners, acting as authorised operators for processing;
  2. Third parties, acting as persons in charge of processing, working for AG Pharma;
  3. Judicial or supervisory Authorities, administrations, and public bodies (national or international ones) if necessary to fulfil legal obligations and to process their requests;
  4. Other societies of the Dicofarm group.

In case of expressed consent to the use of personal data for purposes indicated in the previous paragraph 2, section (ii.), data can be accessible to AG Pharma’s trading partners in order to send advertising, information, and promotional material concerning their products and services.

Your personal data will be stored on servers located in the European Union as propriety and/or availability of AG Pharma and/or third societies, duly named as responsible for data processing. In case personal data processing may require exporting them outside the European Economic Area, AG Pharma will undersign with the importer adequate standard contractual terms, in line with the models arranged by the European Commission.

In any case, your personal data will not be spread.

  1. Planned conservation period of personal data

Personal data, collected for purposes explicated in this policy, will be processed and stored for the entire duration of the initiated relationship and also successively, within the limits permitted by law, for administrative and accounting purposes, as well as to protect and defend the rights of AG Pharma, if necessary.

  1. Rights pursuant to GDPR

We inform you that, pursuant to articles from 15 to 23 of the GDPR, you can exercise specific rights by turning to AG Pharma, such as:

  1. To access your personal data, obtaining evidences of the purposes followed by AG Pharma, of the categories of involved data, of recipients to which data can be communicated, of the applicable period of conservation, and of the existence of automated decisional processes;
  2. To obtain the correction of incorrect personal data without delay;
  3. To obtain the cancellation of your data, if provided for;
  4. To revoke the consent/s;
  5. To obtain the limitation of data processing or to oppose it, when possible;
  6. To require data portability, that is to say to receive them in a structured and commonly used format, readable by automatic devices, and to transmit these data to another controller, without any obstacle from AG Pharma;
  7. To lodge a complaint with the Data Protection Authority.

For further information about the modality of personal data processing, as well as to exercise the above-mentioned rights, you can send an email to privacyagpharma@agpharma.it, specifying clearly the information or action required.

  1. Surfing data

IT systems and software procedures designated to the operation of the website www.agpharma.eu/en  acquire some personal data during their normal operation and then their transmission is implicit in the use of communication protocols of the Internet.

They are information not collected to be associated with interested identities but, by their nature, can lead to the identification of users through elaborations and associations to data of third parties.

This data category includes IP addresses or names of computers used by users connecting to the website, URI addresses (Uniform Resource Identifier) of requested resources, the time of the request, the method used when submitting the request to the server, the size of the file obtained in reply, the numerical code that identifies the status of the answer from the server (successful, errors, etc.), and other parameters concerning the operating system and IT environment of the user.

These data are used only to get anonymous statistical information about the use of the website, to verify correct operation, and they are deleted immediately after processing. Data could be used to verify responsibility in case of hypothetical cybercrimes against websites.

  1. Data provided by the user voluntarily

To access some services/functions or to transmit requests, users may send their personal data (e.g., their email address) to AG Pharma voluntarily. This data will be processed by AG Pharma only to allow the use of the services/functions involved and to manage the requests for the time technically necessary for these purposes. When this data is collected for other purposes, it will be specified by specific policies each time and, if necessary, a consent will be requested.

  1. Cookies

Cookies are used by websites to recognise users during a work session. As indicated in the regulation of the data protection authority, they are “little text files” – consisting of numbers and letters – “that visited websites send to the user’s terminal (generally to the browser), where they are stored to be transmitted to the same website at the next visit of the same user”.

Cookies are safe – they can only store information inserted by the browser relating to its access or when information is included in the request page. They cannot transform themselves into codes and they cannot be used to access the user’s computer. If a website encrypts information into cookies, only the website can read it.

For further information about the use of cookies, you can read the relative policy by clicking here: Cookie Policy.