Privacy

OXXOT GDPR Privacy Statement


Effective Date: May 25, 2018

The new General Data Protection Regulation (GDPR) came into effect on May 25th 2018. It builds on existing EU data privacy rules, strengthening in many key areas and non-compliance potentially results in severe financial penalties.

OXXOT S.r.l. is highly committed to maintaining high standards of information security, privacy and transparency, whether as a data controller or data processor.

We take our responsibilities in relation to the protection and security of our data and that of our employees, customers, vendors and partners incredibly seriously and the changes being introduced to ensure GDPR compliance are part of a continuous, ongoing process that has always been central to what we do.

Going forwards, OXXOT S.r.l. will comply with applicable GDPR regulations when they take effect on 25th May 2018, while also working closely with our clients and vendors to meet contractual obligations for our products and services.

Application of this Privacy Statement?

This Privacy Statement applies to your access to OXXOT S.r.l. website and digital services that link to or post this Privacy Statement. This Privacy Statement is intended to let you know what Personal Data OXXOT S.r.l., including our affiliated entities may collect about you, how we collect your Personal Data, for what purposes we use your Personal Data, to whom we may disclose your Personal Data, and what rights you may have to limit our use of your Personal Data. In this Privacy Statement, we will collectively refer to the websites and digital services that may link to or post this Privacy Statement as “services.”

What Personal Data may we collect about you?

Through our services linking to this Privacy Statement, we will collect and process Personal Data that does not directly identify you by name (such as IP Address) or include your contact information, but which may be used to identify that a specific computer or device has accessed our services and which if combined with certain other information could be used to identify you. We receive this Personal Data through your interactions with us in connection with our products and servicess.

The Personal Data we process about you through our services s linking to this Privacy Statement may

include the following categories of Personal Data:

  • Demographic data;
  • Online identifiers;
  • IP address;
  • Data from our cookies;
  • 3rd party cookies; and/or
  • Social media use and utilization

Where we collect directly identifiable Personal Data about you, the following privacy notices will provide you with additional information around what we may collect, how we will collect it, for what purposes we may collect it, to whom we may disclose it, and what rights you may have to limit our use of it.

Please view on the privacy notices that are applicable to your interactions with us:

OXXOT S.r.l. - GDPR Patient Privacy Notice (inserire il link)provides specific information topatients and usersof our products and services.

OXXOT S.r.l. - Health Care Professional Privacy Notice provides specific information to healthcare professionals who use our products and services.

How will we use your Personal Data?

Processing of your Personal Data includes where we may record, organize, structure, store, adapt or

alter, retrieve, consult, use, disclose by transmission, dissemination, or otherwise make available, align or combine, restrict, erase, or destroy your Personal Data. We may process your Personal Data for the following purposes:

Compliance and network security purposes;

Authorizing, granting, administering, monitoring, and terminating access to or use of OXXOT S.r.l. systems, facilities, records, property and infrastructure; Tracking your interactions with us; Auditing our programs and services for compliance purposes; Where we have Legal obligations to process the personal data; Statistical analysis, including analytics performed by our vendors; Website administration; and/or

Marketing Activities, including Third Party Cookie Tracking and Creating an Interest based Profile related to your interactions with us or others

For any additional purposes where we are required to notify you and get your consent, including those purposes required by local law, we will obtain your consent before we process your Personal Data for those purposes.

What is our legal basis for processing your Personal Data?

The applicable legal basis for which we process your Personal Data for the specific purposes listed above, include the following:

Based on your consent: In some cases, we may ask you for your consent to collect and process your Personal Data. If you choose to provide us with your consent, you may later withdraw your consent (or opt-out) by contacting us as described in the “how do you contact us” section below. Please note that if you withdraw your consent it will not affect any processing of your Personal Data that has already occurred. Where we process your Personal Data based on consent, we will provide more detailed information to you at the time when we obtain your consent

Compliance with applicable laws or performance of a contract: In specific circumstances, we may need to process your Personal Data to comply with a relevant law/regulation or to fulfil our obligations under a contract to which you are subject. Where we process your Personal Data to meet our legal obligations, you will likely not be permitted to object to this processing activity, but you will usually have the right to access or review this information unless it would impede our legal obligations. Where we are processing to fulfill our contract obligations under a contract where you are a party, you might not be able to object to this processing, or if you do choose to opt-out or object to our processing, it may impact our ability to perform a contractual obligation that you are owed.

Our legitimate interest: We may process your Personal Data based on our legitimate interests in communicating with you and managing our interactions with you regarding our products and services, scientific research, and education opportunities. In addition to the other rights you may have described below, you have the right to object to such processing of your Personal Data. You can register your objection by contacting us as described in the “how do you contact us” section below.

Cookies and Similar Technologies that collect Personal Data

Our services may use a technology known as web beacons that allows the collection of web log information. A web beacon is a tiny graphic on a web page or in an e-mail message designed to track pages viewed or messages opened. Web log information is gathered when you visit our services by the computer that hosts our services (called a “webserver”).

On certain web pages or in emails we send to you, we may utilize a technology called a “web beacon” (also known as an “action tag” or “clear GIF technology”). We may use web beacons to help determine which email messages sent by us were opened and whether a message was acted upon. Web beacons also help analyse the effectiveness of services by measuring the number of visitors to a site or how many visitors clicked on key elements of a site.

Cookies

Our services may use a technology called a “cookie”. A cookie is a small data file that a website can place on your computer’s hard drive, where your internet browser files are kept. A cookie saves you the trouble of re-entering certain information in some registration areas because cookies can be used to enable a site to “remember” information a visitor has previously inputted. A cookie also helps deliver content used-specific information to you and track how sections of the website are used. Cookies can be placed on your computer both by us and by third parties with whom we have a contractual relationship, such as web analytic services and advertising network services. With most Internet browsers or other software, you can change your browser settings to erase cookies from your computer hard drive, block all cookies, or receive a warning before a cookie is stored. Please check your browser instructions to learn more about these functions. If you reject cookies, functionality of the site may be limited, and you may not be able to take advantage of many of the site’s features.

Google Analytics

Google Analytics may be used to help make our website work better and to help us understand what parts of the website are being utilized. Google Analytics uses technical tools such as, first party cookies and JavaScript code, to collect information about visitors. Google Analytics service tracks visitors to the site who have JavaScript enabled. Google Analytics anonymously tracks how visitors interact with a website, including where they came from and what they did on a site. Google Analytics collects the information set forth above from users. This information is used to administer and update the website, and we will also assess whether the visitors to the site match the expected site demographics and determine how key audiences are navigating the content.

Social Media Plugins

Our websites may use Social Media Plugins to enable you to easily share information with others. When you visit our websites, the operator of the social media plugin that is on our website can place a cookie on your computer that lets that operator recognize individuals on their website who have previously visited our sites. If you have previously logged into the social media website while browsing on our website, social media plugins may allow that social media website to receive directly identifiable information about you that shows you have visited our website. The social media plugin may collect this information for visitors who have logged into social networks, whether or not they specifically interact with the plugin on our website. Social media plugins also allow the social media website to share information about your activities on our website with other users of their social media website. OXXOT S.r.l. does not control any of the content from social media plugins. For more information about social plugins from social media websites you should refer to those sites’ privacy and data sharing statements.

Children’s Personal Data

This site is not intended for or designed for individuals under the age of 18. We do not knowingly collect Personal Data from any person under the age of 18.

How do we protect your Personal Data?

We use industry-standard administrative, technical, and physical safeguards to protect your Personal Data against loss, theft, misuse, unauthorized access, modification, disclosure, and destruction. We restrict access to your Personal Data to only those employees and third parties acting on our behalf who have a legitimate business need for such access. We will only transfer your Personal Data to third parties acting on our behalf where we have received written assurances that your Personal Data will be protected in a manner consistent with this Privacy Notice and our privacy policies and procedures.

To whom and when will we disclose or share your Personal Data?

We will share or disclose your Personal Data with the following entities:

  • Our affiliates.
  • Third parties with whom we contract to carry out services on our behalf to perform activities or functions related to the processing purposes regarding your Personal Data that are described above. If we do, we will require that these third parties acting on our behalf protect the confidentiality and security of your Personal Data that we share with them. Unless otherwise specifically stated in this Privacy Statement, these third parties must contractually agree that they will not use or disclose your Personal Data for any other purposes than necessary to provide us services, perform services on our behalf, or to comply with applicable laws or regulations.
  • Government agencies, auditors, and authorities. We may disclose your Personal Data to government agencies, authorities, and auditors in response to authorized information requests or as otherwise required by laws, regulations, or industry codes.
  • Potential or actual third party purchasers. If we decide to reorganize or divest our business through a sale, merger, or acquisition, we may share your Personal Data with actual or prospective purchasers. We will require that any such purchasers treat your Personal Data consistently with this Privacy Notice.

How do we transfer your Personal Data internationally?

We may transmit your Personal Data to our other affiliates. Additionally, these affiliates may further transmit your Personal Data to our other affiliates. Some of our affiliates and their database locations may be in countries that do not ensure an adequate level of data protection similar to the laws in the country in which you reside. Regardless, all our affiliates are required to treat your Personal Data in accordance with this Privacy Notice and our privacy and data protection policies and procedures.

How long do we retain your Personal Data?

Your Personal Data will be maintained for the duration of your relationship with us. We will store and retain the Personal Data we collect about you in accordance with our Company Record Retention Policy, after which it will be archived or deleted. Please note that certain information could be retained for longer periods of time if we have continuing obligations to you or if required for compliance or legal reasons.

Links to Third Party Websites

As a convenience to our visitors, our website may contain links to other sites owned and operated by third parties that we believe may offer useful information. The policies and procedures we describe here do not apply to those sites. We are not responsible for the collection or use of Personal Data by or on any third party sites. Therefore, we disclaim any liability for any third party’s use of Personal Data obtained through using the third party web site. We suggest contacting those sites directly for information on their privacy, security, data collection, and distribution policies.

What are your rights?

You have the right to see and get a copy of your Personal Data, including an electronic copy, that we have as well as to ask us to make any corrections to inaccurate or incomplete Personal Data we have about you. You can also request that we erase your Personal Data when it is no longer needed for the purposes for which you provided it, restrict how we process your Personal Data to certain limited purposes where erasure is not possible, or object to our processing of your Personal Data. In certain circumstances you may be able to request that we send a copy of your Personal Data to a third party of your choosing.

To exercise any of these rights, please contact us as set forth in the “how do you contact us” section below. You also have the right to lodge a complaint with the supervisory authority (see details under “remedies” below) where you believe that your rights have been violated.

What if we revise this Privacy Notice?

From time to time we may make changes to this Privacy Notice to reflect changes in our legal obligations or the ways in which we process your Personal Data. We will communicate to you any material edits to this Privacy Notice and it will become effective when it is communicated.

How do you contact us if you have any questions or concerns?

Please contact OXXOT S.r.l. team using the below information to:

  • Ask questions;
  • File a concern or complaint;
  • Opt-out of a program or service; and/or
  • To exercise any of your rights listed above, including access, correction, portability, objection, restriction, and erasure.

OXXOT S.r.l.
Viale Andrea Doria, 7

20124 Milano

Italy

Email Address: info@oxxot.com

What remedies do you have available?

For more information about your privacy and data protection rights and wish to make a complaint, please contact us at:

OXXOT S.r.l.
Mailing Address:
Viale Andrea Doria, 7

20124 Milano

Italy
Phone Number:
+02.87165454

Email Address: info@oxxot.com

 

Patient Privacy Notice

OXXOT S.r.l. – GDPR Patient Privacy Notice

Effective Date: May 25, 2018

The new General Data Protection Regulation (GDPR) cames into effect on May 25th 2018. It builds on existing EU data privacy rules, strengthening in many key areas and non-compliance potentially results in severe financial penalties.

OXXOT S.r.l. is highly committed to maintaining high standards of information security, privacy and transparency, whether as a data controller or data processor.

We take our responsibilities in relation to the protection and security of our data and that of our employees, customers, vendors and partners incredibly seriously and the changes being introduced to ensure GDPR compliance are part of a continuous, ongoing process that has always been central to what we do.

Going forwards, OXXOT S.r.l. will comply with applicable GDPR regulations when they take effect on 25th May 2018, while also working closely with our clients and vendors to meet contractual obligations for our products and services.

Application of this Privacy Notice?

This EU General Data Protection Regulation (GDPR) Privacy Notice explains how OXXOT S.r.l. handles your Personal Data and can include Personal Data about others where you share their Personal Data with us. It details how we collect your Personal Data, why we collect it, and to whom we may share it. This Privacy Notice also discloses your Personal Data rights. It applies to all your Personal Data, including Personal Data stored electronically or in hard copy and Sensitive Personal Data, which includes Personal Data about racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade-union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation, and data relating to convictions, decisions on penalty, fines, and other decisions issues in court or administrative proceedings.

What Personal Data may we collect about you?

GC Aesthetics collects and processes your Personal Data, which can come directly from you or from third parties with whom we contract or provide services or for compliance reasons. Personal Data includes all information that identifies you or can be used to identify you.

The types of your Personal Data we collect depends on the nature of your relationship with OXXOT S.r.l. and applicable laws. The Personal Data we process about you, includes the data we collect directly from you either as part of your relationship with us or through other interactions you may have with us.

The information we process about you may include the following categories of Personal Data:
Name; Age and date of birth; Demographic data; Health and other Sensitive Personal Data; Data collected from Cookies; Data collected from website/mobile device usage and analytics; Personal contact information (address, telephone, email address); Programs and activities in which you participated; Trials and use of our products; Opinions about us or our product and services; Communication and other personal preferences; Product request information; Photographs and video; Payment related information; Financial information; Product identifying, generated, usage, and diagnostic data; and/or Product service and error data

How will we use your Personal Data?

Processing of your Personal Data includes where we may record, organize, structure, store, adapt or alter, retrieve, consult, use, disclose by transmission, dissemination, or otherwise make available, align or combine, restrict, erase, or destroy your Personal Data.

We may process your Personal Data for the following purposes:

Processing and reporting of adverse events;To communicate product safety information to you; Product quality and complaint management;
Administering and maintaining legally required product registries, including medical device tracking; Administering and maintaining voluntary patient engagement and support platforms; Responding to your requests for information, products, or services; Our company compliance and facility and network security purposes; Internal investigations of possible misconduct or failure to comply with our policies and procedures; Auditing our programs and services for compliance purposes; Legal proceedings and government investigations (such as pursuant to warrants, subpoenas, and court legal orders); Where we have Legal obligations to process the personal data; Communications regarding our studies; Communications about market research and product developments; Communications about product information; Communications about general health information (such as information on certain health conditions); To determine your eligibility for certain products, services, or programs; Organizational planning and development (such as internal communications, budgets, administration, and project management); Administering educational programs;
Business and marketing research; Authenticating and verifying your identity in your interactions with us; Tracking your interactions (online and offline) with us; Improvement and development of our products and services; Device and application diagnostics; Statistical analysis; Payment processing; and/or Website administration For any additional purposes where we are required to notify you and get your consent, including those purposes required by local law, we will obtain your consent before we process your Personal Data for those purposes.

 

What is our legal basis for processing your Personal Data?

The applicable legal basis for which we process your Personal Data for the specific purposes listed above, include the following:

Based on your consent: In some cases, we may ask you for your consent to collect and process your Personal Data and/or your Sensitive Personal Data. If you choose to provide us with your consent, you may later withdraw your consent (or opt-out) by contacting us as described in the “how do you contact us” section below. Please note that if you withdraw your consent it will not affect any processing of your Personal Data that has already occurred. Where we process your Personal Data based on consent, we will provide more detailed information to you at the time when we obtain your consent.

Compliance with applicable laws or performance of a contract: In specific circumstances, we may need to process your Personal Data to comply with a relevant law/regulation (such as when we are required by medical regulations to track usage of medical devices) or to fulfil our obligations under a contract to which you are subject. Where we process your Personal Data to meet our legal obligations, you will likely not be permitted to object to this processing activity, but you will usually have the right to access or review this information unless it would impede our legal obligations. Where we are processing to fulfil our contract obligations under a contract where you are a party, you might not be able to object to this processing, or if you do choose to opt-out or object to our processing, it may impact our ability to perform a contractual obligation that you are owed.

Our legitimate interest: We may process your Personal Data based on our legitimate interests in communicating with you and managing our interactions with you regarding our products and services, scientific research, and education opportunities. In addition to the other rights you may have described below, you have the right to object to such processing of your Personal Data. You can register your objection by contacting us as described in the “how do you contact us” section below.

To whom and when will we disclose or share your Personal Data?

We will share or disclose your Personal Data with the following entities:

  • Our affiliates.
  • Third parties with whom we contract to carry out services on our behalf to perform activities or functions related to the processing purposes regarding your Personal Data that are described above. If we do, we will require that these third parties acting on our behalf protect the confidentiality and security of your Personal Data that we share with them. Unless otherwise specifically stated in this Privacy Statement, these third parties must contractually agree that they will not use or disclose your Personal Data for any other purposes than necessary to provide us services, perform services on our behalf, or to comply with applicable laws or regulations.
  • Government agencies, auditors, and authorities. We may disclose your Personal Data to government agencies, authorities, and auditors in response to authorized information requests or as otherwise required by laws, regulations, or industry codes.
  • Potential or actual third party purchasers. If we decide to reorganize or divest our business through a sale, merger, or acquisition, we may share your Personal Data with actual or prospective purchasers. We will require that any such purchasers treat your Personal Data consistently with this Privacy Notice.

 

How do we transfer your Personal Data internationally?

We may transmit your Personal Data to our other global affiliates. Additionally, these affiliates may further transmit your Personal Data to our other global affiliates. Some of our affiliates and their database locations may be in countries that do not ensure an adequate level of data protection similar to the laws in the country in which you reside. Regardless, all our affiliates are required to treat your Personal Data in accordance with this Privacy Notice and our privacy and data protection policies and procedures.

For more information about our cross-border transfers of your Personal Data, please contact us using the information as described in the “how do you contact us” section below.

How do we protect your Personal Data?

We use industry-standard administrative, technical, and physical safeguards to protect your Personal Data against loss, theft, misuse, unauthorized access, modification, disclosure, and destruction. We restrict access to your Personal Data to only those employees and third parties acting on our behalf who have a legitimate business need for such access. We will only transfer your Personal Data to third parties acting on our behalf where we have received written assurances that your Personal Data will be protected in a manner consistent with this Privacy Notice and our privacy policies and procedures.

How long do we retain your Personal Data?

Your Personal Data will be maintained for the duration of your relationship with us. We will store and retain the Personal Data we collect about you in accordance with our Company Record Retention Policy, after which it will be archived or deleted. Certain information could be retained for longer periods of time if we have continuing obligations to you or if required by local law.

What are your rights?

You have the right to see and get a copy of your Personal Data, including an electronic copy, that we have as well as to ask us to make any corrections to inaccurate or incomplete Personal Data we have about you. You can also request that we erase your Personal Data when it is no longer needed for the purposes for which you provided it, restrict how we process your Personal Data to certain limited purposes where erasure is not possible, or object to our processing of your Personal Data. In certain circumstances you may be able to request that we send a copy of your Personal Data to a third party of your choosing.

To exercise any of these rights, please contact us as set forth in the “how do you contact us” section below. You also have the right to lodge a complaint with the supervisory authority (see details under “remedies” below) where you believe that your rights have been violated.

What if we revise this Privacy Notice?

From time to time we may make changes to this Privacy Notice to reflect changes in our legal obligations or the ways in which we process your Personal Data. We will communicate to you any material edits to this Privacy Notice and it will become effective when it is communicated.

How do you contact us if you have any questions or concerns?

Please contact OXXOT S.r.l. team using the below information to:

  • Ask questions;
  • File a concern or complaint;
  • Opt-out of a program or service; and/or
  • To exercise any of your rights listed above, including access, correction, portability, objection, restriction, and erasure.

OXXOT S.r.l.
Mailing Address:
Viale Andrea Doria, 7

20124 Milano

Italy

Email Address: info@oxxot.com

 

 

What remedies do you have available?

For more information about your privacy and data protection rights and wish to make a complaint, please please contact us at:

OXXOT S.r.l.
Mailing Address:
Viale Andrea Doria, 7

20124 Milano

Italy

Phone Number:
+02.87165454

Email Address: info@oxxot.com

 

OXXOT S.r.l. - GDPR Health Care Professional Privacy Notice

Effective Date: May 25, 2018

The new General Data Protection Regulation (GDPR) came into effect on May 25th 2018. It builds on existing EU data privacy rules, strengthening in many key areas and non-compliance potentially results in severe financial penalties.

OXXOT S.r.l. is highly committed to maintaining high standards of information security, privacy and transparency, whether as a data controller or data processor.

We take our responsibilities in relation to the protection and security of our data and that of our employees, customers, vendors and partners incredibly seriously and the changes being introduced to ensure GDPR compliance are part of a continuous, ongoing process that has always been central to what we do.

Going forwards, OXXOT S.r.l. will comply with applicable GDPR regulations when they take effect on 25th May 2018, while also working closely with our clients and vendors to meet contractual obligations for our products and services.

Application of this Privacy Notice?

This EU General Data Protection Regulation (GDPR) Privacy Notice explains how OXXOT S.r.l. handles your Personal Data and can include Personal Data about others where you share their Personal Data with us. It details how we collect your Personal Data, why we collect it, and to whom we may share it. This Privacy Notice also discloses your Personal Data rights. It applies to all your Personal Data, including Personal Data stored electronically or in hard copy.

What Personal Data may we collect about you?

OXXOT S.r.l. collects and processes your Personal Data, which can come directly from you, publicly available sources (for example, academic journals you may have published an article in), or third-parties with whom we contract. Personal Data includes all information that identifies you or can be used to identify you.

The types of your Personal Data we collect depends on the nature of your relationship with OXXOT S.r.l. and applicable laws. The Personal Data we process about you, includes the data we collect directly from you either as part of your business relationship with us or through other interactions you may have with us. In addition, we may obtain Personal Data about you from publicly available sources and third parties, which may include the following categories of Personal Data:

  • Name;
  • Age and date of birth;
  • Data collected from Cookies;
  • Business contact information (address, telephone, email address);
  • Personal contact information (address, telephone, email address);
  • Training and qualifications;
  • Organizational or institutional affiliations;
  • Information about your professional accomplishments and activities (such as papers you may have published or research you may have conducted);
  • Programs and activities in which you participated;
  • Opinions about us or our product and services;
  • Payment related information;
  • Communication and other personal preferences;
  • Product request information;
  • Photographs and video;
  • Training acknowledgements; and/or
  • Financial information (such as tax identification numbers, bank account routing numbers, corporate card numbers)

How will we use your Personal Data?

Processing of your Personal Data includes where we may record, organize, structure, store, adapt or alter, retrieve, consult, use, disclose by transmission, dissemination, or otherwise make available, align or combine, restrict, erase, or destroy your Personal Data

We may process your Personal Data for the following purposes:

  • Processing and reporting of adverse events;
  • To communicate product safety information to you;
  • Responding to your requests for information, products, or services;
  • Our company compliance and facility and network security purposes;
  • Authorizing, granting, administering, monitoring, and terminating access to or use of OXXOT S.r.l. systems, facilities, records, property, and infrastructure;
  • Internal investigations of possible misconduct or failure to comply with our policies and procedures;
  • Auditing our programs and services for compliance purposes;
  • Legal proceedings and government investigations (such as pursuant to warrants, subpoenas, and court legal orders);
  • Where we have Legal obligations to process the personal data;
  • Communications regarding our studies;
  • Communications about market research and product developments;
  • Communications about product information;
  • Communications about publications, speaking engagement, seminars, and other educational events, focus groups, or other HCP engagement functions;
  • Communications about general health information (such as information on certain health conditions);
  • To administer promotional programs (such as sweepstakes, rewards, and rebate programs);
  • To determine your eligibility for certain products, services, or programs;
  • Study management, including monitoring of study activities;
  • Conflict of interest reporting;
  • Recruitment;
  • Business travel and expense management;
  • Determining training requirements;
  • Organizational planning and development (such as internal communications, budgets, administration, and project management);
  • Training or scientific and educational programs;
  • Engaging scientific experts and leaders;
  • Business and marketing research;
  • Product orders or requests for samples;
  • Providing you access to our resources;
  • Tracking your interactions (online and offline) with us;
  • Creating details of your business practices, activities, and interactions to understand your needs and preferences related to our products and services;
  • Financial disclosure reporting (such as tracking and reporting of payments and other transfers of value to you);
  • Contract management;
  • Payment processing; and/or
  • Website administration

For any additional purposes where we are required to notify you and get your consent, including those purposes required by local law, we will obtain your consent before we process your Personal Data for those purposes.

What is our legal basis for processing your Personal Data?

The applicable legal basis for which we process your Personal Data for the specific purposes listed above, include the following:

Based on your consent: In some cases, we may ask you for your consent to collect and process your Personal Data. If you choose to provide us with your consent, you may later withdraw your consent (or opt-out) by contacting us as described in the “how do you contact us” section below. Please note that if you withdraw your consent it will not affect any processing of your Personal Data that has already occurred. Where we process your Personal Data based on consent, we will provide more detailed information to you at the time when we obtain your consent.

Compliance with applicable laws or performance of a contract: In specific circumstances, we may need to process your Personal Data to comply with a relevant law/regulation or to fulfil our obligations under a contract to which you are subject. Where we process your Personal Data to meet our legal obligations, you will likely not be permitted to object to this processing activity, but you will usually have the right to access or review this information unless it would impede our legal obligations. Where we are processing to fulfil our contract obligations under a contract where you are a party, you might not be able to object to this processing, or if you do choose to opt-out or object to our processing, it may impact our ability to perform a contractual obligation that you are owed.

Our legitimate interest: We may process your Personal Data based on our legitimate interests in communicating with you and managing our interactions with you regarding our products and services, scientific research, and education opportunities. In addition to the other rights you may have described below, you have the right to object to such processing of your Personal Data. You can register your objection by contacting us as described in the “how do you contact us” section below.

To whom and when will we disclose or share your Personal Data?

We will share or disclose your Personal Data with the following entities:

  • Our affiliates.
  • Third parties with whom we contract to carry out services on our behalf to perform activities or functions related to the processing purposes regarding your Personal Data that are described above. If we do, we will require that these third parties acting on our behalf protect the confidentiality and security of your Personal Data that we share with them. Unless otherwise specifically stated in this Privacy Statement, these third parties must contractually agree that they will not use or disclose your Personal Data for any other purposes than necessary to provide us services, perform services on our behalf, or to comply with applicable laws or regulations.
  • Government agencies, auditors, and authorities. We may disclose your Personal Data to government agencies, authorities, and auditors in response to authorized information requests or as otherwise required by laws, regulations, or industry codes.
  • Potential or actual third party purchasers. If we decide to reorganize or divest our business through a sale, merger, or acquisition, we may share your Personal Data with actual or prospective purchasers. We will require that any such purchasers treat your Personal Data consistently with this Privacy Notice.

How do we transfer your Personal Data internationally?

We may transmit your Personal Data to our other global affiliates. Additionally, these affiliates may further transmit your Personal Data to our other global affiliates. Some of our affiliates and their database locations may be in countries that do not ensure an adequate level of data protection similar to the laws in the country in which you reside. Regardless, all our affiliates are required to treat your Personal Data in accordance with this Privacy Notice and our privacy and data protection policies and procedures.

For more information about our cross-border transfers of your Personal Data, please contact us using the information as described in the “how do you contact us” section below.

How do we protect your Personal Data?

We use industry-standard administrative, technical, and physical safeguards to protect your Personal Data against loss, theft, misuse, unauthorized access, modification, disclosure, and destruction. We restrict access to your Personal Data to only those employees and third parties acting on our behalf who have a legitimate business need for such access. We will only transfer your Personal Data to third parties acting on our behalf where we have received written assurances that your Personal Data will be protected in a manner consistent with this Privacy Notice and our privacy policies and procedures.

How long do we retain your Personal Data?

Your Personal Data will be maintained for the duration of your relationship with us. We will store and retain the Personal Data we collect about you in accordance with our Company Record Retention Policy, after which it will be archived or deleted. Please note that certain information could be retained for longer periods of time if we have continuing obligations to you or if required due to a legal obligation.

What are your rights?

You have the right to see and get a copy of your Personal Data, including an electronic copy, that we have as well as to ask us to make any corrections to inaccurate or incomplete Personal Data we have about you. You can also request that we erase your Personal Data when it is no longer needed for the purposes for which you provided it, restrict how we process your Personal Data to certain limited purposes where erasure is not possible, or object to our processing of your Personal Data. In certain circumstances you may be able to request that we send a copy of your Personal Data to a third party of your choosing.

To exercise any of these rights, please contact us as set out in the “how do you contact us” section below. You also have the right to lodge a complaint with the supervisory authority (see details under “remedies” below) where you believe that your rights have been violated.

What if we revise this Privacy Notice?

From time to time we may make changes to this Privacy Notice to reflect changes in our legal obligations or the ways in which we process your Personal Data. We will communicate to you any material edits to this Privacy Notice and it will become effective when it is communicated.

How do you contact us if you have any questions or concerns?

Please contact OXXOT S.r.l. Data Protection team using the below information to:

  • Ask questions;
  • File a concern or complaint;
  • Opt-out of a program or service; and/or
  • To exercise any of your rights listed above, including access, correction, portability, objection, restriction, and erasure.

 

What remedies do you have available?

For more information about your privacy and data protection rights and wish to make a complaint, please contact us at:

OXXOT S.r.l.
Mailing Address:
Viale Andrea Doria, 7

20124 Milano

Italy

Phone Number:
+02.87165454

Email Address: info@oxxot.com

 

 

 

OXXOT MEDICAL GROUP

International website

 

Linguage Version