Borea Therapeutics applies maximum clarity on how to use personal data.
The procedures for managing the website are described below, with reference to the processing of personal data of users who consult it.
This is an information that is also provided pursuant to Article 13 of Regulation (EU) 2016/679 “Protection of individuals with regard to the processing of personal data, as well as the free movement of such data” (in short, GDPR), to D. Lgs. 196/2003 and to D. Lgs. n. 101/2018, to those who interact via the web with Borea Therapeutics through its official website.
When consulting the website information concerning users may be collected that constitutes personal data under the Privacy Code. This information is provided exclusively for the above website and does not affect any other web sites accessible by the user through links provided on the same.
Data Controller (Titolare del trattamento) is Borea Therapeutics S.r.l., having registered offices at Milano, Via Gioberti 8 (hereinafter “Company”).
Data Processors (Responsabili del Trattamento)
The Data Controller may appoint other “Data Processors” (hereinafter the “Processor”), internal or external, as well as persons authorized to carry out processing operations.
Internal and external Processors of personal data have been appointed for the various processing purposes.
The complete list of Data Processors can be requested at the address “firstname.lastname@example.org“
Place of data processing
The processing of data related to the web services on this website is carried out at Company’s premises indicated above and is performed by employees and consultants duly appointed as Persons in charge of processing (Incaricati del trattamento), and external maintenance and management staff, duly appointed as Data Processors (Responsabili del trattamento).
Types of data processed
During the normal operation, the computer systems and software procedures used to operate this website acquire some personal data whose transmission is implicit in the communication protocols of the Internet.
This information is not collected to be associated with identified persons, but by its very nature could, through processing and association with data held by third parties, allow identification of users.
This category of data includes IP addresses or domain names of computers used by users who connect to the website, URI (Uniform Resource Identifier) of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the response from the server (successful, error, etc.) and other parameters regarding the operating system and computer environment.
These data are used only to check the correct functioning of the website and are deleted at the latest six months after the collection; unless they are to be used to ascertain responsibility in the event of possible computer crimes committed against the website: in this case, the information will be kept available to the Authority for the time necessary to enable the Company to exercise its rights of defense.
Data provided voluntarily by the user
The sending of optional, explicit and voluntary e-mails to addresses shown on this website, and the filling in of forms specifically provided involve the subsequent acquisition of the sender’s e-mail address and the additional personal data provided in the electronic communication, together with the sender/user’s data necessary to respond to requests as well as to provide the service.
Optional disclosure of data
Unless specified for surfing data, the user is free to provide personal information in the application forms or otherwise indicate them in order to request any information packs or other communications. Failure to provide personal information may, however, make it impossible to fulfill the request.
Modality of processing
Personal data are processed by automated tools for the time necessary to achieve the purposes for which they were collected. Specific security measures have been taken to prevent loss of data, unlawful or incorrect use and unauthorized access.
Purpose of processing – Communication and dissemination of data
The personal information provided by users who request dispatch of information packs is used only to provide the service requested and may be disclosed to Company’s employees and consultants, duly appointed as Persons in charge of processing, as well as to third parties which supply auxiliary services in relation to Company activity, duly appointed as Data Processors.
Outside of these cases, the data will not be disclosed, except where it is necessary to fulfill a specific request of a judicial authority or investigate. The data collected will not be disseminated.
Rights of data subjects
Data subjects are entitled, pursuant to Article 13 of Regulation (EU) 2016/679 (GDPR) and to D. Lgs. n.101/2018, to obtain, at any time, confirmation of the existence of the data and to know their origin, verify their accuracy or request their integration, updating or correction. Pursuant to this article data subjects shall have the right to request cancellation, anonymization or blocking of data processed in violation of the law, and in any case, to object on legitimate grounds to their processing. Requests should be sent to the Internal Data Processor by email to the following address: “email@example.com”.
Last update: January 2021