Privacy Policy Dr. Schär AG

  1. Dr.Schär Institute
  2. Dr. Schär Institute
  3. Privacy Policy Dr. Schär AG

DR SCHÄR AG/S.p.A., as Data Controller (in the following referred to as: “Controller”), in compliance with GDPR 2016/679 (General Data Protection Regulation, the European regulation on personal data protection, in the following referred to as “GDPR”) - considers privacy and the protection of personal data one of the main objectives of their activity. Therefore, before sending any piece of personal information to the Controller, please carefully read this Privacy Policy because it contains important information on your privacy, the protection of your personal data and the security measures applied in order to ensure confidentiality in full compliance with the applicable provisions.

Furthermore, this Privacy Policy:

  • is understood as referring to this website and all other websites that sell Dr. Schär’s products and services (hereinafter simply referred to as the "Website") and are managed by the Data Controller;
  • forms an integral part of the Website and the services we offer;
  • also qualifies as the Privacy Policy information notice given, as required under art. 13 of the GDPR, to users who interact with this Website;
  • complies with Recommendation No. 2/2001 on certain minimum requirements for collecting personal data on-line in the European Union, adopted on May 17, 2001 by the Work Group "Article 29".

 

***

The Controller would like to inform you that your personal data will be processed under the principles of lawfulness, fairness and transparency and the protection of your own confidentiality and rights. Your personal data will therefore be processed in accordance with the legislative provisions provided by GDPR 2016/679 and all obligations in terms of confidentiality indicated therein.

CONTENTS


The Table of Contents of this Privacy Policy below will help you find the information about your personal data processing that are of interest for you:

DATA CONTROLLER AND DATA PROCESSORS

As a result of users browsing the Website and using its services, personal data may be processed that concern identified or identifiable individuals.

To exercise the rights provided by the law and better specified above, you can contact the Data Controller or the DPO at the addresses listed below.

Information on the Data Controller:
The Data Controller is Dr. Schär SpA / AG, with registered office in Winkelau 9, 39014 Postal (BZ), Italy, Tel. 0473/293 300 E-mail privacy@schaer.com

Information on the Data Protection Officer:
The Data Controller has also appointed a Data Protection Officer (DPO), available at its headquarters (Winkelau 9, 39014 Postal (BZ), Italy, Tel. 0473/293 300) or by writing to dpo@drschaer.com.

Your personal data may be disclosed to employees or external collaborators of the Data Controller who are administrative, sales, legal or accounting employees or IT administrators, depending on how your data is processed and who, working under the Data Controller’s direct authority, are designated as Data Processors or persons in charge of the processing, pursuant to articles 28 and 29 of GDPR 2016/679 and who are suitably instructed on how to perform the tasks involved.

PERSONAL DATA PROCESSED

2.1 Website browsing data
 

The computer systems and software procedures used to operate this Website will collect some personal data whose transmission is implicit when you use Internet communication protocols. This information is not collected to be associated with identified data subjects, but by their very nature they could allow us, through their processing and association with data held by third parties, to personally identify users. This category of data includes IP addresses or domain names of computers used by persons who log onto the Website, the URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file received in reply, the number code indicating the status of the reply given by the server (successful, error, etc.) and other parameters that refer to the user's operating system and computer environment. This data is used for the purpose of obtaining anonymous statistical information on the Website usage and to make sure it is functioning, to allow – given the system architecture used – the proper provision of the services, for security reasons and to ascertain responsibility in case of hypothetical computer crimes against the Website or third parties. The data are usually deleted after seven days.

 

2.2 Data provided voluntarily by users
 

The Website grants users the opportunity to voluntarily provide personal data, for example by filling in a contact form, by requesting services or information, by freely choosing to explicitly and voluntary send e-mails to the addresses indicated on the Website, etc.

 

2.3 Cookies
 

- Definitions, characteristics and application of the legislation
 

Cookies are small text files that websites visited by the user will send and record on your computer or mobile device, to be then retransmitted to the same websites the next time you visit them. Thanks to cookies, websites recall the user’s actions and preferences (such as your login, your preferred language, the font size, other display settings, etc.) so that users do not have to specify them a second time when they visit the website again or browse through its pages. Cookies are used for computer authentication, session monitoring and to store information about users who log on to a website, and may also contain a unique identification code that enables them to track user navigation within the website for statistical purposes or advertising. When browsing a website, users may also receive cookies or servers of other websites on their computer or mobile device (so-called "third-party" cookies). Some operations cannot be accomplished without the use of cookies, that in some cases are technically required in order to ensure website operation.

There are several types of cookies, depending on their characteristics and functions, and these may remain on your computer or mobile device for different time periods: so-called session cookies, which are automatically deleted when you close your browser; so-called persistent cookies, which remain on the user's computer/device for a set time.

According to the laws in force in Italy, it is not always mandatory to obtain the user’s consent to use certain cookies. More specifically, such consent is not required for "technical cookies", i.e. those used for the sole purpose of sending a communication over an electronic communications network, or as strictly necessary in order to provide a service explicitly requested by the user. In other words, these cookies are indispensable to provide access to the website or are required to perform tasks requested by the user.

The Italian Authority for the protection of personal data has established (cf. General Provision "Identification of simplified procedures for information to users and the acquisition of consent for the use of cookies – May 8, 2014") that technical cookies (i.e. those that do not require the user’s consent) include:

  • "cookie analytics", when used directly by the website operator to collect information in aggregate form on the number of users and on how they visit the website;
  • navigation or session cookies (for user authentication);
  • functionality cookies, which allow users to browse the website based on the selected criteria (e.g. language, products selected for purchase) in order to improve the service provided to them.

"Profiling cookies", vice versa, i.e. those used to create user profiles and to send advertising messages in line with the preferences expressed by users when browsing the web, require the user’s prior consent.

- Types of cookies used by the Website and option to (de-)select them
 

The Website uses the following cookies, offering users the option to (de-)select them, except for third-party cookies (for which the user must refer directly to the relevant selection and de-selection modalities of the respective cookies, see the links here below):

 

  • Technical navigation or session cookies, that are strictly necessary to provide access to the Website or to allow users to make use of the contents and services they request.
  • Technical cookie analytics, that help the Data Controller understand how users browse the website. These cookies are not used to collect information about the user's identity, nor any personal data. The information is processed in aggregate and anonymous form.
  • Technical functionality cookies, that are used to provide specific website features and a series of selected criteria (e.g. language, products selected for purchase) in order to improve the service provided by the website.

IMPORTANT: if you disable technical and/or functional cookies, the Website may be inaccessible or certain services or functions may be unavailable or not function properly and you may be forced to change or to manually enter some information or preferences each time you visit the Website.

  • Third-party cookies, i.e. cookies from websites or servers other than the Data Controller ones, used by such third parties for their own purposes, which also include profiling cookies. Please note that these third parties, listed below with the individual links to their privacy policies, are independent data controllers of the data collected through the cookies they use. Therefore, the user should refer to their policies for information about how they process personal data, their privacy policy information notices and consent forms (selection and de-selection of the respective cookies), the links of which are provided below (as specified in the General Provision "Identification of simplified procedures for information to users and the acquisition of consent for the use of cookies – May 8, 2014"):

http://www.google.com/intl/it/policies/privacy/

 

_gid --> Google Universal Analytics, analytics performance

drschaer_language --> Language preferences -> functionality

_ga -> Aggregate analysis of website visits, Google Analytics, performance

__zlcmid –> Privacy policy cookie, functionality

__zlcprivacy --> Privacy policy cookie, functionality

Dr. Schär AG/S.p.A. has provided notification to the Privacy Authority for the profiling processes carried out through the website.

 

- How to view and change cookie settings on your browser
 

Users can choose which cookies they want to enable through the specific procedure described below, as well as allow, block or delete (in whole or in part) the use of cookies through the specific functions of their browser. However, in the event that all or some of the cookies are disabled, the Website may be inaccessible or certain services or functions may be unavailable or may not work properly, and/or you may be required to modify or to manually enter some information or preferences each time you visit the Website.

For more information about how to set cookie preferences on your web browser, see the relevant instructions:

 

 

With specific reference to the “Google Analytics” cookie, you can install a specific add-on to disable them, downloading it at the following link: https://tools.google.com/dlpage/gaoptout.

 

2.4 Data concerning minors

If the Website should process personal data of minors, consent will be required from the person having parental authority (legal guardian).

THE BANNER AT FIRST ACCESS

The Authority’s ruling dated 8 May 2014 required, in the case of the use of cookies other than technical cookies, the addition of a banner at the user’s first access to the website (so-called information notice), indicating, essentially, the website’s cookie management procedures, and linking to the full text of the company’s privacy policy regulation.

Dr. Schär AG/S.p.A. has prepared the aforementioned banner and, additionally, has installed a specific cookie that memorises the user’s preference in terms of cookie installation for 365 days. This means that users will see the cookie banner only once, and if they wish to change their preferences, they may do so by following the instructions provided in the paragraph entitled “How to view and change cookies through your browser”.

PURPOSE OF DATA PROCESSING AND COMPULSORY OR OPTIONAL NATURE OF PROVISION OF DATA BY USERS

The personal data you provide through the Website will be processed by the Data Controller for the following purposes:

a) purposes related to the provision of services requested by users: registration to the Dr. Schär Institute  

The provision of your personal data for the purpose listed under (a) above is optional, but failure to do so could make it impossible for us to provide the services requested.
In compliance with article 6 comma 1 letter b) of the GDPR, we do not ask for your consent to process your personal data for these purposes, since said details are necessary to carry out the obligations deriving from a contract in which you are an involved party and/or to fulfil, before conclusion of the contract, specific requests by the involved party itself.

b) research/statistical analysis on aggregate or anonymous data, therefore without the possibility of identifying the user, aimed at measuring the effectiveness of any web marketing campaigns we may have conducted, measure traffic and evaluate usability and interest.
 

The processing of aggregate or anonymous data is not subjected to the provisions of GDPR 2016/679.

c) purposes that relate to the fulfilment of obligations under the law, regulations or European legislation.

The provision of your personal data for the purpose listed under (c) above is compulsory and failure to do so would not allow the Data Controller to satisfy its obligations under the law, regulations or European legislation.

We would like to remind you that, in compliance with article 6 comma 1 letter c) of the GDPR, it is not necessary to obtain your consent for processing your personal data for these purposes.

d) advertising messages.

In accordance with the decision of the Italian Authority for the protection of personal data "Guidelines regarding promotional activity and contrast to spam – July 4, 2013 [2542348]", if you decide to grant your consent to the reception of information about the Data Controller’s promotional activities, including market research, we inform you that we may conduct such activities, as required by current regulations, by letter, call center contacts (so-called "traditional methods"), e-mail, text messages, push notifications and through social networks (so-called "automatic methods"). We also inform you that you may at any time decide to withdraw your consent previously granted for traditional or automatic methods by notifying the Data Controller informally, i.e. by sending an e-mail to: privacy@schaer.com.

The provision of your personal data for the purpose listed under (d) above is optional and requires your previous consent. Lacking such consent, you will be able to use the service requested, but the Data Controller will not be able to send you advertising messages. Once you have granted consent, you can revoke it at any time for all these communication methods or only for one or some of them.

e) profiling purposes (e.g. creation, with the aid of electronic tools, of user profiles based on their preferences, habits and consumption choices).

Such profiling activities may be carried out by means of cookies or other online profiling technologies, e.g. trackers, (please see section 2.3) and/or by cross-linking personal data collected in connection with the provision of services and the relevant use of multiple features chosen from among those made available to the user, as provided by the Guidelines on the processing of personal data for online profiling - March 19, 2015.

The provision of your personal data for the purpose listed under (e) above is optional and requires your prior and specific consent, which you may grant also through the simplified procedures provided for in the aforementioned General Provision “Identification of simplified procedures for information to users and the acquisition of consent for the use of cookies – May 8, 2014” and the “Guidelines regarding the processing of personal data for online profiling” (bypassing the initial banner when logging on to the website). In the absence of such consent, you may benefit of the service requested, but the Data Controller will not be able to profile you and send you communications in line with your preferences.  We also inform you that you may at any time decide to withdraw the consent you previously granted for user profiling, carried out by the Data Controller by information cross-linking or other profiling technologies, by notifying the Data Controller informally by sending an e-mail to: privacy@schaer.com.

METHOD OF DATA PROCESSING, SECURITY AND PLACE OF DATA PROCESSING

Your personal data is processed by the Data Controller – or by third parties carefully selected for their reliability and competence, as well as regularly designated as Data Processors – only to the purpose of achieving the purposes specified above, mainly using automated tools, but also in paper format, for the time strictly necessary to achieve the purposes for which the data was collected.

Specific security measures are applied to prevent the loss of data, unlawful or unfair use, and unauthorised access, in full compliance with what is indicated in article 32 of the GDPR.

The personal data provided by users in relation to the web services offered by this Website is processed at the Data Controller’s registered office specified above. The Controller's data centres are located in Italy. The Data Controller also relies on the technological services/data centres of KEY-TEC GmbH & Co. KG to process personal data for the purposes described above, which means that the data will also be stored at their offices.

Your personal data collected through the forms available on our website, will be kept for the time required to fulfil your requests. Wherever there are regulations requiring that we keep the details for a longer period, we will comply with said regulations. The details collected by cookies will be kept for the period established by the individual cookie.

COMMUNICATION AND DISSEMINATION

Your personal data may be communicated to external subjects whose assistance is necessary and functional to the provision of the Website services.

Your ordinary personal data may be transferred to third parties such as: 1. individuals, companies or professional firms that provide assistance and advice to the Data Controller, aptly designated as Data Processors; 2. entities, bodies or authorities to whom the communication of personal data is compulsory under the law or by order of the competent authorities; 3. subjects that are delegated by the Data Controller and/or to whom the Data Controller has assigned the task of carrying out activities strictly related to the purposes mentioned above (including technical systems maintenance), aptly designated as Data Processors; 4. business partners, identified by category, who process the data for direct marketing purposes as independent data controllers, but only if the user has granted specific consent for them to do so.

The Data Controller will not process data if such processing involves their dissemination, unless it has first obtained the user’s specific consent.

 

The data you supply us with will not be transferred to third party Countries or to international organisations outside of the EU.

YOUR RIGHTS

You have the right to ask us at any time to gain access to your personal data, to rectify, complete or erase them, and to limit or object to their processing wherever there are legitimate reasons to do so, as well as to transfer the aforementioned details to another Data Controller. We will send you a written response within 30 days. You may revoke, at any time, the consent given on this website, contacting one of the addresses indicated in the paragraph entitled “Information on the Data Controller and on the Data Protection Officer”. You are also allowed to make a complaint to the National Control Authority, wherever you feel that your data are being processed unlawfully.

Requests must be sent by email to the following address: privacy@schaer.com.

AMENDMENTS

The Data Controller may modify or simply update this Privacy Policy, partly or completely, even following variations of the laws and regulations that govern such policies and protect the rights of data subjects. These variations and updates of the Privacy Policy will be communicated to Website users on the home page as soon as they are introduced and will be binding once published on the Website. Please visit this section regularly to be informed of the most recent and updated version of this Privacy Policy, so that you always know which personal data we collect and how we use them.

CONTACT INFO

If you wish to receive any information about personal data processed by the Data Controller, you may contact our Company (i.e. the Data Controller) by letter, fax or e-mail to the address: privacy@schaer.com

 

 

The original version of the privacy policy is the one in Italian.