Website Privacy Notice
Pharma Quality Europe Srl
This Policy is applicable only for PQE website and does not apply to other websites that may be consulted by the user through links linked to articles and / or pages of the site and linked links.
With this document (“Notice”), the Data Controller, as defined below, aims to inform you about the purposes and methods of processing your personal data and the rights that are recognized by the Regulation (EU) 2016/679 on protection of natural persons, with regard to the processing of personal data and their free circulation (“GDPR”). This Policy may be supplemented by the Data Controller if any additional services requested by you may result in further processing.
Who is the Data Controller
The Data Controller is Pharma Quality Europe s.r.l. based in Località Prulli 103/C 50066 Reggello (FI), Phone 0039 055 5275100.
The Controller (PQE) has appointed a Data Protection Manager (Data Protection Officer- DPO ) , that you can contact for the exercise of your rights, as well as to receive any information relating to them and / or this information, writing to the account of Data Protection Officer Sergio Jordi Carganico by sending an email to: firstname.lastname@example.org or by contacting him at the following number 0039 055 5275102.
The Controller and the DPO, through the designated structures, will take care of your request and provide you, without undue delay and in any case, no later than one month after receipt of the same, information relating to the action taken regarding your request.
We inform you that if the Controller has doubts about the identity of the individual submitting the request, he / she may request further information necessary to confirm the identity of the person concerned.
Following the consultation of this site, data related to persons identified or voluntarily identified through the contact forms on the site, can be processed.
This Policy addresses physical persons, legal persons, public and private organizations.
What data are collected by PQE
You can visit our site anonymously. If you choose to register on the site, different categories of data will be processed:
When opening an account on our site or to report a secondary effect occurring as a result of using one of our products; for any questions regarding the availability, purchase, handling, or reimbursement of any of the products marketed by us; for the execution of an order; for the conclusion of a contract; for the refinement and execution of a contract; For any medical information which safety, efficacy, dosage and dosage of one of our products; to report a quality defect or send us a claim in connection with one of our products or services; for sending newsletters or completing a possible survey , we collect contact details, such as email, address and name and surname of the contact person, company name, address, telephone numbers, VAT number, language, order number, email address of the recipient of the invoice, also sensitive addresses, directly supplied by you and collected by sending an e-mail .
It should be noted that the optional, explicit and voluntary sending of e-mail address or other data included in the contact form to the official addresses (Information and Contacts) indicated on this website entails the subsequent acquisition of the sender address necessary to respond to requests and any other personal data included in the message. Specific summary information could be progressively reported or displayed on the pages of the site prepared for particular services on request.
By sending and / or requesting contact via e-mail or form, you are also consenting to receive newsletters and information relating to PQE.
The web navigation data, the computer systems and the software procedures used to operate this website acquire, during their normal operation, some personal data (IP address) and technical data (technical cookies), whose transmission is implicit in the use of internet communication protocols (technical and / or persistent cookies).
This is information that is not collected to be associated with identified or identifiable interested parties, but which by their very nature could, through processing and association with data held by third parties, allow the user to be identified.
This category of data could also include IP addresses or domain names of the computers used by users connecting to the site, the addresses in Uniform Resource Identifier (URI ) of the requested resources, the time of the request, the method used in the submit the request to the server, the file size obtained in response, the numerical code indicating the status of the response given by the server (success, error, etc..) and other parameters related to the operating system and the user’s computer environment .
These data are used for the sole purpose of obtaining anonymous statistical information on the use and access of the site, to check its correct functioning and are cancelled in any case after their expiration dates.
The data could be used and held for the purpose and for the ascertainment of responsibility in case of computer crimes against the site according to the GDPR 679/2016.
“End User Data”
The visitors to the website are called “End Users “.
User data are generated by end users who browse the web site or customer sites. When an End User sends a consent from the customer’s site, the following data will be automatically registered by PQE or by other subjects to whom data such as group companies are transferred.
User data includes:
- The IP address of the final user in anonymous form
- The date and time of consent.
- The end user’s browser user agent.
- The URL from which consent was sent.
- An anonymous, random and encrypted key value
- The state of consent of the final user, which constitutes proof of consent.
The key and the status of the consent are also saved on the end user’s browser with a first-party cookie, so that the site can read and automatically respect the consent of the final user on subsequent requests of the page and future sessions of the end user for the time strictly necessary to achieve the purposes for which they were collected and in any case will not be stored for longer than the current legislation.
The key is used as evidence of consent and to verify that the status of consent saved in the browser of the End User is unchanged from the original consent sent to PQE.
Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access.
The processing of your personal data by the Data Controller may also be connected to the fulfilment of obligations required by laws, regulations and / or Community regulations, or by supervisory and control bodies or other legitimate authorities .
Your personal data will be processed by the Controller, by the Managers and by the Assignees of PQE, or by third parties who carry out instrumental activities for the pursuit of the aforementioned purposes, including abroad, including non-EU countries, in compliance with current legislation.
In this case the third parties are identified among those who, by experience, ability and reliability provide a suitable guarantee of full compliance with the current provisions on treatment, including the security profile. In this case, these subjects are designated as data processors and their updated list is available at any time by contacting the owner.
Purpose of the processing
Every single data collected is processed with automated systems and can be used for one or more of the following purposes:
- to customize the customer experience (the data provided helps PQE to better meet the individual needs of each user);
- for sending your professional/job application;
- for any question concerning availability, purchase, handling;
- to report a defect in the qualityof a product;
- to send us a complaint in relation to one of our products or services;
- for sending newsletters and e-mails or for completing a survey;
- to improve our website;
- to identify the customer as a contracting party;
- to establish a primary communication channel with the customer;
- to produce and view the cookie declarations to end users;
- to provide aggregated information on the choices of End Users in relation to the types of cookies accepted and to generate a graphic representation in the management system of the service;
- to send emails on a regular basis (the email address provided for the processing of orders can be used to send information and updates related to the same, as well as occasional news about the company (if the user gives consent), as well as updates or information regarding products or services,conferences)
Personal Data protection measures:
The server operating system, in which the web application and database are allocated, is able to guarantee high levels of integrity, availability and confidentiality of information.
Personal data retention period:
Your personal data will be processed actively for the time necessary to manage the existing relationship and / or the execution of the contract. The information collected for the evaluation of the conclusion of the contract, in case of non-completion.
In any case, the data are processed for the time strictly necessary to achieve the purposes for which they were collected, and in any case they will not be stored for longer than required by current legislation.
Legal basis of processing: General Data Protection Regulation (GDPR) in the EU 679/2016
The processing of customer data is based on the consent given or on the fact that processing is necessary for the execution of a contract in which the customer is a contracting party, or to take the necessary measures before the conclusion of the contract on customer request. (ref. see Article 6 (1) (a) – (b) of the GDPR) or anything else indicated in the paragraph “purposes of processing” .
PQE in its capacity as Data Controller, intends to process your personal data in order to send commercial communications of products and services, invitations to conferences, including direct marketing conducted using the results of the analysis, as well as proceeding with direct sales and carrying out surveys or market research. In this case the nature of the consent is optional.
Consequences of the refusal to provide consent: Failure to provide data related to the provision of consent to marketing will not affect the satisfaction of its requests and the execution of contracts but will make it impossible for the Owner to send marketing communications.
Personal data retention period referred to marketing operations
Your personal data, treated as described, will be deleted within 30 days from the termination of the last contractual agreement with the Data Controller. In any case, if you decide to withdraw your consent or to oppose the processing, your personal data will be deleted within 30 days of the request.
On this site we use technology to gather information to improve your online experience.
We reserve the right to change this policy at any time. Any change in this policy will take effect from the date of publication on the Site.
Cookies are small text strings that the sites visited by the user send to his terminal (usually the browser), where they are stored before being re-transmitted to the same sites at the next visit of the same user.
During the navigation on a website, the user can also receive cookies on their device that are sent from different websites or web servers (so-called “third parties”), on which some elements may exist (such as, for example, images, maps, sounds, specific links to pages of other domains) on the site that the user is visiting.
Cookies, usually appears in users’ browsers in very large numbers and sometimes even with long temporal persistence, they are used for different purposes: execution of computer authentication, monitoring of sessions, storage of information on specific configurations concerning users accessing the server.
In order to aim to a correct cookies regulation, it is necessary to distinguish them since there are no technical characteristics that differentiate them from one another precisely on the basis of the aims pursued by those who use them.
THIRD PARTY, analytical cookies
Analytical cookies, also called “analytics “, allow the creation of detailed statistics on visitors to a website such as, for example, the display of certain pages, the number of visitors, the time spent on the site by users and the arrival methods.
(NOTE! CONSULT WITH THE WEB MASTER OR WHO FOR HIM in order to UNDERSTAND IF THERE ARE COOKIES OF PROFILING PON THE SITE: IF YES LEAVE THE PARAGRAPH THAT FOLLOWS, IF NOT CANCEL)
To view all the cookies used on this site click
Below is the list of the most common browsers with links to the settings for managing cookies:
The browsers provide for the “private” browsing mode, by activating which cookies are always deleted after the closing of each browsing session.
It is always possible to revoke the consent previously given by the methods indicated in the paragraph: “MANAGEMENT OF COOKIES”.
To view all the cookies used on this site click on http://www.pqegroup.com/how-we-use-a-cookies/
In relation to the processing described in this Policy, as an interested party you can, under the conditions established by the GDPR, exercise the rights established by articles 15 to 21 of the GDPR and, in particular, the following rights:
Right of access: Article 15 GDPR: the right to obtain confirmation that a personal data processing is in progress for you and, in this case, obtain access to your personal data, including a copy thereof.
- Right of rectification: Article 16 GDPR: right to obtain, without undue delay, the correction of inaccurate personal data concerning you and / or the integration of incomplete personal data;
- Right to cancel (right to be forgotten) – Article 17 GDPR: right to obtain, without undue delay, the deletion of personal data concerning you.
- Right to limitation of processing: Article 18 GDPR: right to obtain limitation of treatment, when:
- the interested party disputes the accuracy of personal data, for the period necessary for the holder to verify the accuracy of such data;
- the processing is illegal and the interested party opposes the cancellation of personal data and asks instead that its use is limited;
- personal data are necessary for the interested party to ascertain, exercise or defend a right in court;
- The interested party opposed the treatment pursuant to art. 21 GDPR, during the waiting period for verification of the possible prevalence of legitimate reasons of the data controller with respect to those of the interested party.
- Right to object : Article 21 GDPR: right to object, at any time for reasons connected with your particular situation, to the processing of personal data concerning you based on the lawfulness of legitimate interest or the performance of a task in the public interest or exercise of public powers, including profiling, unless there are legitimate reasons for the Data Controller to continue processing that prevail over the interests, rights and freedoms of the data subject or for the assessment, exercise or defense of a right in court. Furthermore, the right to oppose the processing at any time if personal data are processed for direct marketing purposes, including profiling, to the extent that it is related to such direct marketing.
The above rights may be exercised against the Owner, by contacting the references described above.
The exercise of your rights as an interested party is free under Article 12 of the GDPR. However, in the case of manifestly unfounded or excessive requests, also due to their repetitiveness, the Controller may charge a reasonable fee, in light of the administrative costs incurred to manage your request, or deny the satisfaction of your request.
- RIGHT to revoke:
The interested party has the right to withdraw his consent at any time. The withdrawal of consent does not affect the lawfulness of the treatment based on consent before revocation.
- The exercise of the aforementioned rights may take place by sending a communication written to the data controller .
- RIGHT to lodge a complaint:
The interested party has the right to lodge a complaint with the Italy Data Protection Authority for the protection of personal data
Communication to third parties and / or sharing of data
For the purposes of this statement we inform you that your data may be disclosed to third parties, designated in written form, if this is necessary to fulfil an obligation under the law, to perform obligations arising from a contract of which you are or you will be part, and to fulfil, before the conclusion of the contract, specific requests.
The recipients of the personal data communications of the data subject are also identifiable in the following categories of recipients , by way of example but not limited to: Supervisory bodies, judicial authorities, bodies, professionals, companies, public administrations or other structures designated for the execution of processing related to the fulfilment of administrative, accounting and management obligations related to the ordinary performance of the Controller ‘economic activity (legal obligations); banks, financial institutions, professionals, professional firms and consultants to whom the communication of the aforesaid data is necessary for the performance of the activity of the Controller and, in particular, in relation to the fulfilment of the contractual obligations assumed towards the data subject (contractual obligations);
The data may transferred within the European Union and countries outside the European Union.