Privacy Policy

TECHNOGENETICS AND PRIVACY
The protection of privacy is a core value that Technogenetics considers particularly important.
This concept refers to everything regarding the quality of the treatment of personal data, understood both as the security of systems and as the safeguarding of the private life of persons. It is our belief that, above and beyond what is required by the relevant Code regarding data protection, personal data is an important asset to be protected. In the following section of the website we therefore wish to provide some information on the policy of data processing and treatment adopted by Technogenetics.

 

In order to collect all requests for information in relation to the processing of personal data and privacy, Technogenetics provides the address privacy@technogenetics.it.


TYPES OF DATA GATHERED AND PROCESSED
Data provided voluntarily by the user
The personal information that is collected may be transferred or communicated to other companies connected to Technogenetics for activities that are closely related and necessary to the services provided. Personal data provided by users who have requested the dispatch of informative material (such as brochures) is only used in order to carry out the services requested and it is communicated to third parties only when this is necessary for the purpose (in the case of companies that provide packaging, labeling, and shipment handling services). Apart from what has been described, personal data will not be communicated or disclosed to third parties, unless specified contractually or with the express consent of the persons concerned.

Web navigation data (Cookies)
During their normal operation the computer systems and software procedures used on this website acquire personal data which is automatically transmitted via Internet communication protocols. This information is not collected in order to be associated with identified persons, but due to its nature it could, by means of its elaboration and combination or comparison with data held by third parties, lead to the identification of the users. Nevertheless, this data is used only to obtain anonymous statistical information on the use of the website and to ensure that it is functioning correctly and it is deleted immediately after being processed.


DATA SECURITY

Technogenetics takes appropriate physical, electronic and procedural measures to safeguard and protect personal information from loss, unlawful use or unauthorized access, disclosure, alteration and destruction. Personal data is dealt with and processed only for the period of time that is strictly necessary to achieve the purposes for which it was collected. Technogenetics also guarantees that the security and confidentiality of data are protected by adequate security measures, in accordance with the provisions of articles 31, 32, 33, 34, 35 and 36 of the “Code regarding the protection of personal data” (Legislative Decree No. 196/2003) as well as Annex B concerning minimum safety measures, in order to reduce the risks of destruction or loss of data, even if accidental, as well as access to data or treatment of data that is unauthorized or inconsistent with the purposes of the data collection.


NOTIFICATION AND CONSENT
ART. 13 LEGISLATIVE DECREE 196/2003 “CODE REGARDING THE PROTECTION OF PERSONAL DATA”
The Legislative Decree No. 196/ 03 “Code regarding the protection of personal data” states that before data is dealt with or processed the person concerned must be provided with notification and, wherever necessary, his or her consensus must be requested. The notification is the means by which the possessor of data or the data processing agent lets the persons concerned know why personal information is requested, what use will be made of it, in what ways the persons concerned can safeguard themselves and thus be able to express their informed consent. After carrying out the notification, if necessary, the possessor of the data asks the persons concerned for their consent in order to carry out the treatment of data that they have been informed about. The consent is valid only if it is freely given, in a specific way, and in writing, and if the notification has been given to the person concerned, as specified in Article 13 of the Code. It can regard the entire process of data treatment or just one or more operations. It is in the interest of the possessor of the data to ask for explicit consent to all forms of data treatment that are correlated and necessary to a certain activity, while explaining to the person concerned, by means of the notification, the reasons for this request, as well as the results of giving only a partial consent.


The rights of the person concerned
The “Code regarding the protection of personal data” allows all parties concerned to defend their own privacy and to affirm their rights in a simple way. It is sufficient to request, in the relevant part of the notification that mentions the exercise of rights, what personal data is held by Technogenetics or to request that it be corrected or deleted, so as to exercise the rights specified under Article 7 that is herewith quoted in full below.

 

Art. 7 Rights of access to personal data and other rights

  1. The persons concerned have the right to obtain confirmation of the existence or non-existence of personal data concerning them, even if they have not yet registered, and to request that this be communicated to them in an intelligible form.
  2. The person concerned has the right to obtain information regarding the origin of the personal data, the purposes and modalities of its treatment, the criteria applied in the case of treatment with electronic instruments, as well as information regarding the identity of the possessor of the data, those responsible for it and the appointed representative as specified under article 5, paragraph 2. He she also has the right to obtain information regarding the parties or categories of parties to whom personal data may be communicated or those who can learn about it as appointed representatives in the territory of the State, as persons responsible or agents.
  3. The person concerned has the right to obtain: the updating, correction or, when he/she is interested, the completion or erasure of the data, its transformation into an anonymous form or the blocking of any data that has been processed unlawfully, including that which did not need to be kept for the purposes for which the data was collected or subsequently processed; the certification that the operations, also as regards their content, have been brought to the attention of those parties to whom the data was communicated or disseminated, except in the case when this requirement proves impossible or when it involves the use of means that are clearly disproportionate with regard to the safeguarded right.
  4. The persons concerned have the right to object, in whole or in part, for legitimate reasons to: the processing of their personal data, even if this is pertinent for the purposes of its collection; the processing of their personal data for sending advertising or promotional material or purposes of direct sales or for carrying out market research or business communications.
  5. Note: In order to affirm and apply for these rights the identity of the person concerned must be demonstrated, and therefore accompanied by a photocopy of his/her identity document (Article 17, paragraph 2, of Presidential Decree no. 501/1998), or by their authenticated signature.

 

GLOSSARY
1. For the purposes of the present Code the following definitions shall apply:

Data treatment or processing: any operation or set of operations, including those carried out without the aid of electronic means, concerning the collection, registration, organization, storage, elaboration, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, distribution, erasure and destruction of data, even if it not registered or recorded in a database.

Personal data: any information concerning a natural person, identified or identifiable, also indirectly by means of reference to any other information, including a personal identification number (1).

Identifying data: data that permits the direct identification of the person concerned.

Sensitive data: personal data that reveals the racial or ethnic origin, religious beliefs, philosophical convictions or other beliefs, political opinions, membership of parties, trade unions, associations or organizations of a religious, philosophical or political nature, as well as personal data disclosing the person’s health and sex life.

Judicial data: personal data disclosing the measures specified in Article 3, paragraph 1, letters from a) to o) and from r) to u), of the Presidential Decree of November 14, 2002, n. 313, relating to criminal records, the register of pending fines and penalties due to administrative and criminal offenses and/or charges, or the person’s status as accused or under investigation as specified in Articles 60 and 61 of the Italian Code of Criminal Procedure.

Possessor of data: the natural person, legal person, public administration or any other body, institution, association or organization that is responsible, also jointly with another possessor, for decisions regarding the aims and modalities of the processing of personal data and the means or instruments used for this purpose, including the security profile regarding the personal data.

Person/body responsible: the natural person, legal person, public administration or any other body, association or organization designated by the possessor for the processing of personal data.

Person(s) in charge: the individuals and natural persons authorized by the possessor or body responsible for performing data processing operations.

Person(s) concerned: the natural persons to whom the personal data refers: (2).

Communication: the conferring of knowledge of personal data to one or more parties other than the person(s) concerned, by the representative of the possessor in the territory of the State, by the persons/bodies responsible or in charge, in any form, also by making them available for consultation.

Distribution: the giving of knowledge of personal data to undetermined parties, in any way or form, including by making them available for consultation.

Anonymous data: data that originally, or following its processing and treatment, cannot be associated with an identified or identifiable individual.

Blocking: the conservation and storage of personal data with the temporary suspension of any other operation of processing and treatment.

Database: any organized set of personal data, divided into one or more units located in one or more sites.

Guarantor: the authority as specified in Article 153 of the legislation regarding the processing of personal data, as established by the Law of 31 December 1996, no. 675.

 

2. For the purposes of the present Code the following definitions also apply:

Electronic communication: any information exchanged or transmitted between a finite number of parties by means of an electronic communication service accessible to the public. The concept excludes any information transmitted to the public via an electronic communications network, as part of a radio broadcasting service unless this information is connected to a contractor or an identified or identifiable receiving user.

Call: connection established by an electronic communications service accessible to the public that permits a two-way communication. (3)

Electronic communications networks: transmission systems and, where applicable, switching or routing equipment and other resources, including non-active network elements, which allow for the transmission of signals via cable, radio, optical fibres or by other electromagnetic means, including satellite networks, circuit-switched and packet-switched fixed and mobile terrestrial networks, including Internet, networks used for broadcasting of radio and television programmes, systems for the transport of electrical current to the extent that they are used to transmit signals, as well as cable television networks, irrespective of the type of information conveyed. (4)

Public communications network: an electronic communications network used wholly or mainly for providing electronic communications services accessible to the public, which supports the transfer of information between the termination points of networks. (5)

Electronic communications service: services which consist wholly or mainly in the transmission of signals on electronic communications networks, including telecommunications services and transmission services in networks used for radio and television broadcasting, within the limits specified in Article 2, letter c) of the Directive 2002/21/EC of the European Parliament and of the Council, of 7 March 2002.

Contractor: any natural person, legal person, body or association that is party to a contract with a provider of electronic communications services that are accessible to the public for the provision of such services, or any recipient of such services by means of prepaid cards. *

User: any natural person who uses an electronic communication service accessible to the public, for private or business reasons, without necessarily being subscribed to such a service.

Data regarding traffic: any data subject to treatment or processing for the purpose of transmitting a communication on an electronic communications network or for the billing thereof.

Data regarding location: any data processed in an electronic communications network or by an electronic communications service that specifies the geographic position of the terminal device of the user of an electronic communication service accessible to the public. (6)

Value-added service: any service which requires the treatment or processing of data relative to traffic or of data relative to a location if this is different from the of data relative to traffic, beyond what is necessary for the transmission of a communication or for the billing thereof.

E-mail: any messages containing texts, voices, sounds or images transmitted on a public communications network, which can be stored in the network or in the recipient's terminal device until the recipient is aware of its presence.
 

3. For the purposes of the present Code the following definitions also apply:

Minimum measures: all of the technical, computerized, organizational, logistical and procedural security measures that possess the minimum level of protection required in relation to the risks as specified in Article 31.

Electronic instruments: any computers, computer programs and any electronic or automated means or device which carry out the treatment or processing of data.

Computerized authentication: the set of electronic instruments and procedures for verifying a person’s identity also indirectly.

Authentication credentials: the data and devices in the possession of a person, known by or uniquely related to him or her, which are utilized for computer authentication.

Keyword: a component of an authentication credential associated with a person and known to him or her, consisting of a sequence of characters or other data in an electronic form.

Authorization profile: the set of information uniquely associated with a person, making it possible to identify what data he or she can have access to, as well as the treatment or processing of data that he or she is allowed to perform.

Authorization system: the set of tools and procedures that enable access to data and the modalities of treatment of the same, in accordance with the authorization profile of the applicant.

Personal data breach: a security breach, also accidental, leading to the destruction, loss, alteration, unauthorized access to or disclosure of the personal data transmitted, stored or otherwise elaborated and processed in the context of the providing of an electronic communications service accessible to the public. (7)


4. For the purposes of the present Code the following definitions also apply:

Historical purposes: the purposes of study, investigation, research and documentation of figures, facts and circumstances of the past.

Statistical purposes: the purposes of statistical analysis or the production of statistical results, also by means of statistical information systems.

Scientific purposes: the purposes of study and systematic investigations aiming at the development of scientific knowledge in a specific sector.

© Technogenetics 2021. All rights reserved