Information on the Processing of Personal Data in accordance with Article 13 of EU Regulation No. 2016/679
In compliance with Article 13 of EU Regulation No. 2016/679, GDPR (hereinafter referred to as the "Regulation") and with Legislative Decree No. 196 of June 30, 2003 ("Personal Data Protection Code," hereinafter referred to as the "Code"), as amended by Legislative Decree No. 101 of August 10, 2018, we hereby inform you that:
- The personal data voluntarily provided by you to Doctor Shop S.r.l. at the time of registration, during commercial interactions aimed at concluding contractual agreements and their execution, promotional activities, or otherwise acquired in the course of our business in compliance with the applicable legislative and contractual provisions, will be processed in accordance with the principles of fairness, lawfulness, and transparency, while protecting your privacy and rights in compliance with the aforementioned regulations;
- Certain personal data you have provided, specifically those indicating date of birth, will be processed for purposes directly related to providing the requested service, as the products and services offered by Doctor Shop S.r.l. are intended solely for professional operators in the medical field. Therefore, consent provided by minors or those who, due to age, do not belong to the aforementioned category will not be considered valid, excluding the possibility of completing purchases on the site;
- In the event of sensitive/specific data voluntarily provided by the data subject, its processing will be carried out in accordance with Article 9 of the Regulation and solely within the limits specified in this privacy notice;
- For the purposes of personal data processing under Article 4 of the Regulation, any operation or set of operations performed with or without the aid of automated processes, such as collection, recording, organization, structuring, storage, adaptation, modification, extraction, consultation, use, communication by transmission, dissemination, or any other form of making available, comparison or interconnection, restriction, deletion, or destruction, is considered processing.
Pursuant to Article 13 of EU Regulation No. 2016/679, we provide you with the following information:
Purpose of Processing:
Your personal data will be processed for the following purposes:
- Institutional purposes related or instrumental to the activities of Doctor Shop S.r.l., such as archiving, processing, invoicing, and customer management;
- To fulfill legal obligations related to civil, tax, and accounting regulations for the administrative management of the relationship established with Doctor Shop S.r.l.;
- To fulfill contractual obligations, provide technical support and technical information, and offer post-sales assistance;
- For profiling purposes, analyzing personal data such as name, surname, date of birth, and professional specialization to examine purchase preferences and interests inferred from purchases made, online clicks on products, and/or website sections, and to send personalized communications and offers. The processing of your personal data for profiling purposes may also involve the use of profiling cookies, subject to your consent. To view our cookie policy, click here;
- For direct marketing, to communicate future business initiatives, announcements of new products, services, and offers from Doctor Shop S.r.l. by sending advertising materials and newsletters via email and/or postal mail.
Sensitive data you may provide will be processed only to fulfill essential operations required to meet obligations, including pre-contractual obligations, related to the provision of goods, services, or performances to the data subject in accordance with the principle of relevance and non-excessiveness of data necessary for fulfilling contractual obligations and applying tax benefits.
Legal Basis of Processing:
The processing of personal and sensitive data provided by you is justified by the need to comply with legal and tax obligations to which the Data Controller is subject, and by the need to perform the contract in which you are involved or to take pre-contractual measures at your request.
Providing your personal and potentially sensitive data is necessary to fulfill contractual and legal obligations related to the commercial relationship established with Doctor Shop S.r.l.; without it, it would not be possible to process the purchase order or apply the reduced tax rate.
The processing of data for direct marketing and profiling purposes is based on the data subject's optional consent. Failure to provide consent for these purposes does not affect established or establishing legal and contractual relationships but excludes the possibility of receiving updates, promotions, and other offers tailored to personal preferences.
Data Communication and Processing Methods:
The data will be processed as follows:
- Personal data is processed to ensure adequate security and confidentiality. To this end, data is collected in our database, which is protected with security measures to prevent unauthorized access or use of personal data and equipment used for processing;
- Sensitive data, if collected, is stored in Doctor Shop S.r.l.'s IT systems, reducing the use of personal and identifying data when the intended purposes can be achieved using anonymous data and appropriate methods that allow the identification of the data subject only when necessary. Sensitive data deemed excessive or no longer necessary for concluded evaluation activities will not be subject to further and/or different use by the Data Controller;
- In compliance with the aforementioned purposes and within the bounds of the law, your personal data may be disclosed to:
- Linked, parent, and affiliated companies of Doctor Shop S.r.l.;
- Doctor Shop S.r.l. business partners (producers, suppliers, carriers, couriers, etc.);
- Given Doctor Shop S.r.l.'s international operations, such data may be transferred abroad within the EU territory for the execution of the contract concluded between you and Doctor Shop S.r.l. Such data will be transferred with appropriate safeguards for the protection of your data.
Data Retention Period:
Personal, demographic, and sensitive data processed in the context of contract execution will be stored in compliance with legal and tax obligations (e.g., national tax or anti-fraud laws, product warranty periods, etc.) requiring data retention for a specific period.
Regarding personal data processed for direct marketing or profiling purposes, it will be retained respecting the principle of proportionality and, in any case, until the purposes of the processing are achieved. Under Article 21 of the Regulation, the data subject may exercise the right to object to the processing of personal data concerning them at any time for these purposes, including profiling.
Data Subject Rights:
In any case, under Articles 15 et seq. Chapter III “Rights of the Data Subject” of EU Regulation No. 679/16, you have the right:
- To obtain confirmation from the Data Controller as to whether or not personal data concerning you is being processed and, if so, to access personal data in an intelligible form;
- To obtain rectification, supplementation, or deletion of personal data or restriction of the processing of personal data concerning you;
- To object to the processing;
- To withdraw consent for processing at any time, without prejudice to the lawfulness of processing based on consent before withdrawal;
- To file a complaint with the supervisory authority (Privacy Guarantor).
The data subject may exercise their rights at any time by contacting the following:
Email: privacy@doctorshop.it
Phone: +39 02 25713717
Data Controller
The Data Controller is:
Doctor Shop S.r.l., represented by Dr. Davide Muci
Viale Monza No. 259
20126 Milan (MI)
Phone: +39 02 25713717
Email: privacy@doctorshop.it
Data Processors
The Data Processors are:
- Mr. Filippo Macchi
Farnetworks S.r.l.
Data Protection Officer
The Data Protection Officer is:
Lawyer Marco Scansani
20122 Milan (MI)
Via Cappuccini, 14
P.E.C.: marco.scansani@milano.pecavvocati.it