Privacy Policy

1. Scope of the privacy policy

The protection of personal data (so-called privacy) is the safeguarding of the fundamental rights and freedoms of natural persons with regard to the processing of any information that identifies them or makes them identifiable (personal details, IP, images), including special categories (sensitive data) such as health, political or religious opinions.

2. Personal data processed

The protection applies to personal data and to the processing operations indicated in Art. 4, point 2 of Regulation (EU) No. 679/2016 (“Regulation”), supplemented by the applicable national legislation. The personal data processing operations are limited to those strictly related to the purposes indicated in point 4 and concern the following categories of data: personal and tax data. Personal data are normally collected directly; where such collection occurs through third parties, the data subject will be provided with appropriate information in compliance with the terms and conditions set out in Art. 14 of the Regulation.

3.Data Controller (“Controller”) and contact details

Clariscience S.r.l.

Via del Vecchio Politecnico, 9

20121 – Milano (Italy)

T +39 049 7443622

Data Controller’s email address: privacy@clariscience.com

4. Purposes and legal basis of the processing

Personal data are collected for the following purposes:

To provide the services requested by the user. The processing carried out for these purposes is necessary for the performance of contractual obligations and does not require specific consent from the data subject.
To assess your experience in using the website and the services we offer and to ensure the proper functioning of the web pages and their contents. The processing carried out for these purposes is based on a legitimate interest of the Controller.
To send commercial and promotional communications, direct sales communications, market research regarding products, services and events (hereinafter collectively defined as “marketing activities”) of the Company, and for marketing activities. The processing carried out for these purposes is performed with the specific consent provided by the user, except for commercial communications relating to products and/or services similar to those already purchased and/or subscribed to by the user, for which the processing is based on a legitimate interest of the Controller and/or on the conditions provided for by specific regulatory provisions (Art. 130, paragraph 4, Privacy Code).

Personal data are processed lawfully and fairly; they are relevant and not excessive in relation to the purposes of the processing indicated above; they are retained for the time necessary for the purposes of collection.

5. Type of data processed

The website offers informational and interactive content. During navigation of the website, information about the visitor may therefore be collected in the following ways:

Browsing data. The IT systems and software procedures used to operate the website acquire, during their normal operation, certain personal data whose transmission is implicit in the use of Internet communication protocols. This category of data includes: IP addresses, the type of browser used, the operating system, the domain name and addresses of websites from which access was made, information on the pages visited by users within the site, the access time, the time spent on each page, internal path analysis and other parameters relating to the user’s operating system and IT environment. Although this information is not collected in order to be associated with identified users, by its very nature, if associated with other data held by third parties (e.g. internet service providers), it could allow users to be identified. These data are used solely for the purpose of anonymous statistical information on the use of the site and to check its correct functioning.
Additional categories of data

These consist of all personal data provided by the visitor through the site, for example, by registering and/or accessing a reserved area and/or a service and/or event, writing to a Company email address to request information or calling one of our numbers to have direct contact.

The main components of clariscience.com, engage.clariscience.com, academy.clariscience.com are created and managed directly by the Controller using dedicated software; full reference is made to the link “Gestione domini e sottodomini Clariscience” (Domain and subdomain management). The processing carried out for these purposes is performed only upon specific consent provided by the user (with regard to the use of technologies such as cookies, full reference is made to our cookie policy “Cookie Policy”).

6. Provision of data

Apart from what is specified for browsing data, the user is free to provide or not to provide the personal data requested in the service registration forms. In such forms, however, some data may be marked as mandatory; such data must be understood as necessary for the provision of the requested service. If such data are not provided, the requested service cannot be provided.

7. Recipients of personal data

For the pursuit of the purposes described in Art. 4 above, the data may be communicated to and known by/from: employees and subordinate workers and, in general, the Company’s personnel, who will operate as Authorized Persons for the processing of personal data, specifically appointed by the Controller.

User data may also be processed by service providers for the management of IT systems (for maintenance of the IT infrastructure); such subjects will operate as Data Processors specifically appointed by the Controller pursuant to Art. 28 of the GDPR.

The list of recipients is available at the Controller’s premises for consultation.

8. Use of data to make decisions

The Controller does not make use of an automated decision-making processing of the data collected.

9. Duration of retention of personal data

Personal data collected through use of the Website are processed for the time strictly necessary to provide the requested services and to carry out the related technical and security operations, as well as, upon completion thereof, for any periods established by the applicable regulations for administrative and, where applicable, defensive purposes, also connected to the possible ascertainment of liability in the event of computer crimes.

10. Security measures adopted for the protection of collected data

The Company uses appropriate security measures to protect personal data against improper disclosure, alteration or misuse. The protections activated with respect to personal data are intended, in particular, to minimize the risks of destruction or loss, including accidental loss, of data, of unauthorized access or of processing that is not permitted or not compliant with the purposes of collection. Periodic “Risk Analysis” activities are carried out to verify compliance with the defined standards and, where necessary, to adopt new security measures following organizational changes and technological innovations or changes in the type of data collected. Security measures are constantly monitored and periodically verified.

11. Rights of the data subject and methods of exercise

In relation to the processing of personal data, in accordance with the methods and within the limits provided for by the applicable legislation, the data subject has the right to request from the Company:

access: may request confirmation as to whether or not data concerning him/her are being processed, as well as further clarification regarding the information referred to in this Notice;
rectification: may request that the data provided be corrected or supplemented, where inaccurate;
erasure/right to be forgotten: may request that the data acquired or processed by the Company be erased, where they are no longer necessary for the purposes or where there are no disputes or controversies in progress, in the event of withdrawal of consent or objection to processing, in the event of unlawful processing, or where there is a legal obligation to erase;
restriction: may request restriction of the processing of personal data, where one of the conditions set out in Art. 18 of the GDPR applies; in such case, the data will not be processed, except for storage;
objection: may object at any time to the processing of data on the basis of a legitimate interest of the Company, unless there are legitimate grounds of the Controller to proceed with the processing. The data subject’s objection to processing shall always prevail over the Company’s legitimate interest in processing data for marketing purposes;
portability: may request to receive the data, or to have them transmitted to another controller indicated by him/her, in a structured, commonly used and machine-readable format;
withdrawal: pursuant to Art. 7, para. 3 of the GDPR, the data subject may exercise at any time the right to withdraw consent, without prejudice to the lawfulness of the processing based on the consent given prior to withdrawal.
complaint: has the right to lodge a complaint with the Data Protection Authority.

To exercise these rights, report problems or request clarification regarding the processing of your personal data, you may send an email to privacy@clariscience.com.

CLARISCIENCE SRL

REGISTERED OFFICE

CONTACTS

Ti aspettano approfondimenti esclusivi su temi caldi e attuali, aggiornamenti normativi, novità derivanti dalla nostra formazione e tanto altro. Non perdere l'opportunità di ricevere contenuti di valore direttamente nella tua casella di posta.

SERVICES

Regulatory affairs

Quality management systems

Medical writing and scientific communication

ABOUT US

Corporate

Work with us

Referral program