Privacy Policy – Menarini Biomarkers Singapore

PRIVACY INFORMATION NOTICE

MENARINI BIOMARKERS SINGAPORE PTE LTD wishes to inform you that the processing of your personal data, performed by way of the website (“Website”) or collected by way of the contact forms displayed on the Website (“Forms”) is carried out in compliance with this Privacy Policy as well as with the data protection laws that may be applicable to you, including Regulation (EU) 2016/679 – “GDPR”- if you are located in the EU, the Singapore Personal Data Protection Act (2012) –PDPA- if you are located in Singapore, etc.

1. Data Controller and DPO

Data Controller is A. MENARINI BIOMARKERS SINGAPORE PTE LTD with registered offices in 30 Pasir Panjang Road,Mapletree Business City,Singapore (“Controller”).

The Data Protection Officer (“DPO”) can be contacted at: dpo@menariniapac.com

2. The data we process

When you interact with the Website and its available functions, such as the contact Forms, we will process the following personal data (“Data”):

first name, last name, email, organisation and content of your specific requests or reports, including any “sensitive” data (e.g. health-related information) you submit via the Website or the Form;
browsing data (see below, section 4) and data collected by cookies (see our cookie policy for more details);
any additional data which the Controller may lawfully acquire, also from third parties, in the course of business.

If you submit communications via the contact Forms, we need you to fill in all the fields marked with an asterisk (*) – without that mandatory information we would in fact unable to process your query/report. Conversely, the information requested in fields not marked with an asterisk is optional: if you do not wish to provide it there will be no consequence.

Processing may take place both electronically and on paper, and shall always entail the implementation of appropriate security measures mandated by current laws.

3. Why and how we process your data

The Data are processed for the following purposes:

To handle your requests for information submitted through the Website and the Form. The processing of the information submitted for this purpose is grounded on your consent.
To consider collaboration requests or proposals, including job applications, received via the Form. The processing of information submitted for these purposes is grounded on your consent and on the need to clear the necessary steps to consider and establish a professional or commercial relationship with you.
To handle quality complaints or adverse event reports submitted through the Website or the Forms. The processing of information submitted for these purposes is grounded on your consent, as well as on the necessity to pursue the public health interest of ensuring a high level of quality and safety of our products, in line with the applicable legislation and international standards in the field.

By pressing the “send” button, you agree to the processing of submitted Data for the purposes and with the specifications set out in this document.

Please note that, regardless of your consent, Data may also be processed for the purpose of complying with laws, regulations or requests from the authorities, to perform statistics on the Website’s usage and ensure its proper functioning, to enforce the Code of Conduct of the Menarini Group and to establish or defend the legal claims in the interest of the Company.

Data are entered into the Company computer system in full compliance with data protection laws, including the aspects pertaining to security and confidentiality and in line with the principles of fairness, lawfulness and transparency.

Data shall be stored for as long as strictly necessary for the attainment of the purposes for which they were collected. In any event the criterion used to determine that period is based on compliance with the time limits set by law and with the principles of data minimisation, storage limitation and rational management of archives.

All your data will be processed on paper or by means of automated instruments, which in any case ensure an appropriate level of security and confidentiality.

4. Browsing data

If you only visit the Website (i.e., without sending communications or using any of the available services/functions), the processing of Data is limited to browsing data i.e., Data that the Website needs to process to run the computers which operate the Website and Internet communication protocols. This category of Data includes, for example, IP addresses or computer domain used to visit the Website and other parameters pertaining to the operating system used to connect to the Website. The Company collects this and other data (such as, for example, number of visits and time spent on the Website) merely for statistical purposes and in anonymous form in order to monitor the functioning of the Website and improve its performance. Such data is not collected to be associated with other information regarding, or for the identification of, users; however, such information, by its very nature, may enable the Company to identify users through processing and association with data held by third parties. Browsing data are normally deleted following processing in anonymous form but can be stored and used by the Company to detect and identify perpetrators of any computer offences committed to the detriment of the Website or using the Website. Except as above specified and as set out in the Cookie Policy, browsing data are stored only temporarily, in compliance with law.

5. Links to other websites

This Privacy Policy applies only to the Website as defined above. Even though the Website may contain links to other websites (known as third party websites), please be informed that the Company does not perform any access or control over cookies, web beacons or other user-tracking technologies that may be active on such third party websites, on the contents and materials published thereon, or on their methods of processing of your personal data; for this reason, the Company expressly declines any liability for such matters. You should therefore verify the privacy policies of such third party websites and collect information about their terms and conditions and about how they process your personal data.

6. Persons who have access to the Data

Data are processed electronically and manually according to procedures and rationales relating to the above-mentioned purposes and are accessible to staff, providers and collaborators in charge of technical, IT, administrative, research, commercial and managerial functions. Data may be communicated, also abroad, to: (i) institutions, authorities, public bodies for their institutional purposes; (ii) professionals, independent consultants –individually or in partnerships- and other third parties and providers which supply to the Controller commercial, professional or technical services required to operate the Website (e.g., provision of IT and Cloud Computing services), in order to pursue the purposes specified above and to support the Company with the provision of the services you requested; (iii) other third parties in the event of mergers, acquisitions, transfers of business -or branches thereof-, audits or other extraordinary operations; (iv) other Companies of the Menarini Group, also based abroad, that provide technical, administrative, accounting, legal or other services to the Controller; and (v) Supervisory Boards and other Menarini Group structures in charge of internal audit and compliance functions, including the enforcement of the Menarini Group Code of Conduct.

The mentioned recipients shall only receive the Data required for their respective functions and shall duly undertake to process them only for the purposes indicated above and in compliance with data protection laws. Data can furthermore be communicated to the other legitimate recipients identified from time to time by the applicable laws. With the exception of the foregoing, the Data shall not be shared with third parties, whether legal or natural persons, who do not perform commercial, professional or technical service for the Controller and shall not be disseminated. Disclosures of data to the above recipients shall be carried out in compliance with data protection laws.

If you are based in the EU, please be informed that your Data may be transferred outside the EU to countries whose laws do not guarantee the same level of protection to personal data privacy as that afforded by EU Law; nevertheless, even in those cases, the transfer shall take place in accordance with the methods permitted by the GDPR, such as, for example, on the basis of the user’s consent, on the basis of the Standard Contractual Clauses approved by the European Commission, by selecting parties enrolled in international programmes for free movement of data (e.g. EU-USA Privacy Shield) or operating in countries considered safe by the European Commission.

7. Your Rights

By contacting the Controller at the addresses indicated above you can, at any time, exercise the rights afforded by the data protection laws such as, for example, obtaining an updated list of the individuals who can access your data, obtain confirmation of the existence or otherwise of personal data which relates to you, verify their content, origin, correctness, location (also with reference to any Third Countries ), request a copy, request their rectification and, in the cases provided by the data protection laws, request the restriction of their processing, their erasure, oppose to direct contact activities (including limited to some mediums of communication). Likewise, you can always report observations on specific uses of the data regarding particular personal situations deemed incorrect or unjustified by the existing relationship to the DPO or submit complaints to the Data Protection Authority. You may withdraw your consent at any time – however that shall not impair the lawfulness of the processing carried out before consent withdrawal.