Privacy Policy

The Company A. Menarini Diagnostics Limited (“Company”, or “we”) wishes to inform you that the processing of your personal data, performed by way of the website (“Website”) or collected by way of contact forms (“Forms” or “Form”) takes place in compliance with the data protection laws and regulations applicable in the UK (e.g., the UK GDPR -hereinafter “GDPR”- , the Data Protection Act (2018) –hereinafter “DPA 2018”- and the Privacy and Electronic Communications Regulations –hereinafter “PECR”).

1. Data Controller and DPO

Data Controller is A. Menarini Diagnostics Limited with registered offices in 405 Wharfedale Road – Winnersh-Wokingham – RG41 5RA Berkshire (“Controller”).
Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to enquiries@menarinidiag.co.uk

The Company has a Data Protection Officer (“DPO”) that can be reached at: dpo@menarini.com

2. The data we process

With your consent, we process the ordinary and sensitive personal data which you provide when you interact with the Website and use the related services and functions, and/or you reach out to us. These data include, in particular:

  • information that you voluntarily provide to us through our site at the time of registering to our site, subscribing to our service, posting material or requesting further services. This will typically include name and surname, contact details, professional qualifications, areas of interest and content of your specific requests or reports
  • We may also ask you for information at other times, such as when you report a problem with our site. This includes information, such as your name, address, telephone number, email address, country of residence;
  • if you contact us, we may keep a record of that correspondence;
  • we may also ask you to complete surveys that we use for research purposes, although you do not have to respond to them;
  • details of your visits to our site including, but not limited to, technical information, including the internet protocol (IP) address used to connect your computer to the internet, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, traffic data, location data, weblogs and other communication data and the resources that you access;
  • information that we receive from other sources. We may receive information about you if you use any of the other websites that we operate or the other services we provide. We are also working closely with third parties (including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, credit reference agencies) and may receive information about you from them; and
  • other purposes for which we may use your personal data may be disclosed to you at the time you provide the information to us.

(hereinafter “Data”).

Please note that the Controller may process your data to comply with legal obligations stemming from laws, regulations and EU Law, to exercise rights in legal proceedings, to pursue its own legitimate interests and in all cases provided by Articles 6 and 9 of the GDPR, where applicable.

Please note that our site is intended for healthcare professionals. It is directed at an adult audience and should not be used by children under the age of 18. We do not knowingly collect information from or about children under the age of 18.

Processing shall take place both using computers and on paper, and shall always entail the implementation of the security measures provided by current law.

3. Why and how we process your data

We use information held about you in the following ways:

  • to ensure that content from our site is presented in the most effective manner for you and for your computer; to improve or develop the content of our site, to administer our site for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes; to improve our level of service; and to notify you about changes to our service. The legal basis for the processing of your data for these purposes is out legitimate interest to having an effective and functional website, keeping it up to date and secure and improve the level of our services (Art. 6.1 (f) GDPR);
  • to provide you with information, products or services that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes; to allow you to participate in interactive features of our service, when available and when you choose to do so. The legal basis of the processing is your consent (art. 6.1 a GDPR and 9.2.(a)). Where you consent, we may also use the information to receive commercial communications in line with the interests we have automatically inferred during interactions with the Company (“profiling”) (art. 6.1 a GDPR).
  • to provide you with information about goods and services which may be of interest to you and we may contact you about these by email, post or telephone, where this is allowed by the GDPR, DPA and PECR. The legal basis for the processing of your data for these purposes is out legitimate interest to establishing professional and/or commercial relations with you (Art. 6.1 (f) GDPR). If you do not want us to use your data in this way, please tick the relevant box situated on the form on which we collect your data.
  • to pursue legal obligations, and in particular to manage adverse event information you may share during interactions with us to comply with our legal obligations; the legal basis for processing for these purposes is the pursuit of a public interest in the healthcare sector (Article 6.1 (c) and Article 9.2.(i) of the GDPR)
  • to enforce the Code of Conduct of the Menarini Group and to establish or defend the legal claims in the interest of the Company (art. 6.1.(f) of the GDPR).

The personal data are entered into the Company computer system in full compliance with data protection law, including security and confidentiality profiles and based on principles of correct practice, lawfulness and transparency in processing.
Data shall be stored for as long as strictly necessary for the attainment of the purposes for which they were collected. In any event the criterion used to determine that period is based on compliance with the time limits set by law and with the principles of data minimisation, storage limitation and rational management of archives.

All your data will be processed on paper or by means of automated instruments, which in any case ensure an appropriate level of security and confidentiality.

4. Browsing data

If you only visit the Website (i.e., without sending communications or using any of the available services/functions), the processing of your data is limited to browsing data i.e., data whose transmission to the Website is necessary for the functioning of the computers which operate the Website and of the Internet communication protocols. This category includes, for example, IP addresses or computer domain used to visit the Website and other parameters pertaining to the operating system used to connect to the Website. The Company collects these and other data (such as, for example, number of visits and time spent on the Website) merely for statistical purposes and in anonymous form in order to monitor the functioning of the Website and improve its performance. Such data is not collected to be associated with other information regarding, or for the identification of, users; however, such information, by its very nature, may enable the Company to identify users through processing and association with data held by third parties. Browsing data are normally deleted following processing in anonymous form but can be stored and used by the Company to detect and identify perpetrators of any computer offences committed to the detriment of the Website or using the Website. Without prejudice to this possibility and to the provisions of the Cookie Policy the browsing data described above are stored only temporarily, in compliance with law.

5. Links to other websites

This Information Notice applies only to the Website and the Forms as defined above. Even though the Website may contain links to other websites (known as third party websites), please be informed that the Company does not perform any access or control over cookies, web beacons or other user-tracking technologies that may be active on such third party websites, on the contents and materials published thereon, or on their methods of processing of your personal data; for this reason, the Company expressly declines any liability for such matters. You should therefore verify the privacy policies of such third party websites and collect information about their terms and conditions and about how they process your personal data.

6. Persons who have access to the Data

The Data are processed electronically and manually according to procedures and logics relating to the above-mentioned purposes and are accessible by the Controller’s staff authorised to process personal Data and their supervisors, and in particular to staff belonging to the following categories: technical, IT and administrative staff, our reps and product managers -if your interactions with us regarding our products and services-, internal audit and compliance staff, staff in charge of adverse events -if you reported any- as well as other individuals who need to process the data to perform their job duties. The Data may be communicated, also in countries outside the European Union (“Third Countries “) to: (i) institutions, authorities, public bodies for their institutional purposes; (ii) professionals, independent consultants –individually or in partnerships- and other third parties and providers which supply to the Controller commercial, professional or technical services required to operate the Website (e.g., provision of IT and Cloud Computing services), in order to pursue the purposes specified above and to support the Company with the provision of the services you requested; (iii) third parties in the event of mergers, acquisitions, transfers of business -or branches thereof-, audits or other extraordinary operations; (iv) company supervisory bodies, based at the Controller’s address, in the pursuit of their activities (oversight over the enforcement of legal obligations, ethical standards, the Menarini Group’s Code of Conduct, etc.).
The mentioned recipients shall only receive the Data necessary for their respective functions and shall duly undertake to process them only for the purposes indicated above and in compliance with data protection laws. The Data can furthermore be communicated to the other legitimate recipients identified from time to time by the applicable laws. With the exception of the foregoing, the Data shall not be shared with third parties, whether legal or natural persons, who do not perform any function of a commercial, professional or technical nature for the Controller and shall not be disseminated. The individuals who receive the data shall process them, as the case may be, in the capacity as Controller, Processor or person authorised to process personal data, for the purposes indicated above and in compliance with data protection law.
Regarding any transfer of Data outside the UK, including in countries whose laws do not guarantee the same level of protection to personal data privacy as that afforded by UK Law, the Controller informs that the transfer shall in any event take place in accordance with the methods permitted by the GDPR, such as, for example, on the basis of the user’s consent, on the basis of Standard Contractual Clauses, by selecting parties enrolled in international programmes for free movement of data or operating in countries considered safe by the UK Government.

7. Your Rights

By contacting the Controller at the addresses indicated above you can, at any time, exercise the rights pursuant to Articles 15-22 of the GDPR such as, for example, obtaining an updated list of the individuals who can access your data, obtain confirmation of the existence or otherwise of personal data which relates to you, verify their content, origin, correctness, location (also with reference to any Third Countries ), request a copy, request their rectification and, in the cases provided by the GDPR, request the restriction of their processing, their erasure, oppose to direct contact activities (or restrict contacts to some communication channels only), including newsletters or promotional materials (direct marketing) you might have requested or you might otherwise be receiving from the Company, electronically or otherwise. Likewise, you can always report observations on specific uses of the data regarding particular personal situations deemed incorrect or unjustified by the existing relationship to the DPO or submit complaints to ICO. You may withdraw your consent at any time – however that shall not impair the lawfulness of the processing carried out before consent withdrawal.

Berkshire website design company