1. Whom does this information apply to?
This information note applies to the collection of personal data of:
• Our counterparties such as suppliers, customers (hereinafter "trading partners");
• Visitors and users of our site (hereinafter “users”);
2. What data do we collect about you?
We collect and process your personal data as follows:
• from the information you provide by filling in the forms on our website: The Contact Page form, the Quick Contact form, the Login Page form, the New User account form, the Anamnesis form, the Patient Profile form within the anamnesis form, the Live Chat and Video call form.
• by correspondence with us on the phone, e-mail or any other way
The information you provide us may include surnames, first names, date of birth, height, weight, sex, home address, delivery address, e-mail address and telephone number, as well as other information, as appropriate.
Through the activity carried out on the site, we shall not collect or process sensitive personal data relating to you (e.g. information about racial or ethnic origin, political views, religious confession or philosophical beliefs, health, sexual life or sexual orientation), unless:
• we see ourselves obliged to do so by law (e.g. MS Order-444/2019);
• you have given us your explicit consent separately.
If you provide us your personal data (including sensitive personal information) on a voluntary basis through your interaction with the site or by correspondence on the telephone, e-mail or in any other way, at free will and not at our request, we will delete such personal data from our systems unless we believe that processing is necessary for a legitimate purpose of Health Laboratory, unless you have made this data public (for example, in a message forum that is visible to the public) in which case we will only delete this data from the site if the law requires it or if we do not wish to keep it.
Every time you visit www.immunyze.me, we automatically collect the following data:
• data about your visit, for example, this may include URL data, sequence of clicks to, through, and from the site (including date and time), information or products that you have viewed or searched for on the site.
If we obtain your personal data from a third party, we shall provide you with all relevant information about its processing as soon as possible, but no later than one month after having obtained your personal data.
Data collected through the anamnesis form:
For providing the services, we may ask you to add personal data which may include surnames, first names, date of birth, height, weight, sex and other information, as appropriate of a third party who will benefit through the account holder from the services for which this data is processed.
According to MS Order-44/2019 for the online purchase of OTC drugs it is necessary to create the patient profile using the anamnesis form, therefore you are requested and collected your personal data that may include surname, first name, date of birth, height, weight, gender, as well as information on the patient's clinical condition.
If you purchase the products for a third person, you are requested and collected the personal data of the person in question, which may include his/her surname, first name, date of birth, height, weight, gender, as well as information on the patient's clinical condition.
3. What are the purposes of the collection of personal data and which is the legal basis?
We may collect your personal data in the following situations:
• whenever we need to take the necessary steps to conclude an agreement with you;
• whenever we need to fulfill a contract we have concluded with you;
• whenever we have to comply with a legal provision (e.g. the laws applicable to the online purchase of medicines, authorization of payments, employment, accounting, audit);
• whenever it is necessary for our legitimate interests (or those of a third party) and for your interests (e.g. to detect and prevent fraud or to ensure the IT and the informatics network security), unless your fundamental rights prevail over those interests;
• whenever it is necessary for the public interest or for official purposes.
We collect your personal data for various technical, administrative and operational reasons, such as:
• to ensure that the content is presented most effectively for you;
• to improve the website, including its functionality;
• for the site administration;
• for internal operations, including for troubleshooting, data analysis, testing, statistics and research purposes;
• to keep the site safe;
• for advertising and marketing, including for specific marketing purposes, so as to offer content, including personalized content that may be of greater interest to you.
In some cases, we will only process your personal data with your consent (e.g. for advertising and marketing). In these cases, we will request your consent separately and transparently when you provide your personal data. Afterwards you can withdraw your consent any time by sending a request to the email address. The withdrawal of consent will not affect the lawfulness of the processing which has previously taken place.
When we request personal data in compliance with legal or contractual obligations, your provision of such personal data is mandatory. This means that, if such personal data is not provided, we shall not be able to manage the contractual relations or meet the legal obligations imposed on us. In all the other cases, the provision of personal data is optional and you are not required to provide it.
We may process your personal data, such as your identification data, contact details and home address, for the purposes of the possible exercise of our rights or complaints against you in the future. This processing is based on our legitimate interest and we must exercise our rights for whichever disputes.
PRECISELLY, WE WILL USE YOUR PERSONAL DATA AS FOLLOWS:
Users and customers:
For providing services, delivering goods and making payments under relevant contracts, we may process your personal data, such as identification data, contact details, banking information.
This processing is based on:
• Fulfilling a contract the Users (hereinafter the customers) take part in
• A legal obligation we are imposed on.
We process sensitive personal data through the anamnesis form according to MS Order - 444/2019.
We may process personal data so that we can provide you with information about goods or services that we believe are of interest to you. If you are an existing customer, we will only contact you by email or SMS with information about goods and services similar to those previously sold, unless you have differently opted.
If you are a new user, we will electronically contact you only if we have your prior consent. We will not pass on your personal data to third parties for marketing purposes without your explicit consent.
We may also use your personal data to measure or understand your favorite content regarding our products; and to make suggestions and recommendations to you and other users of our site about products you may be interested in.
For providing services, delivering goods and making payments under the relevant contracts, we may process your personal data, such as identification data, business contact data, banking information and taxpayer identification number, for VAT-registered persons.
This processing is based on:
• fulfilling a contract in which you, as User take part in;
• legal obligations we are imposed on.
• our legitimate interest.
In some cases we collect personal data, such as the names and contact details of the employees or trading partners for the communications related to the fulfillment of a particular contract with the trading partners.
This processing is based on:
• fulfilling a contract the Trading partners take part in
• legal obligations we are imposed on.
• our legitimate interest.
As being our counterparty, we can provide you with information about our new products and services. If you no longer wish to receive it, you can resent by sending us an email to firstname.lastname@example.org.
Applicants to the jobs published by HEALTH LABORATORY
Regarding your participation in the recruitment and selection process for one or more of the jobs listed as available within HEALTH LABORATORY, we may collect and process your personal data, (e.g. the data in the CV you send), for selection purposes, assessment of your professional skills for the job(s) you are applying to, as well as for communication with you throughout the recruitment process.
This processing is based on HEALTH LABORATORY legitimate interest.
4. To whom do we pass on the personal data?
HEALTH LABORATORY shall not pass on your personal information to third parties (by sale or leasing).
Within HEALTH LABORATORY, only a limited number of staff, particularly from the sales, accounting, IT, and therapy departments has access to your personal data in accordance with “a need to know basis” principle. The staff shall be subject to privacy regarding your personal data. The HEALTH LABORATORY personnel are entitled to manage the personal data following the instructions issued by HEALTH LABORATORY concerning their duties.
Proper technical and organizational measures will be taken to protect the personal data. This site uses security measures against loss, alteration or misuse of information under our control. HEALTH LABORATORY does not take responsibility for the loss of information caused by errors in the software with which the site is designed and hosted. We are also not responsible for errors in the server security that hosts the site.
Personal data may be communicated to governmental authorities, tax authorities and/or law enforcement bodies if required by applicable laws or if necessary for the exercise of our rights, including conditions of use or for the protection of our legitimate interests (including the legitimate interests of third parties) in accordance with the applicable laws.
Your personal data may also be disclosed to third parties, as follows:
• To business partners, suppliers and subcontractors to fulfill all the agreements we conclude with you in order to provide the products and services you order
• For shipping the orders to the European Union countries using the services
• For delivery the orders to express courier companies
• To the suppliers that provide administrative, professional and technical service to the company for IT, security and business resources support;
• To external consultants (e.g. lawyers, accountants, auditors) for particular purposes, when necessary.
HEALTH LABORATORY carries out a preliminary appropriate assessment in the selection of third party service providers and requires these service providers to maintain adequate technical and organizational security measures to protect personal data and to process personal data only according to the instructions issued by HEALTH LABORATORY. Service providers will have the right to subcontract service suppliers to Farmacia Tei provided that each subcontractor complies with the same data protection rules as the service providers.
5. What is the retention period of personal data?
We will retain your personal data for as long a period as to fulfill the purposes listed in the present Policy or for the period required by the applicable national law, in accordance with applicable minimum legal retention periods and/or as long as it is necessary to exercise our legitimate rights (and the legitimate rights of other persons).
If you are a Customer or a Trading Partner, we will retain your personal data for the duration of the mutual agreement.
If we have a continuing business agreement with you as trading partner, we will continue to retain this personal data until our business agreement ends and for the minimum retention period required by law.
If you are a user of the site https://imunyze.me/en/ (e.g. you have created a user account on the site), we will keep your personal data for which the user account is active.
If you are an applicant to one or more of the jobs released in the careers section of the site, we shall retain your personal data throughout the recruitment and selection process, and a 2 year period furthermore after the recruitment process has ended (if the applicant has not been employed by the company).
If we collect your personal data pursuant to your consent, such personal data will only be processed for the period provided for by your consent, unless you withdraw or limit your consent before the end of this period. In such cases, we shall cease processing the personal data for the relevant purposes under any legal obligation to process such personal data and/or under the need to collect such personal data for exercising our legitimate rights (including other people legitimate rights).
6. Storage and transmission of personal data outside the country
The site https://imunyze.me/en/ is managed and maintained by SC HEALTH LABORATORY SRL.
We intend not to pass on your personal data outside the EEA unless there are adequate safeguards, including:
• an adequacy decision issued by the European Commission relating the country or countries of destination;
• a "privacy shield" certification;
• appropriate binding corporate rules;
• an approved code of conduct, together with binding and enforceable commitments of the data controller or processor in the country outside the EU and the EEA;
• an approved certification mechanism, together with the binding and enforceable commitment of the data controller or processor in a non-EU and EEA country to apply the appropriate safeguards;
• EU standard contractual clauses approved by the European Commission.
7. What are your rights?
You have the following rights under the relevant legislation:
• The right to confirm whether your personal data is processed by us or not, and to provide you with a copy of your personal data;
• The right to request the rectification or deletion of personal data processed by the website
• The right to request the restriction of personal data processed by the website
• The right to object to the processing of personal data by the website (e.g. use of processing for direct marketing purposes);
• The right to withdraw your consent any time without affecting the lawfulness of the processing carried out on the basis of consent prior to its withdrawal;
• The right to lodge a complaint with the National Supervisory Authority for the Processing of Personal Data.
Please note that your rights described above may be limited in certain circumstances and are subject to applicable laws and regulations on the protection of personal data. For example, the right to object to the processing of your personal data may be limited if we can demonstrate that we have compelling legitimate reasons to process your personal data that prevail over your interests. You will need to prove your identity and provide us with further information to help us meet your demand.
We shall not charge a fee to meet your demands unless permitted by law and, if such a fee is charged, it will be reasonable and proportionate to your request.
In order to exert one or more of your rights, please contact us at the e-mail address email@example.com
8. Security of personal data
We use appropriate technical and organizational measures to protect and prevent unauthorized access to personal data. We have concluded business agreements with third parties offering hosting services and these contracts include obligations regarding the organizational and technical security of personal data.
All payment transactions will be encrypted (for example, using the TLS protocol).
You are responsible for keeping the privacy of all authentication means (such as usernames, passwords, etc.) that you use to access parts of the site. The transmission of data over the Internet is not entirely secure. While we do our best to protect your data, we cannot guarantee 100% the security of your data passed on to our site; any transmission of personal data is at your own risk.
Once we receive your data, we will use strict security procedures trying to prevent unauthorized access.
9. Privacy of minors' data
The site doesn’t willingly collect personal identification data from persons under the age of 16. Whether the parent or legal guardian is aware that the minor in his/her custody has provided the site with personal data, he/she must immediately inform HEALTH LABORATORY at firstname.lastname@example.org email address. If we find out that a person under 16 has provided personal data through the site, then we shall immediately delete this information from our servers, unless the parent or guardian gives his or her explicit consent to the processing of the child's personal data on the site for specific purposes.
If you have any questions or doubts about the processing of your personal data by the site - or if you wish to exercise one or more of your rights, you can contact us at the email address email@example.com
Please do not disclose sensitive personal data (e.g. information related to racial or ethnic origin, political views, religious or other beliefs, health or Union membership), social security numbers when you contact us.
Latest update: Note: We can periodically update this policy and notify you about any changes by posting the new version on the site.