Eu Regulation no. 2016/679 of 27th April 2016, on “Protection of natural persons with regard to the processing of personal data as well as the free movement of such data” (so called “General Data Protection Regulation” or “Regulation”), provides for the protection of personal data whose processing must take place in compliance with fundamental rights and freedoms with particular reference to the confidentiality of data.
Pursuant to art. 12 of the Regulation, SiHealth Ltd., based in Building R104, Rutherford Appleton Laboratory, Harwell Campus, Didcot OX11 0QX Oxfordshire (UK), as Data Controller of the processing of personal data collected through the company website www.sihealth.co.uk (hereinafter “Website”), hereby wishes to inform you that the processing of your personal data will be based on principles of correctness, lawfulness and transparency, protecting your privacy and your rights.
In particular, pursuant to art. 13 of the Regulation, we inform you on the following points:
- Identity and contact details of the Data Controller
The Data Controller of the processing of your personal data is SiHealth Ltd., based in Building R104, Rutherford Appleton Laboratory, Harwell Campus, Didcot OX11 0QX Oxfordshire (UK).
The Data controller is available at the following e-mail address: firstname.lastname@example.org
- Purposes of the processing
The processing of personal data by siHealth will be for the purpose of management and administration of the company website. In particular, the processing of personal data may be carried out for:
- allow surfing on the website
- statistic analysis of visits to the website in an aggregated form
- Legal basis of the processing
The legal basis of the processing is represented by the art.6, let. f) of the Regulation:
- f) processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.
In relation to the categories of data processed, it is not required to give prior and informed consent (opt-in) since users have simple ways to object the processing (opt-out).
- Methods of processing
These data will be processed both by computerized and paper based methods, observing the rules on the protection of personal data, including those relating to data safety.
Specific security measures are observed to prevent data loss, illicit or incorrect use of data and unauthorized access.
- Personal data subject to the processing
Session data: the computer systems and software procedures used for the functioning of this website, acquire, during their normal operation, some personal data (so-called log files) whose transmission is implicit in the use of Internet communication protocols.
This is an information that is not collected with the purpose to be associated with identified data subjects, but by their true nature could, through specific processing and association with data held by third parties, allow the identification of the users.
This category of data includes IP addresses or domain names of the computers used by users connecting to the website, the addresses in the Uniform Resource Identifier (URI) of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (success, error, etc.) and other parameters relating to the operating system and the user’s IT environment. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning. These data could be used to ascertain responsibility in the event of hypothetical IT crimes against the website and may be shown to the Judicial Authorities, if it explicitly requests it.
Data provided voluntarily by the user: the optional, explicit and voluntary sending of e-mails to the addresses indicated on this site entails the subsequent acquisition of the sender’s address, necessary to answer to requests, as well as any other personal data included in the message.
Specific summary information notices will be progressively reported or displayed on the pages of the site prepared for particular requested services.
- Categories of parties to whom personal data will be disclosed
The data collected on the website will not be disclosed or communicated to not authorized third parties.
- Retention of personal data
Your personal data, processed for the above mentioned purposes, will be stored for the strictly necessary time to achieve those purposes.
- Data Subjects Rights
You can exercise in every moment the rights of art. 13, letter b) and art. 15, 16, 17, 18 and 20 of the Regulation, addressing to siHealth, at the contact provided in point n. 2 of this information.
In particular, as a data subject, you will require:
- The access to the personal data concerning you, according with the art.15 of the Regulation.
- The rectification of inaccurate personal data concerning you, according with the art.16 of the Regulation.
- The erasure of personal data concerning you (“right to be forgotten”), according with the art.17 of the Regulation.
- The restriction of processing of data concerning you, according with art.18 of the Regulation.
- The right to the portability of data concerning you, according with art.20 of the Regulation.
We inform you, finally, that you will have the right to object in every moment, according with the art.21 of the Regulation, if one of the situations described by the art.6, paragraph 1, letters e) and f) of the same Regulation occurs.
- Complaint to Supervisory Authority
With regard to art.77 of the Regulation, we remind you that you have the right to lodge a complaint to the supervisor authority if you think that the processing of your data is performed in violation of the provisions of the Regulation.
- Nature of the processing and obligatoriness of personal data conferment
Many of the processed data are required to perform the obligations arising from legal requirements and to fulfil respective contractual obligations. In some cases, the failure to provide personal data may make it impossible for siHealth Ltd. to continue the working relationship established.
- Existence of automated individual decision making in the processing
It is specified that, for the processing of the data, there is NOT any kind of automated individual decision-making, according with the art.22 of the Regulation.
DEFINITIONS, FEATURES AND APPLICATION OF THE REGULATIONS
Cookies are small text files that the sites visited by the user send and record on his computer or mobile device, in order to be re-transmitted to the same sites at the subsequent visit.
Thanks to cookies, a site remembers the user’s actions and preferences (such as login data, the chosen language, font size, other display settings, etc.) so that they do not have to be re-indicated when the user returns to visit the mentioned site or browse from one page to another.
Cookies, therefore, are used to perform computer authentication, monitoring sessions and storing information regarding the activities of users accessing a site and may also contain a unique identification code that allows you to track the user’s navigation inside of the site itself for statistical or advertising purposes.
During navigation on a site, the user can also receive on his computer or mobile device website or web server cookies other than the one he / she is visiting (c.d. “third party” cookies).
There are various types of cookies, depending on their characteristics and functions, and these can remain in the user’s computer or mobile device for different periods of time: c.d. session cookies, which are automatically deleted when the browser is closed; so-called persistent cookies, which remain on the user’s equipment until a pre-established expiry date.
In other words, these are cookies that are essential for the site to function or are necessary to perform activities requested by the user.
TYPES OF COOKIES USED WITHIN THE WEBSITE
First-party cookies (first-part cookies) are cookies generated and used by the operator of the website on which the user is browsing. These technical and performance cookies are limited: in the first case to the transmission of session identifiers (consisting of random numbers generated by the server) that allow a safe and efficient browsing of the website; in the second case, used for statistical purposes for the detection of unique users, content viewed or downloaded, etc., as an example Google Analytics. The data are stored anonymously and are used in an aggregate manner. In particular, to disable cookies from Google Analytics, you can use a special add-on made available by Google.
The third-party cookies (third-part cookies), such as the one set by the “Like” button of Facebook, are cookies generated and used by third parties, on the basis of contracts between the website owner and the related third party. Some advertisers use these cookies to track user visits on the sites where they offer their services.
You can change the browser to disable cookies through a very simple procedure. Warning: by deactivating cookies both username and password will no longer be stored on the site login box.
HOW TO MANAGE YOUR PREFERENCES ON COOKIES ALSO THROUGH BROWSER
- Internet Explorer: https://support.microsoft.com/it-it/help/17442/windows-internet-explorer-delete-manage-cookies
- Firefox: https://support.mozilla.org/it/kb/Attivare%2520e%2520disattivare%2520i%2520cookie
- Chrome: https://support.google.com/chrome/answer/95647?hl=it&topic=14666&ctx=topic
- Safari: https://support.apple.com/kb/index?page=search&fac=all&q=cookies%2520safari
In this regard, we inform you that Google (https://support.google.com/analytics/answer/6004245) provides visitors, who do not want the information relating to their navigation to be sent to Google Analytics, the possibility of installing an “opt” -out browser add-on “available for the most modern browsers (see https://tools.google.com/dlpage/gaoptout).