PRIVACY POLICY

The company Invent Srl, as Data Controller pursuant to Italian Legislative Decree 196/2003 as subsequently amended – “Privacy Code” – and to EU Regulation 679/2016 (GDPR) acknowledges the importance of personal data protections and considers their safeguarding one of the core elements in its business.

Before passing on any personal data, Invent Srl thus invites you to read carefully this privacy policy and the cookies policy, appended thereto, because they contain important information on personal data protection, as well as on all security measures introduced to guarantee their confidentiality in full compliance with the regulations in force.

This privacy policy is intended specifically for the website www.invent-biomedical.it, therefore it shall not apply to other website possibly reached via external links; the information it contains is provided pursuant to Art. 13 of the regulation applicable to those who browse the Website.

Finally, Invent Srl advises you that the treatment of your personal data will be based on principles of lawfulness, correctness, transparency, limitation of purposes and of storage, minimization of data, exactness, integrity and confidentiality. All your personal data will thus be treated in accordance with the legal provisions in the applicable regulations, as well as with any confidentiality obligations stipulated therewith.

CONTENTS

Data Controller
Data Protection Officer (DPO)
Types of data processed
Purpose and legal basis of processing
Mandatory/optional data transfers
Data storage periods
Provision/disclosure of data
Data processing locations
Automated instruments
Data subject’s rights
Complaints
Cookie Policy


Data Controller

The Data Processor for users’ data collected on the website www.invent-biomedical.it is the company Invent Srl, taxpayer’s code 04096150281 (hereinafter also referred to as “Controller”), with offices in Noventa di Piave (VE), Via A. Volta n. 54, e-mail privacy@inventsrl.it.


Data Protection Officer (DPO)

The Controller has appointed a Data Protection Officer pursuant to Art. 37 of GDPR, who may be reached at the following e-mail address: dpo@inventsrl.it for any query with regard to personal data processing by the Controller.


Types of data processed

By “Personal Data” reference is made to any information concerning an individual who has been or may be identified with specific reference to identifier such as name, identification number, data related to location, online identification, or one or more characteristic elements of their physical, mental, psychological, economic, cultural or social identity,

The following Personal Data are collected while the website www.invent-biomedical.it is being browsed:

a) browsing data. The IT systems and software procedures on which the website www.invent-biomedical.it is based, in the course of their normal operation, acquire some personal data whose transmission is implicit in the use of Internet communication protocols.

This is information which is not collected in order to be associated with specific data subjects, but which – by its own nature – might allow for user identification through processing and associations with data controlled by others.

This category of data includes IP addresses or domain names of the computers used by those who browse the website, the URI (Uniform Resource Identifier) of the resources required, time of the request, method used to submit the request to the server, size of the file obtained in response, numerical code indicating the status of the response given by the server, (successful, error, etc.), plus other parameters related to the user’s operating system and IT environment.

These data are used for the sole purpose of collecting anonymous statistical information about how the website is used, to check that it is functioning properly and to allow for correct delivery of the various functions you require. The data may be used to ascertain personal responsibility in the event of possible computer crimes against the website.

b) Data provided voluntarily by the user. Through the website www.invent-biomedical.it you may choose to enter personal data such as name, surname and e-mail account using the form “Contattaci” [“Contact Us”] in the “CONTATTI” [“CONTACTS”] section, or getting in touch with the Controller via the data which you will find in the latter. 

You may also choose to provide your data (e.g.: name, surname, date of birth, e-mail account, residence address and phone number) by filling out the form “Lavora con noi” [“Work with Us”], also in the “CONTATTI” section.

Please enter only data which are essential in respect of the request you intend to submit, and more specifically avoid adding sensitive data which are not strictly necessary (for example: data regarding your state of health, religious affiliation, sexual preferences, etc.).

Invent Srl will process the personal data you have entered in accordance with the applicable regulation, assuming that they refer to you or to third parties who have expressly authorised you to transfer them with the appropriate legal basis which legitimises their processing. In this case, you will be acting as independent data controller, thereby accepting all ensuing legal obligations and responsibilities. In this regard, you agree to hold Invent Srl harmless in respect of any complaint, claim, request for damages pursuant to processing, etc., by third parties whose personal data might have been processed using the website in violation of the applicable regulation.

c) Cookies and related technologies. Invent Srl collects personal data using cookies. For more information on the use of cookies and related technologies, please refer to the “COOKIE POLICY” below.

Purpose and legal basis of processing

All Personal Data which you provide through the website shall be processed by Invent Srl for the following purposes:

a)  purposes related to executing an agreement to which you are party, or implementing pre-contractual measures adopted on request (e.g.: request for information and /or estimate by filling out the form “Contact Us” or sending a job application via the form “Worth with Us”);

b) research/statistical analysis purposes on aggregated and anonymous data, without the possibility of identifying their user, aimed at measuring the operation of the website in terms of browsing, and assessing usability and interest;

c) purposes related to a legal obligation to which Invent Srl is subject;

d) purposes necessary to ascertain, exercise or defend a right, also of a third party, in Court or any time the authorities in charge are exercising their jurisdiction (Art. 9, par. 2 lett. f) Reg. EU 2016/679).

e) defence actions

f) website security against computer crimes.

The legal basis for personal data processing for the purposes listed under a) above is the delivery of a service or responding to a request which does not require consent pursuant to the applicable regulations; the purpose under b) does not involve processing of personal data, while processing c) and d) constitutes legitimate processing of personal data according to the applicable regulations because, once the personal data have been transferred, processing is necessary in order to meet a legal obligation to which Invent Srl is bound; processing of data for the purposes referred to under letter f) is aimed at pursuing the legitimate interest of the controller to protecting the website against computer attacks.

The purposes under d) and e) are also based on the legitimate interest of the Controller to safeguard its own rights.

Mandatory/optional data transfers

The transfer of your personal data for the purposes listed under a) above is optional; however, any failure to transfer them may make it impossible to deal with your request; the data transfer for the purposes under b), c) and d) below, on the contrary, is mandatory and its failure shall make it impossible to browse the website.


Data storage periods

The personal data collected while browsing the website www.invent-biomedical.it shall be stored for the time strictly necessary to pursue the aforesaid purposes. More specifically, the data collected when you send a request to Invent Srl shall be processed for the time necessary to process the said request and perform any subsequent procedures.

Any data processed for security purposes against computer attacks (IP addresses, browser chosen by the user, date and time of browsing, pages browsed, geographical origin of the user) will be stored for 30 days.

For more details, please contact by e-mail the Data Controller at privacy@inventsrl.it or the DPO at dpo@inventsrl.it.

Provision/disclosure of data

With the exception of possible notifications to be sent by law, none of the data acquired while browsing the website ww.invent-biomedical.it is notified or divulged.

The personal data may be notified:

a. to persons whose action is necessary in order to provide the services offered by the website who act as independent controllers and processors for Invent Srl (for example, but not only, a company dealing with the maintenance of the website; the system administrator, a company providing IT services, etc.);

b. persons authorised by Invent Srl to process personal data who may be bound to confidentiality or have a legal confidentiality obligation (e.g. the Controller’s employees and staff), as well as the DPO;
c. Authorities in charge when exercising their functions according to the regulations in force.

Data processing locations

The data shall not be transferred outside the European Union, unless stipulated in the COOKIE POLICY below.

Automated instruments

In processing your personal data for the purposes referred to in this policy sheet, no automated decision-making policies shall be applied, except for those involving cookies (for more details, please refer to the COOKIE POLICY section).

Data subject’s rights

As data subjects with regard to the processing of your personal data, you have the following rights:  

– access your personal data (Art. 15 GDPR);
– apply for rectification of any data which may be incorrect, integrating any incomplete information (Art. 16 GDPR); 
– apply for erasure of the data (Art. 17 GDPR); 
– apply for limitation of processing (art. 18 GDPR); 
– appeal, totally or in part, for legitimate reasons, against the processing of your personal data, even if they pertain to the purpose of their collection, and appeal to processing for the purpose of sending advertising or direct sale materials or to conduct market research or business communication activities (Article 21 GDPR);  
– portability of data, that is to say receiving in a structure format, commonly in use and legible from any automated device, your personal data which you might have transferred to the Data Controller (Art. 20 GDPR). 

In some cases the exercising of these rights may be limited pursuant to Art. 23 GDPR.

Any request shall be sent by e-mail to the Data Controller, at privacy@inventsrl.it or to the DPO at dpo@inventsrl.it.

Complaints

If you have reason to believe that your personal data have been processed in a way not compliant with the regulation, you may lodge a complaint with the supervisory Authority of the Member State of the European Union where you habitually reside or work, or of the place where the alleged violation took place. 

In Italy the supervisory authority is the Garante per la protezione dei dati personali, with headquarters in Rome, at Piazza Venezia no. 11, switchboard: (+39) 06.696771, e-mail: garante@gpdp.it

Last updating: November 2020