PRIVACY POLICY

1. THE DATA CONTROLLER
By consulting the website www.friimedical.com (hereafter “Site”) and/or by sending an e-mail to the e-mail address indicated on the Site, on Frii brochures or its visiting cards, the personal data referred to identified or identifiable persons there indicated might be processed.
This document describes the manner by which the Site is managed with reference to the processing of their personal data belonging to users consulting it.
It is an information notice issued in accordance with section 13 of the EU Regulation 679/2016 (hereafter “GDPR”).
The data controller in respect of the aforementioned data processing is Frii Italy S.r.l. with its registered office in Milano, Via Savona 97, VAT registration number 08593030961 (hereafter "Frii” or “Data Controller”).


2. TYPES OF DATA PROCESSED

2.1 BROWSING DATA

The electronic systems and the software procedures enabling this Site to operate acquire, during its normal use, certain personal data; the transmission of the same is implicit in the use of internet communication protocols.
This information is not being collected in order to be associated to well-identified data subjects, but its nature, by means of processing and associations with data held by third parties, could make the users identification possible.
The category of data could be listed as follow: (i) IP addresses or domain names of computers used by users connecting to the Site, (ii) addresses in URI (Uniform Resource Identifier) notation for resources requested, (iii) the time of request, (iv) the method used to submit the request to the server, (v) the dimension of the file obtained in response, (vi) the numerical code indicating the status of the response given by the server (success, error etc) and (vii) other parameters regarding the user's operating system and the IT environment.
This data is used only to glean anonymous statistical information on the use of the Site and to check that it operates correctly, and this data is deleted immediately after processing.

2.2 COOKIES
For the users data processing carried out by the cookies, please see the relevant cookie policy available on the Site.

2.3 DATA PROVIDED BY USERS OF THEIR OWN FREE WILL
In addition to the data indicated at precedent sections, the Data Controller will also process the personal information that users might spontaneously provide by sending an e-mail to the Data Controller addresses indicated on the Site, on Frii brochures or its visiting cards - such as the user e-mail address and any other personal data contained in their requests to the Data Controller - for the processing of these requests.
Data being processed on a voluntary basis comprises data identifying the user such as the user's e-mail address and the contents of that communication.


3. THE TYPE OF DATA COLLECTED AND THE CONSEQUENCES OF ANY REFUSAL TO RESPOND
Except as provided for the browsing data which are necessary to allow the users to correctly use the Site and for the cookie, the users are free to provide their personal data in order to ask for a Data Controller legal or commercial reply.
However, the refusal to allow their data to be processed would make impossible for users to obtain any reply from Frii.


4. MANNER OF DATA PROCESSING
The personal data is processed using computerized, automated manual systems.
The Data Controller adopts specific security measures in order to ensure that data is processed in compliance with the applicable law, paying particular attention to the prevention of loss of data, unlawful or incorrect use or unauthorized access to databases.


5. PURPOSES AND LAWFULNESS OF DATA PROCESSING
The personal data of the users are processed by the Data Controller in order to:
a) pursue, in accordance with article 6 (1) lett. f) of GDPR, an its own legitimate interests consisting in communicating with the public and responding to the requests made by potential customers, suppliers and other interested parties. The data retention period shall be equal to the time necessary to process the requests. This data retention period may be longer if the data subject data's are processed for other purposes (e.g. as a client);
b) fulfil administrative management of the user, pursuant to article 6 (1) lett. c) of GDPR. The data retention period shall be equal to the time necessary to fulfill the pre-contractual request or period necessary to perform the agreement;
c) pursue purpose of judicial protection, to prevent or prosecute infringements, pursuant to article 6 (1) lett. c) of GDPR. The data retention period it is equal to the period reasonably necessary to enforce Frii’s rights from the moment it becomes aware of the offence or of its potential commission.


6. THE DATA SUBJECT'S RIGHTS
As per Articles 15 et seq. of GDPR, each data subject has the right to receive from the other party information on the existence of the processing of his/her personal data, as well as to access his/her own data, to obtain the rectification, integration, updating, erasure or blocking of the data; each data subject will also has the right to obtain a copy of his/her data, the limitation of the processing and/or, moreover, to oppose against processing, as well as the right to data portability and to bring a complaint with the competent supervisory authorities under the conditions and within the limits given in the art. 13 of the GDPR.
In order to exercise the aforementioned rights, it is necessary to write to the Data Controller, at the following e-mail address customerservice@friimedical.com, indicating “Privacy - Data Subject's Rights” as object.


7. COMMUNICATION OF DATA
The Data Controller may share your personal data:
- with service providers. Frii uses third party services (content management system, analysis, hosting, navigation functions) acting as data processors on the basis of agreements, signed in accordance with art. 28 of the GDPR, and on the basis of the European Commission's adequacy decision on the level of data protection, under article 45 of GDPR. In particular, Frii will communicate your data to its hosting service provider, Swisstecnlogy Sagl, whose registered office is in Switzerland. This provider shall process only the personal data necessary for the performance of its duties and may use them only for the purpose of performing its services on Frii’s behalf or to comply with legal requirements;
- with judicial authorities and public bodies. Where permitted or required by law, Frii may share data requested by a judicial authority, a public body or a government agency in order to protect or exercise our rights or those of third parties, or to comply with legal obligations.


8. AMENDMENTS
This document constitutes the Site privacy policy that over time may be amended and/or updated.
This privacy policy has been updated on 16.04.2019. Any further update will be published on this page.