Privacy Policy

Privacy Policy Pursuant to articles 13-14 Reg. (EU) 2016/679

Data subjects: Persons browsing the portal shop.cetilar.com.

PharmaNutra S.p.A., in its capacity as Controller of the processing of your personal data, pursuant to and by effect of Reg. (EU) 2016/679, hereinafter, ‘GDPR’, informs you that this regulation protects data subjects from the processing of their personal data; such processing is based on the principles of fairness, lawfulness and transparency and the safeguarding of your privacy and rights.

Your personal data will be processed in compliance with the legislative provisions laid down in the aforementioned regulation and the confidentiality obligations imposed therein.

Purposes and legal basis for the processing: in particular your data will be used for the following purposes in relation to the implementation of measures relating to contractual or pre-contractual obligations:

  • management of cookies necessary for the portal (technical cookies are indispensable for the correct operation of the website and are used solely for the purpose of managing the various services linked to the website, such as log-in procedures).

Methods of processing. Your personal data may be processed in the following ways:

  • using computers with software systems managed by third parties;
  • using computers with software systems managed or programmed directly.

All processing is done in compliance with the methods described in articles 6, 32 of the GDPR and adopting the security measures provided for.

Your data will be processed solely by personnel authorised explicitly by the Controller and, in particular, by the following categories of authorised personnel:

  • internal operators managing the web portal.

Communication: your data may be disclosed to third parties for the correct management of the relationship and in particular by the following categories of Recipients, including duly appointed Data Processors:

  • web service providers managing and maintaining the platform.

Disclosure: Your personal data will not be disclosed in any manner.

Retention period. Please note that, in compliance with the principles of fairness, purpose limitation and data minimisation, pursuant to art. 5 of the GDPR, the retention period of your personal data is:

  • 15 days;
  • 366.04 days;
  • Session: PHP.net.

Cookie management: if you have any doubts or concerns relating to the use of cookies, you can edit the privacy settings of your browser to block certain types of them.

As each browser –and often even different versions of the same browser– differ substantially from one another, if you prefer to independently set your preferences in your browser you can find detailed information on the required procedure in the guide to your browser. For an overview of the settings of the most common browsers, visit www.cookiepedia.co.uk.

Advertising companies also offer you the possibility to refuse to receive targeted advertisements, if you wish. This does not prevent the setting of cookies, but interrupts the use and collection of some data by these companies.

For more information on how to do this, visit www.youronlinechoices.eu/.

Controller: pursuant to law, the Controller is PharmaNutra S.p.A. (Via delle Lenze 216/B, 56122 Pisa (PI); VAT Reg. No.: 01679440501) represented by its pro-tempore legal representative.

You have the right to obtain from the Controller the: erasure (right to be forgotten), restriction, update, rectification, portability of your data, or to object to the processing of personal data that concerns you, and generally you can exercise all the rights specified in articles 15, 16, 17, 18, 19, 20, 21, 22 of the GDPR.

Regulation (EU) No 2016/679: Articles 15, 16, 17, 18, 19, 20, 21, 22 – Rights of the Data Subject

  1. The data subject shall have the right to obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed, regardless of their being already recorded, and communication of such data in intelligible form, as well as the right to lodge a complaint with a supervisory authority.
  2. The data subject shall have the right to be informed of:
    • the origin of his or her personal data;
    • the purpose and methods of processing;
    • the logic applied to the processing, if the latter is carried out with the help of electronic means;
    • the identification information of the controller, the data processors and the designated representative pursuant to article 5(2);
    • the entities or categories of entity to whom or which the personal data may be communicated and who or which may gain knowledge of said data in their capacity as designated representatives in the state, data processors or authorised persons.
  3. The data subject shall have the right to obtain:
    • the updating, rectification or, where interested, the integration of the data;
    • the erasure, transformation into anonymous form or blocking of data processed unlawfully, including data which need not be kept for the purposes for which the data was collected or subsequently processed;
    • certification to the effect that any operations described in letters a) and b) have been disclosed, also in relation to their contents, to those to whom the data were disclosed or notified, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected;
    • data portability.
  4. The data subject shall have the right to object, wholly or partly:

    • to the processing of his or her personal data for legitimate reasons even where this is pertinent to the purposes for which the data was collected;
    • to the processing of his or her personal data for the purposes of sending advertising or direct sales materials or for the execution of market research or marketing surveys.
Let’s keep in touch
Want to have tips from professionals delivered to your inbox? Subscribe to our newsletter.