Privacy Policy for the processing of personal data required for completion warranty validation and extension questionnaire

made pursuant to Art. 13, CO. 1, EU REGULATION 679/2016 for the Protection of Personal Data (GDPR)

IACER S.r.l., in compliance with the provisions of Article 13, para. 1, of EU Regulation 679/2016 (hereinafter referred to as GDPR), informs you, as the “data subject”, on the purposes of the collection and processing methods of the personal data acquired when completing the questionnaire.
Data controller – Identity and contact details
IACER S.r.l., with registered office in Via Enzo Ferrari n. 2, 30037 Scorzè (VE), C.F./P.I. 00185480274, REA: VE 120250, email iacer@iacer.it .

1) Data Protection Officer – Identity and contact details
Please note that the Data Controller has designated, pursuant to Article 37 of the GDPR, a Data Protection Officer who can be contacted via the following e-mail channels: m.sacheli@fiscleg.it

2) What data we process
Your “common” personal data (e.g. name, surname, telephone number, e-mail address, etc.) and “special” personal data (i.e. information that can be used to detect your state of health), (collectively “Data”), will be processed in accordance with the European Data Protection Regulation.

3) Purpose of processing and legal basis
We inform you that your common data will be processed by the Controller for the following purposes:

1. Validate the warranty of the product you purchased;

in this case, the legal basis of the processing is that of Article 6.1. letter b) the processing is necessary for the performance of a contract to which the data subject is party or for the performance of pre-contractual measures taken at the data subject’s request;

2. Extend the product warranty;

3. Marketing activities;

in this case, the legal basis for the processing is express consent;

4. Profiling;

in this case, the legal basis for the processing is express consent;

As regards, on the other hand, the request to provide us with particular data (health data), these will be processed by Iacer s.r.l. for:

5. Collect clinical data pertaining to the use of medical devices in order to perform Post-Market Clinical Follow-up in accordance with Regulation (EU) 2017/745 as amended (Medical Devices Regulation), applicable to all medical devices, which requires the manufacturer to conduct systematic Post-Market Surveillance (PMS) activities in order to confirm the safety and effectiveness of devices manufactured and placed on the market.

The purpose of collecting special data is to monitor actively the medical devices of the data controller.

The legal basis for the processing of the data turns out to be that of Art. 9.2. lit. b) – namely to implement the European Regulation (EU) 2017/745.

4) Treatment modes
All personal data are also processed using instruments that guarantee security and confidentiality.

The post-market clinical follow-up activity will NOT involve any evidence of your personal data: no personal data will be outsourced and made public.

The data collected, released by filling in the questionnaire, will be stored in the data controller’s archives to which only authorised persons will have access.

In accordance with the requirements of Article 5.1.(c) of the GDPR, the computer programmes used by the Company are configured in such a way as to minimise the use of personal data; such data are only processed to the extent necessary to achieve the purposes set out in this Policy.

The Company is committed to protecting the security of your personal data and complies with the security provisions of the applicable legislation in order to avoid loss of data, illegitimate or unlawful use of data and unauthorised access to them, with particular but not exclusive reference to Articles 25-32 of the Regulation.

5) Who can access the data
The personnel of the Data Controller who, for various reasons, need to process your data in the performance of their duties are authorised to process them.

They are therefore authorised to process data.

The data provided, in the manner described above, will not be transferred outside the registered office of the Data Controller and the entities that process the data in the name and on behalf of the latter, even if they are located in a different place than the registered office of the Data Controller.

In this case, external parties will be appointed as external data processors, if necessary pursuant to Art. 28 Gdpr.

6) Deletion of collected data
Personal data will be retained as long as the warranty of the purchased Iacer device is active and valid; as long as the consent possibly expressed for specific processing is valid; data will also be retained if the retention is foreseen for tax or contribution purposes or for other purposes, foreseen by specific legal regulations.

7) Exercise of data subjects’ rights
We inform you that, as a data subject, in relation to all personal data provided and processed you may exercise your rights under the GDPR and specifically

– Right of access to data collected and processed (Art. 15);
– Right to obtain rectification of data (Art. 16);
– Right to obtain erasure of data and right to be forgotten (Art. 17);
– Right to obtain restriction of processing (Art. 18);
– Right to data portability to another data controller (Art. 20);
– Right to object to processing (Art. 21)
– Right not to undergo automated processing (Art. 22);
– Right of withdrawal of consent (where processing is based on consent), without prejudice to the lawfulness of processing based on consent given before withdrawal (Art. 7);
– Right to lodge a complaint with the Control Authority (Art. 77);
– Right to lodge a judicial appeal against the Supervisory Authority (Art. 78) and against the Controller or the Processor (Art. 79).
Rights may be exercised by addressing a request to the Data Controller or the DPO at the e-mail addresses specified above.

Changes to Information
This Information may be subject to change over time. It will be the responsibility of the Data Controller to provide interested parties with appropriate updates.

The data controller

Last update: 13.12.2024