Privacy Policy

INTRODUCTION
The company Le Virtù Sarl (“Company” or “We”) attaches great importance to the privacy of the users of its website and undertakes to respect it within the terms established by the applicable regulations (Swiss law on data protection and General data protection regulation (EU) 2016/679 – hereinafter “GDPR”). This document (“Privacy Policy”) provides information on the processing of personal data collected by the Company through this website (“Site”) and therefore constitutes “Information to interested parties” pursuant to Article 13 of the GDPR. Any collection of other types of personal data on specific sections of the website will be the subject of specific information published in these sections in addition to this Privacy Policy.

DATA CONTROLLER, REPRESENTATIVE AND RESPONSIBLE FOR DATA PROTECTION
The Data Controller is Le Virtù Sarl, with registered office in Chemin du Prè-puits, 22 1246 Corsier e-mail: info@le-virtu.com

WHAT DATA WE PROCESS
The personal data that can be processed include the following types of data:

Personal contact details. This information will be collected only if the user wishes to contact us and includes any information provided to the Company to allow us to respond, such as name, postal address, e-mail address, details on social networks or telephone number. Depending on the nature of the user’s request, we may also need professional qualifications, the content of the request or reports and any other additional data that the Company may also acquire from third parties, while carrying out the activity.

User account information. If the user has registered to access the reserved area of the company website, we collect the access data (username, password, and personal data).

Health information. In the event of contact with the Company regarding a side effect potentially related to the treatment of a disease (e.g., in the case of pharmacovigilance), we have a legal obligation to collect and process this type of information (Articles 9.2.a, 9.2.g and 9.2.i GDPR).

Information obtained from the computer / mobile device. Any information relating to the computer system or other technological device used to access any of our Site pages or, such as the Internet Protocol (IP) address used to connect the computer or device to the Internet, the type of operating system and type and version of the search engine. If the user accesses a website or a company app via a mobile device, with permission, the phone ID, geolocation, and other similar data relating to the mobile device.

Information relating to the use of the Websites / communication tools. When the user browses or interacts with our Sites, the Company uses automatic data collection technologies to collect certain information on the user’s actions. This includes information such as: the links the user clicks on, the pages and content viewed and how much time spent on them, other similar information, and statistics on user interactions, such as content response times, download errors and timing of visit on some pages. This information is collected through automated technologies such as cookies and web beacons and is also collected through third-party monitoring technologies for analysis and advertising purposes. The user has, among other things, the right to object to the use of these technologies – for more details, please consult our Cookie Policy.

WHY DO WE PROCESS THE USER’S PERSONAL DATA AND HOW.
Personal contact information. We use the user’s personal information for customer service purposes, including responding to the user’s requests. This usually requires the use of some personal contact data and information regarding the reason for the user’s request (for example, problem, question / complaint about the product, general questions, etc.).

User account information. They are used to manage connections to reserved areas of the Site.

Information from computers / mobile devices and relating to the use of the Websites / communication tools. In compliance with the laws in force, the Company collects such information exclusively for statistical purposes and in anonymous form, to monitor the functioning of the Site and improve its performance.

This type of data is not collected to be associated with other information relating to users or for their identification; however, such information, by its very nature, could allow the Company to identify users through processing and association with data held by third parties.

The navigation data are normally deleted following their processing to identify the authors of any computer fraud committed against the Site or using the Site itself.

The navigation data described above are saved only temporarily, without prejudice to this possibility and the conditions set out in the Cookie Policy. For legal purposes. The Company processes the user’s personal data (even without his prior consent) in the case of / for:

Legal and regulatory obligations (legal basis: article 6.1.c of the GDPR);

at the request of the competent authorities in criminal matters (legal basis: article 6.1.c of the GDPR);

Protect the user’s rights in legal proceedings (legal basis: articles 6.1.c and 9.2.f of the GDPR);

Apply the Menarini Group code of conduct (legal basis: articles 6.1.f and 9.2.f of the GDPR).

The protection of another legitimate interest of the company or of a third party (legal basis: article 6.1.c of the GDPR).

The execution of a contract entered with the user. This also applies to the processing procedures necessary for the implementation of pre-contractual measures (legal basis: Article 6.1.b of the GDPR);

Exceptional cases in which the vital interests of the user or another natural person require data processing (legal basis: articles 6.1.d and 9.2.c of the GDPR).

All user data is processed with automated and electronic tools suitable for guarantee maximum security and confidentiality.

NECESSARY TREATMENTS AND OPTIONAL TREATMENTS
The forms to be completed on this Site require the provision of only personal data strictly necessary for the management of communications and requests. These data are marked with an asterisk [*]. In the eventuality that the user does not wish to provide them, we will not be able to manage his communication / request.

On the contrary, the forms can also give the possibility to provide personal data not strictly necessary for the management of user requests: the provision of this type of data is optional and has no consequence.

CONNECTION TO OTHER INTERNET SITES
This Privacy Policy applies only to the Websites as defined above.

Although the Site may contain links to other websites (known as third party sites), please note that the Company does not make any access, influence or control over cookies, web beacons or other user tracking technologies used by third party sites. on the content and material published or their methods of processing personal data; for this reason, the Company expressly disclaims any responsibility in this regard. The user is required to check the privacy policies of third-party sites accessed through the Site and to inquire about the conditions applicable to the processing of their personal data. This Privacy Policy applies only to the Site as defined above.

HOW WE KEEP THE DATA AND FOR HOW LONG
Pursuant to Article 5.1.c GDPR, the information systems and computer programs used by the Company are configured in such a way as to minimize the use of personal data.

These data will be processed only to the extent necessary to achieve the purposes indicated in this Privacy Policy and will be kept only for the time strictly necessary to achieve the specific purposes pursued – in any case, the criteria used to determine the retention period will comply with what required by law in terms of time limits and the principles of minimization of treatment, limitation of conservation and rational management of our archives.

HOW WE ENSURE THE SECURITY AND QUALITY OF PERSONAL DATA
The Company undertakes to protect the security of your personal data and complies with the security provisions provided for by the applicable legislation, in order to prevent any loss of data, illegitimate or illegal use of data, or any unauthorized access to data, with particular reference – but not exclusively – to articles 25-32 GDPR.

The Company uses multiple advanced security technologies and procedures to help protect your personal data; for example, personal data are stored on secure servers located on sites with protected and controlled access. You can help the Company to update and keep your personal data correct by communicating any change of address, qualification, etc.

WHO CAN ACCESS THE DATA
Persons belonging to the following categories are authorized to process your data:

technical and administrative staff;

IT technicians;

product managers and other employees who must process data as part of the tasks entrusted to them.

TRANSFER OF PERSONAL DATA TO THIRD PARTIES
Furthermore, the data may be disclosed, even in third countries, to:

institutions, authorities and public bodies for institutional purposes;

professionals, independent consultants – alone or in partnership – and other third parties and service providers who provide the Owner with commercial, professional or technical services necessary for the functioning of the Site (e.g. supply of IT and Cloud Computing services), in order to achieve the objectives indicated above and to support the Data Controller in providing the requested services;

third parties in the event of mergers, acquisitions, sales of companies or company branches, audits or other extraordinary transactions;

Supervisory Body, based at the Data Controller, for the performance of its supervisory activity and for the implementation of the Le Virtù Sarl Code of Conduct. The afore-mentioned recipients will only receive the Data necessary for their respective functions and will have to process them exclusively for the purposes indicated above and in compliance with the applicable privacy legislation.

The Data may also be disclosed to other legitimate recipients in accordance with the applicable legislation.

Except for the foregoing, the Data will not be disclosed to third parties, natural or legal persons, who do not carry out any commercial, professional, or technical activity for the Owner and will not be disclosed.

The subjects who will receive the Data will process them, where applicable, as Data Controllers, Managers or Persons in charge of the processing for the purposes indicated above and in strict compliance with the applicable privacy legislation.

In case of transfer of data outside Switzerland or the EU, even in countries that may not guarantee the same level of protection provided for by Swiss or European legislation, the Data Controller informs that the transfer will in any case be carried out according to the authorized methods. by the GDPR, for example, according to the user’s consent, the adoption of Standard Clauses approved by the European Commission, selecting third parties adhering to international programs for the free circulation of data (e.g., EU-USA Privacy Shield) or operating in countries considered safe by Switzerland and / or the European Commission.

USER RIGHTS
At any time, provided the required conditions are met, the user can exercise the rights he / she boasts those referred to in Articles 15 to 22 of the GDPR, namely:

the right to receive confirmation of the existence of personal data concerning them;

the right to check the content, origin, truthfulness, place (also with respect to third countries);

the right to request a copy;

the right to request rectification;

the right to object to use for direct marketing purposes (in general or only for certain means of communication or actions);

the right to object to use for direct contact purposes;

the right to a request for cancellation;

the right to a request for restriction of processing;

the right to a request for data transfer.

The consent can be revoked at any time (however, this does not affect the legitimacy of the processing before the revocation of the consent) and / or you can always report your observations on specific uses of the data in relation to particular personal situations that you consider incorrect or unjustified or lodge a complaint with the Data Protection Authority.

The user may at any time contact the Data Controller (info@le-virtu.com) for any complaints relating to the processing of his personal data by the Company, to exercise his rights and to obtain an updated list of subjects who have access to your data.

The user will also have the right to lodge a complaint with the Data Protection Authority, or the Federal Data Protection and Transparency Officer in Switzerland. ().

CURRENT VERSION OF THIS PRIVACY POLICY
The last update was made on 22/05/2018.

From time to time, we may need to change our Privacy Policy, particularly in the event of a change in the law or jurisdiction or in the event of a business need for the company. We therefore invite the user to visit this page regularly to make sure they are aware of any changes.

CONTACTS
If you have any questions, comments or complaints about this Privacy Policy or the processing of personal data, please contact us at the following address:

Le Virtù Sarl Chemin du Pré-Puits, 22 1246 Corsier or to the e-mail address info@le-virtu.com