Information on data processing pursuant to Article 13 of the EU Regulation No. 79/2016
This privacy statement pursuant to Article 13 of EU Regulation 2016/679 of 27 April 2016 (hereinafter, the “Regulation“, or also the “Applicable Legislation“) is issued to users (hereinafter, the “Data Subjects“) of the website www.periocampus.com (the “Site“). “Processing of personal data” means any operation concerning any information relating to an identified or identifiable natural person. For example: first name and surname and e-mail address with a “user name” that can identify a specific person (andreabianchi@….) are considered “common personal data“, and the fact of collecting, recording and using them to send you a communication are considered “processing” operations, as are storing and sharing them with other subjects. On the other hand, information relating to a person’s state of health represents personal data belonging to a special category, which requires specific protection. We invite you to visit the website of the Italian Data Protection Authority (‘GPDP’) to find further information to help you better understand the subject (http://www.garanteprivacy.it/home/diritti).
This information applies only to this Site and not to other websites, portals, sections/pages/spaces connected through links, owned by third parties, for which please refer to their respective information sheets.
- Who is the Data Controller
Bee Queen 33 S.r.l., with registered office in 56121 Pisa, via Gaetano Malasoma 14/16, VAT number, tax code and registration number with the Register of Companies of Pisa 02355120508 (hereinafter referred to as “Beequeen” or “Owner“).
- Personal data subject to processing
Through the Website, the Data Controller processes the following personal data collected directly from the Data Subject:
- Common personal data: first name, surname, date of birth, tax code, address of residence/domicile, gender, educational qualification, profession, telephone number, name of the Dental Practice, billing data of the Data Subject and any additional data voluntarily provided by the Data Subject.
- Purposes of the processing
Your personal data will be lawfully processed by the Controller in accordance with Article 6 of the Regulations for the following purposes
- contractual obligations and provision of Services, to enable you to request information regarding Periocampus and the courses organised by the latter and, if you are interested, to register for one or more of the courses available and, in this case, to enable the complete and correct execution of the service offered by the Owner. For the performance of the Services requested by you, the Data Controller may also contact you by telephone and/or send you, by means of push notifications and/or sms and/or e-mail to the contract data (mobile phone number, e-mail address) provided by you, the relevant information requested and/or instructions for completing enrolment in the courses you have selected.
- administrative-accounting purposes, i.e. to carry out activities of an organisational, administrative, financial and accounting nature, such as internal organisational activities and activities functional to the fulfilment of contractual and pre-contractual obligations (e.g. enrolment, invoicing, etc.);
- legal obligations, i.e. to fulfil obligations provided for by law, an authority, a regulation or European legislation.
The provision of personal data for the purposes indicated above is optional but necessary, as failure to provide such data will make it impossible for the Controller to provide the Services you have requested.
- Further processing purposes: marketing (sending of advertising material, direct sales and commercial communication)
With your free and optional consent, some of your personal data (i.e. first name, last name, e-mail address, telephone contact, address of residence/domicile) may also be processed by the Controller for marketing purposes (sending advertising material and/or newsletters, direct sales and commercial communication), or so that the Data Controller can contact you by e-mail, telephone (fixed and/or mobile, with automated call or call communication systems with and/or without the intervention of an operator) and/or instant messaging (WhatsApp, Telegram, Facebook) , to propose products and/or services offered by the Data Controller and/or third party companies, to present offers, promotions and commercial opportunities.
The legal basis for the aforementioned processing is explicit consent given by you.
If you do not give your consent, the possibility of using the Services referred to in paragraph 3 above will not be affected in any way.
In the event of your consent, you may revoke it at any time by making a request to the Controller in the manner indicated in paragraph 9 below.
You may also easily object to further promotional communications by email by clicking on the appropriate link for revocation of consent, which is present in each promotional email. Once your consent has been revoked, the Controller will send you an email to confirm that your consent has been revoked. If you wish to withdraw your consent to the sending of promotional communications by telephone, while continuing to receive promotional communications by email, or vice versa, please send a request to the Controller in the manner indicated in paragraph 9 below.
We wish to inform you that, following your possible exercise of your right to object to the sending of promotional communications by email, it is possible that, for technical and operational reasons (e.g. formation of contact lists already completed shortly before the Holder’s receipt of your request to object) you may continue to receive some further promotional messages. Should you continue to receive promotional messages after 24 hours have elapsed since you exercised your right to object, please report the problem to the Controller, using the contact details given in paragraph 9 below.
4bis. Further communication: communication of data to the Controller’s Partners
With the free and optional consent of the User, the User’s personal data (i.e. first name, last name, email address and, if provided voluntarily by the User, telephone number) will be communicated by the Controller to Prof.. Filippo Graziani tax code GRZFPP74R07G702W, VAT no. 02031580505, member of the Order of Surgeons and Dentists of Pisa and enrolled in the Register of Dentists no. 347 since 28/01/1999, with professional practice in Pisa, Via Risorgimento no. 38 and/or to the following third party companies
- Events and congress organisation
- Culture and training courses, specialisation courses, masters
- Medical and dental services and products, dentists
(collectively, the ‘Controller’s Partners’).
The Data Controller’s Partners, as autonomous data controllers, will process the User’s personal data for their own marketing purposes (direct sales, sending of advertising material and commercial communications), and may contact the User by post, e-mail, telephone (fixed and/or mobile, with automated call or call communication systems with and/or without the intervention of an operator) and/or SMS and/or MMS to propose to the User the purchase of products and/or services offered by the same categories of third party companies and/or other companies and to present the User with offers, promotions and commercial opportunities.
Once the transfer has taken place, it will be the responsibility of the Data Controller’s Partner to provide Users with all the information provided for by Article 14 c.3 of the Regulation.
In the event that consent is not given, the possibility of registering on the Site and/or requesting Periocampus services will not be affected in any way.
In the event of consent being given, the User may revoke it at any time by making a request to the Owner in the manner set out in paragraph 9 below.
The Data Controller informs that the User’s personal data will be processed by the Data Controller’s Partners as autonomous data controllers, on the basis of the specific information that will be issued by the Data Controller’s Partners to the Users. Any requests not to receive further commercial communications from the Controller’s Partners, to whom the data have already been communicated by the Controller, must therefore be addressed directly to them.
- Further processing purpose: creation of a Meta (Facebook) lookalike audience
The legal basis for the above-mentioned processing is your explicit consent.
In case of lack of consent, your ability to make use of the services referred to in section 3 above will not be affected in any way.
In the event of your consent, you may revoke it at any time by making a request to the Controller in the manner indicated in paragraph 9 below.
- Methods of data processing and retention times
The Data Controller will process your personal data by means of manual and computerised tools, with logic strictly related to the purposes themselves and, in any case, in such a way as to guarantee the security and confidentiality of the data.
Your personal data will be kept for the time necessary to pursue the purposes for which they were acquired. The personal data functional to the fulfilment of legal obligations will be kept even after the term indicated, in compliance with said obligations in accordance with the retention periods.
- Scope of communication and dissemination of data
Your personal data may be disclosed to the employees and/or collaborators of the Data Controller appointed to provide you with the services referred to in paragraphs 3 and/or 4 and/or 4bis above (e.g. administrative and technical staff) who are obliged by law or by contract to maintain confidentiality. These subjects, who have been instructed to this effect by the Data Controller pursuant to Article 29 of the Regulation, will process your data exclusively for the purposes indicated in this information notice and in compliance with the provisions of the Applicable Regulations.
Your personal data may also be disclosed to third parties who may process personal data on behalf of the Data Controller in their capacity as “External Data Processors”, such as, by way of example, the Data Controller’s collaborators in the provision of the Services requested by you, suppliers of services connected and/or consequent to the Services requested by you (e.g. suppliers of IT, banking, insurance, accounting, tax, etc. services).
You have the right to obtain a list of any data processors appointed by the Controller, by making a request to the latter in the manner indicated in paragraph 9 below.
Except as indicated below, your personal data will not be transferred outside the European Union.
Your data may be transferred to a country other than your home country if you have given your express consent to the processing for marketing and newsletter subscription purposes. The transfer of data to the USA takes place on the basis of the “Commission Implementing Decision (EU) 2016/2295 of 12 July 2016 on the adequacy of the protection offered by the EU-US Privacy Shield regime (“Privacy Shield”)” and the subsequent “Authorisation to transfer data abroad via the agreement called “E.U. – U.S. Privacy-Shield” issued by the Data Protection Supervisor on 27.10.2016: all recipients of data based in the USA have in fact adhered to the Privacy Shield.
- Cookies used on the Site
- Rights of Interested Parties
You may exercise the rights guaranteed to Data Subjects by the Applicable Regulations by contacting the Data Controller at the addresses indicated below: by sending a registered letter with return receipt to Bee Queen 33 S.r.l., via Gaetano Malasoma n. 14/16, 56121 Pisa; by sending an ordinary e-mail message to email@example.com; by sending a certified e-mail message to beequeen33srl@pec.
Pursuant to the Applicable Regulations, the Data Controller informs you that you have the right to obtain information on (i) the source of your personal data; (ii) the purposes and methods of processing; (iii) the logic applied in the event of processing carried out with the aid of electronic instruments; (iv) the identification details of the Data Controller and of the persons in charge; (v) the persons or categories of persons to whom your personal data may be communicated or who may become aware of it in their capacity as data processors or persons in charge of processing.
In addition, you have the right to obtain
- access, update, rectification or, where interested therein, integration of the data;
- the cancellation, transformation into anonymous form or blocking of data processed unlawfully, including data whose retention is unnecessary for the purposes for which the data were collected or subsequently processed;
- certification to the effect that the operations as per letters a) and b) have been notified, as also related to their contents, to the entities to whom or which the data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected.
In addition, you have:
- the right to withdraw your consent at any time, if the processing is based on your consent;
- (where applicable) the right to data portability (right to receive all personal data concerning you in a structured, commonly used and machine-readable format), the right to restriction of processing of personal data and the right to erasure (“right to be forgotten”)
- the right to object:
- in whole or in part, for legitimate reasons, to the processing of personal data concerning you, even if pertinent to the purpose of collection;
- in whole or in part, to the processing of personal data concerning you for the purpose of sending advertising materials or direct selling or for carrying out market research or commercial communication;
- where personal data are processed for direct marketing purposes, at any time, to the processing of your data for such purposes, including profiling insofar as it is related to such direct marketing.
- d) if you believe that the processing of your personal data is in breach of the Regulation, the right to lodge a complaint with a supervisory authority (in the Member State in which you have your habitual residence, in the Member State in which you work or in the Member State in which the alleged breach occurred). The Italian Supervisory Authority is the Garante per la protezione dei dati personali, based in Piazza Venezia n. 11, 00187 – Rome (http://www.garanteprivacy.it/).