Information statement on privacy
(pursuant to (It.) Legislative Decree 196/03 and Regulation (EU) 2016/679)
The well-being of Ksurgery customers and of the users of the website www.k-surgery.com is at the heart of everything we do.
About us Data controller and Data protection officer
With regard to Privacy, consultation of this website by the user entails the collection of information that constitutes personal data. For these purposes, the “Controller”, responsible for processing the data you have provided, is the Company Vida Srl in the person of the legal representative, with registered office in Via Galileo Galilei 4 56040 Crespina Lorenzana (PI). Inside the Company, the personal data collected are processed by employees who operate in the capacity of “Persons tasked with processing”, complying with the related specific instructions and indications provided to them.
Data processing location
The processing operations related to the web services of the website www.k-surgery.com, take place at the Data Controller’s registered office in Pisa and are only performed by technical personnel of the Marketing Office who have been tasked with processing, and by external digital consultants (specifically Regolo srls). No data deriving from the web service are disclosed or disseminated (art 90 of the GDPR). The personal data provided by the users who send requests for information material are used for the sole purpose of providing the service requested and are disclosed to third parties only if this is required for this purpose (art 3 of the GDPR).
What “personal data” and “personal data processing” means
The protection of your privacy is fundamental for us. This is why we have adopted the EU’s General Data Protection Regulation (2016/679 - “GDPR”) as our global standard. It is the most advanced and protective law on privacy, worldwide.
“Personal data processing” means any operation or set of operations, whether or not by automated means, concerning the collection, recording, organisation, storage, consultation, processing, alteration, selection, extraction, comparison, use, combination, blockage, disclosure, dissemination, erasure and destruction of the data, even if not registered in a database.
We will process (collect, will store and use) the information provided by means that are compatible with the EU’s General Data Protection Regulation (“GDPR”). We will endeavour to keep your information accurate and updated and not to store it for a period that is longer than that required. We keep a register of personal data processing operations that include a record of the data storage policy for every type of data collected and we undertake to only process the minimum quantity of data required
Type of data being processed and purpose of the processing
IT systems and the software procedures that ensure that this website functions acquire, during their normal operation, certain personal data that are then transmitted implicitly in the use of Internet communication protocols. This information is not collected to be associated to identified data subjects, but may, by its very nature, make it possible to identify the users through processing and combination with data held by third parties. All our activities are governed by ethical principles and we are committed to protecting the privacy of all visitors to our website. For this reason, the way in which we detect and store the data is very closely related to the means of use of our website and of the related services.
Data willingly provided by the users/visitors
When users/visitors, connecting to this website, send their personal data for access to specific services, or to submit a request through the contact form, this entails the acquisition by Vida Srl of the sender’s address and/or of any other personal data that will be processed exclusively to reply to the request in the most suitable way and as quickly as possible. The personal data provided by the users will be disclosed to third parties only in case such disclosure is necessary for the fulfilment of the requests made by the users/visitors in question.
Below please find a list that provides some, non exhaustive examples:
- Contact data, including company name and VAT number or, for natural persons, name and surname and tax code
- Country of origin
- E-mail address
- Landline or mobile telephone number
All these data have in common the fact that they were provided by you. This information will be used for the purposes described in this Information Statement.
You have the right to rectify, at any time, your personal data or to prevent their processing by contacting the company at the address firstname.lastname@example.org
We will use your personal data for purposes related to the service you have requested. For example, to reply to the questions sent by you and to suggest the medical products or medical devices that are more in line with the data and information disclosed. If you have contacted customer support, we will use your personal data (including the history of your contacts and calls) to facilitate the fulfilment of your requests and provide you with the best possible service. If you have disclosed your personal data on the occasion of the stipulation of a contract and the sale of a medical product, we will provide you with information on similar products and services. We may contact you after the sale of a product to ask you for feedback.
With your explicit consent, we may contact you through the contact details you have provided (newsletter or social media) for marketing, advertising purposes and to conduct surveys on behalf of Vida srl.
For example, this will be information on products, special offers, promotional initiatives.
We may provide your contact details to third parties for marketing, advertising purposes and for opinion polls. In the Section “Rights of the data subject” you can read information on your rights, for example on how to withdraw your consent or on how to correct your personal data.
Means of processing and storage
The personal data are processed with IT, data transmission, automated tools, including profiling (art 22 of the GDPR); profiling may take place by using individual or identification data (e.g. biographical data), or aggregated data deriving from individual personal data. All in compliance with the confidentiality safeguards and the security measures envisaged by the applicable regulatory framework, with logics that are closely related to the purposes of the processing. Specific security measures are adopted to prevent data loss, unlawful or improper uses and unauthorised access. The data storage period is related to the purposes of the processing being performed. Vida srl will not process personal information to a degree that is not necessary for the achievement of the purposes for which such information was processed. One of our fundamental principles is our commitment to processing your data with caution and confidentiality. It may be that we make use of service providers and persons tasked with data processing who work on behalf of Vida srl. These are operators who provide hosting and maintenance services, digital consultancy services, analysis services, e-mailing services, delivery services, manage payments, check solvency, check addresses, etc. These third parties are granted access to the personal data they require for the purpose of their specific services.
Categories of subjects who may become aware of the user’s data
As well as by Vida srl employees, certain processing operations of the user’s personal data may also be performed by third parties, including the companies to which Vida outsources or may outsource certain activities that are necessary for the website’s management. Such subjects will operate as autonomous Controllers. In this latter case, the Controller will issue the autonomous data controllers with adequate operational instructions with particular reference to the adoption of the minimum security measures, in order to guarantee the confidentiality, integrity and safety of the data. The user’s data may also be disclosed to the Courts, the administrative authorities or any other public subject with a legitimate reason to request such data, in the cases envisaged by law. In order to achieve the purposes mentioned above, Vida srl may disclose and have the personal data of the data subject processed, in Italy and abroad, including countries that are not members of the European Union, to and by third parties with which it entertains relationships: the latter will provide them with the information needed for the provision of the requested services, adopting every measure to protect your personal data (art 44 of the GDPR). The personal data may, in addition, become known to employees, self- employed workers, project workers, temps, consultants, interns, collaborators of Vida srl who have been duly appointed
Rights of the user/visitor
If you provide us with your personal data through our websites or other channels, this happens solely on a voluntary basis. If you opt not to provide the information requested, you may miss out on various opportunities available to customers.
At any time while we are in possession of or processing your personal data, you, the data subject, have the following rights:
- Right to access - you have the right to request a copy of the information in our hands
- Right to be forgotten: under specific circumstances, you may request that the data in our possession are erased from our databases
- Right to restrict the processing - where certain conditions are met, it is possible to exercise the right to restrict the processing
- Right to object to automated processing, including profiling - you also have the right to be subject to the legal effects of automated processing or profiling.
- Right to rectification: the right to rectify, complete, update, erase your personal data that are stored. Within four weeks from receipt of your request, we will inform you whether and, if the result is affirmative, to what extent we will fulfil your request. If, for any reason, we are not able to fulfil your request, we will inform you of the reasons as soon as possible (art. 7 of (It.) Legislative Decree 196/03 and art 12 and 16
Contact details for complaints
Name of the contact:
Ksurgery (Vida Srl)
Via Galileo Galilei 4 56040
Data of minors
Vida srl is aware of its obligation to protect the privacy of minors, and refuses to acquire data of minors under 16. We would like to invite parents and other guardians to navigate the Internet and send e-mails together with their children and to use the Internet responsibly. If a minor under 16 attempts to provide from the start information related to their data, they must ask their parent’s consent. The data sent by minors, or which in any case concern them, detected during their visit (e.g. through cookies) may be used as described above.
Amendments to this information statement
Visa srl has undertaken to endorse the fundamental principles of data protection and considers the protection of personal data as a natural duty. We therefore frequently revise our conduct guidelines with regard to the protection of personal data to ensure that they are free from errors, clearly visible on our website and that they include all the information necessary, and to check that they are strictly complied with, and that they conform with the principles of the law on the matter. This information statement on the protection of personal data may, over time, be subject to amendments aiming to keep it up-to-date with the evolution and the new opportunities of the Internet and to guarantee its compliance with the applicable regulatory framework.
By consenting to this Information Statement on privacy, you authorise us to process your personal data specifically for the purposes identified. Where consent is required for the processing of (standard or sensitive) personal data, it must be provided explicitly. Where we request sensitive personal data from you, we will always inform you on why and how the information will be used. Agreement with this Information Statement on privacy and the related terms and conditions (if applicable) and any Agreements on the processing of data (if applicable to you) will be considered explicit consent and we will keep a copy of the records of such consent for audits.
What are cookies?
Cookies are small files that websites send to the browser and that are stored in the User’s terminal, that may be a PC, a mobile telephone, a tablet or any other device. They are tools that play a fundamental role in the provision of numerous IT services. Among other things, they enable a web page to store and recover information on the navigation habits of a user or of their device and, based on the type of information obtained, such information may be used to recognise the User and improve the service offered.
All cookies have an expiration date that determines the period for which they will be stored in your browser:
Session cookies are temporary cookies that expire automatically when you shut down your browser.
Persistent cookies stay in your browser for a specific period of time, or until you manually remove them.
The term “technical cookies” applies, pursuant to the classification provided by the Italian Data Protection Authority in general decree no. 229 of 8 May 2014 on “Simplified Arrangements to Provide Information and Obtain Consent Regarding Cookies”, to navigation or session cookies, to analytical cookies (Analytics) and to functionality cookies.
The use of such cookies does not require the user’s consent.
Vida srl uses the following technical cookies:
Navigation or session cookies
These session cookies are necessary to make it possible for the user to use the essential functionalities of the Website.
These cookies also make it possible for Vida srl to understand whether the user has authenticated themselves as registered user on the Website and to guarantee them the possibility to use the appropriate functionalities on the Website.
These cookies are also known as performance analysis cookies and serve to collect information on the ways the users use the Website, so that Vida srl can improve the quality of the Website and of the service.
The analytical cookies used by Vida srl do not collect information that may identify the user. All the information collected by these cookies is aggregated and anonymous information that is used to:
- provide statistics on how the Website is used;
- get to know through which website the user came to the Website;
- help Vida srl improve the Website by measuring information on the use of the Website and any errors during its navigation by the users.
Functionality cookies make for a better functionality of the Website, granting access to additional services or improving subsequent visits to the Website.
The functionality cookies used on the Website make it possible for the user to take advantage of certain advanced functionalities of the Website while navigating it. These cookies may share certain information with partners of Vida srl to provide the services that are available on the Website; the information thus shared will be used exclusively for the provision of said service, product or specific function and will not be used for any other purpose.
Profiling cookies or Marketing cookies
Vida srl also uses non-anonymous profiling cookies provided by Facebook.
Marketing cookies are used to track visitors to websites. The purpose is to present advertisements that are pertinent and interesting to the individual user and thus of higher value for third-party editors and advertisers.
The User may restrict, block or erase the cookies of Vida srl or those of other websites that use the browser. The means of disabling cookies are different for each browser.
To find out more about cookies, for any questions or to send suggestions, please contact Vida srl at the following e-mail address email@example.com
Marketing and Web Analysis
This website uses Google Analytics, a web analysis service of Google Ireland Ltd. (“Google”). Google Analytics uses a specific cookie format, which is stored on your computer and makes it possible to analyse the way in which you use our website.
The cookies set by Google Analytics for measuring are first-party cookies, which means that the values of the cookies associated with the data subjects will be different for each customer (i.e. there is no unique Google Analytics cookie ID used on all websites that use Google Analytics). The information on the use you make of our website, generated by the cookies, is generally transmitted to a Google server in the USA, where it is archived.
We use Google Analytics to regularly analyse and improve the use of our website. We may use the statistics thus obtained to improve our offer and make it more interesting for you, as the user. In addition, we collect information on the functionality of our website (for example, to detect problems in the navigation of the website).
1.2 Recipients / Scope of data disclosure::
Information on the third parties: Google Dublin, Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001.
- Terms and Conditions for the Use of Google Analytics: https://www.google.com/analytics/terms/gb.html,
- General overview of the security and privacy principles of Google Analytics: https://support.google.com/analytics/answer/6004245?hl=en
- Google Privacy Information Statement: https://policies.google.com/privacy?hl=en.
You can disable Google Analytics through the cookies settings.
We have integrated the YouTube videos in our website. They are archived on http://www.YouTube.com and may be played back directly from our website. Their management falls under the “extended data protection means”; this means that no data concerning you as users will be transmitted to YouTube until you have clicked on the videos to start playback. Only when you are playing back the videos will the data of the paragraph below be transferred to YouTube. We have no say on this transfer of data.
If you do not wish to be associated to your profile on YouTube, log out of your account before pressing “Play”. YouTube stores your data as a user profile and uses them for advertising purposes, market surveys and/or design for the demand of its website. You have the right to object to the creation of these user profiles; to exercise this right you must contact YouTube.
For more information on the purpose and extent of the collection and processing of data by YouTube, please read the information statement on privacy. There you will find additional information on your rights and setting options to protect your privacy: https://www.google.de/intl/de/policies/privacy.
Google Ads (formerly Google Adwords)
We use the services of Google Ads to attract attention to our interesting promotions with the help of advertising material (so-called Google Adwords) on external websites. We can determine the success of the individual advertising measures based on the data of the advertising campaigns. We want to show you advertisements that interest you, make our website more interesting and obtain a fair calculation of advertising costs.
We do not collect nor do we process any personal data through the aforementioned advertising measures. We only receive statistical evaluations from Google. Based on these evaluations, we can find out which of the advertising measures used are particularly effective. We do not receive additional data from the use of advertising material; specifically, we cannot identify users based on this information.
Google Ads Remarketing
We use the remarketing function provided by the Google Ads service. The remarketing function makes it possible for us to present users with advertisements of our website based on their interests on other websites inside the Google advertising network..
Recipients / Scope of data disclosure:
For more information on the purpose and extent of the collection and processing of data by Google, please read the information statement on privacy. There you will also find additional information on your rights and the options to set in order to protect your privacy. The data may be transferred to third countries.
It is possible to block participation in this monitoring process in various ways:
- a) by adjusting the settings of the browser software in this sense; by doing that, third-party cookies are eliminated and you will not receive ads from third-party providers; b) by disabling cookies for conversion tracking, adjusting the browser’s settings so that cookies are blocked by the domain https://www.google.com/settings/ads; https://adssettings.google.it/authenticated; this setting is deleted when the cookies are removed; c) by disabling advertisements based on the interests/”profiles” sent by providers that participate in the “About Ads” self-regulation campaign through the link http://www.aboutads.info/choices; this setting is deleted when the cookies are removed; d) by permanently disabling Firefox, Internet Explorer or Google Chrome in the browsers at the link http://www.google.com/settings/ads/plugin; e) by setting your preferences regarding cookies to exclude them. Please note that, by doing this, you may compromise the full functionality of the website.
Facebook Custom Audiencies e Facebook conversion
We use Facebook’s pixels for remarketing purposes, so that we may contact you in the following 180 days. This makes it possible for us to show advertisements of interest (“Facebook ads”) to the users of the website when they visit the social network Facebook or other websites that also use this technology. In this way, we pursue our objective to show advertisements that are of interest for the user, in order to make our website or our offers more interesting. For more information and details on Facebook’s Pixel technology and on its functionality, please refer to the Facebook Help Centre. .
Facebook’s “Custom Audiences” function can be disabled in the cookies settings and, for registered customers, on Facebook’s customer area..
When you communicate and/or collaborate with us, e.g. via e-mail or through the contact form on our website, in the capacity of consumer, tester, business partner or customer, the data you provide (your e-mail address, if applicable, the name and telephone number or the personal data sent during the conversation) will be stored and processed by us, for example to reply to your questions, requests or for commercial correspondence purposes. In processing the data sent during the conversation, we have a legitimate interest in the processing of the data in compliance with legal requirements, for internal checks, or in compliance with the respective request for communication.
We erase the data obtained in this context once their storage is no longer necessary, unless there are legal retention obligations or it is necessary to comply with legal terms.
The newsletter contains news, offers and additional information on the Ksurgery brand. By subscribing to the newsletter, you will receive - based on the consent you have provided in each case - customised information on products, services or suggestions for participation in promotions, such as contests or product testing via e-mail. We also use remarketing measures to show you pertinent online advertising. The data will be collected on our Mailchimp platform
If you no longer wish to receive the newsletter, you can unsubscribe at any time. By clicking on the link contained in every newsletter, you will be guided through a procedure to unsubscribe.
With this document we would like to provide you with the necessary information with regard to the data processing performed on the occasion of training sessions/webinars in which you take part.
The participant may take part in the event over the Zoom channel as a guest user or by identifying themselves, providing their name, surname and e-mail. The participants will visible in the participants’ list, available in the tool. The event will be recorded and made available for information and training on the Ksurgery brand products: if the participant decides to ask questions to the trainers (verbally or through the chat), please note that the voice, the video (if activated) and the questions asked in the chat will be subject to processing. The recordings will be published on our internal Intranet and, where absolutely necessary, on our YouTube channel.
The recordings and all your personal data (if collected) will be stored for the time required to achieve the aforementioned purposes; we have set the maximum retention period at 2 years from recording. Once this period of time has expired, we may store the material by rendering the data anonymous.
Users have the possibility to send evaluations and reviews of products, processes or other evaluations in the context of the website’s offers, in compliance with our use terms and conditions.
We will, therefore, collect the data that you provide us when you send contents through an evaluation and/or a review.
If this website asks for specific consent for the processing of special categories of data (sensitive data), we will also process sensitive information related to the status of your health or data that reveal the racial origin or ethnicity (this for example through images or description of the content, in particular inside reviews of products suited for skin issues).
We use the data provided to publish and keep your review/evaluation on our website in compliance with our use terms and conditions.
Your evaluation will be published with your name (user name). The reviews may be revised before publication. We reserve the right to delete comments if they are challenged by third parties as illegitimate. Additional information is available in the use terms and conditions. Moreover, we use the data provided based on our legitimate interest to guarantee that your review is not based on fraudulent behaviour, automated programs or bots.
The comments/reviews will be erased or anonymised once the user account has been deleted.
Legal basis of the processing: Art. 6 (1) a of the GDPR and Art. 9 (2) a of the GDPR (processing of data performed based on the consent granted by the data subject); Art. 6 (1) f of the GDPR (personal data processing based on the Controller’s legitimate interest).