CUSTOMER CONTRACT INFORMATION

PRIVACY POLICY

COOKIE POLICY

CONTACT FORM INFORMATION

NEWSLETTER INFORMATION

MAIL INFORMATION

INFORMATION WORK WITH US

Data processing information

INFORMATION PROCESSING OF PERSONAL DATA

Dear Customer,
Thema Srl, as Data Controller of personal data pursuant to art. 4 and art. 13 of the Regulation of EU Regulation 2016/679, wishes to inform you that it will process your personal data manually and / or with the support of IT means for the purposes indicated below.
Data Controller
The Data Controller is Thema Srl based in via Saragat, 5 – 40026 Imola (BO), VAT number 02770361208, email info@thema-med.com

Type of data processed
The personal data being processed:
a. customer identification data and contact details;
b. accounting, fiscal, administrative, banking data necessary for the management of contractual relationships and / or pre-contractual requests.

Purpose of processing
The personal data you provide will be processed for purposes related to:
1. the execution and management of the contract including any pre-contractual phase and, specifically, for the compilation of personal data lists, bookkeeping, invoicing, the carrying out of communications both by paper and electronic means, fiscal obligations, organizational management of the requested services and stipulation of contracts, management of appointments, order fulfillment, deliveries, bureaucratic fulfilments relating to the requested services. The data will be processed for contractual obligations related to:
• regulatory technical consultancy for the medical sector;
• marketing of goods and services;
• production, translation, layout and management of technical documentation;
• design, implementation of advertising graphics;
• training in regulatory affairs and advanced training in the technical-professional field.
2. the fulfillment of legal obligations provided for by fiscal and tax legislation;
3. to send communications of similar services – soft spam – on the basis of the legitimate interest of the data controller;
4. to marketing activities, and specifically, to the sending of advertising and / or promotional commercial communications.

Legal nature of the provision
The provision of personal data is mandatory. Failure to provide personal data will make it impossible for us to execute contracts and other related obligations, as well as to correctly manage mutual commercial relations. For the purposes referred to in point 3), the interested party may exercise the right to opt-out, i.e. the right to easily and freely refuse the sending of such communications. For the purpose referred to in point 4) the provision of data is optional, however failure to provide it makes it impossible for the data controller to follow up on the processing operations connected to this purpose.

Legal basis of the processing
• The legal basis of the processing for the purposes referred to in point 1) is found in the fulfillment of a contractual obligation pursuant to art. 6 lett. b) EU Reg. 679/2016;
• the legal basis of the processing for the purposes referred to in point 2) is represented by the fulfillment of a legal obligation pursuant to art. 6 lett. c) EU Reg. 679/2016;
• the legal basis for the purpose referred to in point 3) is found in the legitimate interest of the owner of the data controller as required by art. 6 lett. f) EU Reg. 679/2016;
• the legal basis for the purpose referred to in point 4) is found in the consent expressly expressed by the interested party, which can be revoked at any time, as required by art. 6 lett. a) EU Reg. 679/2016.

Categories of recipients of personal data
The data processed will not be disclosed to third parties. In addition to the data controller, the recipients of the acquired data may in any case be:
• entities, professionals, companies or other structures entrusted by us with the processing related to the fulfillment of administrative, accounting and management obligations linked to the ordinary performance of our economic activity;
• public authorities and administrations for purposes related to the fulfillment of legal obligations or to subjects entitled to access it by virtue of the provisions of law, regulations, community regulations;
• banks, financial institutions or other subjects to whom the transfer of the aforementioned data is necessary for the performance of the business of our company in relation to the fulfillment, on our part, of the contractual obligations assumed towards you;
• authorized internal to the organization of the data controller;
• consultants and company collaborators for purposes related to the provision of services;
• consultants and company collaborators operating as Joint Controllers, Managers, designated or authorized subjects for the processing on the matter, by way of example but not limited to, legal, administrative, tax, insurance, IT.
The list of data processors is available upon request.

Methods of data collection and storage times
The personal data collected will be processed in compliance with the principles of lawfulness, correctness and transparency and in any case in such a way as to guarantee their security and maximum confidentiality. Your data will be stored in a form that allows identification of the same for a period of time not exceeding the achievement of the purposes for which the data were collected.
• The personal data collected for the purposes referred to in point 1) will therefore be kept for the duration of the entire contractual relationship and no later than 10 years from the termination of the contract (Article 2946 of the Civil Code regarding prescription)
• The data strictly necessary for tax and accounting obligations, once the purpose for which they were collected no longer exists, will be kept for a period of 10 years as established by art. 2220 cc
• The personal data collected for the purposes referred to in point 3) will be processed for the time strictly necessary to pursue the purposes, in any case as long as the legitimate interest of the data controller persists.
• The personal data collected for the purposes referred to in point 4) will be processed for the time strictly necessary to pursue the purposes, in any case not exceeding 24 months, and / or until the express withdrawal of consent by the interested.
Transfer of data
Personal data may be transferred to foreign countries of the European Union or non-EU and transmitted to private companies and institutional bodies for purposes related to the services requested and for the needs of territorial jurisdiction. The data is sent for cross-border processing, according to the principles of necessity, limited to the strictly necessary information. Data transfer takes place exclusively under the following conditions:
• Countries covered by adequacy decisions pursuant to art. 45 GDPR 679/16 EU;
• in the absence of adequacy decisions, the processing, with reference to Art. 46 GDPR 678/16 EU, takes place after agreement with the recipient of the data in compliance with binding clauses and corporate rules in accordance with article 47; standard data protection clauses adopted by the Commission in accordance with the examination procedure referred to in Article 93 (2);
• in the absence of adequate guarantees, the Data Controller, pursuant to art. 49 GDPR 679/16 EU, if the transfer is necessary to fulfill contractual and / or legal obligations, it communicates the data by preparing all the technical-organizational security measures such as, where possible, minimization, pseudonymisation of the data, verification of the reliability of the recipient.

Rights of the interested
party Pursuant to articles 15 – 22 of the Regulation, we inform you that with regard to the processing of your personal data, you can exercise your rights: right of access to personal data; right of rectification and integration of personal data; right to delete data (“right to be forgotten”); right to limitation of processing; right to lodge a complaint with the Guarantor for the protection of personal data, following the procedures and indications published on the official website of the Authority www.garanteprivacy.it; right to data portability; right not to be subjected to a decision based solely on automated processing, including profiling; right to withdraw consent at any time.
The exercise of the rights is not subject to any formal constraint and is free.

How to exercise the rights
The interested party may exercise the rights at any time by sending:
– a registered letter with return receipt to Thema Srl via Saragat, 5 – 40026 Imola (BO)
– an e-mail to the address: info @ thema-med .com

DECLARATION OF CONSENT FOR SENDING PROMOTIONAL AND ADVERTISING MATERIAL
The undersigned declares his specific consent for the processing of personal data that may be processed by Thema Srl, as Data Controller, for sending promotional and advertising material. The undersigned declares to have received complete information pursuant to art. 13 and 14 of EU Regulation 2016/679, and expresses consent to the processing of data relating to the purposes described above.

Privacy Policy information

This page describes how to manage the site https://www.thema-med.com/ with reference to the processing of personal data of users who consult it. This is the information provided pursuant to art. 13 of the 2016/679 European Regulation to those who interact with the company’s web services.

The information identifies some minimum requirements for the collection of personal data online, and, in particular, the methods, times and nature of the information that the data controllers must provide to users when they connect to web pages, regardless by the purposes of the connection.

The owner of the treatment

The data controller is Thema Srl with registered office in via Saragat, 5 – 40026 Imola (BO), VAT number 02770361208, email info@thema-med.com in the person of its pro tempore legal representative.

 

Place of data processing

The treatments connected to the web services of this site take place at the registered office and are only handled

by technical staff of the office in charge of processing, or by any occasional appointees

maintenance operations. No data deriving from the web service is communicated or disseminated. The personal data provided by users who submit requests to send information material are used for the sole purpose of performing the service or provision requested.

Types of data processed

Navigation data

The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This is information that is not collected to be associated with identified interested parties, but which by their very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes the IP addresses or domain names of the computers used by users who connect to the site, the URI (Uniform Resource Identifier) ​​addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response,

These data are used only to obtain anonymous statistical information on the use of the site and to check its correct functioning and are deleted immediately after processing. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the site: except for this possibility, the data on web contacts do not persist for more than seven days.

Data provided voluntarily by the user

The optional, explicit and voluntary sending of electronic mail to the addresses indicated on this site entails

the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data included in the message. Specific summary information will be progressively reported or displayed on the pages of the site set up for particular services on request.

 

Use of cookies

With regard to the methods of use of cookies, please refer to the additional and specific “extended information” published on this site and elaborated on the basis of the provisions of the Provision of 8 May 2014 issued by the Italian Guarantor for the protection of personal data as amended from the Provision n. 231 of June 2021, which integrates and completes this document.

Optional supply of data

Apart from what is specified for navigation data, the user is free or not to provide personal data.

Failure to provide them may make it impossible to obtain what is requested.

Methods of processing

Personal data are processed with automated tools for the time strictly necessary to achieve the purposes for which they were collected. Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access.

Transfers to third countries

Personal data may be transferred to foreign countries of the European Union or non-EU and transmitted to private companies and institutional bodies for purposes related to the services requested and for the needs of territorial jurisdiction. The data is sent for cross-border processing, according to the principles of necessity, limited to the strictly necessary information. Data transfer takes place exclusively under the following conditions:

  • Countries covered by adequacy decisions pursuant to art. 45 GDPR 679/16 EU;
  • in the absence of adequacy decisions, the processing, with reference to Art. 46 GDPR 678/16 EU, takes place after agreement with the recipient of the data in compliance with binding clauses and corporate rules in accordance with article 47; standard data protection clauses adopted by the Commission in accordance with the examination procedure referred to in Article 93 (2);
  • in the absence of adequate guarantees, the Data Controller, pursuant to art. 49 GDPR 679/16 EU, if the transfer is necessary to fulfill contractual and / or legal obligations, it communicates the data by preparing all the technical-organizational security measures such as, where possible, minimization, pseudonymisation of the data, verification of the reliability of the recipient.

 

Rights of interested parties

The subjects to whom the personal data refer have at any time the right to request access to the data and their correction, the cancellation of the same, the limitation of processing, the right to oppose their processing, in addition to the right to the portability of the data. data; they also have the right to lodge a complaint with the supervisory authority.

Requests should be addressed to the Data Controller

The Data Controller is Thema Srl based in via Saragat, 5 – 40026 Imola (BO), VAT number 02770361208, email info@thema-med.com

Contact details:

– a registered letter with return receipt to Thema Srl via Saragat, 5 – 40026 Imola (BO)

– an e-mail to   info@thema-med.com

– company website https://www.thema-med.com/

This constitutes the “Privacy Policy” of this site which will be subject to updates.

Cookies information

COOKIE POLICY

 

Premise

This Cookie Policy has been drafted and customized specifically for the site https://www.thema-med.com/ owned by Thema Srl based in via Saragat, 5 – 40026 Imola (BO), VAT number 02770361208, email info@thema-med.com .This Policy was drawn up on the basis of the provision of the Guarantor for the protection of personal data no. 229 of 8 May 2014 “Identification of the simplified procedures for the information and the acquisition of consent for the use of cookies” and New provision no. 231 of 10 June 2021 “Guidelines for cookies and other tracking tools”. It integrates and updates other information already present on the site and / or previously issued by the company, in combination with which it provides all the elements required by art. 13 of EU Regulation 2016/679.

Important notice

All third parties are informed that the use of this information, or even only some parts of it, on other websites in reference to which it would certainly be irrelevant and / or incorrect and / or incongruent, may lead to the infliction of heavy sanctions by the Guarantor Authority for the protection of personal data.

What are cookies

In practical and non-technical terms, the cookie can be considered a tracking system consisting of a small file, stored by the website in the user’s device while browsing, used with the aim of saving the preferences shown during navigation. and to improve the performance of the website, optimizing the browsing experience.

In technical terms, cookies are defined as text strings (generally formed by the combination of letters and numbers) that the websites (so-called first parties) visited by the user or different sites / web servers (so-called third parties) place and they store, directly and / or indirectly within a terminal device (PC, tablet, smartphone, etc.) that is available to the user. The servers for internet browsing or for device operation can store cookies and then retransmit them to the same sites that generated them, in view of a subsequent visit by the same user. Specifically, these tracking tools allow the Site to recognize a particular device or browser.

Types of cookies and related purposes

Cookies can be classified into:

  • Technical cookies used for the sole purpose of carrying out the transmission of a communication over an electronic communications network, or as strictly necessary for the provider of an information society service explicitly requested by the contractor or by the user to provide this service as required by ‘art. 122 paragraph 1 of the Privacy Code. These types of cookies do not require the acquisition of consent by the user but must be indicated in the cookie policy.
  • Profiling cookies used to link specific actions or behavioral patterns to specific, identified or identifiable subjects in order to allow the owner to modulate the provision of the service in a more personalized way and to send advertising messages in line with the preferences expressed by the user during the navigation.
  • Analytics cookies installed on the user’s terminal by managers of the visited site or third-party sites. Third-party cookies, mainly having analysis purposes, mostly derive from the Google Analytics functions. You can get more information on Google Analytics by clicking on the following link: http://www.google.it/intl/it/analytics . In any case, cookies do not allow the data subject to be identified and are intended to refer to the single device or single application in order to avoid tracking the user’s browsing data. Analytics cookies can be treated in the same way as technical cookies, and therefore regardless of the user’s consent, under the following conditions:
    • The use is limited to the production of aggregate statistics that can be used in relation to the site visited by the user;
    • With reference to the so-called third-party analytics cookies, the fourth part of the IP address being tracked must be masked;
    • With regard to the so-called third-party analytics cookies, the third party must be prevented from using the analytics cookies in combination with other processing or transmitting them to other third parties.

Applicable law

For the use of cookies and other technical tracking tools, the data controller is subject to the sole obligation to provide specific information to the interested party. With regard to cookies and other tracking tools for purposes other than technical ones, their use is permitted only after obtaining the user’s informed consent, which must be expressed with an unequivocal act pursuant to Recital 32.

Consent acquisition mechanism

The data controller guarantees the consent acquisition mechanism through the presentation of a banner at the user’s first access to the site.

The banner contains:

  • an X at the top right which is equivalent to the lack of consent by the user.
  • a brief information in which it is represented that the site uses technical cookies and only, after obtaining the user’s consent, also profiling cookies.
  • a link to the privacy policy and the cookie policy.
  • a command through which the user expresses his consent.
  • a link to an area dedicated to the choice and customization of cookies in which the user can freely give his consent with respect to the features, the suppliers and the specific cookies he intends to accept.

In the event that the user does not consent to the use of cookies and other tracking tools and in the event that the user has chosen to give his consent only for the use of certain cookies, the choice is recorded and no longer requested, except in the following cases:

  • when one or more treatment conditions change significantly
  • when it is impossible for the site manager to know if a cookie has already been stored in the device
  • when at least 6 months have passed since the previous presentation of the banner.

 

Cookies used – Retention times – Purpose – Transfer of data to third parties

 AnyFirst partThird parts
Cookie names Type of cookie First or Third Parties It can be blocked Session or Persistent Expiration date Scope
wp-wpml_current_admin_language_d41d8cd98f00b204e9800998ecf8427e Essentials Third parts Persistent 1663072647.8113
_ga_8DD6JN6N72 Essentials Third parts Persistent 1726058247
chaosLocalGa_gid Essentials Third parts Persistent 1663072647
chaosLocalGa Essentials Third parts Persistent 1665578247
_gat_gtag_UA_159442970_1 Essentials Third parts Persistent 1662986307
_ga_328542626 Essentials Third parts Persistent 1726058247
__utma, __utmb, __utmc, __utmt, __utmz, _ga, _gat, _gid Analytics Third parts Persistent
wp-wpml_current_language Essentials Third parts Persistent 1663072646.4254
wordpress_logged_in_33c34e59393546f5737d9c90263722d5 Essentials Third parts Session
wordpress_sec_33c34e59393546f5737d9c90263722d5 Essentials Third parts Session

Browser settings           

We also inform you that the user can configure, freely and at any time, his privacy parameters in relation to the installation and use of cookies, directly through his navigation program (browser) following the relative instructions.

In particular, the user can set the so-called “private navigation”, thanks to which his navigation program interrupts the saving of the history of the sites visited, any passwords entered, cookies and other information on the pages visited.

We warn that in the event that the user decides to disable all cookies (including those of a technical nature), the quality and speed of the services offered by this website could drastically deteriorate and access to some sections of the site could be lost. same.

Rights of interested parties

We inform you that as interested in the treatment you have the right to exercise the following rights:

Right of access pursuant to art. 15 of EU Reg. 20167679, the interested party has the right to confirm whether or not personal data concerning you is being processed and in this case, he can obtain, among other things, access to your personal data and information concerning the purposes of the processing, the categories of personal data in question, the recipients or categories of recipients to whom the personal data have been or will be communicated.

Right of rectification pursuant to art. 16 of the Regulation:

  • rectification of inaccurate personal data concerning you without undue delay
  • integration of your personal data, if incomplete.

Right to cancellation (“right to be forgotten”) pursuant to art. 17 of the Regulation deletion of personal data concerning you without undue delay

Right to limitation of treatment pursuant to art. 18 of the Regulation limitation of processing in the following cases:

  • the data subject disputes the accuracy of the personal data, for the period necessary for the data controller to verify the accuracy of such personal data;
  • the processing is unlawful and the interested party opposes the cancellation of personal data and requests instead that its use be limited;
  • although the data controller no longer needs it for processing purposes, personal data are necessary for the data subject to ascertain, exercise or defend a right in court;
  • the interested party opposed the processing pursuant to article 21, paragraph 1, pending verification of the possible prevalence of the legitimate reasons of the data controller with respect to those of the interested party

Right to data portability pursuant to art. 20 of the Regulations it is possible to receive in a structured format, commonly used and readable by an automatic device, the personal data concerning you and in our possession;

Right to transmit such data to another data controller without impediments by the data controller to whom it provided them in the cases referred to in Article 20 of the Regulation.

Right of opposition for treatments carried out pursuant to article 6, paragraph 1 letters e) or f) and pursuant to art. 21 of the Opposition Regulation, at any time, for reasons connected with your particular situation, to the processing of personal data concerning you including profiling.

The aforementioned requests may be addressed to the Data Controller

The Data Controller is Thema Srl based in via Saragat, 5 – 40026 Imola (BO), VAT number 02770361208, email info@thema-med.com

Requests can be sent via:

  • a registered letter with return receipt to Thema Srl via Saragat, 5 – 40026 Imola (BO)
  • email to info@thema-med.com

Furthermore, in the event that it is believed that the processing has been carried out in violation of the legislation on the protection of personal data, the right to lodge a complaint with the Guarantor Authority for the protection of personal data, Piazza Venezia, 11 – 00187 – Rome is recognized. .

Contact Form Information

INFORMATION FILLING IN THE CONTACT FORM REGARDING THE PROTECTION OF PERSONAL DATA IN ACCORDANCE WITH ART. 13 REGULATION (EU) 2016/679

Pursuant to art. 13 of Regulation (EU) 2016/679 is Thema Srl with registered office in via Saragat, 5 – 40026 Imola (BO), VAT number 02770361208, email info@thema-med.com, as Data Controller, informs users of the processing of personal data deriving from the compilation of the contact form.
Data
controller The data controller is Thema Srl with registered office in via Saragat, 5 – 40026 Imola (BO), VAT number 02770361208, email info@thema-med.com
Interested
Users using internet services interested in contacting the owner of the treatment and the relative registration to the contact form.
Data processed
The data processed are those entered in the contact form or identified data such as name, surname and company and contact data such as telephone and personal email. The data collected are only those strictly necessary for the requested fulfillment, respecting the owner the principle of minimization enshrined in Art. 5 of the European Regulation.
The data provided will be processed by the owner in order to contact the user as requested by the data controller.
Purpose of the processing
The personal data entered in the registration form, sent by choice of the user and voluntarily will be used to respond to the requests submitted by the user or in order to fulfill the contact requested by the form itself. The computer systems of this process provide for the use of e-mail configured in a manner that guarantees the confidentiality and integrity of the information.
Nature of the provision and legal basis of the processing
The provision of data is mandatory to find the user’s request, the legal basis of the processing is found in art. 6 lett. b) of the EU Reg. 679/2016 the execution of pre-contractual measures adopted at the request of the interested party.
Methods of processing
The data processing is carried out through IT procedures or in any case telematic means and paper supports by subjects, internal or external, specifically appointed and authorized to do so and committed to confidentiality. The data are processed and stored with suitable tools to guarantee their security, integrity and confidentiality through the adoption of adequate security measures as required by law.
Retention times
The data will be kept for 2 years from the transmission of the contact request.
Communication, dissemination, transfer
The data collected will not be disclosed, sold or exchanged with third parties without the express consent of the interested party, except for any communications to authorized third parties – committed to confidentiality or in the case appointed as data processors pursuant to art. 28 of Regulation (EU) 2016/679. The complete and updated list of data processors is available, upon request, through the methods indicated in this information. The data may be communicated to the competent authorities, according to the terms of the law.
Personal data may be transferred to foreign countries of the European Union or non-EU and transmitted to private companies and institutional bodies for purposes related to the services requested and for the needs of territorial jurisdiction. The data is sent for cross-border processing, according to the principles of necessity, limited to the strictly necessary information. Data transfer takes place exclusively under the following conditions:
• Countries covered by adequacy decisions pursuant to art. 45 GDPR 679/16 EU;
• in the absence of adequacy decisions, the processing, with reference to Art. 46 GDPR 678/16 EU, takes place after agreement with the recipient of the data in compliance with binding clauses and corporate rules in accordance with article 47; standard data protection clauses adopted by the Commission in accordance with the examination procedure referred to in Article 93 (2);
• in the absence of adequate guarantees, the Data Controller, pursuant to art. 49 GDPR 679/16 EU, if the transfer is necessary to fulfill contractual and / or legal obligations, it communicates the data by preparing all the technical-organizational security measures such as, where possible, minimization, pseudonymisation of the data, verification of the reliability of the recipient.
Rights of interested parties
At any time, the interested parties have the right to access their personal data, to request its correction, updating and relative cancellation. It is also possible to oppose the processing and request its limitation.
The aforementioned requests may be addressed to Thema Srl based in via Saragat, 5 – 40026 Imola (BO), VAT number 02770361208, email info@thema-med.com. Furthermore, in the event that it is believed that the processing has been carried out in violation of the legislation on the protection of personal data, the right to lodge a complaint with the Guarantor Authority for the protection of personal data, Piazza Venezia, 11 – 00187 – Rome is recognized. .

Information Newsletter subscription form

NEWSLETTER SUBSCRIPTION INFORMATION REGARDING THE PROTECTION OF PERSONAL DATA IN ACCORDANCE WITH ART. 13 REGULATION (EU) 2016/ 679

Pursuant to Article 13 of Regulation (EU) 2016/679, Thema S.r.l. with headquarters in via Saragat, 5 – 40026 Imola (BO), P. Iva 02770361208, email info@thema-med.com
Data controller
The data controller is Thema S.r.l. with headquarters in via Saragat, 5 – 40026 Imola (BO), P. Iva 02770361208, email info@thema-med.com
Interested parties
Users users of Internet services interested in subscribing to the newsletter
Data processed
The data processed are personal identification data such as first name, last name and contact data such as institutional email address necessary to send regulatory updates.
Purpose of processing.
The purpose of the processing is to receive regulatory updates regarding products and services offered by the data controller.
Nature of provision and legal basis for processing
The provision of data is optional. Any refusal to provide the data does not entail any negative consequences, but determines results in the inability of the data controller to process requests to send the newsletter. The legal basis of the processing is found in the legitimate interest of the data controller, pursuant to Art. 6 letter f) of Reg. Eu. 679/2016.
Modalities of the processing
The processing of data is carried out through computer procedures or telematic means and paper media by persons, internal or external, specially appointed, authorized and committed to confidentiality. The data are processed and stored with appropriate tools to ensure their security, integrity and confidentiality through the adoption of appropriate measures as required by law.
Storage times
The data will be kept in a form that allows identification for the data subject for two years after enrollment, it being understood that upon revocation using the opt-out technique, the Data Controller will proceed to delete his data.
Communication, dissemination, transfer
The data collected will not be disseminated, sold or exchanged with third parties without the express consent of the data subject, except for any communication to authorized third parties – committed to confidentiality or in the case appointed as data controllers ex art. 28 of Regulation (EU) 2016/679. The complete and updated list of data processors can be found, upon request, through the modalities indicated in this information notice. The data may be communicated to the competent authorities, according to the terms of the law.
There are no plans to transfer the data outside the European Union.

Rights of data subjects
At any time, data subjects have: the right to access their personal data, to ask for its rectification, updating and relative deletion. It is, also, possible to object to the processing and request its limitation.
The aforementioned requests can be addressed to Thema S.r.l. with headquarters in via Saragat, 5 – 40026 Imola (BO), P. Iva 02770361208, email info@thema-med.com
In addition, in the event that you believe that the processing has been carried out in violation of the legislation on the protection of personal data, you have the right to lodge a complaint with the Guarantor Authority for the Protection of Personal Data, Piazza Venezia, 11 – 00187 – Rome.

Mail information for the site

Email information
The content of the e-mails is to be considered confidential. Therefore, the information in them or in any attachments contained are reserved exclusively for the recipients. Persons or subjects other than the recipients themselves, also pursuant to art. 616 of the Criminal Code, are not authorized to read, copy, modify, disseminate the message to third parties. Whoever receives our communication by mistake, do not use it and do not make it known to anyone, but delete it from his inbox and notify the sender. The authenticity of the sender and the contents are not guaranteed, except for digitally signed documents.
All the e-mail boxes of the domain “…@thema-med.com” are company mailboxes and, as such, are used for communications in the workplace. Therefore, for needs connected with the operational activity, any message can be read by the entire office to which the sender belongs. At any time, the interested parties have the right to access their personal data, to request its correction, updating and relative cancellation. It is also possible to oppose the processing and request its limitation.
Furthermore, in the event that it is believed that the processing has been carried out in violation of the legislation on the protection of personal data, the right to lodge a complaint with the Guarantor Authority for the protection of personal data, Piazza Venezia, 11 – 00187 – Rome is recognized. .

Information Work with us

INFORMATION SECTION WORK WITH US
Thema Srl based in via Saragat, 5 – 40026 Imola (BO), VAT number 02770361208, email info@thema-med.com, as Data Controller of personal data pursuant to art. 4 and 13 of EU Regulation 2016/679 informs you that it will process your personal data manually and / or with the support of computerized means exclusively to evaluate your application for the purpose of a possible future establishment of an employment relationship with the Society. We invite you to indicate in your CV only information that is relevant to the position for which you intend to apply, and which is not strictly personal and private in nature.

Type of data
The data processed identification data such as name and surname, contact details such as personal emails and any other information present in the attached Curriculum vitae. These include information relating to:
1. educational qualifications, professional experience, skills, abilities and competences essential to fill the role you have chosen or for any position that we will propose to you;
2. the owner may also process particular data ex. Art. 9 of EU Regulation 679/2016 relating to his person for the purposes strictly necessary for the recruitment if it is essential for the procedure itself.
Purpose of the processing
Your data will be processed in order to carry out personnel selection activities. The processing is necessary to respond to your application or to offer you, at a later time, a new proposal if your profile is deemed appropriate to our needs.
Legal basis of the processing
The legal basis for the processing of data is represented by the fulfillment of pre – contractual obligations as identified by art. 6 lett. b) of the EU Regulation, as well as from the legitimate interest of the data controller
Data recipients
The data may be disclosed to employees and collaborators of the Data Controller who will be able to process your data in compliance with the instructions given by the Data Controller.
Your personal data may be processed by third parties who collaborate with the Data Controller for the same purposes. These subjects may, depending on the case, operate as independent data controllers or specifically appointed data processors.
Data
transfer Personal data are not transferred to countries outside the European Union or outside the EU.

Data
retention The personal data you provide will be kept for the time strictly necessary to pursue the purposes highlighted and in any case for a period not exceeding 24 months: at the expiry of this term, your data will be deleted.
Rights of the interested
party Pursuant to articles 13, paragraph 2, and from 15 to 21 of the Regulations, we inform you that with regard to the processing of your personal data, you may exercise the following rights:
1. Right to obtain access to personal data and the following information:
• confirmation as to whether or not personal data is being processed;
• the purposes of the processing;
• the categories of personal data;
• the recipients or categories of recipients to whom the personal data have been or will be disclosed;
• if the data are not collected from the interested party, all the information available on their origin the existence of an automated decision-making process, including profiling;
• a copy of the personal data being processed.
2. Right of rectification and integration of personal data;
3. Right to delete data (“right to be forgotten”) if one of the following reasons exists:
• the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
• the interested party revokes the consent to the processing of data and there is no other legal basis for the processing;
• the interested party opposes the processing and there is no legitimate overriding reason to proceed with the processing;
• the personal data have been unlawfully processed;
• personal data must be deleted to fulfill a legal obligation under the law of the Union or of the Member State to which the data controller is subject.
The data controller, if he has made personal data public and is obliged to delete them, must inform the other owners who process the personal data of the request to delete any link, copy or reproduction of his data.
4. Right to limitation of processing in the event that:
• the interested party contests the accuracy of the personal data, for the period necessary for the data controller to verify the accuracy of such personal data;
• the processing is unlawful and the interested party opposes the cancellation of personal data and requests instead that its use be limited;
• although the data controller no longer needs them for processing purposes, the personal data are necessary for the data subject to ascertain, exercise or defend a right in court;
• the interested party opposed the processing, pending verification of the possible prevalence of the legitimate reasons of the data controller with respect to those of the interested party.
5. Right to lodge a complaint with the Guarantor for the protection of personal data, following the procedures and indications published on the official website of the Authority www.garanteprivacy.it.
6. Right to data portability of the interested party or the right to receive in a structured format, commonly used and readable by an automatic device, the personal data concerning him provided to a data controller and possibly transmit them to another data controller, if the processing is based on consent or on a contract and is carried out by automated means. Where technically possible, the interested party has the right to obtain the direct transmission of data from one data controller to another.
7. Right to object at any time to the processing of personal data, including profiling, in particular in the event that:
• the processing takes place on the basis of the legitimate interest of the owner, after explaining the reasons for the opposition;
• personal data are processed for direct marketing purposes.
8. Right not to be subjected to a decision based solely on automated processing, including profiling, except in cases where the decision: is necessary for the conclusion or execution of a contract between the data subject and a data controller, is authorized by the law of the Union or of the Member State to which the data controller is subject or is based on the explicit consent of the data subject.
The exercise of the rights is not subject to any formal constraint and is free.
Data Controller
The Data Controller Thema Srl based in via Saragat, 5 – 40026 Imola (BO), VAT number 02770361208, email info@thema-med.com

How to exercise the rights
The interested party may exercise the rights at any time by sending:
• a registered letter with return receipt to Thema Srl via Saragat, 5 – 40026 Imola (BO)
• email to info@thema-med.com