Privacy policy

    Dear user,

    in thanks for visiting our website – https://www.althea-group.com/ (hereafter also “site”), below you will find all the information useful to understand the purposes and methods of processing of your personal data, as well as any other information required by the EU General Data Protection Regulation No. 679/2016 (“GDPR” or “Regulation”) in Articles 12, 13, 14.

    Data Controller

    The Data Controller is F2i Medtech S.p.A. (“Althea” – “Althea Group” or “Controller”), with registered office in Rodano/Milano, Via Papa Giovanni XXIII, 43, 20053, località Millepini, Italy and may be contacted through the following addresses:

    Tel. +39 02 976791
    E-mail: [email protected]
    PEC: [email protected]

    Types of data processed
    Althea may process the following data categories:

    1.  Navigation data of the website visitor: these are anonymous navigation data in order to monitor and ensure the technical operation and performance of the site itself.
    2. Data provided by the user: the data provided by you are mainly functional to the identification of your person and necessary for the correct management of your requests for commercial information, such as, for example, name, surname, telephone number, email address.
    3. Data provided by applicants: it mainly includes personal data provided by you during the recruitment process, such as, by example, name, surname, email, address, telephone number, data relating to your educational and professional background on the CV transmitted, including, if voluntarily included in your CV, personal data disclosing your health status (e.g. belonging to protected categories).

    Data retention
    In accordance with the applicable legislation and with this policy, your data will be stored for a period of time allowed and not longer than that required to fulfill the purposes for which they are processed and for the time necessary to carry out the service and provide you with the requested information.

    Purposes of processing your personal data
    The processing that Althea will carry out on the above categories of personal data has the following purposes:

    1. Collection of site visitor navigation data: as a website visitor (“user”), Althea processes your anonymous navigation data in order to monitor the technical performance of the website. These data are necessary to ensure proper navigation through the site and the successful availability of its features as described in our “Cookie Policy“.
    2. Contact form management: Althea processes your data, provided by you in order to handle all commercial information requests for Althea products and services that you may receive by filling out the contact form in the “Contact us” section of the website. In addition, Althea processes your data, voluntarily provided, in order to handle all other requests received through the e-mail addresses available to users on the different pages of the site in order to deliver specific services and/or information requested.
    3. Management of the application forms: Althea processes your data, voluntarily provided by filling out the form and included in the curriculum vitae (“CV”), sent to us through the “Careers” section of the website, in order to examine your application and carry out all related activities of research and selection of employees. For this purpose, we specify that your data will also be processed in the Human Resources (HR) and staff management area.

    Lawful basis of the processing

    In all the cases described above, Althea is not under the obligation to obtain the specific consent of the data subject. In fact, all the processing operations described above are carried out for primary purposes for which the data protection legislation excludes the need to obtain specific consent, applying alternatively different legal bases that make the processing lawful in the absence of consent. For the purposes indicated above, the processing of your personal data is a necessary condition to manage your requests.

    How we process your personal data:
    The processing of your data will take place both through the use of information technology and on paper, in accordance with the principles of lawfulness, fairness and transparency, and in any case with appropriate tools to ensure security and confidentiality.
    Althea uses a range of security technologies and organizational measures to protect Your personal information in the event of loss, misuse, or unauthorized access. For example, we implement access controls, use secure firewalls and servers, and encrypt certain types of data, such as financial information and other such sensitive data.

    Transmission of your personal data
    In addition to the Data Controller, in some specific cases, your personal data may be disclosed to categories of authorized persons involved in the operational activities carried out by the Data Controller (administrative staff, lawyers, system administrators) or external parties to whom Althea outsources part of its activities.
    In addition, your data may be communicated to entities, institutions, or authorities to which such communication of data is mandatory by law, for example, in the event that such request comes from the orders of public authorities and/or judicial.
    Althea, as Data Controller, will not transfer your personal data to third parties located outside the European Economic Area.

    Your rights
    At any time, you will have the right to:

    • obtain the confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data, ae required by the article 15 of GDPR (Right of access);
    • rectification of inaccurate personal data concerning him or her or the integration of him or her incomplete personal data (Right to rectification);
    • erasure of personal data concerning him or her, in accordance with the reasons described in the article 17 of GDPR (Right to be forgotten);
    • restricting of processing, when one or more of the cases provided by the article 18 of GDPR (Right of restriction) and where there are no legitimate overriding interests of Althea;
    • receive the personal data concerning him or her, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller (Right to data portability article 20 of GDPR). Depending on the case and the amount of complexity of the data requested, you may be expected to pay a proportionate fee.

    To exercise these and any other rights set forth in Articles 15-22 of the GDPR, you may send an email to [email protected].

    The data subject can claim Privacy Authority when he believes the data processing is carried out in violation of the Regulation.

    DPO

    Althea has appointed a Personal Data Protection Officer (“DPO”) in accordance with Articles 37 ss. of the GDPR who can be contacted via the following address [email protected] 

    Updated at February 2021F2