Privacy Policy

Privacy Policy -

Pursuant to Article 13 of the European Regulation (EU) 2016/679 (hereinafter GDPR), and in relation to your personal data that Fondazione IRCCS Ca’ Granda OMP will acquire following your access to the website or by sending a contact request or filling out the online form, we inform you of the following:

Data Controller

Fondazione IRCCS Ca’ Granda OMP, via Francesco Sforza 28 – 20122 Milan, VAT/Tax Code 04724150968 (hereinafter also the “Controller”).

What data we process

Name, surname, landline and/or mobile phone number, email address.

For what purposes we use the data indicated above and what is the legal basis for processing

For what purposes we use the data indicated above and what is the legal basis for processing We process your data for managing contact requests, information and/or requests for informational material, and participation in the Deprair project. The processing of the personal data of the data subject occurs to carry out preliminary activities and subsequent management of information and contact requests for joining the Deprair project, as well as to fulfill any other obligations arising from it.

The legal basis for this processing is the fulfillment of services related to the request for registration, information, contact, sending of informational material, and any other related request, in compliance with legal obligations. Providing data is optional; however, the data subject’s refusal to provide data makes it impossible for the Controller to follow up on the requested service.

The legal basis for this processing is the consent given by the data subject before the processing itself, which can be freely revoked at any time without affecting the lawfulness of the processing carried out before the revocation. The data subject’s refusal to give consent, or the revocation of consent, makes it impossible to use the related services, without this affecting the contractual relationship with the Controller.

To whom we communicate the data of the data subject

The data may also be known, in relation to the performance of the assigned tasks, by the Controller’s personnel, all specifically authorized to process it.

Personal data, in any case, will not be disseminated and, therefore, will not be made known to unspecified subjects, in any form, for example, by making it available or consulting it.

Come trattiamo i dati personali dell’interessato

Data processing is carried out using manual, IT, and telematic tools and in compliance with the necessary measures prescribed by the applicable regulations to ensure the confidentiality, integrity, and availability of data, as well as to avoid damages, whether material or immaterial.

Where we process your personal data

The personal data of the data subject is stored in archives located in countries of the European Union.

How long we keep the personal data of the data subject

Data will be kept in a form that allows the identification of the data subject for no longer than is necessary for the purposes for which the data was collected, considering the laws applicable to the activities and sectors in which the Controller operates.

What are the rights of the data subject

By contacting the email address, the data subject has the right to obtain, in the cases provided for by the Regulation, access to their data, its deletion, the correction of inaccurate data, the integration of incomplete data, the restriction of processing, the portability of their data, and the objection to processing.

The data subject also has the right to lodge a complaint with the competent supervisory authority in Italy (Autorità Garante per la protezione dei dati personali) or with the authority that performs its duties and exercises its powers in the Member State where the violation occurred, as provided for by Article 77 of the Regulation, as well as to take appropriate judicial action pursuant to Articles 78 and 79 of the Regulation.

Information updated on 04/26/2022