Skip to content

Privacy Policy

Privacy Policy on the Processing of Personal Data. Effective from 20 May 2025

PREAMBLE

This privacy policy takes into account the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (GDPR) and the Italian Privacy Code (Legislative Decree of 30 June 2003, No. 196). This document has also been drafted in accordance with the Guidelines issued by the Italian Data Protection Authority, in particular the Guidelines on combating spam issued on 4 July 2013.

Data Controller: Lea Service S.R.L.S., Via Leonardo Da Vinci, 58 – 20030 Senago (MI), VAT No.: IT11307690963, REA: MI-2593900, Fully paid share capital: €9,900.00, Phone: +39 02 31056672, Email: info@leaservicemedical.com

Website to which this privacy policy applies: www.leaservicemedical.com (Website).

The Data Controller has not appointed a Data Protection Officer (DPO). Therefore, any request for information may be addressed directly to the Data Controller.

GENERAL INFORMATION

This document describes how the Data Controller processes your personal data provided through the Website.

Below is a description of the main processing activities carried out on your personal data. In particular, the legal basis for the processing is explained, whether the provision of data is mandatory, and the consequences of failing to provide personal data. Where necessary, we specify whether and when certain processing activities are not carried out.

Website Registration

The Website does not offer user registration. Therefore, the Data Controller does not process personal data for this purpose.

Purchases on the Website

It is not possible to make purchases on the Website. Therefore, your personal data will not be processed for this purpose. The Data Controller does not process user data to send purchase reminder emails for its own products and/or services.

Responding to Your Requests

Your data will be processed in order to respond to your requests for information. Providing data is optional; however, failure to provide it will prevent the Data Controller from responding to your inquiries. The legal basis for this processing is the legitimate interest of the Data Controller in responding to user requests. This legitimate interest corresponds to the user’s interest in receiving a response to communications sent to the Data Controller.

General Marketing

The Data Controller does not send advertising material and/or newsletters relating to its own products or those of third parties. We use Google services, such as Google Ads and Google Analytics, to personalize advertisements and improve the user experience. This may include the collection of personal data and cookies used to display ads consistent with your preferences. When consent is requested, you will be asked to authorize the use of such data. Further details on the use of cookies and consent management are available in this website’s cookie policy.

Profiling

The Data Controller does not carry out profiling activities using your personal data. Therefore, no advertising material or newsletters tailored to your specific interests will be sent.

Transfer of Data

The Data Controller does not transfer your personal data to third parties.

Geolocation

When accessing the Website, you may receive a notification on your device (desktop and/or mobile) allowing you to enable or disable geolocation. You may freely consent to or refuse this setting without affecting the functionality of the Website. You may change geolocation settings at any time through your device settings. The legal basis for this processing is the legitimate interest of the Data Controller in providing services relevant to the user’s location, corresponding to the user’s interest in receiving location-relevant services.

Curriculum Vitae

You may submit your curriculum vitae through the Website. Your CV will be reviewed by the Data Controller or its collaborators. The purpose of the processing is the legitimate interest of the Data Controller in assessing the possibility of establishing an employment or collaboration relationship. This interest corresponds to your interest in being contacted for this purpose. Data will be retained for the duration of the selection process and, in any case, for no longer than 6 months from submission. Providing data is optional, but failure to do so will prevent the Data Controller from contacting you.

Appointment Booking

No third-party appointment booking systems are active on the Website. Therefore, your data will not be processed for this purpose. You may nevertheless contact the Data Controller using the details provided above.

Photographs and Videos

The Data Controller does not request the publication of photographs and/or videos depicting you. Therefore, your data will not be processed for these purposes.

Web Scraping

The use of any automated process or system to access, acquire, copy, or monitor any part of this website, including but not limited to web scraping, crawling, or spidering techniques, is expressly prohibited. The Data Controller reserves the right to take all necessary measures, including legal action, to prevent and prosecute any unauthorized scraping activity. By using the Website, users and third parties agree not to: (i) use automated systems such as bots, scrapers, or spiders to access or interact with the Website; (ii) collect content, data, or other information from the Website without explicit written authorization; (iii) distribute, display, publish, or otherwise use content obtained through scraping techniques without consent. Any violation of this clause will be considered a material breach of the Website’s terms of use and may result in appropriate measures, including suspension of access and legal action.

Communication of Personal Data

In the course of its ordinary activities, the Data Controller may communicate your personal data to specific categories of recipients. Article 2 lists the entities to whom data may be communicated. To facilitate the protection of your rights, Article 2 may specify cases in which data is not communicated to third parties.

“Communication” of personal data to third parties differs from “transfer”. In the case of communication, the recipient may use the data only for the specific purposes defined in its relationship with the Data Controller. In the case of transfer, the recipient becomes an independent Data Controller. In any case, your consent is always required for any transfer of personal data.

Notwithstanding the above, the Data Controller may use your personal data to comply with legal obligations.

SPECIFIC PRIVACY INFORMATION

Art. 1 – Processing Methods

1.1 Personal data are processed primarily using electronic or automated means, with methods and tools suitable to ensure data security and confidentiality.

1.2 Data and processing methods are relevant and not excessive in relation to the services provided. Data are managed and protected in secure IT environments appropriate to the circumstances.

1.3 No special categories of data are processed through the Website.

1.4 No judicial data are processed through the Website.

Art. 2 – Communication of Personal Data

The Data Controller may communicate personal data to the following categories of recipients:

  • Public authorities and entities with access to personal data pursuant to legal or administrative provisions.
  • Public and/or private entities, natural and/or legal persons (legal, administrative, and tax consultants, courts, chambers of commerce, labor offices, etc.) where necessary to comply with legal obligations.
  • Employees and collaborators involved in Website operations.
  • Companies or professionals responsible for IT systems, software, and technical management of the Website.
  • No CRM platforms are used.
  • No external customer care services are used.
  • No banks or payment service providers are used.
  • Purchaser data are not communicated to couriers or shipping companies.

This list may be updated; users are invited to consult this policy regularly.

Art. 3 – Data Retention

3.1 This article describes how long the Data Controller retains personal data.

  • Personal data are retained only for the time necessary to provide Website services.
  • For customer care purposes, data are deleted upon completion of assistance and in any case within 3 months of the last email exchange.

3.2 Without prejudice to Art. 3.1, the Data Controller may retain personal data for the time required by specific laws and regulations, as amended from time to time.

Art. 4 – International Data Transfers

4.1 The Data Controller is established in a country that provides an adequate level of protection. Where personal data are transferred to a non-EU country for which the European Commission has issued an adequacy decision, such transfer is deemed lawful and adequately safeguarded. This article indicates, from time to time, the countries to which personal data may be transferred under an adequacy decision.

  • Personal data may be transferred to the USA pursuant to the European Commission adequacy decision.

4.2 Without prejudice to Art. 4.1, personal data may also be transferred to non-EU countries for which the European Commission has not issued an adequacy decision. Users are therefore invited to review this section regularly to check whether and to which countries personal data may be transferred.

4.3 This article also indicates the countries to which the Data Controller may specifically direct its activities. This may imply the application of the relevant national law together with the law governing the relationship with the user as described in the Preamble.

  • Upon the user’s request, the Data Controller will apply any more favorable national legislation of the user’s country, where applicable.

Art. 5 – Data Subject Rights

The Data Controller informs you that you have the right to:

  • request access to your personal data, rectification or erasure, restriction of processing, object to processing, and data portability
  • withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal
  • lodge a complaint with a supervisory authority

The above rights may be exercised by sending an informal request to the contact details indicated in the Preamble.

Art. 6 – Amendments and Miscellanea

The Data Controller reserves the right to amend this policy at any time, providing appropriate notice to Website users and ensuring an equivalent level of protection. Users are encouraged to review this policy regularly. In the event of material changes, the Data Controller may also notify users by email.

Accessibilità