Skip to content

Registration policy

Policy regarding the processing of personal data collected for registration on the OFFHEALTH website Pursuant to Art. 13 of EU Reg. 679/2016 on the processing of data

PERSONAL DATA CONTROLLER

The Data Controller OFFHEALTH Spa (hereinafter ‘Data Controller’), a company incorporated under the laws of Italy, with registered office in Via Giovanni Paisiello, 10 – 50144 – Florence (FI) Italy email address info@offhealth.it , c.f. IT 06335340482, Tel +39 055 016 17 71. The Data Protection Officer (DPO) of OFFHEALTH Spa can be reached at the mailbox e-mail dpo@offhealth.it or by mail at the same postal address.

PURPOSE OF PERSONAL DATA PROCESSING AND LEGAL BASIS

The personal data provided by registering at www.offhealth.it will be used by us in order to allow controlled access to the restricted area, in which services and information are available intended exclusively for Gentlemen Doctors. For this reason, in addition to the identifying data first name, last name, tax code and e-mail, we ask you to provide us with data related to your profession (register and number of registration) to enable us to detect attempts to register you by individuals who do not possess the professional characteristics required by law. In particular, you will be able to access your personal account that will allow you to modify your data, request the transfer of your data to another Data Controller in electronic format and delete your account. The legal basis for the processing of the aforementioned personal data is to be found in Article 6(1)(b) of the GDPR relating to the execution of contractual or pre-contractual measures at the request of the data subject; therefore, your consent is not required for such purposes.

The Data Controller may also use your data for purposes functional to our business such as: creating your user profile for the improvement and personalization of the site and services offered, including through direct contact or electronic communications. For these purposes, your explicit, informed and revocable consent is required, which we ask you to provide at the bottom of the registration form.

Finally, the Data Controller may use your data to comply with legal obligations, regulations or EU legislation, which will then form the legal basis for processing.

RECIPIENTS OR POSSIBLE CATEGORIES OF RECIPIENTS OF PERSONAL DATA

The personal data you provide will be processed exclusively by personnel authorized to process them who have been duly instructed and operating under the control of the Data Controller or by external companies operating following appropriate designation and adequate instructions, as Data Processors ex art. 28 of the GDPR. Personal data may also be communicated to other third parties (ex: Italian and/or European) if European and/or Italian regulations so require for the sole purpose of fulfilling an obligation by law and/or for the performance of activities in the public interest.

RETENTION TIME OF PERSONAL DATA

Personal data provided by you and processed in accordance with the purposes described above will be kept for a period of 4 (four) years from your last access to the portal or until you should delete the account. Said retention period, in application of the principle of limited data retention, is indicated as 4 (four) years as it allows the protection of legitimate interests of the Data Controller and may be extended to ten years in case of need consequent to an unfair defense.

RIGHTS OF THE PERSON CONCERNED

We inform you that in application of the GDPR you are entitled to exercise the rights provided for in articles 15-22 of the GDPR including (i) to revoke any consents given (ii) to know the recipients of the possible communication of your personal data (art. 15 of the GDPR); (iii) access your data (art;) rectify the data (art. 16 of the GDPR); (iv) obtain the deletion of your data within the limits and in the manner provided for in Article 17 of the GDPR; (v) obtain the restriction of processing (Article 18 of the GDPR); (vi) obtain the portability of the data if the cases provided for in Article 20 of the GDPR apply; (vii) to object at any time to the processing of one’s data in the manner indicated in Article 21 of the GDPR.

Inoltre, ai sensi dell’art. 77 del GDPR Lei può esercitare il diritto di proporre reclamo ad un’autorità di
controllo dello Stato membro in cui risiede abitualmente, ove Lei svolge la propria attività lavorativa o nel
luogo dove si è verificata la presunta violazione dei suoi dati. Si precisa che in Italia l’autorità di controllo è il
Garante per la Protezione dei dati personali. I riferimenti per contattare detta autorità sono agilmente
individuabili sul sito istituzionale www.garanteprivacy.it.
Da ultimo Le rendiamo noto che può esercitare i sopramenzionati diritti contattando il Titolare tramite i
recapiti indicati nel presente documento.
Per ogni ulteriore informazione, la preghiamo di consultare anche la Privacy Policy del sito e l’Informativa
per la Classe medica, anch’essa pubblicata sul presente sito.

The Data Controller OFFHEALTH SpA

This policy was updated on 03/05/2024