October 2020
Welcome to Chiesi Customer Web Suite. This website is owned and operated by Chiesi Farmaceutici S.p.A., an Italian company with registered office in Via Palermo 26/A, 43122 Parma, Italy. (hereinafter referred to as "Chiesi", "we", "us", or "our").
Please be mindful that we will always process your personal data in compliance with the applicable privacy laws – including but not limited to the Regulation (EU) 2016/679 (the “GDPR”) – and our data protection commitments. This privacy notice is provided under Article 13 of the GDPR and explains what kind of personal information we may collect when you use the Chiesi Customer Web Suite (hereinafter the “Website”), and how we will use them.
Data Controller means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
Personal Data is any information relating to an identified or identifiable (directly or indirectly) natural person.
Personal Data Processing means any operation or set of operations which is performed on personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
User is the company, the authorized person and/or individual using the services provided by the Website (hereinafter referred to as “User”, “you”, “your”).
Purpose of the processing
The Website is a commercial platform where you can manage and keep track of your orders (the “Service”). Through the Website each registered User can: (i) place orders of Chiesi products; (ii) monitor the status of its orders and track the shipment; (iii) get the digital invoices of its orders, archive its relevant documents and confirm products receipt.
Your Personal Data will be processed for the sole purpose of providing you with the Service.
Categories of personal data
Legal Basis for processing
Your Personal Data is essential and mandatory to get access to the Website. If you provide incomplete or incorrect data, you may not be able to access to the Website.
The processing of special categories of data, as listed in Article 9 of the GDPR, is expressly excluded. In case any of your documents contain any special data, it will be immediately deleted from our databases.
Your Personal Data will be processed by authorized persons specifically appointed and instructed by the Data Controller, and/or by third parties appointed as data processors under Article 28 of the GDPR.
Chiesi may also share your Personal Data in the following scenarios:
Chiesi will always make sure third parties are meeting severe data privacy standards by entering into data processing agreements providing specific provisions in relation to technical and organizational measures that must be taken to safeguard your personal data.
Your Personal Data will normally be stored in servers based in the EEA. In case the affiliate company and/or the third-party are based in a non-EEA country, we will take appropriate contractual measures required to ensure an adequate level of data protection, including entering into agreements based on the standard contractual clauses for transferring data outside of the EEA.
The security of your Personal Data is extremely important for us. We take all the necessary measures to ensure a high level of protection, keep your information secure, and avoid unexpected data incidents like unauthorized accesses and disclosures. We put in place reliable security measures and sophisticated technical means to keep your information confidential:
Personal Data are processed electronically, via IT systems and manually, and they are stored by Chiesi and/or our service providers. Personal Data are stored rigorously to the extent required to fulfill our obligations and in the time frame that is required to meet the purposes for which the information has been collected, in accordance with the applicable laws. We will remove your Personal Data from our systems or records once it is no longer needed, and/or we will take steps to make sure it remains anonymous so that you can no longer be identified via these means (unless we need to retain your data to comply with legal or regulatory obligations to which we remain subject).
Personal Data you have provided to register to the Website will be stored for the entire period you are registered. If your account remains inactive for more than 24 months, it will be terminated, and all the Personal Data related to it will be deleted.
Invoice data will be stored for an appropriate period of time to ensure the performance of the contracts and in any case for an additional 10 years for the purposes of the fulfilment of the related administrative and tax obligations.
You can contact our Data Protection Officer at any time to obtain an updated list of our data processors (e.g. our service providers), to get the list of subjects to which the data has been communicated, and to exercise the following rights at any time (Article 12 and 15-22 of the GDPR).
You may withdraw the consent you have given for a specific Personal Data Processing at any time. This withdrawal will not affect the legal implications of any Personal Data Processing which has been completed prior to the consent being withdrawn. According to the GDPR, you have the right to:
If you believe that Chiesi does not process your Personal Data in compliance with this notice or with the applicable law, you can always enforce your rights by lodging a complaint within the local Data Protection Authority.
Should you have any questions or complaints regarding personal data processed by Chiesi, you may contact the Data Protection Officer at any time you wish by writing an email to the following address: dpoit@chiesi.com.
The Data Controller is Chiesi Farmaceutici S.p.A., Via Palermo 26/A, 43122 Parma, Italy.
This notice may be periodically updated. Any update to this notice will become effective at the time of its publication on the Website.
Cookies are small text files stored on your browser when using websites or applications. You can control how the use of cookies by websites configuring privacy settings in the browser (see the browser's help to learn more about the cookie control). Note that if you disable cookies altogether, websites and applications of Chiesi Farmaceutici S.p.A. (hereinafter “Chiesi”) may not work properly.
Chiesi and companies that help us manage our business make use of cookies in different ways, for example:
To learn more about cookies by the Interactive Advertising Bureau.
Technologies like cookies
From the technical point of view, cookies are called "HTTP cookies." There are other technologies that can be used for similar purposes, such as HTML5 local storage. To authenticate users, keep track of the information provided by users and to remember user preferences (see the steps mentioned above) we can use HTML5.
Web beacons and embedded scripts
Web beacons and embedded scripts are other technologies that we use in our websites and in our applications, as well as in some of our emails and our messages.
Web beacons (or "tag") consist of simple programming code included in web pages, e-mails and messages that communicate to Chiesi (or companies that help us run our business) when such web pages, e-mails or messages have been seen or selected.
The scripts are embedded programming code inside of some of our web pages that measure how resources are utilized, for example, the links you click. We use this information to improve our web sites and online services, to tailor our web sites and online services to prospective users' interests and to conduct market research. Users can disable scripting capabilities, such as JavaScript, in the browser (see the browser's help feature). Keep in mind that if you disable scripting capabilities, some Chiesi websites and applications may not work properly.
Control method of cookies and similar technologies
Chiesi provides browser controls to facilitate the management of cookies. Cookies may also be accepted, but you can cancel the use for behavioral targeting of ads. For example, Chiesi preferences and cancellation controls are available on the following site http://choice.live.com/advertisementchoice/.
Browser controls to block cookies
Most browsers automatically accept cookies, but you can change your browser settings to block cookies. For example, in Internet Explorer 11, the cookies can be blocked with the following procedure:
Instructions for blocking cookies in other browsers are available at each browser's privacy statement.
Keep in mind that if you choose to block cookies, you may not access or use other interactive features of the sites and Chiesi cookie-based services.
Browser controls to clear cookies
If you want, you can set the browser through the available settings in order to reject the automatic installation of Cookies or delete all Cookies installed on your pc or mobile device.
The procedure is different according to the browser used. Here the link to the support pages of the main browsers:
Google Chrome: https://support.google.com/accounts/topic/2373959?hl=it&ref_topic=2373957
Mozilla Firefox: https://support.mozilla.org/it/kb/Attivare%20e%20disattivare%20i%20cookie#firefox:win7:fx38
Internet Explorer: http://windows.microsoft.com/it-it/internet-explorer/delete-manage-cookies#ie=ie-11-win-7
Safari: https://support.apple.com/it-it/HT201265
ATTENTION: disabling and/or deleting technical Cookies may cause inconveniences to the navigation on the website.
Third party analysis control
As described below in detail, many Chiesi websites and online services are using third party analysis services with third-party cookies and web beacons to compile aggregated statistics regarding the effectiveness of promotional campaigns or other operations of the website. You can refuse the collection or use of data by analysis providers by clicking on the following links:
Google Analytics: http://tools.google.com/dlpage/gaoptout (requires installation of a browser add-on)
Usage of the IP address of the visitor by Google Analytics Cookies
Each computer and device connected to the Internet is assigned a unique number as an Internet protocol (IP) address. Since these numbers are usually assigned to countries in blocks, an IP address can often be used to identify the country, the province and the city from which a computer connects to the Internet. Google Analytics collects the IP address of the website visitors to provide an indication of their geographic location. This method is known as IP geolocation. Google Analytics does not report information related to the actual IP addresses of the visitors. Due to the use of a method known as IP masking, Google Analytics communicates information so that only a part of the IP address is used for geolocation, instead of the whole address. Google may disclose information to third parties where required by law or where such third parties process the information on Google’s behalf.
Browser add-on for deactivating Google Analytics Cookies
A browser add-on can be downloaded to disable Google Analytics. The add-on communicates to the JavaScript code of Google Analytics (ga.js) to indicate that the information about the website visit should not be sent to Google Analytics. The browser add-on for deactivating Google Analytics does not prevent information from being sent to the website itself. In addition, most browsers allow the control of most cookies through the settings of the browser itself. If the user does not wish to receive any type of cookies on his or her computer, the level of privacy protection of the browser can be enanched through the appropriate function. However, some areas of the websites may not function properly if cookies are refused.
Sharing, Communication and Disclosure of Data
The Data Controller may be required to communicate data referred to in this policy in case the Law Enforcement Authorities collect information by carrying out legitimate investigation and/or judicial police activities (on their own initiative in the case of preliminary investigations or under the direction of the Public Prosecutor). Apart from these cases and the scenarios expressly mentioned by the privacy notice of each specific website, the data will not be disclosed or transferred to any party.
COOKIE NAME | PRESET EXPIRATION | COOKIE DESCRIPTION |
_ga | Property Google Analytics. Used to distinguish users anonymously. | 2 years |
_gid | Property Google Analytics. Used to distinguish users anonymously. | 24 hours |
cc_cookie_accept |
Accept the site's internal cookies |
1 year |
cc_cookie_decline | Do not accept internal site cookies | 1 year |
lang | Save user preferred language | 1 year |
For more information about cookies in general and how to restrict or block cookies used by this website, please visit www.aboutcookies.org.
Note that if you limit or block the cookies used by this website, you may reduce its functionality and usability.