POLICY ON THE PROCESSING OF THE PERSONAL DATA
of users of the website www.healthassistance.it
pursuant to Article 13 of Regulation 2016/679/EU (GDPR)

Reason for this notice

This page describes how the website is managed with regard to the processing of the personal data of those who interact with the web services of HEALTH ASSISTANCE SOCIETÀ COOPERATIVA (hereinafter referred to as “Data Controller”).

This policy is pursuant to Article 13 of EU Regulation 2016/679 (hereinafter “the Regulation”).

The policy is also based on Recommendation no. 2/2001 that the European Authorities for the protection of personal data, gathered in the Group established by Article 29 of Directive no. 95/46/EC, adopted on 17 May 2001 to identify certain minimum requirements for collecting personal data online, and, in particular, the manner, timing and nature of the information that data controllers must provide users when they connect to webpages, regardless of the purpose of connection.

The policy is provided only for the Data Controller’s website and not for other websites that may be consulted by the user via links from the website.

Data Controller

Following consultation of this site, data relating to identified or identifiable persons may be processed.

The “Data Controller” for personal data processing is HEALTH ASSISTANCE SOCIETÀ COOPERATIVA, which has its registered office in Via di Santa Cornelia, 9 – 00060 Formello RM, IT -. Means of contact Certified e-mail: healthassistance@legalmail.it Phone: +39.06.9019801

Place of data processing

The processing operations connected to the web services of this website are carried out at the aforementioned registered office of the Data Controller and are only handled by technical personnel in charge of processing. If necessary, the data connected to certain services may be processed by the personnel of companies that maintain the technological part of the website (these persons are appointed as data processors pursuant to Article 28 of EU Reg. 2016/679), at the offices of the said companies. An updated list of these processors is available at the registered office of the Data Controller.

Categories of processed personal data

Personal Data. What are personal data?

Personal data are information that directly or indirectly identifies or makes identifiable a natural person and that can provide details about his or her characteristics, habits, lifestyle, personal relationships, state of health, economic situation, etc.

Personal data are divided into:
common data: those which allow direct identification, such as personal data (e.g., name and surname, images, etc.);

special categories of data: Article 9 of EU Regulation 2016/679 personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.

data relating to criminal convictions and offences: article 10 of EU Regulation 2016/679 all data that may reveal the existence of certain criminal measures subject to entry in the criminal record (e.g., final criminal convictions, parole, prohibition or obligation of residence, alternative measures to detention) or the status of defendant or suspect.

browsing data: computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified data subjects, but by its very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes IP addresses or domain names of computers used by users connecting to the website, URI (Uniform Resource Identifier) of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response from the server (successful, error, etc..) and other parameters relating to the user’s operating system and computer environment. These data are used only to obtain anonymous statistical information on the use of the website and to check its proper functioning and are deleted immediately after processing.

Data collected anonymously or in aggregate form in a way that no longer permits identification of a specific individual, even in combination with other information or in other ways, are not considered personal.

We only process your personal data when you use or make a contact request (including: name and surname, email address, telephone number). We do not collect and process sensitive data or data relating to criminal convictions or offences in any way.

How do we use your personal data?

The acquired information is used to:

  • provide and improve our Services,
  • provide you with a personalised experience on the website,
  • contact you regarding your requests,
  • detect, prevent, mitigate and detect fraudulent or illegal activities.

More about how we use your personal data

We use the personal data we collect for various purposes related to the provision of services, in accordance with current legislation. Below we indicate how and on what legal basis we use your personal data.

Data provided voluntarily by the use – The optional, express and voluntary sending of e-mail to the addresses indicated on this website entails the following acquisition of personal data (e.g., name; e-mail;) necessary to respond to requests, as well as any other personal data included in the message.

Purpose and legal basis of processing

Personal data provided through positive and voluntary action by data subjects will be processed by the Data Controller in accordance with the provisions of the GDPR for the administrative purposes of handling requests for information and/or services and for the subsequent fulfilment of legal and contractual obligations arising therefrom. Data processing is therefore necessary for the fulfillment of obligations undertaken with users, for the fulfillment of obligations under the law, regulation or Community legislation and for the exercise of their rights in court.

Optional data provision

The provision of the above data is optional, but necessary to provide the requested services. Any refusal to provide data will make it impossible to pursue the purposes referred to in the previous point.

Communication and dissemination of data

The personal data collected by the Data Controller will not be “disseminated,” with this term meaning to give knowledge to indeterminate persons in any way, including through provision or consultation. Specific consent will be required for dissemination.

The personal data of data subjects may instead be “communicated” by us, with this term meaning to give knowledge to one or more specific persons, at the following terms:

  • employees as persons authorised to process personal data;
  • to third parties, appointed as data processors, to whom the Data Controller outsources the performance of services of a professional nature and computer services for the management and maintenance of the website www.healthassistance.it, in outsourcing e nominati come Responsabili del trattamento;
  • to public entities that may access your data by virtue of provisions of law or regulation, within the limits provided by these rules;

The updated list of data processors is available at the registered office of HEALTH ASSISTANCE SOCIETÀ COOPERATIVA, and is available through a special request made by email at healthassistance@legalmail.it.

Methods of processing and retention

Processing will be carried out in automated and manual electronic form, with methods and tools designed to ensure maximum security and confidentiality, by persons specifically appointed for this purpose in accordance with the provisions of article 5 of EU Reg. 2016/679. The data will be stored at the offices of the Data Controller or at the offices of third parties identified from time to time to deliver the services to be provided for the time strictly necessary for the purposes referred to above and in any case not exceeding the period of time set out by law.

In accordance with current legislation, specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access. Personal data will be kept for a period not exceeding the purposes for which the data were collected and subsequently processed, except for transformation into anonymous form.

Duration of processing

The personal data of data subjects shall be kept for the time limits specified below, as indicated in paragraph 2, by article 13, paragraph 2, of Regulation 2016/679. The personal data provided will be kept (in electronic files) until it is reasonably considered necessary for the provision of the services requested, and will subsequently be deleted, unless there is a need for further storage to enable the Data Controller to defend his rights.

Exercise of rights by data subjects

Pursuant to Articles 15 – 22 of Regulation (EU) 2016/679, we inform you of the obligations that the Data Controller has towards them.

  • You have the right to ask the Data Controller for access to personal data, the rectification or erasure thereof, the integration of data or the restriction of processing that concerns you or to oppose their processing, in the cases provided for;
  • You have the right to lodge a complaint with the Control Authority (Privacy Authority) at the website www.garanteprivacy.it; if you believe that your data have been processed unlawfully;
  • The Data Controller ensures that any corrections or erasures or restrictions of processing carried out at the request of data subjects, unless this proves impossible or involves a disproportionate effort, will be communicated by the Data Controller to each of the recipients to whom the personal data were transmitted. The Data Controller shall inform the data subject of such recipients if the data subject so requests;
  • At any time, you may also revoke your consent for the purposes indicated above;
  • The exercise of rights is not subject to any form constraint and will be provided within the time required by law in writing (save for your specific request for oral feedback); to exercise these rights, you may at any time contact the owner of the Data Controller of the processing of your personal data.

Furthermore, you have the right to request the erasure, transformation into anonymous form or blocking of data processed unlawfully, as well as to oppose in any case, for legitimate reasons, their processing.

For any request for information and/or clarifications, questions or complaints on the processing of personal data and to assert your rights as expressed in Articles 15 et seq. of the Regulation, you may contact the Data Controller.

How we protect your personal data

We process your personal data with regard to the protection of the rights and fundamental freedoms of natural persons, and we regularly check and evaluate the effectiveness of the technical measures adopted to ensure the security of processing (Article 32 of the Regulation).

Cookies Policy

(made pursuant to the order of the Privacy Authority of 8 May 2014 published in Official Gazette no. 126 of 3 June 2014, transposing Directive 2002/58/EC)

Cookies are small text files that are used to obtain information about navigation within the website.

With reference to the use of cookies or systems for the permanent tracking/monitoring of users, we inform you that access to the website may involve the sending – by the server to the user’s terminal PC – of text files to obtain information on your navigation within the website. The sending of non-persistent cookies is necessary to allow the operation of certain parts of the service that require identification of the user’s path through different pages of the website.

Cookies are divided into:

  • Technical cookies are necessary for the proper functioning of the website and, therefore, for proper navigation. Technical cookies may be session cookies (limited duration; browsing time) or persistent cookies (i.e., they remain within the browser for longer than the browsing time). These also include so-called functional cookies and (statistical) analytics cookies. Analytics cookies are not essential to the operation of the website.
  • Profiling cookies are used to monitor the user with respect to navigation on the website, with the aim of creating real profiles of preferences and choices, facilitating the sending of targeted advertising messages. This type of cookie is not essential to the operation of the website.

Cookies, in general, can be classified:

  • first party, i.e. generated and controlled by the Data Controller of the website;
  • third party generated and controlled by Managers (Data Controllers) other than the website where you are browsing.Third-party analytics cookies. Each time a user visits a website, analytical software tracks cookies anonymously. This allows you to monitor the number of users, the pages viewed or the time spent on a particular page, the age, gender and interests for the purposes of marketing campaigns. Cookies are sent by third-party systems outside the website (e.g., Google Analytics, a web analytics and statistics service offered by Google Inc – Third Party).Cookies to integrate products and functions of third-party software. These are cookies that allow your social account to interact with this website and are not required for the operation of this website. The most common use is to share social network content. The presence of plugins involves the transmission of cookies from and to all websites operated by third parties. The management of information collected by “third parties” is governed by the relevant policies to which you should refer to.

In the current wording, following the entry into force of Legislative Decree 69/2012, (which amended Article 122 of the Privacy Code) “technical” cookies can be used even without the consent of the data subject.

As indicated by the Privacy Authority for personal data protection, using cookies made by third parties, only for statistical purposes, you are not subject to the obligations under the law if instruments are activated to reduce the identifying power of cookies (masking of the IP address) and the third party does not cross or enrich the information collected with others already available.

You can freely accept or refuse to accept the sending of all or some of our cookies to your terminal, however, you should keep in mind that the sending by our servers of some non-persistent cookies is necessary to allow the operation of certain parts of the service that require identification of the user’s path through different pages of the website. Therefore, in the absence of such cookies, the operation of the website may be compromised or impossible.

If you agree to receive cookies from www.healthassistance.it you may, at any time, change your choice and easily disable all or some of the cookies through the set-up options of your browser.

Each browser has different procedures for managing cookies; below is a link to the specific instructions of the most popular ones:

Cookies used by the website www.healthassistance.it
  • CookieConsent
  • _ga
  • _gat
  • _gid
  • fr
  • tr
  • ads/ga-audiences

Please note that this document constitutes the “Privacy and Cookie Policy” of the website www.healthassistance.it and that it will be subject to updates.

Last revised 12/07/2019


Cooperative Society in Public Limited Company Form

Registered Office and Operative Headquarter
Via di Santa Cornelia, 9
00060 Formello (RM) – Italy
TIN 12989581009

Numero Verde: 800.511.311
Numero dall'Estero: +39.06.9019.8080 Dedicato alla prenotazione dei Servizi sanitari e socio assistenziali anche domiciliari Fax: +39.06.77607611
Registration Office
+39.06.9019801 (press 2) Only for facilities wishing to join the Network or register