Slider Data-Privacy

Data Privacy

Information notice for representatives, officials and spokepersons of public institutions and partner organisations

Article 13 and Article 14 Regulation (EU) 2016/679 (“GDPR”)

This information notice describes how A. Menarini Industrie Farmaceutiche Riunite S.r.l. headquartered in Via Sette Santi 1/3, 50131 Firenze (“Company”), in its capacity as data controller, may process the personal data of the following categories of individuals, with whom the Company may lawfully interact in the course of its activities:

  1. Representatives and officials, including elected officials (mayors, etc.), managers, executives and other officers/employees of public agencies and institutions (e.g., government agencies, public health authorities, etc.)
  2. Representatives, managers, officials or members of private institutions (e.g., private health organisations, other companies, charities, industry associations, press agencies, etc.);
  3. Other contact people (e.g., secretaries, collaborators, etc.) and spokepersons of the public and private organisations mentioned at the previous point. In some cases (e.g., organisation of events, such as conferences, visits to company premises, etc.), these may include accompanying guests (e.g., family members) of said individuals.

The legal basis and purposes of the processing are as follows:

  • Enabling the Company to engage in public and institutional relations activities connected to its mission. The legal basis for the processing is the legitimate interest of the company to engage in such public relation activities (Article 6(1)f GDPR). These may include: scheduling meetings, appointments, organising company visits, conferences, and other activities;
  • Ensure the lawfulness of the Company activities (e.g., under Anticorruption and Antitrust Law), which may imply, for example, to trace all contacts with the members or representatives of said organisations to monitor all interactions take place in compliance with all applicable laws and with the ethical standards of the Company and the Menarini Group. The legal basis for the processing is the Company’s and society’s legitimate interest to ensure the lawfulness of all Company activities, including by enforcing the Menarini Group’s Code of Conduct and Company’s  Organisation Managament and Control Model, as well as the interest of the Company to defend itself in the context of legal proceedings, where it might be called to prove the lawfulness of its activities (Article 6(1)f, 9(2)f GDPR; D. Lgs. 231/2001 in Italy).

The personal data may include: name, surname, contact information, contact history, communications, and other information as required from time to time.

The data will be accessible to the concerned company functions, by internal audit and compliance functions, IT services, as well as providers (such as providers of electronic communications, consultants, lawyers, etc.), other Company of the Menarini Group for the same purposes as those outlined above. Data may be transferred abroad, including to countries outside the EEA that do not protect the right to personal data privacy to the same extent of EU law. In such cases, the Company will put in place adequate measures – such as concluding standard contractual clauses approved by the EU Commission with the recipients- to ensure the transferred personal data are afforded an adequate level of protection. A copy of the clauses is available on request.

Data may be kept for as long as necessary to fulfil the purposes for which they were collected. This period may span between ten years (minimum) up to the time when the Company is dissolved (maximum).

The individuals mentioned in point 1, 2 and 3 above may exercise their right to know whether the Company processes or not their personal data, obtain a copy thereof, rectify, update, their data, object to the processing, ask their erasure, by contacting the Company at its headquarters or by contacting the Group Data Protection Officer, who may be reached via email at the address dpo@menarini.com.  The DPO will also be happy to address any complaint or concern raised by the concerned individuals and regarding the use of the personal data described in this document. Individuals may also lodge a complaint with the Italian Data Protection Authority or the Data Protection Authority of their country (https://edpb.europa.eu/about-edpb/about-edpb/members_en).