Pursuant to EU Regulation 2016/679 (“GDPR
”) RECORDATI AG, RARE DISEASES Branch
(hereinafter, the “Company
”, the “Data Controller
” or “Recordati
“) as Data Controller provides users (hereinafter the “Users
” or in the singular, the “User
”) with the following information regarding cookies installed on the following domain www.thiscushing.com
Who is the Data Controller?
The Data Controller is RECORDATI AG, RARE DISEASES Branch
, a company making part of the Recordati Group,
with registered office in Uferstrasse 90, 4057 Basel – Switzerland
The Data Protection Officer of the Recordati Group (hereinafter, the “DPO
”) can be contacted at the following e-mail address: groupDPO@recordati.com
What are cookies?
Cookies are text files and numbers that are installed while browsing on a website, in the memory of the device (PC, smartphone or tablet) connected to the Internet through the browser application installed therein.
Cookies, which are usually present in substantial numbers in users’ browsers and sometimes also with wide temporal persistence, are used for several purposes such as, by way of example and not limited to, for IT authentication, for monitoring of browsing sessions, for storage of information on specific user configurations in accessing a given server, etc.
The Privacy Legislation identifies the following macro-categories of cookies:
- “Technical cookies”, which are used to carry out browsing or to provide a service requested by the user. Such cookies are not used for further purposes and are usually installed directly by the website’s owner or manager. In addition, these cookies can be grouped into:
- browsing or session cookies, which guarantee the normal browsing and use of a website (allowing, for example, to purchase items online or authenticate to access certain sections);
- functional cookies, which allow users to navigate as a function of certain pre-determined criteria (such as, for example, language, products selected for purchase) in order to improve the quality of service provided to the same.
For the installation of technical cookies, the users’ prior consent is not necessary;
- “Analytics cookies”, which are used to monitor the use of a website by users for optimization purposes (number of visitors, pages browsed, time spent on a website, etc.).
In order for analytics cookies to be equated to technical cookies, it is necessary that they are realized and used directly by the first party website (without the intervention of third parties) to improve its usability and it is necessary to prevent the possibility that, through their use, direct identification of data subjects is achieved, which is tantamount to preventing the use of analytics cookies that, due to their characteristics, can work as direct, unique identifiers of users.
In order to consider analytics cookies, including third party cookies, as technical cookies, it is necessary that: (i) analytics cookies are only used for the production of aggregated statistics and in relation to a single website or a single mobile application, so as not to allow tracking an individual’s navigation across different applications or websites; (ii) at least, for third-party analytics cookies, the fourth component of the IP address is masked out; (iii) the third parties refrain from match such analytics cookies with any other information (such as customer records or statistics concerning visits to other websites) or from forwarding them to third parties.
For the installation of analytics cookies which can be assimilated to technical cookies, the users’ prior consent is not required; where, however, analytics cookies cannot be assimilated to technical cookies, the users’ consent to their installation is then required;
- “Profiling cookie”, which are intended to create user’s profiles and are used to send targeted advertising messages in line with the preferences expressed by the user in the context of his/her web-browsing activities. Due to the particular invasiveness that these cookies may have on the private sphere of the users, the Privacy Legislation provides that user shall be adequately informed about the use of such cookies and express his/her valid consent for the installation of the same.
For the installation of profiling cookies, the users’ prior consent is therefore necessary, which should be provided after the user has been informed in a simplified manner;
Moreover, cookies may be installed directly by the website visited by the user (s.c. “first party cookies
”), or they may be installed by other websites (s.c. “third party cookies
Lastly, under the temporal prospective, cookies can be divided into: (i) “persistent cookies
”, i.e. cookies that are permanently stored on the user’s device until a predetermined expiry date (minutes, days, years); (ii) “session cookies
”, i.e. cookies that are automatically deleted when closing the browser.
What cookies does the Website use and for what purposes?
When the User connects to the Website, the following cookies may be installed on the User’s device:
These cookies are necessary in order to allow the operation of the Website and cannot be deactivated within the Company’s systems. They are usually set only in response to actions taken by the User that constitute a service request, such as setting privacy preferences, logging in, or filling out forms. It is possible to set the browser so that it blocks these cookies but, as a result, some parts of the Website will not work properly. These cookies do not store any personal data.
||How to deselect
||Redirect to main English website or to translated version
||Redirect to patient or HCP pages
- First and third party analytics cookies that can be assimilated to technical cookies
These first-party and third-party cookies, as far as they can be assimilated to technical cookies, allow the Company to count visits and traffic sources so that it can measure and improve the performance of the Website. They help the Company knowing which pages are the most and least popular and see how visitors navigate around the Website. All information collected by cookies is aggregate and therefore anonymous.
Please note that:
- first party cookies are under the direct and exclusive responsibility of the Data Controller;
- third party cookies are under the direct and exclusive responsibility of the third party itself.
It follows that third party cookie providers are also required to comply with the Privacy Legislation. For this reason, the Users shall refer to the links to the third party’s webpages, where they can find the third party’s cookie consent forms (where necessary) and the related privacy notice.
How can the User manage and/or deactivate cookies?
However, it is always possible to modify the cookie settings at any time by following the procedures outlined in this privacy notice
How can the User manage his/her cookie preferences through the browser?
Each browser allows the User to limit and delete cookies. The User can manage cookie preferences directly in his/her browser and prevent – for example – the installation of third-party cookies.
Please find below the procedure to deactivate the cookies directly through the configuration settings of the main browser applications:
- Open Internet Explorer;
- click on the “Tools” button and then on “Internet Options”;
- select the “Privacy” tab and move the slider to the level of privacy you wish to set (up to block all cookies or down to allow all cookies);
- then click on “Ok”.
- Open Google Chrome;
- click on the “Tools” button;
- select “Settings” and then “Advanced Settings”;
- Select “Content Settings” under “Privacy” section;
- In the “Cookies” tab it is possible to deselect cookies and save the preferences.
- Open Firefox;
- click the “Alt” button on the keyboard;
- in the toolbar at the top of the browser, select “Tools” and then “Options”;
- then select the “Privacy” tab;
- go to “Settings History” and then to “Use Custom Settings”;
- deselect “Accept cookies from websites” and save the preferences.
- Open Opera;
- click on the “Settings” in the browser menu and select “Settings”;
- select “Quick preferences”;
- deselect “Enable cookies”.
- Open Safari;
- choose “Preferences” in the toolbar, and then select the “Safety” panel in the dialogue box that follows;
- in the section “Accept Cookies”, you can specify if and when Safari must save cookies from websites. For further information, please click on the “Help” button (marked with a question mark);
- for more information about cookies that are stored on your computer, click “Show Cookies”.
After these operations, however, some functions of the Website may not be performed and/or work properly.
With whom are the data collected by using cookies shared?
The data collected by using cookies may be processed by the Company’s employees, in their capacity as authorized persons pursuant to the applicable data protection laws.
Such data may also be processed by companies which carry out technical and organizational activities on behalf of the Company, including IT consultants and web agencies which develop and manage the Recordati Group’s websites and profiles on the social media in which Recordati is registered. These companies are direct collaborators of the Company and operate by virtue of a specific deed of appointment as data processors.
Personal data collected by using cookies will not be shared to third parties and will be processed exclusively within the European Union. Should the need to transfer data outside the European Union arise, the Company will ensure that such transfers are carried out only in presence of appropriate safeguards pursuant to Article 46 et seq. of the GDPR.
Data collected by using cookies will not be disseminated.
What rights can User exercise?
The User will always have, in accordance with the law, the right to withdraw at any time his/her consent, where given, as well as to exercise, at any time, the following rights:
- the “right of access” i.e. the right to obtain confirmation as to whether or not personal data concerning the User are being processed and the communication of such data in an intelligible form;
- the “right to rectification” i.e. the right to request the rectification or, if interested, the integration of personal data;
- the “right to erasure” i.e. the right to request the erasure or the anonymization of personal data that have been processed unlawfully, including data whose storage is unnecessary for the purposes for which they were collected or further processed;
- the “right to restriction of processing” i.e. the right to obtain from the Data Controller the limitation of the processing in certain cases provided for under the Privacy Legislation;
- the right to request the Data Controller to indicate the recipients to whom it has notified any rectification or erasure or restriction of processing (carried out in accordance with Articles 16, 17 and 18 GDPR, in fulfillment of the notification obligation unless this proves impossible or involves disproportionate effort);
- the “right to data portability” i.e. the right to receive (or transmit directly to another data controller) personal data in a structured, commonly used and machine-readable format;
- the “right to object”, i.e. the right to object, in whole or in part:
- the processing of personal data carried out by the Data Controller for its own legitimate interest;
- the processing of personal data carried out by the Data Controller for direct marketing or profiling purposes.
In the above cases, where necessary, the Data Controller will inform the third parties to whom the User’s personal data has been disclosed of the his/her exercise of rights, unless it is not possible or is too onerous and, in any case, in accordance with the provisions of the applicable data protection laws.
Where processing is based on consent, the User is also entitled to withdraw, at any time, any consent given, whereby it is understood that the withdrawal of consent shall not affect the lawfulness of the processing based on consent given prior to the withdrawal.
How to exercise your rights?
The User is entitled to exercise his/her rights at any time by using the contact details indicated in the section “Who is the Data Controller?“ above or by writing to the DPO by e-mail at the following address: groupDPO@recordati.com
The Data Controller hereby informs the User that, pursuant to GDPR, he/she has the right to lodge a complaint with the competent supervisory authority (in particular in the Member State of User’s habitual residence, place of work or place of the alleged breach), if he/she is of the opinion that his/her personal data are being processed in a way that would lead to breaches of the GDPR.
In order to facilitate the exercise of the right to lodge a complaint, the name and contact details of the European Union Supervisory Authority are available at the following link: https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm