Dear user, In accordance with applicable privacy laws (EU Regulations n. 679, 2016), NEWEL HEALTH S.R.L. would like to take this opportunity to inform you that your personal information will be processed in an ethical and transparent manner, only for lawful purposes, and in a manner that safeguards your privacy and your rights.
The purposes and procedures of data processing
Your personal data will be processed exclusively:
- Data collection and data process to browse the landing page https://newel.health through the dedicate section to Digital Therapeutics solutions to guarantee the website security;
- Personal Data processing including name, surname and your email address within the section “Get in Touch”;
- Enforce the Controller’s rights (e.g., Right of defence, Art. 24 Const.).
Personal data are processed in compliance with what is set out under current legislation and, in particular, in the constant and absolute respect of the safety measures as per GDPR, Art. 32, in order to reduce as far as possible the risks of the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data, or process the data in a way that does not comply with the purposes for which such data were gathered.
The legal basis of data processing referred to A1 and A2 purposes, is the legitimate interest of the Data Controller pursuant to Art. 6 section 1 letter b of the Regulation and does not require your consent.
The legal basis of fata processing referred to A3 does not require your consent.
Type of personal data processed
The Data Controller collects personal data (A2) for the above-mentioned purposes. Personal data being collected concerns Data Controller’s customers and website visitors. Some of the data is collected directly from you when you use Newel Health website.
Protection of Personal Data
The Data Controller restricts access to your personal data to those employees who need to know that information for performing their work. In addition, we train our employees about the importance of confidentiality and maintaining the privacy and security of the personal data.
Retention of Personal Data
The information shall be retained for the time needed by the purposes for which it was gathered and possibly for a longer time if data retention is deemed necessary to protect the rights of the Data Controller in accordance with art.5 of EU Regulation 679/2016 (GDPR).
The storage of personal data relates to a maximum period of 10 years.
Data Transfer
The Data Controller will not circulate your Data. However, for the purposes of the data processing set out above, your Data may come to the attention of the following:
- Subjects that can access data under Italian and/or European Union, law, rules, and legislation, within the limits set in this legislation. Employees and collaborators who operate under the direct authority of the Data Controller, as long as they have previously been instructed in the processing of the data and authorised to do so under Art. 29 of the GDPR, including as System Administrators.
Any transmission or communication of these data will also take place in the respect for what is set out in law concerning the protection of personal data, including aspects relating to safety measures.
The rights of Data Subjects (GDPR, Art 15 et seq.)
The data subject can at any time exercise his/her data protection rights pursuant to articles 15-22 of the GDPR 2016/679. These rights include:
- Access: the data subject can obtain information relating to the treatment of his/her data and a copy of such data.
- Rectification: the data subject can request rectification of his/her data when such data is inaccurate or incomplete.
- Erasure: the data subject can request the erasure of his/her data by withdrawing his/her consent and if there is no other legal ground for the processing
- Restriction of processing: the data subject can obtain the restriction of processing in the cases provided by the law (e.g., If he/she contests the accuracy or treatment of the personal data).
- Objection: the data subject could object to the processing of data if the processing based on the Data Controller’s legitimate interest for purposes relating to his/her specific situation, unless mandatory reasons exist that override the interest of the data subject (i.e. when the data processing is needed to defend a right of the Data Controller in a court of law).
- Withdrawal of consent: the data subject can withdraw the consent previously given for the purposes of data processing.
The objection and withdrawal shall not affect the lawfulness of the usage that has been made of it in the intervening time. The rights in question may be exercised via written communication to the Data Controller.
Pursuant to existing law the data subject may also submit a complaint to the Data Protection Authority (Garante per la Protezione dei dati personali), Piazza di Monte Citorio n. 121 – 00186, Rome, – www.garanteprivacy.it);
Data Controller and Data Protection Officer
The Data Controller for this website is NEWEL HEALTH S.R.L. with registered office at Largo Abate Conforti snc, 84121 Salerno, Italia, VAT number 06046410657.
Requests should be made via email: administration@pec.newel.health
Within the context of its organizational structure. The Data Controller have appointed one Data Protection Officer (“DPO”), who can be contacted by any Data Subjects in all issues which relate to the protection of personal data. The DPO’s contact details are the following:
Jovan Stevovic (chino.io)
Email: dpo@newel.health