Contact – Newsletter Disclosure

Who are we and what do we do with your personal data?

As Data Controller (hereinafter also referred to as the “Controller”), Kedrion S.p.a. protects the confidentiality of your personal data and guarantees its protection from any event that may put it at risk of breach.

To this end, the Controller implements policies and practices regarding the collection and use of personal data and the exercise of the rights assigned to you under applicable legislation. The Controller updates the policies and practices applied for the protection of personal data each time this becomes necessary and in any case, any time legislative or organisational changes take place, which may affect the processing of your personal data.

The Controller has appointed a Data Protection Officer (DPO), whom you may contact if you have any questions about the policies and practices adopted. The Data Protection Officer can be contacted at:

[email protected]

How does Kedrion S.p.a. collect and process your data?

The Controller collects and/or receives information about you, such as IP address and identification personal data (e.g. name, surname, e-mail address) released during browsing the website. These are used by the Controller to respond to your request for information. Your personal data is mainly disclosed to third parties and/or addressees whose activities are necessary in order to fulfil the activities relating to said purposes, and also to comply with certain legal obligations. Any communication for different purposes will be previously subject to your consent.

Your personal data will not be in any way disseminated or disclosed to unidentified entities that cannot even be identified as third parties.

The Controller does not transfer your personal data abroad. Your personal data will not be in any way disseminated or disclosed to unidentified entities.

What happens if you do not supply your data?

Personal data regarding and identifying you is necessary in order to process the request you have made via the “Contact” section; if not supplied, that makes it impossible for the Controller to process your request. How and for how long is your data stored?

Your data is processed using both electronic and manual tools and means made available to subjects acting under the authority of the Controller and to this end authorised and trained.

Personal data is stored, if applicable, in electronic archives that are protected by means of effective security measures able to fight the risk of breach considered by the Controller. For the time necessary to fulfil the requests for information and the sending of communication of this nature only, made by the Controller following your request and in any case within the terms envisaged by the Data Retention Plan, save where events occur involving the intervention of the competent authorities, also in collaboration with the third parties/addressees in charge of the IT security of the Controller’s data, to carry out any investigations into the causes of the event.

What are your rights? 

Compatibly with the limits, above all in respect of time, established for the processing of your personal data, the rights you are afforded allow you to have control over your data at all times. You have the right to:

  • access;
  • rectification;
  • erasure;
  • limitation of processing;
  • object the processing

Your rights are guaranteed with no particular burdens or formalities involved in requesting their exercise and are essentially free of charge. You have the right:

  • to obtain a hard or electronic copy of the data you have asked to access. If you should request additional copies, the Controller may charge you a reasonable cost by way of contribution to the expenses involved;
  • to obtain its erasure or limit its processing or even to have your personal data updated and rectified and to have any third parties/addressees that may receive your data comply with this request, as long as there are no legitimate reasons that exceed those determining your request (e.g. environmental investigations and limitation of the risk determined by the emergency managed through them by the Controller);
  • to obtain all useful communications regarding the activities carried out following the exercise of your rights without delay and, in any case, within a month of your request, save for any grounded extension of up to two months, which must be duly
  • For any further information and in any case to send your request, please contact [email protected].

To whom should you submit a complaint? 

Without prejudice to any other administrative or legal action, you may submit a complaint to the competent control authority or to the one carrying out its duties and exercising its powers in Italy where you have your normal place of residence or where you work or, if different, in the Member State where the violation of Regulation (EU) 2016/679 took place.