PRIVACY & COOKIE POLICY

Last update: 1 November 2022

Contat S.r.l., with registered office in Silvi Marina (TE), via Raffaello n. 2C, Tax Code and VAT number: 01981460676, pec: contat.agency@pec.it, in the person of the pro-tempore legal representative, (hereinafter, also the "Controller"), as authorised distributor, as well as licensee of the related economic rights copyright, the software application called "Search Implant" (hereinafter, "App"), informs the data subject (hereinafter, also "User") that personal data, relating to the use of the App and services offered (hereinafter, "Services"), will be processed with the utmost care and with tools designed to ensure appropriate security. Please note that this privacy policy - in accordance with the provisions of Articles 13 and 14 of EU Regulation 2016/679 on data protection (also "General Data Protection Regulation" - GDPR) and Italian Legislative Decree No. 196/2003 ("Code regarding the protection of personal data") - is not to be considered valid for other, external websites that can be consulted through any links therein. The User is hereby informed of the following:

1. Data Controller

The owner is Contat S.r.l., with registered office in Silvi Marina (TE), via Raffaello 2C, Tax Code and VAT number: 01981460676, pec: contat.agency@pec.it.

2. Purpose and legal basis of data processing

• The purpose of the processing is to:
  • allow for registration to the App and its full and proper use; the related legal basis is the need to execute the contract to which the User is a party, or the execution of pre-contractual measures taken at the User's request;
  • provide Services through App functionalities; the relevant legal basis is the need to execute the contract to which the User is a party, or the execution of pre-contractual measures taken at the User's request;
  • respond to your requests by email; the legal basis for this is the need to execute the contract to which the User is a party, or the execution of pre-contractual measures taken at the User's request;
  • send you push notifications via the App; the legal basis for this is the User's explicit consent;
  • send you commercial, promotional and/or advertising communications about the Controller's services (direct marketing), by email or telephone; the relevant legal basis is the User's explicit consent;
  • transfer your personal data to third-party companies, including companies manufacturing dental implants, marketing, market research and consulting companies, for their own processing for marketing purposes; the relevant legal basis is the User's explicit consent;
  • fulfil legal obligations to which the Controller is subject; the relevant legal basis is the need to fulfil a legal obligation;
  • defend a right in court; the relevant legal basis is the legitimate interest of the Controller.

3. Access to the App and use of the Services

• The App is for commercial use and is intended exclusively for professional customers, as set out in Article 1 of the Terms and Conditions. The Controller therefore does not process personal data relating to minors under 18 years of age. By accessing the App, using it and its services, the User expressly declares to be at least 18 years old.

4. Categories and sources of processed data

• Data resulting from the User's browsing: such data, through the normal operation of the App, is ac-quired and transmitted implicitly in the use of Internet communication protocols. This information is not collected in order to be associated with identified data subjects, but by its very nature, through processing with data held by third parties, it could enable the identification of Users. This category of data includes IP addresses or domain names of the computers used by Users who connect to the App, the URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in re-sponse, the numerical code indicating the status of the response given by the server (successful, er-ror, etc.) and other parameters relating to the User's operating system and IT environment. These da-ta processing and association activities are never carried out by the Data Controller, they are only used for the purpose of checking the correct functioning and are automatically deleted after pro-cessing.
• Cookies: Information on the use of cookies can be found at the end of this Policy.
• Data deriving from the use of the App and related Services: these data, received by the Controller in relation to the registration of an account by the User for the use of the App (including push notifica-tions) and related Services, as well as data relating to the purchase and execution of the latter, are transmitted by the User to the Controller, or otherwise acquired, through the App. They may con-cern: personal image (avatar of the User's account), name, surname, email address, company of which the User is the legal representative, VAT number, credit card data. In addition, depending on the operating system of the device used by the User, the provider of the push notification service ("Google Firebase Cloud Messaging"), Google LLC, may associate a unique identifier with the User's device in order to carry out the notification. In any case, when accessing the App for the first time, the User will be able to choose whether or not to receive push notifications and will be able to change his choice at any time through his device or in the "Profile" section of the App.
• Other data provided voluntarily by the User: such data is provided by the User, through the Control-ler's contact system provided through the App, in order to receive assistance or otherwise to receive information or for any other purpose.

5. Methods of data processing.

• The processing is carried out, in the manner strictly necessary to meet the above purposes, through some or all of the operations indicated in Article 4(2) of EU Regulation 2016/679: collection, recording, organisation, structuring, storage, consultation, processing, adaptation, modification, selection, extraction, comparison, use, interconnection, blocking, disclosure, deletion and destruction of data. The operations may be carried out with or without the aid of electronic, digital or automated tools.

6. Data transfer

• The provision of personal data is:
  • compulsory, in relation to certain personal data relating to the App's technical cookies, therefore, refusal or failure to provide such data may make it impossible to use the App correctly;
  • compulsory, for the registration of an account on the App, and therefore for the use of the App and its Services; therefore, any refusal or failure to provide such information will make it impossible to register a User account and consequently to use the App and its Services;
  • compulsory, in order to respond to your email requests; therefore, refusal or failure to do so will make it impossible for us to reply;
  • optional, for the sending of push notifications through the App; refusal or failure to provide them will only result in the impossibility of sending you such notifications;
  • optional, for the sending of commercial, promotional and/or advertising notices regarding the Controller's Services (direct marketing), by email or telephone; refusal or failure to provide such information will only make it impossible to send you such notifications;
  • optional, for the transfer of your personal data to third-party companies for its independent processing for marketing purposes; any refusal or failure to provide such data will only result in the non-transfer of your data to third-party companies for such purposes.
  In any case, by communicating personal data for any of the purposes listed above, the Controller may process such data to fulfil legal obligations and to pursue its legitimate interest in protecting its rights in court.

7. Data storage

Personal data will be processed and stored for as long as is necessary for the pursuit of the purposes listed above, namely:

• the data necessary to allow the App to be used properly is stored for the period of time foreseen for each cookie, as better specified in the relevant cookie policy;
• the data collected for the registration on the App, and the use thereof, will be stored until the User has a registered account within the same App;
• the data collected for the purchase and use of Services on the App will be retained for as long as the User has a registered account within the same App, or for up to 10 years after the purchase and use of the Service;
• data related to requests or notifications forwarded to the Data Controller by email will be kept until the request has been fully processed;
• data used for push notifications will be retained as long as the User uses the App and has not disabled such notifications;
• the data processed to send commercial, promotional and/or advertising notifications for the Controller's services (direct marketing), by email or telephone, will be stored for 5 (five) years from the date consent is given;
• data transferred to third-party companies for their own marketing purposes will be retained until such time as they are transferred;
• data processed to comply with legal obligations will be kept for the period provided for by the relevant laws or regulations;
• data collected for the purpose of defending rights in a court of law shall be stored until the period of prescription of the right to be asserted has elapsed or, where legal proceedings have begun, until the final conclusion of such proceedings.

8. Comunicazione dei dati.

8. Communication of data. Personal data may be communicated to, or come to the knowledge of, for the purposes listed above and in order to provide, improve, protect and promote its services: persons authorised to process the data; data processors and their additional managers and authorised persons, such as, by way of example but not limited to service providers, suppliers of IT services or assistance to the same, and related technical staff in charge, any collaborators, in charge of occasional maintenance operations, all adequately trained in the protection of confidentiality; companies producing dental implants, marketing, market research and consulting; judicial or administrative authorities, for the fulfilment of legal obligations; other subjects who process data in execution of specific legal obligations.

9. Profilazione.

9. Profiling. Personal data is not subject to any fully automated decision-making process, including profiling.

10. Trasferimento dei dati all’estero.

10. Transfer of data abroad. For the purpose of sending push notifications via the App, the provider of the relevant service "Google Firebase Cloud Messaging", Google LLC, is based in the United States and a special contract for the appointment of a responsible person pursuant to Article 28 of the GDPR has been concluded with it, containing Standard Contractual Clauses prepared by the European Commission. Although it has been agreed with Google LLC that the data will be stored in the EU, standard contractual clauses have been drawn up in the event that third-party providers of Google LLC with offices outside the European Economic Area access the data.

11. Diritti dell’interessato

11. Rights of data subject. Pursuant to Articles 15-18 and 20-21 of EU Regulation 2016/679, Users are entitled to obtain: • confirmation as to whether or not personal data concerning them exist, even if it has not yet been recorded, and disclosure of such data in intelligible form; • the indication: o the origin of the personal data; o the purposes and methods of data processing; o the logic applied in the event of processing carried out with the help of digital tools; o the identification details of the holder and of any persons responsible; o the subjects or categories of subjects to whom the personal data may be disclosed or who may become aware of it in their capacity as managers or appointees; • updating, rectification or, where interested therein, integration of the data; • the deletion, transformation into anonymous form or blocking of data processed in breach of the law, including data whose storage is unnecessary for the purposes for which the data was collected or subsequently processed; • certification to the effect that the operations as per letters c) and d) have been notified, as also related to their contents, to the entities to whom or which the data was disclosed or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected. Users are entitled wholly or partially to object: • for legitimate reasons, to the processing of personal data concerning them, even though relevant to the purpose of collection; • the processing of personal data concerning them for the purpose of sending advertising or direct sales material or for carrying out market research or commercial communication. Users have the right to data portability, i.e. to receive in a structured, commonly used and machine-readable format the personal data concerning them and have the right to transmit such data to another Data Controller without hindrance. Users also have the right to lodge a complaint with a supervisory authority (in Italy, the Garante per la Protezione dei dati personali - Protection of Personal Data: www.garanteprivacy.it).

App Privacy

Our app is available on: AppStore, Play Store and as Webapp. The data provided is used only to provide the required functionality. We do not share your data with others extranl companies and do not sale any data.

Informativa sui Cookie

What are cookies? "Cookies" are small text files that are automatically created when a website is accessed and are used to authenticate information, monitor sessions and store specific information about Users and their visit. More specifically, cookies are sent from the server (physical location of the site) of the website visited to the User's browser (Microsoft Edge, Mozilla Firefox, Google Chrome, etc.), are stored locally on the User's computer, and are then sent back to the same site the next time the User visits it. While browsing, the User may also receive cookies from external websites (third-party cookies), set and used directly by the operators of these websites, in the manner and for the purposes defined by them. Finally, cookies may remain on the user's computer for long or short periods, depending on their characteristics.

Tipologie di cookie.

Types of cookies. Session cookies: their duration corresponds to the user session and they are automatically deleted when the session is closed. Persistent cookies: these are persistent and remain stored on the terminal equipment beyond the user session, until their expiry date. First-party cookies: belong to the website or app visited, which transmits them directly to the User. Third-party cookies: these come from third-party sites other than the site or app visited. The owner of the site visited has no control over them and the information they contain. Their possible disabling does not compromise browsing in any way. The use of these cookies is governed by the rules laid down by the third parties and, therefore, in order to manage or disable these cookies, users should consult the privacy notices and guidance published on the websites of these third parties.

Cookie utilizzati

Cookies used: The App uses only technical cookies, which are those used for the sole purpose of carrying out the transmission of a communication over an electronic communication network, or to the extent strictly necessary for the provider of an information society service explicitly requested by the subscriber or user to provide this service (Article 122(1) of the Personal Data Protection Code). They can be divided into: • browsing or session cookies, which guarantee normal navigation and use of the website/app (allow-ing, for example, to make a purchase or authenticate oneself to access reserved areas); they are not used for any other purpose and are normally installed directly by the owner or manager. • analytical cookies, assimilated to technical cookies where they are used directly by the site operator to collect information, in aggregate form, on the number of users and on how they visit the site itself, as well as for statistical analysis on page views and to monitor its correct functioning; • functionality cookies, which allow the user to browse according to a number of selected criteria (e.g. language, products selected for purchase) in order to improve the service provided to the user.

Cookie name	Description	Duration	Part
_AMSID	Browsing cookie that manages the User's browsing preferences.	sessione	first
_AMAUTH	Functionality cookie that stores the User's authentication credentials.	7 days	first

Cookie name	Duration		Cookie name	Duration
__stripe_sid	1 hour		__stripe_mid	1 year
recent-views	1 year		__stripe_orig_props	1 year
cookie-perms	6 mesi		private_machine_identifier	1 year
stripe.csrf	session		machine_identifier	5 anni
scfc	1 year