The Company MeduGate("Company") hereby informs you that the processing of your personal data, carried out through this website [www.medugate.me] (the "Site") or collected through the contact forms present therein ("Form" or "Forms"), is carried out in compliance with the UAE Federal Decree-Law No. 45/2021 - the "Regulation").
The purpose of this privacy policy (the “Privacy Policy”) is to provide you with information about how we, the Company, process your personal data in connection with the use of our Site. The following describes, among other things, how we collect, process and share your personal data.
1. Data Controller and DPO
MeduGate, with registered office in Dubai Science Park (DSP) - North Tower - Office 1401-1405, P.O. Box: 478881, Dubai, United Arab Emirates (the “UAE”), Tel: +971 43 67 88 20; Fax: +971 4 367 88 21 acts as a “controller” pursuant to the Regulation (the “Data Controller”).
The Data Protection Officer ("DPO") can be contacted at email address: dpo@menarini-uae.com.
2. What data we process
With your consent, we process the personal data that you provide when you interact with the Site, send communications using the Forms or other contact information and make use of the relevant services and functionalities. In particular, the data includes your name and surname, contact details, professional qualifications, areas of interest, the contents of your specific requests or reports as well as any further data that the Data Controller may acquire in the course of its activity ("Data").
To enable us to process the requests you send us via the Forms, it is necessary that you consent to the processing of the data entered and provide at least the information marked with an asterisk (*). Without the mandatory data or consent, we will not be able to proceed.
On the contrary, the information requested in the fields not marked with an asterisk is optional: if you decide not to provide it, there will be no consequences.
Processing is carried out by both computerised and paper-based means, applying the security measures provided for by the legislation in force
3. Why do we process your data and how
Data are processed for the following purposes:
1. to handle your requests for information made through the Site and through the Form;
2. to manage the reports and fulfilments related to adverse event reports (pharmacovigilance) made through the Site or the Forms;
By ticking the appropriate boxes in the Forms, you consent to processing for the above-mentioned purposes.
The data may, however, be processed by the Data Controller, even without your consent, in only in the cases listed under Article 4 of the Regulation.
Personal data are entered into the Company's information system in full compliance with applicable privacy regulations, including security and confidentiality profiles, and inspired by the principles of correctness, lawfulness and transparency of processing. The data will be kept for the period strictly necessary to achieve the purposes for which they were collected; in any case, the criterion used to determine this period is based on compliance with the terms permitted by applicable laws and the principles of minimisation of processing, limitation of storage and rational management of archives.
All user data are also processed using paper and automated tools that are in any case suitable to guarantee security and confidentiality.
4. Browsing data
The processing of Data of users who only visit the Site (i.e. without sending any communication or using any of the available services/functions) is limited to browsing data, i.e. those for which transmission to the Site is necessary for the operation of the computer systems in charge of managing the Site and the Internet communication protocols. This category includes, for example, IP addresses or the domain of the computer used to visit the Site and other parameters relating to the operating system used by the user to connect to the Site. The Company collects these and other data (such as, for example, the number of visits and time spent on the Site) only for statistical purposes and in an anonymous form in order to monitor the operation of the Site and improve its functionality. This information is not collected in order to be associated with other information about you and identify you; however, this information by its very nature may allow your identification through processing and association with information held by third parties. Browsing data are normally deleted after processing in anonymous form but may be retained and used by the Company to ascertain and identify the perpetrators of any computer crimes committed against the Site or through the Site. Except for this eventuality and as specified in the Cookie Policy, the navigation data described above are only temporarily stored in compliance with applicable legislation.
5. Links to other websites
The Site may contain links to other sites (so-called third party sites). The Company has no access to or control over cookies, web beacons and other user tracking technologies used by third party sites that can be accessed from the Site; the Company has no control over the contents and materials published by or obtained through third party sites, nor over the related methods of processing the user's personal data, and expressly disclaims any responsibility for such eventualities. You should check the privacy policy of third party sites that you access through the Site and inform yourself of the conditions applicable to the processing of your personal data. This document applies only to the Site.
6. Who can access the Data
The Data are accessible to the Data Controller's personnel authorised to process them, and in particular to personnel belonging to the administrative categories, to IT technicians, to product managers, to personnel in charge of handling reports of adverse events (pharmacovigilance) and to other persons who need to process them in the performance of their duties. Your Personal Data may also be transferred outside of the UAE in compliance with Articles 22 and 23 of the Regulation.
7. Know Your Rights
By contacting the Data Controller at the contact details indicated above, you may, at any time, exercise the rights recognised by Articles 13 (Right to Obtain Information), 14 (Right to Request Personal Data Transfer), 15 (Right to Correction or Erasure of Personal Data), 16 (Right to Restrict Processing), 17 (Right to Stop Processing), 18 (Right to Processing and Automated Processing)-of the Regulation, such as, for example, (i) knowing the types of the personal data being processed, the purposes of processing, the controls and standards for the periods of storing and keeping your personal data, the protection measures relating to cross-border processing as per Articles 22 and 23 of the Regulation, the process of filing complaints with the UAE competent authority; (ii) requesting the correction or completion of your inaccurate personal data; (iii) without prejudice to applicable UAE laws and to what is requires by the public interest, you have the right to request the erasure of your personal data in certain specific cases. In the same way you can always report comments on specific uses of data regarding particular personal situations deemed incorrect or not justified by the relationship in place at the DPO or submit a complaint to the Data Protection Authority of the UAE. At any time you can revoke your consent already given, without prejudice to the lawfulness of the processing carried out before the withdrawal of consent.