Privacy Policy of medicalistore.it
medicalistore.it collects some Personal Data from its Users.
Data Controller
RAM Apparecchi Medicali Ltd.
Via Casaregis 19/25r
16129 Genoa - Italy
REA Genoa 434623 - VAT number 01769610997
Tel: +39 010.5761476
Owner's email address: info@medicalistore.it
Types of Data collected
Among the types of Personal Data collected by medicalistore.it, either independently or through third parties, there are: Cookies; Usage Data; answers to questions; clicks; keypress events; motion sensor events; mouse movements; position relative to scrolling; touch events; email address; first name; last name; number of Users; session statistics; application launches; number of sessions; session duration; page scroll interactions; pageview; interaction events; page events; date of birth; IP address; device information; app information; device logs; operating systems; browser information; language; phone number; physical address; geographic location; house number; address; geographic region; approximate location; location information; city; ZIP/Postal code; state; province; county; nation; latitude (of city); longitude (of city); metropolitan area; billing address; shipping address; payment information; point of sale data; purchases in-app; billing data; product interactions; purchase history; order ID; user ID; identity document; tax code.
Complete details on each type of Personal Data collected are provided in the dedicated sections of this privacy policy or through specific information texts displayed before the Data is collected.
Personal Data may be freely provided by the User or, in the case of Usage Data, collected automatically when using medicalistore.it.
Unless otherwise specified, all Data requested by medicalistore.it is mandatory. If the User refuses to provide such Data, medicalistore.it may be unable to provide the Service. In cases where medicalistore.it indicates certain Data as optional, Users are free to refrain from providing such Data, without this having any impact on the availability or operation of the Service.
Users who have doubts about which data are mandatory are encouraged to contact the Data Controller.
The possible use of Cookies - or other tracking tools - by medicalistore.it or the owners of third-party services used by medicalistore.it has the purpose of providing the Service requested by the User, in addition to the other purposes described in this document.
The User assumes responsibility for the Personal Data of third parties obtained, published or shared through medicalistore.it.
Method and place of processing of the collected data
Treatment methods
The Data Controller takes appropriate security measures to prevent unauthorized access, disclosure, modification, or destruction of Personal Data. Processing is carried out using computer and/or electronic means, following organizational methods and procedures strictly related to the purposes indicated. In addition to the Data Controller, in some cases, other parties involved in the operation of medicalistore.it (administrative, commercial, marketing, legal, and system administrator personnel) or external parties (such as third-party technical service providers, mail carriers, hosting providers, IT companies, and communications agencies) may have access to the Data, also appointed, if necessary, as Data Processors by the Data Controller. The updated list of Data Processors may be requested from the Data Controller at any time.
Place
The Data is processed at the Data Controller's operating offices and in any other place where the parties involved in the processing are located. For further information, please contact the Data Controller. The User's Personal Data may be transferred to a country other than their own. To obtain further information on the place of processing, the User can refer to the section containing details on the processing of Personal Data.
Retention period
Unless otherwise indicated in this document, Personal Data is processed and stored for the time required by the purpose for which it was collected and may be stored for a longer period due to any legal obligations or on the basis of the Users' consent.
Purpose of the Processing of Collected Data
The User's Data is collected to allow the Owner to provide its Service, comply with legal obligations, respond to requests or enforcement actions, protect its rights and interests (or those of Users or third parties), identify any malicious or fraudulent activity, as well as the following: Interaction with external social networks and platforms, Remarketing and behavioral targeting, Advertising, Registration and authentication, Displaying content from external platforms, Protection from spam and bots, Tag Management, Payment management, Platform services and hosting, Contact management and sending messages, Statistics, and Traffic optimization and distribution.
To obtain detailed information on the purposes of the processing and on the Personal Data processed for each purpose, the User may refer to the section “Details on the Processing of Personal Data”.
Details on the processing of personal data
Personal Data is collected for the following purposes and using the following services:
Managing contacts and sending messages
This type of service allows us to manage a database of email contacts, telephone contacts, or any other contact information used to communicate with the User. These services may also collect data relating to the date and time the messages were viewed by the User, as well as the User's interaction with them, such as information on clicks on links included in messages.
Mailgun (Mailgun, Inc.)
Mailgun is an email address management and message sending service provided by Mailgun, Inc.
Personal Data processed: last name; email address; first name.
Place of processing: Germany – Privacy Policy.
Payment Management
Payment management services allow medicalistore.it to process payments by credit card, bank transfer, or other means. The data used for payment is acquired directly by the payment service provider requested without being processed in any way by medicalistore.it. Some of these services may also allow the scheduled sending of messages to the User, such as emails containing invoices or notifications regarding payment.
PayPal (Paypal)
PayPal is a payment service provided by PayPal Inc., which allows the User to make online payments
Personal Data processed: various types of Data as specified in the privacy policy of the service.
Stripe (Stripe Inc)
Stripe is a payment service provided by Stripe Inc.
Personal Data processed: various types of Data as specified in the privacy policy of the service.
Place of processing: United States – Privacy Policy.
Scalapay (Scalapay S.r.l.)
Scalapay is a payment service provided by Scalapay S.r.l. which allows customers to pay in installments.
Personal Data processed: purchases in-app; address; metropolitan area; zip code; city; clicks; tax code; last name; county; purchase history; date of birth; billing data; usage data; point of sale data; identity document; session length; email; interaction events; page events; keypress events; order ID; user ID; billing address; shipping address; physical address; payment information; location information; browser information; device information; app information; product interactions; page scroll interactions; IP address; app launches; latitude (of city); language; device logs; longitude (of city); mouse movements; country; name; house number; number of sessions; phone number; page view; approximate location; geographic location; position relative to scrolling; province; geographic region; operating systems; session statistics; status.
Place of processing: Italy – Privacy Policy.
Tag Management
This type of service is functional to the centralized management of the tags or scripts used on medicalistore.it. The use of these services involves the flow of User Data through them and, if applicable, their retention.
Google Tag Manager (Google LLC)
Google Tag Manager is a tag management service provided by Google LLC. To learn how Google uses data, see their privacy policy. partner policy and their Commercial Data page.
Personal Data processed: Cookies; Usage Data.
Place of processing: United States – Privacy Policy.
Interaction with social networks and external platforms
This type of service allows you to interact with social networks, or with other external platforms, directly from the pages of medicalistore.it. The interactions and information acquired by medicalistore.it are in any case subject to the User's privacy settings for each social network. This type of service may still collect traffic data for the pages where the service is installed, even when Users do not use it. It is recommended to log out of the respective services to ensure that the data processed on medicalistore.it is not linked to the User's profile.
Facebook Like button and social widgets (Meta Platforms, Inc.)
The “Like” button and Facebook social widgets are services for interacting with the Facebook social network, provided by Meta Platforms, Inc.
Personal Data processed: Cookies; Usage Data.
Place of processing: United States – Privacy Policy – Opt out.
Google+ +1 button and social widgets (Google LLC)
The +1 button and Google+ social widgets are services for interacting with the Google+ social network, provided by Google LLC.
Personal Data processed: Cookies; Usage Data.
Place of processing: United States – Privacy Policy.
LinkedIn button and social widgets (LinkedIn Corporation)
The LinkedIn button and social widgets are services for interacting with the LinkedIn social network, provided by LinkedIn Corporation.
Personal Data processed: Cookies; Usage Data.
Place of processing: United States – Privacy Policy – Opt Out.
X (X Corp.) social button and widgets
X social button and widgets are services that allow you to interact with the X social network provided by X Corp.
Personal Data processed: Cookies; Usage Data.
Place of processing: United States – Privacy Policy.
“Pin it” button and Pinterest social widgets (Pinterest, Inc.)
The “Pin it” button and Pinterest social widgets are interaction services with the Pinterest platform, provided by Pinterest Inc.
Personal Data processed: Cookies; Usage Data.
Place of processing: United States – Privacy Policy.
PayPal button and widgets (Paypal)
The PayPal button and widget are interaction services with the PayPal platform, provided by PayPal Inc.
Personal Data processed: Cookies; Usage Data.
Place of processing: See PayPal's privacy policy – Privacy Policy.
Traffic optimization and distribution
This type of service allows medicalistore.it to distribute its content via servers located across the country and optimize its performance. The Personal Data processed depends on the characteristics and implementation method of these services, which by their nature filter communications between medicalistore.it and the User's browser. Given the distributed nature of this system, it is difficult to determine the locations to which content, which may contain the User's Personal Data, is transferred.
Cloudflare (Cloudflare, Inc.)
Cloudflare is a traffic optimization and distribution service provided by Cloudflare Inc. Cloudflare's integration methods allow it to filter all traffic on medicalistore.it, i.e., communications between medicalistore.it and the User's browser, also allowing the collection of statistical data on the latter. Personal Data processed: Tracking Tools; various types of Data as specified in the service's privacy policy.
Place of processing: United States – Privacy Policy.
Spam and bot protection
This type of service analyzes the traffic of medicalistore.it, potentially containing Users' Personal Data, for the purpose of filtering it from unwanted parts of traffic, messages and contents recognized as SPAM or protecting it from malicious bot activity.
Google reCAPTCHA (Google LLC)
Google reCAPTCHA is a SPAM protection service provided by Google LLC. Use of the reCAPTCHA system is subject to the privacy policy and to terms of use by Google.
To learn about Google's use of data, see their privacy policy. partner policy and their Commercial Data page.
Personal Data processed: clicks; Usage Data; keypress events; motion sensor events; touch events; mouse movements; position relative to scrolling; answers to questions; Tracking Tools.
Place of processing: United States – Privacy Policy.
Advertising
Some of the services listed below may use Tracking Tools to identify the User, or use behavioral retargeting, i.e., display personalized ads based on the User's interests and behavior, or measure ad performance. For more information, we recommend checking the privacy policies of the respective services. Generally, these services offer the option to disable such tracking. In addition to any opt-out function,-out provided by any of the services listed in this document, the User can read more about how to opt out of interest-based advertising in the dedicated section "How to opt out of interest-based advertising" in this document.
Meta ads conversion tracking (Meta pixels) (Meta Platforms, Inc.)
Meta ads conversion tracking (Meta pixel) is a statistics service provided by Meta Platforms, Inc. which connects data from the Meta ad network with actions performed within medicalistore.it. The Meta pixel tracks conversions that can be attributed to Facebook, Instagram, and Audience Network ads.
Personal Data processed: Usage Data; Tracking Tools.
Place of processing: United States – Privacy Policy – Opt out.
Google Ads Conversion Tracking (Google LLC)
Google Ads conversion tracking is a statistics service provided by Google LLC that connects data from the Google Ads advertising network with actions performed within medicalistore.it.
To learn about Google's use of data, see their privacy policy. partner policyand their Commercial Data page.
Personal Data processed: Usage Data; Tracking Tools.
Place of processing: United States – Privacy Policy.
Registration and authentication
By registering or authenticating, the User allows the Application to identify them and provide them with access to dedicated services. Depending on what is indicated below, registration and authentication services may be provided with the assistance of third parties. If this occurs, this Application will be able to access some Data stored by the third-party service used for registration or identification.
Google OAuth (Google LLC)
Google OAuth is a registration and authentication service provided by Google LLC and connected to the Google network.
Personal Data processed: various types of Data as specified in the privacy policy of the service.
Place of processing: United States – Privacy Policy.
Stripe OAuth (Stripe Inc)
Stripe OAuth is a registration and authentication service provided by Stripe, Inc. and connected to the Stripe network.
Personal Data processed: various types of Data as specified in the privacy policy of the service.
Place of processing: United States – Privacy Policy.
Remarketing and behavioral targeting
This type of service allows medicalistore.it and its partners to communicate, optimize, and serve advertisements based on the User's past use of medicalistore.it. This activity is facilitated by tracking Usage Data and using tracking tools to collect information that is then transferred to partners who manage remarketing and behavioral targeting activities. Some services offer a remarketing option based on email address lists. In addition to the opt-out features-out offers from the services listed below, the User can opt out-out visiting the opt-in page-out of the Network Advertising Initiative.
Users may also opt-out of certain advertising features through applicable device settings, such as the device's mobile advertising settings or general advertising settings.
Facebook Remarketing (Meta Platforms, Inc.)
Facebook Remarketing is a remarketing and behavioral targeting service provided by Meta Platforms, Inc. which connects the activity of medicalistore.it with the Meta advertising network.
Personal Data processed: Cookies; Usage Data.
Place of processing: United States – Privacy Policy – Opt out.
Remarketing with Google Analytics (Google LLC)
Remarketing with Google Analytics is a remarketing and behavioral targeting service provided by Google LLC that connects the tracking activity performed by Google Analytics and its Tracking Tools with the Google Ads advertising network and the Doubleclick Cookie. To learn how Google uses your data, see their privacy policy. partner policy and their Commercial Data page.
Personal Data processed: Cookies; Usage Data.
Place of processing: United States – Privacy Policy – Opt Out.
Platform and hosting services
These services are intended to host and operate key components of medicalistore.it, enabling the provision of medicalistore.it from a single platform. These platforms provide the Data Controller with a wide range of tools, such as analytics, user registration management, comment and database management, e-commerce, payment processing, etc. The use of these tools involves the collection and processing of Personal Data. Some of these services operate through servers geographically distributed in different locations, making it difficult to determine the exact location where the Personal Data is stored.
PrestaShop (PrestaShop S.A.)
PrestaShop is a platform provided by PrestaShop S.A. which allows the Owner to develop, operate and host a website dedicated to e-commerce.
Personal Data processed: various types of Data as specified in the privacy policy of the service.
Place of processing: France – Privacy Policy.
Statistics
The services contained in this section allow the Data Controller to monitor and analyze traffic data and are used to track User behavior.
Google Analytics 4 (Google LLC)
Google Analytics is a statistics service provided by Google LLC (“Google”). Google uses the Personal Data collected to track and examine the use of medicalistore.it, compile reports, and share them with other Google services. Google may use the Personal Data to contextualize and personalize the ads of its own advertising network. In Google Analytics 4, IP addresses are used at the time of collection and then deleted before the data is recorded in any data center or server. To learn more, please consult the official Google documentation. To learn about Google's use of data, see their privacy policy. partner policy and their Commercial Data page.
Personal Data processed: Usage Data; number of Users; session statistics; Tracking Tools.
Place of processing: United States – Privacy Policy – Opt Out.
Viewing content from external platforms
This type of service allows you to view content hosted on external platforms directly from the pages of medicalistore.it and interact with them. These services are often called widgets, which are small elements inserted into a website or application. They provide specific information or perform a specific function and often allow interaction with the user. This type of service may still collect web traffic data relating to the pages where the service is installed, even when users do not use it.
Google Fonts (Google LLC)
Google Fonts is a font display service managed by Google LLC that allows medicalistore.it to integrate such content within its pages.
Personal Data processed: Usage Data; Tracking Tools.
Place of processing: United States – Privacy Policy.
Learn how to opt out of interest-based ads
In addition to any opt-in function-out provided by any of the services listed in this document, Users may avail themselves of the information present on YourOnlineChoices(EU), The Network Advertising Initiative(USA) and Digital Advertising Alliance (USA), DAAC(Canada), ADHD(Japan) or other similar services. These services allow you to manage your tracking preferences for most advertising tools. The Owner, therefore, recommends that Users use these resources in addition to the information provided in this document. AppChoices helps Users control behavioral advertising on mobile apps. Users can also disable certain advertising features through their device settings, such as the device's advertising settings for mobile phones or ad settings in general.
Further information on the processing of Personal Data
Selling goods and services online
The Personal Data collected is used to provide services to the User or to sell products, including payment and possible delivery. The Personal Data collected to complete the payment may include the credit card, the bank account used for the transfer, or other payment methods. The payment data collected by medicalistore.it depends on the payment system used.
Further information for users in the European Union
This section applies to all users in the European Union, in accordance with the General Data Protection Regulation (GDPR) and, for such Users, supersedes any other information that may be divergent or conflicting in this privacy policy. Further details regarding the categories of data processed, the purposes of processing, the categories of recipients of personal data, if any, and additional information about personal data are available in the "Detailed information on the processing of personal data" section of this document.
Legal basis for processing
The Data Controller processes Personal Data relating to the User if one of the following conditions applies:
- the User has given consent for one or more specific purposes.
- Processing is necessary for the performance of a contract with the User and/or for the implementation of pre-contractual measures; processing is necessary for compliance with a legal obligation to which the Data Controller is subject; processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Data Controller; processing is necessary for the pursuit of the legitimate interests pursued by the Data Controller or by third parties.
However, it is always possible to ask the Data Controller to clarify the specific legal basis for each processing operation and, in particular, to specify whether the processing is based on the law, provided for by a contract, or necessary to conclude a contract.
Learn more about retention time
Unless otherwise indicated in this document, Personal Data is processed and stored for the time required by the purpose for which it was collected and may be stored for a longer period due to any legal obligations or on the basis of the Users' consent.
Therefore:
- Personal Data collected for purposes related to the performance of a contract between the Owner and the User will be retained until such contract has been fully performed.
- Personal Data collected for purposes related to the Data Controller's legitimate interest will be retained until such interest is fulfilled. Users may obtain further information regarding the legitimate interest pursued by the Data Controller in the relevant sections of this document or by contacting the Data Controller.
When processing is based on the User's consent, the Data Controller may retain the Personal Data for a longer period until such consent is revoked. Furthermore, the Data Controller may be required to retain Personal Data for a longer period to comply with a legal obligation or by order of an authority.
At the end of the retention period, the Personal Data will be deleted. Therefore, upon expiration of this period, the right to access, erasure, rectification, and the right to data portability can no longer be exercised.
User Rights under the General Data Protection Regulation (GDPR)
Users may exercise certain rights with reference to the Data processed by the Data Controller.
In particular, within the limits established by law, the User has the right to:
- withdraw consent at any time. The User may revoke the consent to the processing of his/her Personal Data previously expressed.
- object to the processing of your data. The User may object to the processing of his/her Data when it occurs pursuant to a legal basis other than consent.
- access your data. The User has the right to obtain information on the Data processed by the Data Controller, on certain aspects of the processing and to receive a copy of the processed Data.
- verify and request rectification. The User can verify the accuracy of his/her Data and request its updating or correction.
- obtain restriction of processing. The User may request the restriction of the processing of their Data. In this case, the Data Controller will not process the Data for any purpose other than its storage.
- obtain the deletion or removal of your Personal Data. The User may request the Data Controller to delete his/her Data.
- receive your Data or have it transferred to another owner. The User has the right to receive his/her Data in a structured, commonly used and machine-readable format and, where technically feasible, to obtain its transfer without hindrance to another owner.
- lodge a complaint. The User may lodge a complaint with the competent data protection supervisory authority or take legal action.
Users have the right to obtain information regarding the legal basis for the transfer of Data abroad, including to any international organization governed by international law or consisting of two or more countries, such as the UN, as well as regarding the security measures adopted by the Owner to protect their Data.
Details on the right to object
When Personal Data is processed in the public interest, in the exercise of public authority vested in the Data Controller, or to pursue a legitimate interest of the Data Controller, Users have the right to object to the processing for reasons related to their particular situation.
Users are informed that, if their Data is processed for direct marketing purposes, they can object to the processing at any time, free of charge and without providing any justification. If Users object to the processing for direct marketing purposes, their Personal Data will no longer be processed for such purposes. To learn whether the Data Controller processes Data for direct marketing purposes, Users can refer to the relevant sections of this document.
How to exercise your rights
Any requests to exercise the User's rights may be directed to the Data Controller using the contact details provided in this document. The request is free of charge and the Data Controller will respond as soon as possible, in any case within one month, providing the User with all the information required by law. Any corrections, deletions, or limitations to processing will be communicated by the Data Controller to each recipient, if any, to whom the Personal Data has been disclosed, unless this proves impossible or involves a disproportionate effort. The Data Controller will inform the User of these recipients upon request.
Further information for users in Switzerland
This section applies to Users in Switzerland and, for such Users, supersedes any other information that may be divergent or conflicting in the Privacy Policy.
Further details regarding the categories of Data processed, the purposes of the processing, the categories of recipients of the personal data, if any, the retention period and other information on the Personal Data can be found in the section entitled "Detailed information on the processing of Personal Data" within this document.
User rights under the Federal Act on Personal Data Protection
Users may exercise certain rights relating to their data within the limits of the law, including the following:
- right of access to personal data;
- the right to object to the processing of your Personal Data (which also allows Users to request the restriction of processing of their Personal Data, the erasure or destruction of their Personal Data, and the prohibition on disclosure of their Personal Data to third parties); the right to receive your Personal Data and to transfer it to another data controller (data portability); and the right to request the rectification of inaccurate Personal Data.
How to exercise these rights
Any requests to exercise User rights can be directed to the Data Controller using the contact details provided in this document. These requests are free of charge, and the Data Controller will respond as quickly as possible, providing Users with the information required by law.
Further information on treatment
Defense in court
The User's Personal Data may be used by the Data Controller in court or in the preparatory stages leading to possible legal action for the defense against improper use of medicalistore.it or related Services by the User. The User declares to be aware that the Data Controller may be required to disclose the Data by order of public authorities.
Specific information
Upon the User's request, in addition to the information contained in this privacy policy, medicalistore.it may provide the User with additional and contextual information regarding specific Services, or the collection and processing of Personal Data.
System logs and maintenance
For operational and maintenance purposes, medicalistore.it and any third-party services it uses may collect system logs, which are files that record interactions and may also contain Personal Data, such as the User's IP address.
Information not contained in this policy
Further information regarding the processing of Personal Data may be requested from the Data Controller at any time using the contact details.
Changes to this privacy policy
The Data Controller reserves the right to make changes to this privacy policy at any time by notifying Users on this page and, if possible, on medicalistore.it and, where technically and legally feasible, by sending a notification to Users via one of the contact details available to the Data Controller. Please check this page frequently, referring to the last modification date indicated at the bottom. If the changes affect processing based on consent, the Data Controller will obtain the User's consent again, if necessary.
Definitions and legal references
Personal Data (or Data)
Personal data is any information that, directly or indirectly, even in connection with any other information, including a personal identification number, makes a natural person identified or identifiable.
Usage Data
This information is collected automatically through medicalistore.it (including third-party applications integrated into medicalistore.it), including: IP addresses or domain names of the computers used by the User who connects to medicalistore.it, URI (Uniform Resource Identifier) addresses, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the server's response (successful, error, etc.), the country of origin, the characteristics of the browser and operating system used by the visitor, the various temporal connotations of the visit (for example, the time spent on each page), and details relating to the path followed within the Application, with particular reference to the sequence of pages visited, the parameters relating to the operating system and the User's IT environment.
User
The individual who uses medicalistore.it who, unless otherwise specified, coincides with the Data Subject.
Interested
The natural person to whom the Personal Data refers.
Data Controller (or Controller)
The natural person, legal person, public administration or any other entity that processes personal data on behalf of the Data Controller, as set out in this privacy policy.
Data Controller (or Owner)
The natural or legal person, public authority, service or other body which, individually or together with others, determines the purposes and means of the processing of personal data and the tools used, including the security measures relating to the operation and use of medicalistore.it. The Data Controller, unless otherwise specified, is the owner of medicalistore.it.
medicalistore.it (or this Application)
The hardware or software tool through which the Personal Data of Users is collected and processed.
Service
The Service provided by medicalistore.it as defined in the relevant terms (if any) on this site/application.
European Union (or EU)
Unless otherwise specified, any reference to the European Union contained in this document shall be deemed to extend to all current member states of the European Union and the European Economic Area.
Cookie
Cookies are Tracking Tools that consist of small portions of data stored within the User's browser.
Tracking Tool
By Tracking Tool we mean any technology - e.g. Cookies, unique identifiers, web beacons, embedded scripts, etags, and fingerprinting - that allows you to track Users, for example by collecting or saving information on the User's device.
Legal references
This privacy policy is drafted on the basis of multiple legislative systems.
Unless otherwise specified, this privacy policy applies exclusively to medicalistore.it.
Last modified: February 7, 2025