Privacy Policy

Last updated: 19 May 2026

This policy describes how personal data of users visiting medicalware.it is processed, in accordance with Regulation (EU) 2016/679 (the “GDPR”) and Italian Legislative Decree 196/2003 (the Personal Data Protection Code).

In case of any discrepancy between this English version and the Italian version, the Italian version shall prevail.

1. Data Controller

Medicalware S.r.l. — Single-shareholder company
Via della Ricerca Scientifica snc — 00133 Rome (RM), Italy
VAT / Tax ID: 12651051000 — REA: RM 1391193
Email: info@medicalware.it
Certified email (PEC): medicalware@pec.libero.it

2. Types of data processed

a) Browsing data (web server logs). The IT systems running the website automatically collect, in the normal course of operation, certain data the transmission of which is implicit in the use of Internet communication protocols. Such data includes IP addresses, browser type, operating system, date and time of requests, pages visited, server response status codes. This data is used solely to obtain anonymous statistical information about site usage and to monitor its correct functioning.

b) Data provided voluntarily. Sending an email to the contact addresses published on this site results in the subsequent acquisition of the sender's address and any data contained in the message, necessary to respond to the request.

The website does not use profiling cookies, third-party cookies, tracking systems, analytics, or marketing pixels. Fonts are hosted directly on the server (self-hosted) and are not loaded from external CDNs.

3. Purposes and legal bases

Operation and maintenance of the site (technical cookies / server logs): Legitimate interest of the Controller — Art. 6.1.f GDPR
Response to email requests: Pre-contractual measures / legitimate interest — Art. 6.1.b and f GDPR
Compliance with legal obligations: Art. 6.1.c GDPR

4. Recipients of data

Data may be processed by the Controller's employees and collaborators, authorized to process pursuant to Art. 29 GDPR.

The site is hosted by a hosting provider acting as Data Processor under Art. 28 GDPR, on the basis of a specific contract. The hosting provider may have access to the server's technical logs.

Data is not disclosed nor communicated to third parties beyond cases provided for by law.

5. Non-EU transfers

The site is hosted within EU territory. Any transfers to third countries will be carried out exclusively in cases provided for by applicable law (European Commission adequacy decisions, standard contractual clauses).

6. Retention period

Server logs: retained for the time strictly necessary for site maintenance and security (generally no longer than 90 days), unless required for the investigation of offences.
Received emails: retained for the time necessary to fulfill the request and comply with any contractual and legal obligations.

7. Rights of the data subject

Pursuant to Articles 15-22 GDPR, the user has the right to:

access their personal data;
obtain its rectification or erasure;
obtain restriction of processing;
object to processing;
receive their data in a structured format (portability);
withdraw consent, where applicable, at any time.

To exercise these rights, the user may write to info@medicalware.it or medicalware@pec.libero.it.

8. Right to lodge a complaint

If the user believes that the processing of personal data violates GDPR, they have the right to lodge a complaint with the Italian Data Protection Authority (“Garante per la protezione dei dati personali”, www.garanteprivacy.it) or with the supervisory authority of their EU member state of residence.

9. Changes to this policy

This policy may be updated at any time. The date of the last modification is shown at the top of the document. Users are advised to consult this page periodically.