Privacy Policy
Disclosure in accordance to EU Regulation 679/2016
1. Preliminary Remarks
Pursuant to articles 13 et seq. of EU Regulation 679/2016 (“GDPR”), Mediusa (“Company” or the “Owner”) provides below the information regarding the processing of personal data of users (“User / Users”) in the context of consultation and / or use of the services of the website: (“Site”). The information is provided only for the Site and not for other websites that may be consulted by the User through links on the Site.
2. Data Controller

The Data Controller is Mediusa, con sede legale a INSERIRE INFO

3. Data protection Officer
The Company has appointed a Data Protection Officer (DPO). For all questions relating to the processing of personal data and/or to exercise the rights provided for in the Regulations.
4.1 Navigation Data
The computer systems and software procedures used to operate the Site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified subjects, but by its very nature could allow users to be identified. This category of data includes (i) IP addresses or domain names of computers used by users connecting to the Site, (ii) URI (Uniform Resource Identifier) of requested resources, (iii) the time of the request, (iv) the method used to submit the request to the server, (v) the size of the file obtained in response, (vi) the numerical code indicating the status of the response from the server (successful, error) and (vii) other parameters relating to the operating system and computer environment of the user. These data are used only to obtain anonymous statistical information on the use of the Site and to check its proper functioning and are deleted immediately after processing.
4.2 Cookie
For the processing of data using cookies, please read the relevant policy, available at the following link. INSERIRE
4.3 Data provided voluntarily by the User:
  • The optional, explicit and voluntary sending of electronic mail to the email addresses indicated on the Site involves the acquisition and processing by the Owner of such data and any other information contained in such communications for the purposes indicated in the next paragraph;
  • the request by the User to receive the newsletter implies, with the consent of the interested party, the processing of the following data: e-mail address;
  • sending your curriculum vitae involves the processing of the following data: name, surname, date of birth, e-mail address, telephone number, level of education, employment status and professional experience.
4.4 Purpose and legal basis of treatment
The processing of the User’s personal data by the Owner is aimed at:

  • pursue, in accordance with art. 6.1, letter f) of the GDPR, its own legitimate interest, consisting in ensuring the security of the Site and the information exchanged on it, i.e. the ability of this Site to withstand, at a given level of security, unforeseen events or unlawful or malicious acts that compromise the availability, authenticity, integrity and confidentiality of personal data stored or transmitted and the security of the related services offered or made available;
  • to send the newsletter;
  • allow the User to send his curriculum vitae or communicate with the email addresses indicated on the Site.
5. Compulsory or Optional Nature of Data Provision and Consequences of a refusal to respond
The nature of the provision of data by the User is mandatory for the data controller to provide the services requested. In case of refusal will be impossible to use the chosen service.
6. Processing Methods and Storage Times of Personal Data
Personal data are processed by manual, computer and automated systems. For the purposes of the correct processing of data, it is necessary that the person concerned promptly notifies any changes. It should be noted, in particular, that the User’s personal data are processed by persons duly appointed to perform these tasks, constantly identified and / or appointed, properly instructed and made aware of the constraints imposed by law, as well as through the use of security measures to ensure the protection of confidentiality and to avoid the risks of loss or destruction, unauthorized access, processing not allowed or not in accordance with the purposes mentioned above. Security measures are constantly improved in line with technological developments.
7. Disclosure of Data to Third Parties
Personal data will be processed by the data controller, by the data processors appointed by him and by the processors strictly authorized. They may be communicated to the companies that own the data processing, if appointed. The data may also be communicated following inspections or checks, if requested to the Company, to all inspection bodies responsible for checks and controls concerning the regularity of legal obligations. The Owner guarantees the utmost care so that the communication of personal data to the aforementioned recipients concerns only the data necessary for the achievement of the specific purposes for which they are intended. Personal data are stored in the databases of the Owner and will be processed only by authorized personnel. The latter will be provided with specific instructions on the methods and purposes of processing. Such data will also not be disclosed to third parties, except as provided above and, in any case, within the limits indicated therein, as well as will not be disclosed, except in the cases described above and / or required by law.
8. Duration of Processing and Storage of Personal Data
The User’s personal data will be processed by the Owner only for the period of time necessary to achieve the purposes of the treatment after which they will be kept only in compliance with the legal obligations in force on the subject, for administrative purposes and / or to assert or defend their rights in case of litigation and pre-litigation.
9. Existance of an Automated Decision-Making Process
There is no automated decision-making process.
10. Intention of Holder of Personal Data Treatment
The Data Controller will not transfer Users’ personal data to a third country or international organisation.
11. Rights of the Data Subject
As an interested party, the User may exercise, at any time, against the Holder, the rights under Art. 7 of the Privacy Code and Art. 15 of the GDPR listed below, by sending a written request to the following email address:

In the same way, the User may at any time revoke the consents expressed in this policy.
The User has the right to:

  • obtain confirmation of the existence or not of personal data concerning him, even if not yet recorded, and their communication in intelligible form;
  • obtain information on: a) the source of the personal data; b) the purposes and methods of processing; c) the logic applied in the case of processing carried out with the help of electronic means; d) the identity of the owner, manager and representative appointed pursuant to art. 5, paragraph 2 of the Privacy Code and art. 3, paragraph 1, GDPR; e) the entities or categories of entity to whom or which the personal data may be communicated and who or which may get to know said data in their capacity as designated representative(s) in the State’s territory, manager(s) or person(s) in charge of the processing;
  • obtain: a) the updating, rectification or, when interested, integration of data; b) the cancellation, transformation into anonymous form or blocking of data processed unlawfully, including data whose retention is unnecessary for the purposes for which the data were collected or subsequently processed; c) certification to the effect that the operations as per letters a) and b) have been notified, as also related to their contents, to the entities to whom or which the data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected;
  • oppose, in whole or in part: a) for legitimate reasons to the processing of personal data concerning him, even if pertinent to the purpose of collection; b) the processing of personal data concerning him for the purpose of sending advertising materials or direct selling or for carrying out market research or commercial communication, through the use of automated calling systems without the intervention of an operator by e-mail and / or traditional marketing methods by telephone and / or mail. It should be noted that the right of opposition of the person concerned, as set out in point b) above, for direct marketing purposes by means of automated methods extends to the traditional ones and that, in any case, the possibility for the person concerned to exercise the right of opposition even in part remains unaffected. Therefore, the interested party may decide to receive only communications by traditional means or only automated communications or neither of the two types of communication. Where applicable, he also has the rights under Articles. 16-21 GDPR (Right of rectification, right to be forgotten, right to limitation of processing, right to data portability, right of opposition), as well as the right of complaint to the Guarantor Authority.
This Privacy Policy was updated on 23/05/2019. Any updates will always be published on this page