Legal

Privacy Policy

Information notice pursuant to articles 13 and 14 of EU Regulation no. 2016/679 on the use of personal data of Users visiting www.mia-care.io

Latest Update: 23/02/2021

MIA CARE s.r.l. (hereinafter MIA CARE) processes the personal data of Users visiting www.mia-care.io in compliance with EU Regulation no. 2016/679 (hereinafter GDPR) on the protection and processing of personal data. Pursuant to articles 13 and 14 of the GDPR, information is given below on the processing of Users' data when browsing www.mia-care.io and its subdomains and any other data sent voluntarily by Users when using the chat service and/or sending emails to the addresses published on the aforementioned website.

1. Definitions

Personal Data: means any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person (EU Regulation no. 2016/679 art. 4 no. 1). Personal data are a macro-category that includes the following sub-categories:

Common data (e.g.: identifying data such as name, surname, address, tax code);
Special personal data and personal data relating to criminal convictions or offences (pursuant to articles 9 and 10 GDPR: data revealing "racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, as well as genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation; data relating to criminal convictions and offences").

Browsing Data: these data fall within the sub-category of common personal data. More precisely, reference is made to personal data which are acquired by the IT systems and software procedures in charge of operating this website during the normal course of operation, and which are technically essential to ensure the functioning and security of sessions and the anonymous statistical processing of corresponding accesses. This type of information is not collected to be associated with any identified data subjects, but because of its very nature could enable the identification of users through processing and association with data held by third parties. Examples of browsing data include: IP addresses or domain names of the computers used by users who connect to the site, URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the numerical code indicating the status of the response from the server (successful outcome, error, etc.) and other parameters related to the user's operating system and IT environment.

User: means the natural person to whom the browsing data on www.mia-care.io and its subdomains, and any other personal information released on such website as a result of sending emails and/or using the chat service, refer to.

Processing: means any operation or set of operations which is performed, whether or not by electronic means, concerning the collection, recording, organisation, structuring, storage, processing, adaptation, alteration, retrieval, use, consultation, disclosure by transmission, dissemination or otherwise making available, alignment, combination, restriction, erasure or destruction of personal data, even if such data are not recorded in a database.

Data Controller (hereinafter "Controller"): means the person that determines the purposes, means of processing and the instruments used, including the security profile.

Data Processor: means the person that performs certain processing activities acting on the instructions of the Data Controller.

Person in charge of Data Processing: means the single employee and/or associate authorised to process data on the basis of instructions received from the Controller.

2. Who handles the Data

MIA CARE s.r.l., VAT No. 11504530962, with registered office in Milan, Via Carroccio 16, is the Data Controller. Some of the processing operations specified under art. 3 are entrusted to Data Processors, as detailed under art. 5. The list of Persons in charge of Data Processing authorised by the Data Controller under art. 3 and the relevant sub-lists, for the purposes specified in this information notice may be viewed at the Data Controller's offices, following submission of an email to privacy@mia-care.io.

3. What kind of personal data we collect

MIA CARE collects and uses certain personal data of the Users, as specified below depending on the type of service used by Users while browsing our website.

3.1 Browsing data

When Users access www.mia-care.io, MIA CARE collects certain information to make it safe for Users to browse its website, on which web analysis services are used. For more details, please refer to the Section on cookies.

3.2 Forms

When filling out the forms available on www.mia-care.io to use the contact services, to download technical documents for free or to use any other services appearing on the header of the form, Users agree to the use of their personal data by MIA CARE for the purpose of providing the above services. MIA CARE always asks Users for their email address, which is regarded as common personal data. MIA CARE may also request additional common personal data such as:

Surname;
Name;
Mobile telephone number;
Company;
Job position;
Any other personal data included in the message sent.

3.3 Newsletter

Please refer to the Section containing information about the processing of personal data for the newsletter service.

3.4 Emails

When Users contact MIA CARE voluntarily for any information about the company's activities or for sending spontaneous applications for a job position by email to one of the following email addresses provided on www.mia-care.io (career@mia-care.io; info@mia-care.io) MIA CARE collects and processes the following common personal data:

Email address;
Surname;
Name;
Any other personal data included in the message sent.

3.5 Chat

When Users use the instant messaging tool available on www.mia-care.io to contact MIA CARE quickly, MIA CARE collects and processes the following common personal data:

Name;
Surname;
Any other personal data included in the message sent.

4. How personal data are used

MIA CARE processes the browsing data referred to in art. 3.1 pursuant to art. 6, paragraph I, letter f) (MIA CARE's legitimate interest) of the GDPR. These data allow Users to use the website safely.

MIA CARE processes the personal data referred to in art. 3.2, 3.3, 3.4 and 3.5 pursuant to art. 6, paragraph I, letter a) (User's consent), b) (performance of the service agreement by MIA CARE), f) (MIA CARE's legitimate interest) of the GDPR. The data are used for processing requests sent by Users either by filling out a form, subscribing to the newsletter service and/or sending an e-mail or a chat message. Specifically, MIA CARE shall use Users' data for:

Research, market analysis and product development purposes;
Providing the newsletter service;
Answering questions and/or sending any requested information;
Considering Users' spontaneous applications for job positions.

In any case, MIA CARE shall not use the data for sending advertising material or offering discounts or invitations to join promotional campaigns of any kind, unless it has received the User's explicit consent acquired separately at a later date.

The collection of data and subsequent recording, submission, rectification and/or erasure thereof shall take place by computerised means. MIA CARE warrants that the personal data acquired shall be processed by taking appropriate technical and organisational measures to ensure the safe performance of the above operations.

5. Data Processors

In providing its services, MIA CARE uses Data Processors pursuant to art. 28 no. 4 of the GDPR, i.e. external parties entrusted with certain data processing activities. Namely MIA CARE uses the services of:

A) Google Workspace (formally GSuite) by Google Ireland Ltd. to: back-up the data received by email on Google Cloud; send and receive emails using the Gmail business service.
B) HubSpot by HubSpot Inc. to: provide the newsletter service; provide the instant messaging service; store Users' personal data.
C) MIA s.r.l. to: manage marketing and communication services.
D) Aut O'Mattic A8C Ireland Ltd to: create and manage the website on wordpress.com.
E) QZR s.r.l. to: manage www.mia-care.io as system administrator.
F) ICTandStrategy s.r.l. to: manage some HubSpot functions as system administrator.

For further information, please send an email to privacy@mia-care.io.

6. Storage period for personal data

The personal data referred to in art. 3 and listed below are stored for the period of time detailed below. A distinction is made between:

Browsing data: stored for a maximum period of twenty-six (26) months and then immediately erased. For further information, please refer to the Cookies Section.
Use of forms (for the free download of technical documents): data shall be stored until the purpose for which they were provided has been achieved or for a maximum period of twelve (12) months since the User's most recent interaction with MIA CARE.
Request for information (by email or instant messaging service): data shall be stored until the purpose for which they were provided has been achieved or for a maximum period of thirty (30) days since the User's most recent interaction with MIA CARE.
Spontaneous application for a job position: data shall be stored until the purpose for which they were provided has been achieved or for a maximum period of one (1) year from the date of receipt of the CV by MIA CARE.

Data are stored on servers located within the European Union. For operating reasons of some Data processors, Data may be transferred outside the European Union. For further information on this subject, please send an e-mail to privacy@mia-care.io. MIA CARE ensures the definitive erasure of the aforementioned data.

7. Social Media and links to other sites

MIA CARE uses certain social media channels to communicate with the public: LinkedIn, Instagram and Vimeo. Users can find the button for sharing content on these social networks on www.mia-care.io. Social platforms such as LinkedIn, Instagram and Vimeo may save Users' data in cloud on servers that may be located outside the European Union and use their own cookies to recognise Users who are browsing after having logged into their accounts.

MIA CARE has made no agreements with the companies that run the aforementioned platforms and has no control over how the data of Users who have logged in are used. Therefore, MIA CARE invites Users to read the privacy policy adopted by LinkedIn, Instagram and Vimeo.

Users are informed that certain Vimeo videos may be viewed directly on the MIA website. In this case, cookies or other tracking systems may be used. To avoid tracking, Users may change their preferences at any time by clicking on the Cookies button on the www.mia-care.io footer.

8. Cookies

Please refer to the Section on the use of cookies below.

9. Erasure and other User rights pursuant to the GDPR

Users, at any time, may exercise the right to:

Obtain confirmation as to whether or not personal data concerning them are being processed;
Obtain information about the purposes of the processing, the categories of personal data concerned, the recipients or categories of recipient to whom the personal data have been or shall be disclosed and, where possible, the period of storage;
Request from the Data Controller access to personal data and the rectification or erasure of personal data or restriction of processing of personal data concerning them or to object to such processing, as well as the right to data portability;
Lodge a complaint with the supervisory authority.

In order to exercise the aforementioned rights, Users shall send a written request to privacy@mia-care.io. The request shall be processed within thirty (30) business days from its receipt.

10. Data Protection Officer

It is possible to contact the Data Protection Officer appointed by MIA CARE s.r.l. by sending an e-mail to: privacy@mia-platform.eu

Cookies

As Data Controller, MIA CARE uses cookies for the correct operation of its website www.mia-care.io and its subsections (blog, resources and documentation) and to make it easy for Users to browse its website. MIA CARE processes the data collected by cookies according to art. 6 paragraph I letter a) (consent from Users to enable them); (b) (performance of a contract); (f) (MIA CARE's legitimate interest) of the GDPR. The period of storage for such data is shown in the Cookies Table or in the information notice on third party cookies which may be accessed by clicking on the relevant hyperlink. By browsing the website and based on the consent given, Users agree that certain personal data regarding them which have been collected may be transferred outside the European Union.

1. What are cookies?

Cookies are portions of code installed in the browser that help MIA CARE provide browsing services on www.mia-care.io according to the purposes described in this Information notice in the above Section. Some of the purposes for which Cookies are installed may also require the User's consent: in this case, the User's consent may be withdrawn freely at any time by clicking on the Cookies button on the website footer.

2. What type of cookies does the MIA CARE website use?

This website uses the following cookies:

Technical cookies: they ensure the correct use of website content.
Performance cookies: tool for the anonymous and aggregate analysis of Users' behaviour on the website. Although these cookies do not identify the User, they are able to detect, for example, if the same User logs in again at a different time.
Profiling cookies: used to promote offers in line with Users' needs.

Some of the cookies on this website are third-party cookies, as shown in the Cookies Table below.

Flag	Type of cookies	Data Processor	Period of storage	Purposes
Compulsory	Technical cookies	MIA Care srl QZR srl Wordpress.com	Session	Ensuring correct operation of website.
Optional	Performance cookies	MIA Care srl QZR srl Google LLC Wordpress.com	Variable	Optimising the website and User's browsing experience.
Optional	Profiling cookies	MIA Care srl QZR srl Google LLC Hubspot Inc Linkedin Vimeo Inc	Variable	Sharing website content with other users (social media); Proposing advertising messages in line with Users' on-line behaviour and interests; Proposing personalised content and information on specific Users' preferences.

3. Enabling and disabling cookies

Since some of the performance cookies and profiling cookies of MIA CARE and/or third parties are not essential for the proper operation of the website, Users who have given their consent to enable the optional cookies specified above may, at any time, change or withdraw their consent to the use of optional (own or third-party) cookies by clicking on the Cookies button on the www.mia-care.io footer.

Information is given below on the processing of personal data that you have voluntarily disclosed to us online in the form available on www.mia-care.io or at an event you personally attended, which is essential for providing the newsletter service to you.

1. What data do we ask you for?

MIA CARE always asks you for your email address, which is common personal data. MIA CARE may also request the following additional common personal data from you:

Name;
Surname;
Job position;
Company.

2. How do we use your data?

MIA CARE processes all your personal data specified above in accordance with art. 6, paragraph 1, letters a), b), f) of the GDPR. Your data are used to send you our e-newsletter periodically and to keep you fully updated on: MIA CARE software product developments; news about our activities; training events; deeper insights that can be downloaded (PDF file) free of charge. MIA CARE shall not use your data to send you any advertising material or to offer you any discounts or invite you to join any promotional campaigns of any kind.

We inform you that your personal data may be collected manually (by filling out a paper form) or using computerised means. Subsequent recording, submission, rectification and erasure operations shall be carried out using computerised means. MIA CARE warrants that the personal data you provide shall be processed by taking appropriate technical and organisational measures to ensure safe operations: for further information, please write to privacy@mia-care.io.

3. Who helps us to process your data?

MIA CARE uses Data Processors to provide this service, pursuant to art. 28 of the GDPR, that is, external parties to whom we entrust certain activities relating to the processing of your data. In this regard, we would like to point out that our newsletter service is managed on HubSpot, a marketing platform also used to send newsletters, owned by HubSpot Ireland Ltd, a subsidiary of HubSpot Inc., based in the United States of America.

HubSpot allows us to receive information about who opens the newsletters and clicks on the links. MIA CARE uses this information for the sole purpose of understanding which content is of greatest interest to Users receiving the newsletters.

By agreeing to receive our newsletter, you agree to the storage of your email address on HubSpot Ireland Ltd's Servers and to the transfer of your data referred to in art. 3 above to the United States of America based on HubSpot Inc.'s Standard Contractual Clauses.

In addition, MIA uses the Google Workspace (formally GSuite) services of Google Ireland Ltd, to: back-up your data on Google Cloud; send and receive emails using the Gmail business service. For further information, please send an email to privacy@mia-care.io.

4. For how long and where do we store your data?

Your data shall be stored as long as you decide to continue to receive our newsletter. We remind you that you can unsubscribe at any time by clicking on the Unsubscribe button at the bottom of any e-mail sent. Subject to the provisions set out in art. 3 — potential transfer of data to the USA via HubSpot — your data shall be stored on servers located within the European Union: for further information on this subject, please send an email to privacy@mia-care.io. When you unsubscribe, HubSpot shall inform MIA CARE that the newsletter has been unsubscribed successfully.

5. Erasure and your other rights under the GDPR

Pursuant to articles 15–22 of the GDPR, you may exercise the following rights at any time:

The right to obtain confirmation as to whether or not personal data concerning you are being processed;
The right to obtain information about the purposes of the processing, the categories of personal data concerned, the recipients or categories of recipient to whom the personal data have been or shall be disclosed and, where possible, the period for which the data shall be stored;
The right to request from the Data Controller access to the personal data and the rectification or erasure of personal data or restriction of processing concerning you or to object to such processing, as well as the right to data portability;
The right to object at any time to processing of personal data, including for direct marketing purposes;
The right to object to an automated decision-making process concerning individuals, including profiling;
The right to withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal;
The right to lodge a complaint with a supervisory authority.

You may exercise your rights by sending a written request to: privacy@mia-care.io. Your request shall be processed within thirty (30) working days from its receipt.

6. Links to other sites

MIA CARE informs you that this information notice does not apply to other websites and on-line pages or services that can be reached via hyperlink published at the bottom of the newsletter. We invite you, therefore, to view the privacy policy of these linked sites.

7. Data Protection Officer

It is possible to contact the Data Protection Officer appointed by MIA CARE s.r.l. by sending an e-mail to: privacy@mia-platform.eu