Privacy Policy
NOTICE ON THE PROCESSING OF PERSONAL DATA PURSUANT TO ARTICLE 13 OF REGULATION (EU) 679/2016 (GDPR)
Henry Schein ONE Italia S.r.l. (hereinafter referred to as HSO), in its capacity as the Data Controller, pursuant to and for the purposes of Article 13 of Regulation (EU) 679/2016, hereby informs data subjects visiting this website about the purposes and methods of processing the collected personal data, the scope of communication and dissemination of such data, and the nature of their provision.
PREAMBLE
In providing its services and in the course of its business activities, HSO acknowledges the utmost importance of and respects the right to personal data protection as a fundamental personal right. The protection of information concerning our customers, contacts, and, in general, individuals who interact with HSO is essential, and we dedicate the utmost attention to it.
Regulation (EU) 679/2016 (General Data Protection Regulation – GDPR) defines “personal data” as any information relating to an identified or identifiable natural person (“data subject”). According to the GDPR, “processing” refers to any operation or set of operations performed on personal data or sets of personal data, whether or not by automated means, including collection, recording, organization, structuring, storage, adaptation, modification, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment, combination, restriction, erasure, or destruction.
The following information describes the methods and purposes of processing the personal data of users who access and use the website www.orisline.com (hereinafter referred to as the “Website”). This notice applies solely to the Website and not to any third-party websites that may be accessed through hyperlinks contained within the Website.
DATA CONTROLLER
The Data Controller is Henry Schein ONE Italia S.r.l. (HSO), with its registered office at Via Guido D’Arezzo 15, 20145 Milan (MI), Italy, and operational headquarters at Via G. Amendola 7, 20063 Cernusco s/n, Italy.
– Phone: +39 02 89617547
– Email: [email protected]
HSO has appointed a Data Protection Officer (DPO), who can be contacted at [email protected]. The complete contact details of the DPO have been communicated to the Data Protection Authority in accordance with Article 38 of Regulation (EU) 679/2016.
PURPOSES AND METHODS OF PROCESSING
The data processing operations are carried out concerning the personal data necessary for the use of the Website and its functionalities. The types of data processed may specifically include:
1. Browsing Data
The IT systems and software procedures used to operate the Website acquire certain data during their normal operation, sometimes even personal data, whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified users but, by its very nature, could, through processing and association with data held by third parties, allow users to be identified. These data are used solely to obtain anonymous statistical information on the use of the Website and to ensure its proper technical functioning. They are not used by the Data Controller for direct profiling activities.
2. Data voluntarily provided by the user, such as:
– Email address and any other personal data contained in emails sent (including via mailto: links) to the addresses listed on the Website, in order to respond to user inquiries.
– Name, email address, and other details provided when subscribing to newsletters, in order to receive periodic informational communications and updates on topics, products, and services offered by the Data Controller.
– Name, email address, and other personal data provided when filling out contact and information request forms, in order to respond to user requests.
The data provided by users may be collected and stored by the Data Controller, including in electronic form, for purposes related to their collection through the Website. These data will not be used for direct marketing unless explicit consent is provided by the user at the time of submission by checking the relevant box.
3. Data Processing for Contractual and Commercial Purposes
In cases of contractual relationships and/or purchases made directly by the data subject (including via the Data Controller’s website), the provided data will be processed to fulfill contractual obligations (and/or necessary pre-contractual activities), process orders, manage associated activities, and provide after-sales support, including handling complaints.
If a user requests information or contacts HSO through social media campaigns, web-based advertising, or events organized by HSO, their data will be processed to manage these interactions and provide related commercial information.
Marketing Purposes: If expressly consented to, personal data may be processed for marketing purposes, including sending informational messages, commercial communications, and promotional content related to the Data Controller’s business and services. This may include automated means (email, SMS, WhatsApp, instant messaging) and traditional means (phone calls with an operator), always in full compliance with legal requirements.
NATURE OF DATA PROVISION
The provision of data is mandatory for the execution of contracts and for compliance with legal obligations. For other purposes, the provision is optional but necessary, and refusal to provide data may prevent HSO from properly fulfilling its services.
Regarding marketing activities, consent is optional, and refusal will prevent the Data Controller from sending commercial offers and promotions. Consent can be withdrawn at any time and may be managed to specify preferred communication methods.
LEGAL BASIS FOR PROCESSING
Under Article 6(1) of Regulation (EU) 679/2016, consent is not required for processing general browsing or voluntarily provided contact data, as they are processed to comply with legal obligations or fulfill contractual or pre-contractual obligations.
However, for marketing activities, explicit consent is required, and without it, the Data Controller cannot proceed with commercial communications.
DATA PROCESSING METHODS
Data processing will be carried out primarily using electronic tools, by authorized employees and external service providers, following the Data Controller’s instructions, ensuring the security and confidentiality of the processed data.
DATA COMMUNICATION AND SHARING
Collected data will not be disseminated publicly but may be communicated to:
– Public authorities for legal compliance.
– Group companies for operational and administrative purposes.
– Third-party service providers (e.g., IT support, legal advisors, telemarketing and web marketing companies).
Personal data may be transferred outside the EU only to entities that guarantee adequate protection levels, in compliance with Articles 45 and 46 of the GDPR.
DATA RETENTION PERIOD
Personal data will be stored for the time necessary to fulfill contractual, administrative, accounting, and fiscal obligations, in compliance with legal time limits. For marketing communications, data will be stored until the data subject exercises their right to opt-out.
DATA SUBJECT RIGHTS
Under Articles 15-22 of the GDPR, data subjects have the right to:
✔ Access their data.
✔ Rectify, update, or delete their data if incorrect or unlawfully collected.
✔ Restrict processing under certain conditions.
✔ Object to processing for legitimate reasons.
✔ Receive data in a structured, commonly used, machine-readable format (data portability).
✔ Withdraw consent for marketing communications at any time.
Requests to exercise these rights can be sent to info@orisline.com. If a data subject believes their rights have been violated, they can file a complaint with the Data Protection Authority.
For information regarding website cookies, please refer to the Cookie Policy.