Privacy Policy


Information on the processing of your personal data, pursuant to article 13-14 of Lgs. Decree 2016\679.

Netgenomics, as data controller for your personal data pursuant to article 13-14 of Lgs. Decree 2016\679, following as ‘GDPR’, with this page informs you said decree provides for the protection of the interested parties pertaining the management of personal data and that management will be performed following the porinciples of honesty, lawfulness, transparency and safeguard of your privacy and rights.

Your personal data will be processed following in accordance with the provisions of the afore mentioned decree and of the privacy obligations there expected.

Goals and legal basis of the processing: specifically your data will be processed for the following purpose related to the compliance to legal and contractual obligations:

  • mandatory compliance to fiscal and accounting laws
  • after-sale services
  • litigation management
  • customer management
  • quality assurance
  • activities programming
  • billing historical data

Your data will also be used for the following purposes, related to activities pertaining contractual or pre-contractual obligations:

  • assessment of customer satisfaction level

Your personal data could also be used, after you consent, for:

  • market investigations, statistics and other activities, including marketing and promotional media shipping.

Data provision is free and optional. Your provision refusal will not compromise the continuation of the contract or the data processing adequacy.

Method of processing. Your personal data could be used in the following methods:

  • Through electronic calculators using managed software systems or directly programmed
  • Processing operations outsourcing
  • Customers, consumers or supplier profiling
  • informatic or telematic data gathering
  • Processing with electronic calculators
  • Manual processing of paper archives

Each processing is performed pursuant to article 13-14 of Lgs. Decree 2016\679 and with all due security measures

Your data will be processed only by personnel explicitly authorized by the holder, and specifically by the following operator types:

  • Sales
  • Secretariat
  • Administrative office
  • Marketing
  • Analysis laboratory

Communications: your data could be communicated to external parties to guarantee a correct relationship management, specifically to the following subjects groups, including the duly appointed data controllers:

  • Banks and credit groups
  • Consultants and freelancers, also in associated forms
  • Shippers, carriers, post, logistics firms

Distribution: your personal data will not be shared in any way.

Retention policy: we inform you that, following the principles of lawfulness, purpose limitation, data minimization and pursuant to art. 5 of the GDPR, the retention period of your personal data is:

  • Set to a period of time not exceeding the achievement of the goal for wich they are gathered and processed for the fulfillment of the contractual goals.
  • set to a period not exceeding the fulfillment of the services supplied
  • Following law dispositions

Owner: The data controller, in accordance with the law, is: Polo d’innovazione di Genomica Genetica e Biologia (Via Fiorentina 1, Siena c/o TLS Edificio 36); E-mail: acting through its legal representative

You have the right to obtain the deletion (right to be forgotten), the limitation, the update, correction, portability, opposition to your data processing, as well as exercising all the rights established int the art. 15, 16, 17, 18, 19, 20, 21, 22 og the GDPR.

You can always read the updated version of this document at this url: UE 2016\679: Artt. 15, 16, 17, 18, 19, 20, 21, 22 - Involed person rights

  1. the involved person has the right to receive a confirmation for the existance or the inexistance of personal data regarding him, even if still not registered, to receive a readable copy of the data and the possibility to make a claim to the supervisory authority.

  2. the involved person has the right to receive an indication of:

    • Personal data origin
    • Goal and processing procedure details
    • The logic applied when using an electronic aided processing
    • The identity of the owner, the supervisors and the designated representative pursuant to art. 5, comma 2
    • The subjects or the subject categories to whom the data can be communicated or may become aware of as designated representatives in national territory, the supervisors and the operators
  3. the involved person has the right to obtain:

    • Update, correction and, when the need arises, the integration of his data
    • Deletion, anonymization or the block of data in violation of the law, even of the data not necessary to the purpose for which they were gathered or subsequently processed
    • The certification that activities on the previous two points have been brought to attention, also concerning their contents, to the persons the data have been transmitted or diffused, except when this compliance is impossible or entails an expenditure of means greatly disproportionate compared to the protected right
    • Data portability
  4. the data subject has the right to object, fully or partially

    • for legitimate reasons related to data processing pertaining himself, or the purpose of the gathering
    • to personal data processing with the intent of marketing, direct sales, market investigation and promotional media shipping