Quipu s.r.l. is committed to safeguarding the privacy of our customers and website visitors; this policy sets out how we will treat your personal information.
We may collect, store and use the following kinds of personal information:
We ask you to share your personal data with us for purposes that include, but are not limited to:
We generally process your personal data only for those purposes that we have communicated to you. If we use it for other (closely related) purposes, additional data protection measures will be implemented if required by law.
The individual using this Application, which must coincide with or be authorized by the Data Subject, to whom the Personal Data refer.
The legal or natural person to whom the Personal Data refers.
Data Processor (or Data Supervisor)
Data Controller (or Owner)
The natural person, legal person, public administration or any other body, association or organization with the right, also jointly with another Data Controller, to make decisions regarding the purposes, and the methods of processing of Personal Data and the means used, including the security measures concerning the operation and use of this Application. The Data Controller, unless otherwise specified, is the Owner of this Application.
Referring Person of Personal Data Processing
The natural person that the CEO of the Company nominates as a person who acts as an Internal Referring Person for processing personal data. This person is nominated after a verification of his/her competencies and abilities in Personal Data Processing and related legal issues.
The hardware or software tool by which the Personal Data of the User is collected.
Notice to European Users: this privacy statement has been prepared in fulfillment of the obligations under Art. 10 of EC Directive n. 95/46/EC, and under the provisions of Directive 2002/58/EC, as revised by Directive 2009/136/EC, on the subject of Cookies. It has also been prepared in fulfillment of the obligations of the General Data Protection Regulation (GDPR) (EU) 2016/679.
Data controller‘s personal data:
Referring Person of Personal Data Processing’s personal data:
The Data Controller processes the Data of Users in a proper manner and shall take appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of the Data. The Data processing is carried out using computers and/or IT enabled tools, following organizational procedures and modes strictly related to the purposes indicated. In addition to the Data Controller, in some cases, the Data may be accessible to certain types of persons in charge, involved with the operation of the site (administration, sales, marketing, legal, system administration) or external parties (such as third party technical service providers, mail carriers, hosting providers, IT companies, communications agencies) appointed, if necessary, as Data Processors by the Owner. The updated list of these parties may be requested from the Data Controller at any time.
Personal data are processed at the Data Controller’s operating offices and in any other places where the parties involved with the processing are located. For further information, please contact the Data Controller at firstname.lastname@example.org.
Personal data are kept for the time necessary to provide the service requested by the User that is estimated to be 10 years; the User can always request that the Data Controller suspend or remove the data, sending an email at email@example.com.
A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server. This enables the web server to identify and track the web browser.
We may use both “session” cookies and “persistent” cookies on the website. Session cookies will be deleted from your computer when you close your browser. Persistent cookies will remain stored on your computer until deleted, or until they reach a specified expiry date.
Most browsers allow you to reject all cookies, whilst some browsers allow you to reject just third party cookies. For example, in Internet Explorer (version 9) you can refuse all cookies by clicking “Tools”, “Internet options”, “Privacy”, and selecting “Block All Cookies” using the sliding selector. Blocking all cookies will, however, have a negative impact upon the usability of many websites.
There are a number of different ways of managing cookies; please refer to the instruction manual or help screen of your browser to determine how to control and adjust settings. Users may change the predefined configuration and disable cookies (block them permanently) by setting the highest level of protection.
Below are the paths to follow to manage cookies on the following browsers:
How to disable third party services’ cookies:
Google Analytics services:
Third party cookies are not controlled directly by the Data Controller, and so if you wish to revoke your consent to use of these cookies you must contact the third parties’ internet sites or go to the website www.youronlinechoices.com to obtain information on how to delete or manage cookies on the basis of the browser you use and to manage your preferences regarding third-party profiling cookies.
We may use your personal information to:
We will not, without your express consent, provide your personal information to any third parties for the purpose of direct marketing.
The duration of data processing is balanced with the scope of the processing itself. It is limited to the services required by the customers. You can request for restriction or suspension of the processing by sending an email at firstname.lastname@example.org.
Your consent to processing of personal data is mandatory for the Company for the reasons listed in section 2, especially for the traceability of the medical device sold by the Company. If you do not agree with this consent, it will not be possible to download Company’s product or activate any evaluation/activation license.
If you desire to modify, get access, ask for erasure or rectification, or any other request related to your personal data provided, it is necessary to send an email to email@example.com specifying your request. The Data protection Officer or the controller will perform your request and reply to your mail.
In addition, we may disclose your personal information:
Information which you provide may be transferred to countries (including the United States and Canada) which do not have data protection laws equivalent to those in force in the European Economic Area.
You expressly agree to such transfers of personal information.
We will take reasonable technical and organizational precautions to prevent the loss, misuse or alteration of your personal information.
We will store all the personal information you provide on our secure (password- and firewall-protected) servers.
All electronic transactions entered into via the website will be protected by encryption technology.
You acknowledge that the transmission of information over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet.
QUIPU’s activities include also ultrasound images analysis for third parties. Images provided by the customer to Quipu should be in an anonymous form. Quipu, if required by the customer, can provide a cryptographic process to ensure data security.
In case of a personal data breach, QUIPU carries out specific actions in accordance with Regulation (EU) 2016/679 (General Data Protection Regulation). QUIPU shall without undue delay and, where feasible, not later than 72 hours after having become aware of it, notify the personal data breach to the supervisory authority competent in accordance with Article 55 of GDPR, unless the personal data breach is unlikely to result in a risk to the rights and freedoms of natural persons. Where the notification to the supervisory authority is not made within 72 hours, it shall be accompanied by reasons for the delay.
Article 32 of GDPR indicates that QUIPU shall implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk.
A data subject shall have the right to obtain confirmation as to whether or not personal data concerning him exist and to know their content and origin, to check their accuracy and to request integration or updating, or rectification (section 7 of Legislative Decree no. 196/2003) or objection to data processing, as stated in Article 21 of GDPR. Your rights are listed here:
Under the same section, data subjects are entitled to request erasure, anonymization or blocking of data that have been processed unlawfully, and in all cases to object to their treatment on legitimate grounds.
Requests in this regard should be sent to the Data Controller, sending an email at firstname.lastname@example.org.
We may withhold such personal information to the extent permitted by law.
You can expressly agree to our use of your personal information for marketing purposes; you can opt out of the use of your personal information for marketing purposes by sending an email to us at email@example.com.
The website contains links to other websites. We are not responsible for the privacy policies or practices of third party websites.
We may provide only your email address to third party websites in order to set up a survey about our services and products. The email address will be used only to send the invitation to our surveys. Every kind of sensitive information given to the survey provider are treated as an aggregate variable so both Quipu and any eventual third part involved in surveys don’t retain anything except of what explained in section Cookies.
It is in count that joining any kind of survey powered by a third part you accept also the private policy of the third part.
We are not responsible of the eventual wrongs belonging to the third part.
Please let us know if the personal information which we hold about you needs to be corrected or updated. You can send an email to firstname.lastname@example.org specifying your request.
The data controller responsible in respect of the information collected on this website is Vincenzo Gemignani, Via Verdi 3/b, Torre del Lago (LU), Italy.