Lenses

Thanks to a team of chemists, biologists and technicians, Shalcon offers end-users latest-generation contact lenses enriched with components that allow excellent hydration, counteracting eye dehydration, reducingadhesion of deposits, offering the wearer better visual clarity and immediate and long-lasting comfort, always with the ultimate aspiration - to maintain the physiological and hydration balance of the eye.

COOKIE POLICY

Browsing the website www.schalcon.com (hereafter also website) means sending cookies and similar tools to the user’s terminal. As a consequence, this document, as required by current regulations (art. 13 General Data Protection Regulation, hereafter also GDPR, and art. 122 of the Privacy code), provides the users who browse the website with the information relating to the cookies used or whose installation is allowed.

WHAT ARE COOKIES?
A "cookie" is a small text file created on the user’s computer at the time when he/she accesses a certain website, with the purpose of storing and transporting information. Cookies are sent from a web server (which is the computer on which the visited website is running) to the user’s browser (Internet Explorer, Mozilla Firefox, Google Chrome, etc.) and saved on the latter’s computer; they are then re-sent to the website at the time of subsequent visits.

While browsing, the user may receive on his/her terminal also cookies of different websites (so-called "third-party cookies"), set directly by operators of these websites and used for the purposes and according to the methods defined by them.

WHICH COOKIES ARE USED?
The website uses technical cookies and similar profiling cookies and tools of third parties.

First party cookies
Technical cookies
The website uses technical cookies with respect to which, based on the current regulations, no consent is requested from the data subject.

More specifically the website uses:

  • technical cookies that ensure normal browsing and use of the website by the user, listed in detail below

    COOKIE NAME EXPIRY
    XSRF-TOKEN (cookie linked to the security of the website’s forms) 24 hours
    schalcon_session – (session cookie for logged in users) At the end of the session


    In the absence of these cookies, the website may not work correctly.
  • ctechnical cookies that facilitate the user’s browsing, listed in detail below:

    COOKIE NAME EXPIRY
    cb-enabled (technical cookie used to save the user’s choice on using cookies) 1 year


    These cookies facilitate browsing and may be deactivated through the methods listed in this policy.


Third-party cookies
Some third-party cookies are installed via the website. They are technical cookies (as in the case of Google Analytics cookies, having activated the measures laid down by the Supervisory Authority) that do not require any consent, and profiling cookies (as in the case of the cookies relating to the Google Maps service) that are activated by clicking “OK” on the banner. Details of the individual third-party cookies are reported below, as well as the links through which the user may receive additional information and request the cookies to be deactivated.

Technical third-party cookies
Google Analytics

The website uses Google Analytics for purely statistical purposes.
It is a web analysis service provided by Google LLC (“Google”) that uses the cookies that are saved on the user’s computer to allow statistical analyses in order to use the visited website; please also note that in addition to cookies, Google also uses a pixel tag (www.google.it/intl/it/policies/privacy/key-terms/).
 The Data generated by Google Analytics is stored by Google as indicated in the Policy found here developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usagand. The storage time was set at 14 months. To view Google’s privacy policy, which adheres to the Privacy Shield and, for this service, acts as the data processor, please refer to the website www.google.com/intl/en/analytics/privacyoverview.html

As expressly stated by the Privacy Supervisory Authority with the “Explanations concerning the implementation of the regulations concerning cookies” of 5 June 2015, the websites that use, for purely statistical purposes, analytical cookies created and made available by third parties are not subject to the obligations and fulfilments imposed by the regulations (notification to the Supervisory Authority in the first place) if tools are adopted that are suitable to reduce the identifying power of the analytical cookies (e.g. by masking significant portions of the IP address) and provided that the use of these cookies is subject to contractual restrictions between the websites and the third parties, in which specific reference is made to the commitment by the third party to use it exclusively to provide the service or to store it separately and not to “enrich it” or “cross reference it” with other information they have.

The Data Controller of this website has decided to make use of the function of de-identification of the users’ IPs provided by Google (described under the following link: https://support.google.com/analytics/answer/2763052?hl=it) and has accepted the Amendment on data processing, with which Google undertakes to process the data according to the request of the Customer – Data Controller of the website and not to share it with other additional services unless the Customer requests it, through the settings of the services. On this point, users are informed that the Data Controller of this website has not connected Google Analytics to any additional service and that no advertising or data sharing option with Google has been activated.

In light of the measures adopted, the Google Analytics service, used by this website purely for statistical purposes, is activated upon landing, as the user is not requested any consent for the issue the related cookies.

Under the following link https://tools.google.com/dlpage/gaoptout?hl=it there is the additional component of the browser to deactivate Google Analytics.

Non-technical third-party cookies

Through the website, some non-technical third-party cookies are installed, which are activated by clicking on the “OK” button inside the banner that the user sees when accessing the website.

Details of the individual third-party cookies are reported below, as well as the links through which the user may receive additional information and request the cookies to be deactivated.

Google Maps Service
The website uses Google Maps to help the user identify the location of the Data Controller. It is a web service provided by Google LLC (Google) that allows the inclusion of interactive mapes within web pages.
This service requires the installation of cookies by Google.
To consult Google’s privacy policy and for deactivation, please refer to the following link: www.google.com/intl/it/policies/privacy/.

Google Tag Manager Service

The website uses Google Tag Manager, a statistical service provided by Google LCC. Using this service requires the issue of Google profiling cookies. The service is connected to Google Analytics.
To consult Google’s privacy policy and for deactivation, please refer to the following link: www.google.com/intl/it/policies/privacy/.

WHAT HAPPENS IF YOU DO NOT INSTALL THE COOKIES?

Except for technical cookies, the installation of other cookies remains at the discretion of the user, who may authorise it by clicking on the specific button inside the banner containing the summarised policy. The installation of cookies other than technical ones may also be avoided by means of the specific functions available on your browser. In case the user decides not to authorise the installation of the cookies other than technical cookies, he/she may in any case browse within the website.

HOW ARE COOKIES DISABLED?

The user may delete the cookies other than the technical ones that are strictly necessary for browsing with the methods stated in this policy for some specific cookies or directly via his/her browser. Please note that each browser has different procedures in place to manage settings. The user may obtain specific instructions via the links below.


Chrome
Mozilla Firefox
Safari
Opera
Internet Explorer

As regards the users browsing from a mobile device, it is specified that the system configurations to exclude the storage of cookies or to delete them vary according to the brand/or model of the device used and, as a consequence, it is necessary to consult the instructions provided by the manufacturer.

As regards the users browsing from a mobile device, it is specified that the system configurations to exclude the storage of cookies or to delete them vary according to the brand/or model of the device used and, as a consequence, it is necessary to consult the instructions provided by the manufacturer.

WHAT RIGHTS ARE GRANTED TO THE DATA SUBJECT?

The law grants the data subjects the right to ask the data controller to access the personal data and to adjust or erase it or to restrict the processing that concerns them or to object to its processing, in addition to the right to data portability.

The data subject may assert his/her rights at any time, without formalities, by contacting the data controller at the e-mail address privacy@schalcon.com

Reported below in detail are the rights recognised by the current legislation concerning personal data protection.

  • The right of access, the right to obtain from the data controller the confirmation that personal data that concerns him/her is being processed and in this case, to obtain access to the personal data and the following information: a) the purposes of the processing; b)  the data categories in question; c) the recipients or the categories of recipients to which the personal data was or will be communicated, in particular if these are recipients from third party countries or international organisations; d)  when possible, the set period of retention of the personal data or, if it is not possible, the criteria adopted to determine this period; and)  the existence of the right of the data subject to ask the data controller to rectify or erase the personal data or to restrict the processing of the personal data that concerns him/her or to object to its processing; f)  the right to put forward a complaint to a supervisory authority; g)  if the data is not collected at the data subject’s, all the information available on its origin; h)  the existence of an automated decision-making process, including profiling and, at least in these cases, significant information on the logic used, as well as the importance and the consequences that such processing has for the data subject. Should the personal data be transferred to a third country or to an international organisation, the data subject then has the right to be informed about the existence of appropriate safeguards relating to the transfer.
  • The right to rectification: the right to obtain from the data controller the rectification of the incorrect personal data that concerns him/her without undue delay. Considering the purposes of the processing, the data subject has the right to obtain the integration of incomplete personal data, also by providing a supplementary declaration.
  • The right to erasure: the right to obtain from the data controller the erasure of the personal data that concerns him/her without undue delay if: a)  the personal data is no longer necessary to achieve the purposes for which it was collected or otherwise processed; b) the data subject revokes the consent on which the processing is based and if there is no other legal principle for the processing; c)  the data subject objects to the processing carried out as this is necessary for the execution of a task of public interest or connected to the exercise of public powers granted to the data controller or to pursue the legitimate interest and there is no legitimate prevailing reason to proceed with the processing, or objects to the processing for direct marketing purposes; d)  the personal data was processed unlawfully; e)  the personal data must be erased to fulfil a legal obligation under the law of the European Union or of the Member State to which the Data Controller is subject; f)  the personal data was collected in relation to the supply of services of the information company to minors. However the erasure request may not be accepted if the processing is necessary: a)  to exercise the right to freedom of expression and information; b)  to fulfil a legal obligation that requires the processing required by the law of the European Union or of the Member State to which the Data Controller is subject or for the execution of a task performed in the public interest or in the exercise of public powers granted to the data controller; c) for reasons of public interest in the public healthcare sector; d)  for archiving purposes in the public interest, in the interest of scientific or historic research or for statistical reasons, to the extent that the deletion may risks making impossible or seriously jeopardising the achievement of the objectives for such processing; or e)  to ascertain, exercise or defend a right in court.
  • The right to restriction: the right to obtain that the data be processed, except that for retention purposes, only with the consent of the data subject to ascertain, exercise or defend a right in court or to protect the rights of another natural or legal person or for reasons of relevant public interest in the Union or another Member State if: a)  the data subject challenges the accuracy of the personal data, for the period needed by the data controller to verify the accuracy of such personal data; b) the data processing is unlawful and the data subject objects to the erasure of the personal data and instead asks that its use be restricted; c)  even though the data controller no longer needs it for processing purposes, the personal data is necessary for the data subject to verify, exercise or defend a right in court; d)  the data subject objected to the processing carried out because it is necessary for the execution of a task of public interest or connected to the exercise of public powers granted to the data controller or to pursue the legitimate interest of the data controller or of third parties, while awaiting the check concerning the possible prevalence of the legitimate reasons of the data controller over those of the data subject.

  • The right to data portability: the right to receive in a structured, commonly used format that can be read by an automatic device, the personal data concerning him/her, provided to the data controller, with the right to forward such data to another data controller with no barrier by the data controller it was provided to, as well as the right to obtain the direct transmission of the personal data from one data controller to the other, if technically feasible, should the processing be based on the consent or on a contract and the processing is performed with automated means. This right is without prejudice to the right to erasure.
  • The right to object: the right of the data subject to object at any time, for reasons connected to his/her particular situation, to the processing of the personal data that concerns him/her, performed because it is necessary in order to execute a task of public interest or connected to the exercise of public powers granted to the data controller or to pursue the legitimate interest of the data controller or of third parties. Should the personal data be processed for direct marketing purposes, the data subject has the right to object at any time to the processing of the personal data that concerns him/her carried out for these purposes, including profiling to the extent that it is connected to this direct marketing.

The data subject is then informed that, in the event he/she deems the processing of his/her personal data to be taking place in breach of GDPR provisions, he/she has the right to lodge a complaint before a supervisory authority, as provided for by art. 77 of the Regulation or to bring the issue before the competent courts (art. 79 of the Regulation).

ABOUT THE DATA CONTROLLER AND HOW TO CONTACT IT

The Data Controller is Schalcon S.p.A., with registered office in Viale Enrico Ortolani, 195 - 00125 Rome, VAT reg. no. 01137561005. Use the e-mail address info@schalcon.com to contact the Company.

Regarding the ownership of the data processing acquired through third-party cookies, please refer to the instructions contained in the list reported in this document.

ADDITIONAL INFORMATION ON DATA PROCESSING

Additional information on processing personal data is available in the policy privacy which may be accessed from the footer of the website.

This privacy policy was updated on 28/11/2018