PRIVACY NOTICE (Art. 13 GDPR)

Last updated: March 4, 2026.

Data Controller

Farmacia Ciacco (VAT 01908330788), Via Panebianco 338, 87100 Cosenza (CS), Italy.
Email: info@farmaciaciacco.it.

Data processed

1. Technical browsing data: data and logs needed for website operation and security (e.g. HTTP requests, timestamps, user agent, error events).
2. Data voluntarily provided: data sent through contact channels or external forms linked from the site (e.g. email and message content).
3. Privacy/cookie preferences: the user's choice on necessary and optional features and related technical records for consent management.

Requests regarding products and medicines

• Data that may relate to health: requests sent through the contact channels or through the product-availability features may contain, directly or indirectly, information about health status, therapies, prescriptions or healthcare needs. Such data is processed only if provided voluntarily by the user and only to handle the request.
• Legal basis for requests about products, medicines and healthcare services: responding to the data subject's requests, checking indicative availability and managing any collection at the pharmacy. Legal basis: performance of pre-contractual or contractual measures requested by the data subject and, where applicable to health-related data, reasons connected with healthcare or the management of healthcare services by persons bound by professional secrecy.
• Data minimisation: send only the information needed to handle the request. Do not send health data, prescriptions or documents unless strictly necessary and expressly requested by the pharmacy.
• External channels: if you choose to contact the pharmacy through external services such as WhatsApp, Telegram, Facebook Messenger or email, the relevant providers may process data according to their own policies and terms. The pharmacy processes the data received through these channels solely to respond to the request.

Purposes and legal basis

• Website delivery and security: operation, abuse prevention and cybersecurity. Legal basis: legitimate interest and/or performance of the requested service.
• Handling user requests: replying to messages and requests. Legal basis: pre-contractual measures or management of the data subject's request.
• Optional external content (Google Maps): loading interactive maps and external content. Legal basis: consent.
• Proof and management of privacy/cookie choices: storing technical evidence of the expressed preference. Legal basis: legal obligation and controller accountability.

Nature of data provision

• Contact requests: providing email and message content is necessary to receive a reply. Without such data, the request cannot be handled.
• Google Maps: optional. Without consent, maps remain disabled.

Recipients and authorized subjects

Data may be processed by authorized personnel and technical suppliers appointed as Data Processors (e.g. hosting/infrastructure, technical maintenance). The updated list can be requested by writing to info@farmaciaciacco.it.

Hosting and location

The website is hosted on Amazon Web Services (AWS) in the European Union, eu-central-1 Region (Frankfurt).

Transfers outside the EEA

The website infrastructure is in the EU. Activating or opening third-party services (e.g. Google Maps or Google Forms) may involve processing and transfers outside the EEA; in such cases, safeguards provided by GDPR are adopted (e.g. Standard Contractual Clauses).

Retention periods

• Contact request data: for the time needed to handle the request and any related obligations; if no further need exists, retention is limited to strictly necessary time.
• Privacy/cookie preferences on device: up to 180 days, then users may be asked to renew their choice.
• Technical proof of consent choice: up to 24 months, unless different legal obligations apply.
• Technical security and operation logs: for the period strictly necessary for security, diagnostics and service protection purposes.

Data subject rights

You can exercise rights under Articles 15-22 GDPR (access, rectification, erasure, restriction, objection, portability) by writing to info@farmaciaciacco.it. You also have the right to lodge a complaint with the Italian Data Protection Authority.