Privacy Policy ENG – Prof. Ugo Boggi – Surgery for locally advanced pancreatic cancer

(pursuant to EU Regulation 2016/679 – GDPR)

1. Data Controller

The Data Controller for the personal data collected through this website is:

Dr. Ugo Boggi
Address: Via Paradisa, 2 – PISA (Italy)
Tax Code (C.F.): BGGGUO65H21B832U
Email: u.boggi@med.unipi.it

The user may contact the Data Controller at any time to exercise their rights under the GDPR or to seek clarification regarding this policy.

2. Types of Data Processed

This website is for informational purposes and does not require nor intend to collect health or clinical data. Through the contact channels (forms, email, or telephone), only common personal data (name, surname, contact details) are processed. Please note: Users are expressly requested not to include clinical data or information about pathologies in messages sent through the site. Should such data be sent spontaneously, it will be processed by the Controller for the sole purpose of responding to the request and will be deleted immediately thereafter.

3. Purposes and Legal Basis of Processing

Data is processed for:

Contact Management: Responding to requests for information and managing bookings for specialist visits performed by the Controller under the “Intramoenia” (internal private practice) regime at the relevant hospital facility.
Legal Basis: Processing is necessary for the performance of pre-contractual measures taken at the request of the data subject (Art. 6, para. 1, letter b of the GDPR).

4. Booking Management via Third Parties (Top Doctors)

For the management of certain bookings, the site may use links or widgets from external platforms, specifically Top Doctors. In these cases, the user is redirected to systems managed by third parties. Users are encouraged to consult the privacy policy of Top Doctors (acting as an independent Controller or Processor), as this website has no control over the data processing carried out on such external platforms.

5. Processing Methods and Data Retention

Processing is carried out using IT tools in compliance with data minimization principles. Data is kept for the time strictly necessary to fulfill the user’s request and, in any case, for no longer than 12 months, without prejudice to the obligations to retain medical records once a professional relationship is established at the hospital facility.

6. Communication of Data

Data is not disclosed to third parties. It may be communicated to the hospital facility where the Controller operates under the intramoenia regime exclusively for organizational purposes related to the requested visit. Data may be processed by technical providers (e.g., hosting services) appointed as Processors pursuant to Art. 28 of the GDPR.

7. Rights of the Data Subject

The user may request access, rectification, erasure, or restriction of processing by sending an email to the Controller. It is also possible to lodge a complaint with the Data Protection Authority (Garante per la protezione dei dati personali).

8. Role of the Webmaster (Technical Indemnity)

The technical management and maintenance of the site are entrusted to an external webmaster acting under the instructions of the Controller to ensure service security. The system is configured not to store personal data or messages within the website’s database; the site acts merely as a technical intermediary for forwarding communications. The webmaster does not have access to users’ personal data and is not responsible for its processing, nor for the content exchanged between patient and doctor.

COOKIE POLICY

Cookies used: This site uses exclusively technical and session cookies, necessary for its proper functioning. No profiling cookies, third-party cookies, or statistical/marketing tracking tools are used. Prior user consent is not required for these cookies. Management: Users can disable cookies through their browser settings, noting that this may compromise the browsing experience..