TERAPIÙ

INFORMATION ON THE PROCESSING OF PERSONAL DATA

Date last update: 26/09/2022

Use of the TERAPIÙ Service involves the collection and processing of some of your personal data. Before you provide us with your data, we invite you to carefully read the following Information Notice, provided pursuant to Article 13 of Regulation (EU) 2016/679 (the General Data Protection Regulation (GDPR)), which describes the management and processing methods applied by Bayer S.p.A. (Data Controller) to the personal data concerning you, as a result of your use of TERAPIÙ.

  1. Identity and Contact Details of the Data Controller

The Data Controller is Bayer S.p.A. (Tax ID No. 05849130157), with registered office at Viale Certosa No. 210, (20156) Milan, Italy.

  1. Data Protection Officer

Bayer S.p.A.'s Data Protection Officer can be contacted by sending an email to the following email address italy.infoprivacy@bayer.com

  1. Categories of Personal Data Processed

By using the TERAPIÙ Service, some of your personal data, including data relating to your health status, will be processed in accordance with the current legislation on the protection of personal data. Use of the App, the web application, and the Service involves the processing of the following types of data:

  1. data related to your authentication (email address and password);
  2. data of a purely technical nature inherent to the electronic device used to access the Service (such as, by way of example: the IMEI identification code of your mobile device, information relating to the version of the operating system installed on your computer, the identifying IP address of the network host, etc.) and to the use of the Service itself, which may be acquired, sometimes in a fully automated manner, by the computer systems queried by your device when receiving or sending information related to the use of the Service;
  3. personal data and additional data, including special categories of personal data, inherent to your person, such as: information regarding your professional occupation, the number of people in your household, your motor skills, your eating habits, and the possible relevance of past adverse pathological events and the medications you have taken to prevent such medical conditions;
  4. contact information (email address and cellphone number);
  5. data related to your health status, such as: data related to current or past medical conditions or adverse events, information pertaining to the medications you are required to take and the medications you have taken, data related to your blood pressure, cholesterol, and blood sugar levels, any food intolerances or allergies, electrolyte reading, triglyceride reading, HDL and LDL levels, and platelet counts, your height and weight, and smoking status.
  6. General information such as: age and sex.
  7. When you access our Website, your browser will transmit certain information to our web server. This is necessary for technical reasons and to provide you with the information you will request. To facilitate access to our Website, the following information is collected, stored for a short time, and used:
    • IP address
    • Date and time of access
    • Time zone difference to Greenwich Mean Time (GMT)
    • Content of request (specific site)
    • Status of access/HTTP status code
    • Transferred volume of data
    • Website requesting access
    • Browser, language settings, operating system version, and browser version
    Moreover, to protect our legitimate interests, we will store such data for a limited period of time in order to be able to perform monitoring of personal data in the event of actual or attempted unauthorized access to our servers (Article 6(1)(f) of the General Data Protection Regulation (GDPR)).
  1. Purposes and Legal Bases for Processing

The data related to your authentication (a) and those of a purely technical nature inherent to the electronic device used to access the Service and the use of the Service itself (b), will be processed for purposes strictly related to and essential for the functioning of the App, the web application, and the Service (including authorizing your access to the Service, identifying your user account in the context of the Service, allowing your device to connect with the computer systems queried when receiving and sending the requested information and data, protecting data from unauthorized access), within the scope of the contractual relationship between you and the Data Controller. The legal basis for this processing is to be found in Article 6(1)(b) of Regulation (EU) 2016/679. Such data may also be processed in fulfillment of any legal obligations, as well as—after complete anonymization—to process statistical and aggregate information on the use of the Service.

Personal data and additional data, including special categories of personal data, inherent to your person (c) and data related to your health status (e) will be processed in order to carry out the specific features and provide you with the services involved in the TERAPIÙ Service, with the general aim of assisting in your treatment adherence. In particular, personal data and additional data, including special categories of personal data, inherent to your person (c), are collected and processed for the purpose of being able to better define your user profile, and in order to optimize adherence to your treatment plan through personalized management of your user account. Data related to your health status (e) that you may provide, modify, and update, including during the use of the Service, are processed for the purpose of supporting your treatment adherence (management of medication intake, management of your treatment history), in accordance with the purposes of the Service.

The processing of your so-called “common” personal data is carried out as part of the contractual relationship between you and the Data Controller, with the aim of providing of the Service; the legal basis for this processing is to be found in Article 6(1)(b) of Regulation (EU) 2016/679.

The processing of your special personal data, including those related to your health status, is carried out exclusively upon the provision of your explicit and specific consent to such processing; the legal (consensual) basis for this processing is to be found in Article 9(2)(b) of Regulation (EU) 2016/679.

Contact information (d), such as your email address and cellphone number, may be processed for different purposes subject to different legal bases.

Your email address may be processed in order to reset your authentication credentials. This processing takes place in the context of the contractual relationship between you and the Data Controller, and its legal basis is represented by 6(1)(b) of Regulation (EU) 2016/679.

Your email address may also be processed if you sign up for the newsletter, in order to send you related communications. This processing is carried out exclusively upon the provision of your specific consent; the legal (consensual) basis for the processing is to be found in Article 9(2)(b) of Regulation (EU) 2016/679.

Your email address may also be processed for the purpose of inviting you to participate in anonymous surveys, in which personal data are not collected. This processing is carried out exclusively for the purpose of better tailoring our services to your needs; the legal basis for the processing is to be identified as Article 6(1)(f) – Legitimate Interests of Regulation (EU) 2016/679 (the GDPR).

Your cellphone number may be processed if you wish to receive notifications in the form of messages or other reminder communications (push notifications), for example, reminders to take medication. This processing is carried out exclusively upon the provision of your specific consent; the legal (consensual) basis for the processing is to be found in Article 9(2)(b) of Regulation (EU) 2016/679.

Finally, your personal data, including special categories of personal data, which falls into the types referred to in letters (c) (personal data and additional data, including special categories of personal data, inherent to your person), (d) (contact information), and (e) (data related to your health status) may be processed in order to fulfill any request from you to make such information available and communicated to another person accessing the Service as your “caregiver.” This processing is carried out exclusively upon the provision of your specific consent; the legal (consensual) basis for the processing is to be found in Article 9(2)(b) of Regulation (EU) 2016/679.

General information (f) is processed on the basis of legitimate interest, according to 6(1)(b) of Regulation (EU) 2016/679. The data will be processed using the Google Analytics tool in order to improve the service provided to users of the application.

  1. Data Processing Methods

Processing will be carried out with the aid of electronic or otherwise automated methods, in accordance with the principles of necessity and minimization, and only for the time strictly required to achieve the purposes pursued. The Data Controller shall take appropriate technical and organizational measures to ensure a suitable level of security with respect to the type of data processed.

  1. Recipients and Scope of Data Communication

Your data will be processed exclusively by the Data Controller, by any Data Processors (such as companies providing IT services for the Data Controller) specially appointed in accordance with current legal provisions and within the limits of the tasks and functions assigned to them, and by their specially trained staff, in order to ensure the same level of security offered by the Data Controller.

Your data, upon your specific request and provision of consent to such processing, may be made available, through the Service and in the context of the security measures guaranteed by it, to another person accessing the Service as your “caregiver”.

Except as provided above, your data will not be disclosed to third parties, except in fulfillment of any specific legal obligations, and will not be disseminated for any reason.

  1. Transfer of Personal Data to Countries Outside the European Union

The data collected and processed will not be transferred to companies or other entities outside the European Union.

  1. Nature of Provision of Data

The provision of data relating to your authentication (a), of a purely technical nature inherent to the electronic device used to access the Service and the use of the Service itself (b), as well as personal data and additional data, including special categories of personal data, inherent to your person (c), since this is essential for the functioning of the App, the web application, and the Service, must be understood as mandatory. Failure to provide such data will result in the inability to access the Service.

The provision of contact information (d) and data related to your health status (e) is optional. You may at any time consult and update the data provided. Failure, or partial failure, to provide data, will not prevent you from accessing the Service, but it will make it impossible to provide the main features of the Service.

  1. Retention Period for Data

The processing of personal data as a result of using the App, the web application, and the Service involve a retention period for your data that is equal to the period for which you intend to keep your profile and user account active. Common and special personal data acquired and processed in the course of the operation of the Service will essentially be retained for as long as you intend to continue using the features of the TERAPIÙ Service.

Given the scope of the Service—and also in order to protect your personal data against potentially unjustified retention periods—we warn you that failure to access the Service at least once for a period of time exceeding 150 (one hundred fifty) days will lead to the user account deletion process being initiated, at the end of which all of your personal data will be permanently deleted.

After the stated retention periods have elapsed, personal data may be further retained only in fulfillment of specific legal obligations. Aggregated and anonymized data may, otherwise, be retained indefinitely.

  1. Automated Processes and Profiling

Your personal data will not be subject to a decision based solely on automated processing, including profiling, which, in accordance with the provisions of Article 11 of Regulation (EU) 2016/679, produces legal effects concerning you or similarly significantly affects you.

  1. Rights of the Data Subject and How to Exercise Them

As the data subject, you are entitled to exercise, in the cases expressly provided for under the law (Article 15 et seq. of Regulation (EU) 2016/679), the following rights:

  1. to request from the Data Controller access to your personal data, and/or its possible rectification or erasure;
  2. to request from the Data Controller the restriction of the processing concerning you, or to object to such processing;
  3. to require “portability” of your data (i.e., their communication in a structured, commonly used, and machine-readable format), including for the purpose of being able to transmit your personal data to another data controller;
  4. to revoke, at any time, your consent to the processing of your data (without prejudice to the lawfulness of the processing carried out prior to the revocation of consent);
  5. to file a complaint with a Data Protection Authority.

What Are Cookies?

This site uses so-called “cookies.” Cookies are small text files that are stored in the memory of your terminal via your browser. They store certain information (e.g., your preferred language or site settings) which your browser may (depending on the lifespan of the cookie) retransmit to us when you next visit our Website.

What cookies do we use?

We differentiate between two categories of cookies: (1) functional cookies, without which the functionality of our website would be reduced, and (2) optional cookies used for website analysis and for marketing purposes. The following table contains a detailed description of the optional cookies we use:

Strictly necessary cookies (for technical purposes)

Name Purpose and Content Lifespan Provider
ARRAffinity Used to distribute site traffic over several servers to optimize response times. terapiu.it Session
ARRAffinitySameSite Used to distribute site traffic over several servers to optimize response times. terapiu.it Session
G_ENABLED_IDPS Used to log in to the website securely with a Google account. terapiu.it 2913921 days
oauth2_cs::#.apps.googleusercontent.com Used to log in to the website securely with a Google account. accounts.google.com Session
TERA_CONSENT Used to store active cookie settings chosen by the user. terapiu.it 6 months
TERA_CONSENT_CLOSE Used to store the successful viewing of the cookie information banner. terapiu.it 6 months

Optional Cookies

Name Purpose and Content Lifespan Provider
Website analysis with Google These cookies assign a randomly generated ID to your device, allowing your device to be recognized the next time you log in.For details on website analysis with Google, please refer to the relevant section   Google Inc.

Change Cookie Settings

Subject to your consent

We will use optional cookies only if we have obtained your consent (Article 6(1)(a) of the General Data Protection Regulation). When you first access our Website, a banner will appear asking you to consent to optional cookies. If you consent, we will place a cookie on your computer and the banner will not appear again as long as the cookie is active. If you actively delete the cookie, or following its expiration, the banner will reappear on your next visit to our Website and will ask for your consent again.

How to prevent the setting of cookies

Of course, you may use our Website without accepting any cookies. In your browser, you can configure or completely deactivate the use of cookies at any time. This may, however, lead to restriction of functionalities or have adverse effects on the user-friendliness of our Website. You can reject the setting of optional cookies at any time by using the “On /Off” option shown in the table above.

Site Analysis

On our website we use a web analysis service of Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, United States (“Google”).

Google analyzes your use of our Website on our behalf. To this purpose we use the cookies described in more detail in the above table. The information collected by Google in connection with your use of our Website (e.g., the referring URL, the web pages visited by you, your browser type, your language settings, your operating system, and your screen resolution) will be transmitted to a Google server in the USA, where it will be stored and analyzed. The results will then be made available to us in anonymized form. During this process your usage data will not be connected to your full IP address. We have activated on our website the IP anonymizing function offered by Google, which will delete the last 8 bits (type IPv4) or the last 80 bits (type IPv6) of your IP address after each data transfer to Google. In addition, Google is certified under the EU-US Privacy-Shield (LINK to https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI), which ensures an adequate level of data protection with respect to Google’s processing of personal data in the United States.

You can revoke your consent to the use of web analytics at any time by downloading and installing Google Browser Plugin or by managing your consents in the table above, in which case an opt-out cookie will be added. Both options will prevent analysis as long as you are using the browser which has the plugin installed and until you disable the opt-out cookie.


If you have any questions regarding data privacy and/or your consent, or if you wish to exercise your rights, please contact our Corporate Data Protection Officer: Bayer S.p.A., Viale Certosa 130, 20156 Milan, Italy, or by email to italy.infoprivacy@bayer.com

This Privacy Policy was drafted on 26/09/2022

logo bayer

Your Privacy

When you visit any website, it may store or retrieve information on your browser, mainly in the form of cookies. This information could be about you, your preferences, or your device and is mostly used to make the site work properly. The information does not usually identify you directly, but it can provide a more personalized web experience. Because we respect your right to privacy, you can choose to not allow certain types of cookies. Click on the different categories to find out more and change the default settings. However, blocking certain types of cookies may impact your experience of the site and the services we are able to offer.

Privacy Preference Center

Strictly Necessary Cookies

Always active
These cookies are necessary for the website to function and cannot be switched of in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. Of course, you may use our Website without any cookies being set. In your browser, you can at any time configure or completely deactivate the use of cookies. This may, however, lead to a restriction of the functions or have adverse effects on the user-friendliness of our Website.

Analytics Cookies

Analytical Cookies will help us to analyze your use of our Website. The information collected in connection with your use of our Website (e.g. the referring URL, our webpages visited by you, your browser type, your language settings, your operating system, your screen resolution) will be transmitted to a server of our supplier, where it will be stored and analyzed. The respective results will then be made available to us in anonymized form. Your usage data will not be connected to your full IP address during this process. For more details please refer to the Privacy Statement.