Information pursuant to the European Data Protection Regulation No.2016/679

In accordance with the provisions of Articles 13 and 14 of General Data Protection Regulation (EU) 2016/679 (hereinafter also GDPR), the text below indicates the methods we adopt in respecting the privacy of users to this web site, describing how we collect, use and protect personal information, the rights granted to them and the ways in which it is possible to contact us.

The Data Controller guarantees compliance with the General Data Protection Regulation (GDPR) and therefore, Data Subjects are encouraged to read this Privacy Policy carefully before submitting any kind of personal information and/or filling out any electronic form on this web site.


The Data controller is Cosmo Artificial Intelligence – AI Ltd
t/a as Cosmo Intelligent Medical Devices – IMD with headquarter in Riverside II, Sir John Rogerson’s Quay, Dublin 2, Ireland.


Cosmo Artificial Intelligence – AI Ltd
t/a as Cosmo Intelligent Medical Devices – IMD informs that the processing of personal data collected directly from the website, also through the dedicated contact form, is aimed at:

  • Management of activities related to registration, creation of a personal profile and authenticated access to one’s private area, or allowing the user to start the related pre-contractual and contractual activities and to use the services related to the Innovation Center.
  • Satisfy the specific requests submitted by the user (request for information and/or clarifications, information and promotional material, an offer regarding the service provided, as well as sending various kinds of communications).

Whereas, the collection of personal data through the job application form is aimed at:

  • Allowing the submission of a job application for open positions indicated on the site (this may result in the candidate being contacted later, using the contact information provided, to further the information provided and/or receive additional information).

Furthermore, with your consent during registration, your data will be processed for:

  • Subscribe to the newsletter which allows you to receive updates and information and commercial communications regarding our services and/or products.

The completion of forms, and/or the sending of data by e-mail to the addresses indicated in the various areas of the site, as well as to any e-mail address of Cosmo Artificial Intelligence – AI Ltd, for the aforementioned purposes, may entail the subsequent acquisition of the sender’s e-mail address, as well as any further personal data through subsequent communications.

Such processing of personal data is based on the principle expressed in Art. 6 of the Regulations, according to which processing is lawful if it is necessary for the performance of a contract to which the data subject is a party, of pre-contractual measures, as well as for the performance of the service requested by the data subject.

Regarding the processing of the aforementioned data for marketing activities, the processing is lawful as it is carried out following your specific and explicit consent, which you are free to give or not and which can be revoked at any time.

The provision of the aforementioned data is optional in nature, however, it is necessary in order to satisfy the request of the data subject: without such data from you, in fact, it is not possible to follow up on requests, as well as to initiate business or commercial relationships.


The personal data collected through the contact form on the website concern precisely the identification and contact data, as well as the message that the visitor intends to send to the Data Controller. In addition to the common data provided directly and intentionally by the user, the computer systems and software procedures used to operate this website may acquire, during their normal operation, some personal navigation data whose transmission is implicit in the use of Internet communication protocols. For more information in this regard, please refer to the dedicated Cookie Policy.

It involves information that is not collected to be associated with identified data subjects but which, by its very nature, could allow users to be identified through processing and association also with data held by third parties. This category of data includes IP addresses or the domain names of the computers used, URI (Uniform Resource Identifier) notation addresses of the resources requested, the time of the requests, the methods used in submitting requests to the server, the size of the files obtained in response, the numerical codes indicating the statuses of the responses given by the server (successful, error, etc.) and other parameters relating to the users’ Operating System and computer environment. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning.


The processing of personal data means their collection, recording, organization, storage, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, diffusion, deletion and destruction, or the combination of two or more of these operations, including by means of automated tools designed to store, manage and transmit the data.

As far as security is concerned, we inform that the database is accessible only by personnel authorized to process data on behalf of the Data Controller or by external personnel in charge and appointed, and that the processing of the data of the data subject will be carried out by means and instruments suitable to guarantee their confidentiality and may be carried out through electronic or automated means and through non-automated means (paper archives), both provided with adequate security measures, as provided for in the EU Regulation 2016/679 on the Protection of Personal Data, to prevent data loss, illicit or incorrect use and unauthorized access. In addition, data will be processed only for the time strictly necessary to achieve the purposes for which it was collected.


The Data Controller may transfer personal information to countries outside the Europe Union. The Data Controller will, where the country to which the data is transferred has not been found to provide an adequate level of protection, put in place appropriate safeguards (standard contractual clauses) to ensure that personal data are protected.


The Data Controller will communicate the personal data provided by users only to internal subjects, formally appointed as authorized to process personal data, and to external suppliers selected to support the requested service, also appropriately appointed as Data Processors, such as:

  • Individuals who provide IT services to the Data Controller, such as companies that perform maintenance and technical support activities for the information systems, databases, telecommunications networks, and the website.
  • Consultants and collaborators;
  • Marketing companies;
  • Personnel recruitment and selection companies;
  • Companies of the group Cosmo;
  • Additional parties to whom the communication of your data is necessary or in any case is functional for the performance of the activity envisaged by the pre-contractual or contractual relationship;
  • Competent authorities, judicial authorities and/or other public bodies, should they request it or should the need or obligation to do so exist.

Any information collected through the website will be disclosed.


The personal data provided when submitting a request to the dedicated email addresses or through this website will be kept by the Data Controller for the duration necessary to fulfill your request.

In the case of a request to subscribe to our newsletter, your personal and contact data will be processed until you request to unsubscribe from the service (or revoke your consent) and for a maximum period of two years.

Instead, the data collected from candidates who apply for a job position will be kept for a maximum of one year from the time of receipt of the same.


Pursuant to EU Regulation 679/2016, the following are recognized and guaranteed to the data subject: the right to ask the Data Controller for access to personal data (Art. 15), rectification (Art. 16), erasure or to be forgotten (Art. 17), restriction of the processing of personal data concerning him/her (Art. 18), the right to data portability (Art. 20) or to object to the processing of data (Art. 21), as well as the right not to be subjected to a decision based solely on automated processing, including profiling, which produces legal effects concerning the data subject or similarly significantly affects him or her (Art. 22). Where the processing of personal data is based on the express consent provided, pursuant to Article 7 paragraph 3 of the Regulation, the possibility of withdrawing consent is recognized at any time.

Requests may be exercised against the Data Controller by the following means:

  • by registered mail to the Controller’s address: Riverside II, Sir John Rogerson’s Quay, Dublin 2, Ireland
  • by writing to the e-mail address:

Likewise, it is recognized that the data subject has the right to lodge a complaint with the supervisory authority in charge (art. 77 of the Regulation) if he/she considers that the processing carried out by the Controller is not compliant.


The Data Controller has appointed a Data Protection Officer (DPO), conferring a mandate to the company Getsolution di Paola Generali. The DPO can be contacted at the e-mail address:


Cosmo Artificial Intelligence – AI Ltd
t/a as Cosmo Intelligent Medical Devices – IMD reserves the right to revise this privacy policy at any time. In this regard, the data subjects are encouraged to consult this page periodically.
Privacy policy updated to 1st March, 2023.

You may choose to prevent this website from aggregating and analyzing the actions you take here. Doing so will protect your privacy, but will also prevent the owner from learning from your actions and creating a better experience for you and other users.