Fondazione ICONS recognizes the importance of your personal data, for which reason it wishes to provide you with information about, and the greatest possible control over, the management of your personal data collected when using this internet site This Privacy Notice is a document addressing you as Data Subject, i.e., the owner of your personal data. It explains which personal data we collect and how we use it. Please read this document carefully.
1.1 Data voluntarily provided by the Subscriber
The explicit and voluntary provision of personal data provided by you is essential in order to have access to certain services offered by the Data Controller through the website (e.g. Newsletter Subscription) and to receive the requested update.
This involves the collection of personal data and contact details, as well as any other personal data that are required to respond to requests or to provide the available services. Fondazione ICONS doesn’t collect nor treat sensitive data. Once the project or the initiative to which you have subscribed is terminated, your personal data might be treated as per Art.2 in other similar projects where Fondazione ICONS carries out communication activities.
They can also be used for generic communication activities in the content areas for which you have expressed your interest.
1.2 Navigation Data (Data deriving from User’s navigation)
During routine activities, the computer system may store some of your browsing data. These data, although not collected in order to be associated with your identity, may allow indirect recognition of your identity when processing and associating with the data held by the Data Controller.
For this reason, they could be considered “personal data” according to the Privacy Regulation. This category of data (which includes, by way of example but not limited to, IP addresses and domain names of the User’s computer) is collected by the Data Controller for statistical purposes in anonymous form, but by means of some data processing procedures it could be possible to trace the User identity in order to ascertain any liability for crimes committed via the Website or damages against it.
1.3 Navigation data processed with Matomo or similar applications
Our website is using Matomo, an open-source software tool owned by InnoCraft that helps website owners to measure how Users interact with website content. Matomo gives us the ability to track visitor interactions by using first-party cookies that can record information about the time and the page a User has seen, for example the URL of the page, and “remember” what a User has done on previous pages and the “cache memory” of the pages or websites the User has seen or interacted with. Matomo tracks and traces the website visitors’ IP addresses to identify the visitors based on the geographical location they provided. Matomo does not collect any personal information about the website Users as it reports website trends.
You may choose to prevent this website from aggregating and analysing the actions you take here. Doing so will protect your privacy, but it will also prevent the owner from learning from your actions and creating a better experience for you and other users.
You are not opted out. Uncheck this box to opt-out.
2.What do we do with your personal data?
Your data are part of our general database that we utilize to organize dissemination, communication and networking activities related to the projects that we are working on.
We are using your personal data for the following treatments which might be performed by means of traditional and web-based contact methods (e.g. fax, e-mail, text messages etc.):
- To provide information and answers about our activities, research results and content from the projects we work on;
- To carry out statistics and reports in anonymous form (e.g. assessment the download of the material provided, the number of times a website was accessed, the most visited pages, the average visit duration, the country of origin of Users etc.);
- To carry out other legitimate purposes, as well as other lawful purposes, such as communication activities in relation to other similar areas, projects or about other networking activities of the Data Controller.
To carry out other legitimate purposes, as well as other lawful purposes, such as communication activities in relation to other similar areas, projects or about other networking activities of the Data Controller.
3.Where do we store and protect your data?
The data processing related to the website’s services takes place at the Headquarter of Fondazione ICONS located in Lodi (Italy) I-26900 via Volturno 15. The applicable law on the top of the EU GDPR 679/2016 is the Italian Privacy Regulation, considering the effective and actual processing activity and the context in which personal data are processed.
The data processing is performed by authorized members of the Fondazione ICONS staff who have been appointed and trained in maintaining security and confidentiality of personal data.
In addition to the data collection, the processing of your personal data may involve their recording, storage, modification, communication, and cancellation. The data processing shall be carried out with the use of electronic equipment. Storage of personal data shall be in electronic form, for the time that is strictly necessary to meet the purposes and in accordance with local regulations and internal processes.
With regards to the personal information you provide, please note that all the necessary steps will be taken to ensure the confidentiality and security of shared data, in compliance with the provisions of the Privacy Regulation. In particular, we have implemented all the technical, organizational, logistical and procedural security measures in line with technological developments pursuant to the Regulation, in order to guarantee the minimum level of data protection required by the legislation in force.
The data are stored in a database that is hosted by a hosting & cloud service provider, which Fondazione ICONS relies on. The hosting and the related responsibilities are ruled by a specific contract. In this contract the above-mentioned Provider claims that the servers used to host and store the database are located in data centres within the European Union.
The services offered are in compliance with the relevant legislation on data protection thanks to the adoption of appropriate security measures.
4.Who is processing your data?
Fondazione ICONS is the Data Controller. This means that the Fondazione ICONS’ management has the accountability and the responsibility to set structure and procedures to treat and protect your data.
Appointed members of the staff are responsible for the actual treatment of your data; concretely they will treat your data as described in the previous section.
Other consortium’s members might occasionally operate as Data Processor, in that case, they will comply with the same rules as stated in this privacy notice. As data controller, Fondazione ICONS will ensure similar protection of the rights of the data subject.
5.1 WordPress Session Cookies
Session cookies allow Users to be recognized within a website so any page changes or item or data selection you do is remembered from page to page. Session cookies are temporarily stored in the computer memory only during a User’s browsing session and are automatically deleted from the User’s computer when the browser is closed. Persistent cookies remain in the browser’s subfolder and are activated again once the User visits the website that created that particular cookie thus facilitating the navigation and making it faster (with the “keep me logged in” option). Analytical cookies collect anonymous data for internal purposes with the aim of providing a better browsing experience to the User.
These data help us to understand how visitors use our website, the number of visits, the most visited pages, the average duration of visits and much more, allowing us to improve the content of our website and the way it is presented. These are third-party cookies, meaning that they are sent and managed by a Third Party whom the Data Controller has engaged to store User preferences and for marketing purposes. No personal information is collected about you or about your computer. All collected data are anonymous and aggregated.
5.2 Third Party Cookies
|THERESIA uses Matomo, which sets a cookie in order to anonymously identify when users return to specific websites. Matomo uses the information sent with this cookie to store a history of website pages visited in a user’s session. This data will not be used to associate any part of your identity, anonymous or not, with any other data held by Matomo. Further information and the applicable data protection provisions of Matomo can be found at https://matomo.org/privacy/.
6.Why do we process your personal data?
Fondazione ICONS’ processes personal data in order to accomplish its mission to disseminate the results and activities of cultural and scientific research projects to the general public.
Within the Theresia, Fondazione ICONS is the partner responsible for communication, dissemination and exploitation activities as described in Art.2.
7.Which is the legal ground on which we operate?
The Data Controller has the Legitimate Interest to treat your personal data as per art. 6 (f) GDPR 179/2016. Our detailed rationale for claiming legitimate interest is based on a Legitimate Interest Assessment (LIA), periodically reviewed.
We believe that it is a mutual benefit to remain in contact; you will receive from us communications exclusively as detailed in the previous paragraphs. We are counting to hear from you back on the specific topics through our communication activity for a mutual growth.
8.How long will we retain and process your data?
Your data will be processed for the whole duration of the project that you subscribed to or of other similar projects that we proposed to you. You will always have the possibility to opt-out from any of the projects if you are not interested in them anymore.
Once a specific project is over and starting from the last communication that you receive from us, we will keep your data for a further period of 2 years. If in this period of time you don’t receive any further updates from us, we will get in contact with you to verify if you are still interested in being part of the community and in case extend the retention period for 2 additional years. If after the 2 additional years, Fondazione ICONS hasn’t performed any communication activity related to your area of interest your data will be deleted.
Fondazione ICONS processes do not require any transfer of data to external third parties with the sole exception of auditing authorities of the public or private institutions that funded the research projects.
Following the processes and treatments described above, your personal data can be communicated to the Data Controller’s staff.
Furthermore, and in so far as necessary, Personal data shall be disclosed, in so far as they are concerned, to but not limited to the following categories:
- Organizations that are part of Theresia Orchestra;
- Persons in charge of managing the website and the related activities;
- Persons who provide services for the management of the information system of the company;
- Persons carrying out monitoring, auditing and certification activities with regard to the business in which organizations are in, even in the customers’ interest;
The personal data you provide will not be sold to or shared with third parties.
We will only then share your personal data if necessary and only with vendors or agents who work on our behalf for the purposes described in this Privacy Statement. In that case, your personal data are therefore shared with these agents, but only for the performance of services and on behalf of Fondazione ICONS.
Finally, and only to the extent that this is required by law or strictly necessary for the performance of the services or for the protection of our rights, or the rights of third parties or data subjects affiliated with us, we will provide your personal data to law enforcement agencies, research organizations, affiliated companies or in court proceedings.
10.How to exercise your rights
In order to allow you to exercise your rights, Fondazione ICONS implemented internal procedures described hereby. If you would like to know more or exercise your rights, please contact:
- the Fondazione ICONS Headquarter contacting: phone +39 0371 091065
- the responsible for the Fondazione ICONS Database: Barbara Ricco, email@example.com
Below we report an exhaustive list of your rights:
- Right to be informed: about our purposes for processing the personal data, retention periods for that personal data, and whom it will be shared with.
- Right of access: to access personal data
- Right to rectification: Under Article 16 of the GDPR, individuals have the right to have inaccurate personal data rectified
- Right to erasure: Under Article 17 of the GDPR individuals have the right to have personal data erased. This is also known as the ‘right to be forgotten
- Right to restrict processing: Article 18 of the GDPR gives individuals the right to restrict the processing of their personal data in certain circumstances. This means that an individual can limit the way an organisation uses their data. This is an alternative to requesting the erasure of their data
- Right of data portability: gives individuals the right to receive personal data they have provided to a controller in a structured, commonly used and machine readable format. It also gives them the right to request that a controller transmits this data directly to another controller.
- Right to object: Article 21 of the GDPR gives individuals the right to object to the processing of their personal data. This effectively allows individuals to ask to stop processing their personal data.
- Rights related to automated decision making including profiling
- Right to report a misconduct to the Italian Privacy authority.
You can file an official complaint with the Data Protection Authority: www.garantedellaprivacy.it (more info)
11.Changes to Privacy Notice
If necessary, we may amend or update this Privacy Statement to reflect changes on the website and feedback from our users. If there are material changes in the way we use or process your personal data, we will notify you by posting a notice of the changes before these come into effect or by sending a notification to you directly. We encourage you to re-read this statement regularly to gain more information on how we use and protect your data.