GO TO THE PRIVACY PAGE


PRIVACY POLICY


INFORMATION ON THE PROCESSING OF PERSONAL DATA FOR THIS WEB SERVICE PURSUANT TO ART. 13 REG. EU 679/2016


Dear user,

Current legislation requires us to provide information regarding the processing of personal data for this web service (hereinafter also "Service") in reference to the processing of personal data of users/visitors who consult and use it.

The information is provided pursuant to EU Regulation 2016/679 (hereinafter also "Regulation" or "GDPR") and subsequent amendments, to all users who interact with the Service. The validity of the information contained on this page is limited to the Service only and does not extend to other external websites that may be consulted via hyperlink.


For the legislation on the processing of personal data

a) We, i.e. the organization whose data are indicated on the institutional website to which this service is connected, are the "Data Controller" of the processing;

b) You are the "Interested Party", and you have the rights and obligations that we explain to you below.

1. TREATMENT

1.1. The Data Controller, whose data is indicated on the Institution's institutional website, will process the Data according to the principles of lawfulness, correctness, transparency, purpose and conservation limitation, data minimization, accuracy, integrity and confidentiality.

2. CATEGORIES OF DATA PROCESSED

2.1. Browsing data

The computer systems and computer programs used to operate the site collect some personal data whose transmission is implicit in the use of Internet communication protocols (e.g. IP addresses or domain names of the computers used by users who connect to the site, the URI - Uniform Resource Identifier - addresses of the requested resources, time of the request, method used to submit the request to the server, size of the file obtained in response, numerical code regarding the status of the response made by the server - successful, error, etc. - and other parameters relating to the operating system and the user's IT environment). Although this information is not collected to be associated with identified interested parties, by its nature it could, through processing and association with data held by third parties, allow users to be identified. This data is used for the sole purpose of obtaining anonymous statistical information on the use of the Service and to check its correct functioning. It should be noted that the aforementioned data could be used to ascertain responsibility in the event of computer crimes against the Service or other sites connected or linked to it: except for this eventuality, at present the data on web contacts do not persist unless for a maximum of 7 days.

2.2. Cookies

A cookie is a small text file in which brief information relating to a user's activity on a website is collected and stored on the device that accessed the web service. In compliance with provisions no. 229 of 8 May 2014 and 231 of 10 June 2021 of the Guarantor for the Protection of Personal Data, we inform you that this web service uses exclusively technical cookies (which DO NOT require consent): they are necessary for the functioning of the web service and allow to access its functions (so-called navigation cookies) and are mostly session cookies whose use is limited to the sole transmission of session identification data in the form of numbers automatically generated by the server necessary to allow safe and efficient exploration of the site and manage authentication for online services and reserved areas. They are also used to set some preferences such as language and for analytical/monitoring functions to collect information, in aggregate form, on the number of users and how they visit the site in order to carry out anonymous statistical analysis to site optimization without the use of analytical cookies. Session cookies are not stored permanently on the user's computer and are deleted when the browser is closed. The session cookies used on this site avoid the use of other IT techniques potentially prejudicial to the privacy of users' browsing and do not allow the acquisition of personal identification data of the user. Other technical cookies have a longer duration specified in the list below. Cookies are not used to transmit personal information. No use of user profiling cookies is made.
:The technical cookies used are the following

  • BNES_ASP.NET_SessionId: user session data, used only by the server to ensure continuity. Contains no personally identifiable information - session expiration
  • ASP.NET_SessionId: user session data, used only by the server to ensure continuity. Contains no personally identifiable information - session expiration
  • Aspixanonymous: - expiry 3 months
  • .ASPXANONYMOUS - for browsing the site - expires 3 months
  • BNIS___utm_is1: for site security - expires 1 year
  • BNIS___utm_is2: for site security - expires 3 hours
  • BNIS___utm_is3: for site security - session expiration
  • BNIS_vid: for site security - session expiration
  • __utm_is_did: expires 1 day
  • __utm_is_wdck: expires 1 day

2.3. Data provided voluntarily by the user

To consult the site, no provision of personal data is required from the user. However, any contacts with the Data Controller, for example to request information via a form, or the spontaneous sending of messages, by electronic or traditional mail, to the Data Controller's contact details involve the subsequent acquisition of such personal data of the sender, necessary to respond to the requests, as well as any other personal data entered voluntarily by the user in the relevant communications (the communication of personal data relating to a minor must be carried out by both parents or by a person who exercises authority over the minor).

3. PURPOSE AND LEGAL BASIS OF THE PROCESSING

3.1. The Data Controller carries out the Processing with the purpose:

  • a) Allow you to browse and use the Service;
  • b) perform the Service or provision requested;
  • c) fulfill administrative, financial, accounting and/or tax obligations;
  • d) fulfill any obligation established by law and/or an order from the Public Authority;
  • e) possibly, to assert or defend a right in court;
  • f) your data may also be processed to carry out communications of public interest or public utility;

3.2. The legal bases of the Processing are the following:

  • a) the need to allow you to browse and access the requested Web Service, as well as to provide the service itself;
  • b) carry out the previous points 3.1 af;
  • c) the processing is necessary for the execution of a task of public interest or connected to the exercise of public powers vested in the Data Controller;
  • d) any tax data: need to fulfill the obligations referred to in the previous points 3.1 ce.

4. COMMUNICATION TO RECIPIENTS AND DISSEMINATION

4.1. The Data is possibly communicated to third party Recipients (including the PA or Judicial Authority) only to the extent strictly necessary in relation to the above purposes, or in any case only for the purposes necessary for the Service, i.e. those required by law or by order of the Authority.

4.2. The categories of recipients are as follows:

  • a) subjects necessary for the execution of the activities connected and consequent to the execution of the Service, linked by a data processing agreement (external managers);
  • b) Appointees and people authorized by the Data Controller who are committed to confidentiality or have an adequate legal obligation of confidentiality (e.g. employees and collaborators of the Data Controller);

4.3. The Data Controller may also have to communicate Data to fulfill legal obligations or to comply with orders from public authorities, including judicial authorities.

4.4. The Data will not be disclosed.

5. DATA RETENTION PERIOD

5.1. The Data Controller retains his Data for the time strictly necessary to achieve the Purposes referred to in point 3.

5.2. Such data will be deleted when they are no longer necessary for the purposes indicated above, without prejudice to further conservation obligations established by law.

6. NATURE OF DATA COMMUNICATION

6.1. The communication of the Personal Data referred to in point 2.1 is necessary for navigation: failure to provide it would in fact make it impossible.
6.2. The communication of the Personal Data referred to in point 2.3 is optional.

7. CONSEQUENCE OF THE REFUSAL TO COMMUNICATE THE DATA

7.1. As specified in the previous point 6.1, it is not technically possible to refuse to communicate the Navigation Data (to the extent that it is Personal Data).
7.2 In case of refusal to communicate the Personal Data referred to in point 2.3 it will not be possible to respond to requests and/or provide the service.

8. RIGHTS OF THE INTERESTED PARTY

8.1. You, as an interested party, have the right to:
a) access your Data held by the Data Controller and obtain a copy of it;
b) request rectification and/or cancellation, where and within the limits in which the conditions exist;
c) request the Limitation of Processing, where and within the limits in which the conditions exist;
d) object, for reasons related to your particular situation, to the processing of personal data concerning you.
e) lodge a complaint with the Guarantor for the Protection of Personal Data (www.garanteprivacy.it).

9. THE DATA PROTECTION OFFICER

9.1. The Data Controller has a Data Protection Officer (also “RPD” or “DPO”), who you can contact at the address indicated on the institutional website of the Body to which this Service is connected.

10. INFORMATION UPDATES

10.1. This information refers to the methods of processing of visitors' personal data while browsing and using the Web Service. The possible entry into force of new sector regulations, as well as the constant examination and updating of the Service, could lead to the need to vary these methods over time. We therefore invite you to periodically consult this page. For this purpose, this document indicates the update date.

Last updated: December 10, 2022

Share by: