Privacy Policy

INFORMATION ON THE PROCESSING OF PERSONAL DATA

of users who consult the websites of the Data Protection Authority pursuant to Article 13 of Regulation (EU) 2016/679

WHY THIS INFORMATION IS PROVIDED

Pursuant to Regulation (EU) 2016/679 (hereinafter “Regulation”), this page describes how the personal data of users who consult the websites of the Data Protection Authority (hereinafter “Authority”) are processed. These websites are accessible online at the following addresses:

www.garanteprivacy.it
garanteprivacy.it
www.gpdp.it
gpdp.it
www.dataprotection.org
protezione-dei-dati.org
servizi.gpdp.it
https://ambasciatoriprivacy.it/

This information does not concern other websites, pages, or online services accessible via hyperlinks that may be published on the Authority’s websites but refer to resources outside the Authority’s domain.

DATA CONTROLLER

Following consultation of the websites listed above, data relating to identified or identifiable individuals may be processed.
The Data Controller is Francesca Beretta, with registered office at Via Patrello, 41 – 25080 Padenghe sul Garda (BS) – info@thenour.it

DATA PROTECTION OFFICER (DPO)

The Data Protection Officer (DPO) can be contacted at the following address: Via Pratello, 41 – 25080 Padenghe sul Garda (BS) – info@thenour.it

LEGAL BASIS FOR PROCESSING

The personal data indicated on this page are processed by the Authority in the performance of tasks carried out in the public interest or otherwise connected to the exercise of its public powers, including the task of promoting public awareness and understanding of the risks, rules, safeguards, and rights related to data processing, as well as promoting the awareness of controllers and processors regarding their obligations under the Regulation (Art. 57, para. 1, letters b and d of the Regulation).

TYPES OF DATA PROCESSED AND PURPOSES OF PROCESSING

Browsing Data

The computer systems and software procedures used to operate this website acquire, during their normal operation, certain personal data whose transmission is implicit in the use of Internet communication protocols.
This category of data includes IP addresses or domain names of computers and terminals used by users, URI/URL addresses (Uniform Resource Identifier/Locator) of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the server’s response (success, error, etc.), and other parameters related to the user’s operating system and computing environment.

Such data, necessary for the use of web services, are also processed for the purpose of:

• obtaining statistical information on the use of services (most visited pages, number of visitors by time or day, geographical areas of origin, etc.);
• checking the proper functioning of the services offered.

Browsing data do not persist for more than seven days (unless required for the investigation of crimes by the judicial authorities).

Data Provided by the User

The optional, explicit, and voluntary sending of messages to the Authority’s contact addresses, private messages sent by users to the Authority’s official social media profiles (where this option is available), as well as the completion and submission of forms on the Authority’s websites, entail the acquisition of the sender’s contact details, which are necessary to reply, as well as any personal data included in the communications.

Specific privacy notices will be published on the Authority’s website pages prepared for the provision of particular services or participation in specific initiatives.

Cookies and Other Tracking Systems

No use is made of cookies for user profiling. The only processing carried out concerns the generation of pseudonymized statistical data on browsing activity within the following websites: www.garanteprivacy.it, garanteprivacy.it, www.gpdp.it, gpdp.it, www.dataprotection.org, and dataprotection.org.

The configuration used, designed to exclude the processing of identifiable data, collects the following information:

• The IP address, which is masked by zeroing the last 2 bytes (xxx.xxx.0.0)
• The operating system used
• The type of browser
• The type of device (PC, smartphone, etc.)

Session (non-persistent) technical cookies are used, strictly limited to what is necessary for secure and efficient website navigation.

Processing of Personal Data via Social Media Platforms Used by the Authority

For personal data processing carried out by the operators of social media platforms used by the Authority, reference should be made to the information provided by those platforms through their respective privacy policies.
The Authority processes the personal data provided by users through its official social media pages solely for the purpose of managing interactions with users (comments, public posts, etc.) and in compliance with applicable laws.

With regard to the specific processing of personal data carried out through the website https://ambasciatoriprivacy.it/, please refer to that website’s own privacy policy, available at: https://ambasciatoriprivacy.it/privacy-policy.aspx.

DATA RECIPIENTS

The following entities are designated by the Authority, pursuant to Article 28 of the Regulation, as data processors for certain services provided through the websites mentioned above:

Almaviva – The Italian Innovation Company SpA, as provider of development, delivery, and operational management services for the technological platforms of the websites accessible online at: www.garanteprivacy.it, garanteprivacy.it, www.gpdp.it, gpdp.it, www.dataprotection.org, dataprotection.org, and servizi.gpdp.it.

Personal data collected are also processed by the Authority’s staff, acting on specific instructions regarding the purposes and methods of the processing.

DATA SUBJECTS’ RIGHTS

Data subjects have the right to obtain from the Authority, in the cases provided for, access to their personal data and the rectification or erasure of such data, or the restriction of processing concerning them, or to object to processing (Articles 15 et seq. of the Regulation).
Requests to exercise these rights may be submitted by contacting the Data Protection Officer at: Francesca Beretta, Via San Cassiano, 20 – 25080 Padenghe sul Garda (BS) – info@thenour.it

RIGHT TO LODGE A COMPLAINT

Data subjects who believe that the processing of their personal data carried out through this website violates the provisions of the Regulation have the right to lodge a complaint with the Data Protection Authority, pursuant to Article 77 of the Regulation, or to seek judicial remedy (Article 79 of the Regulation).