Privacy Policy

Home > Privacy Policy


Annex 9: Website information

Information on the processing of personal data pursuant to art. 13 of the EU Regulation


The Data Controller (hereinafter “Data Controller”) pursuant to EU Regulation 679/2016 (hereinafter forward: “Regulation” or “GDPR”) – considers privacy and the protection of personal data one of the main objectives of your business.


Before communicating any personal data to the Data Controller, we invite all users of the site to read carefully this information which contains important information on the protection of their data personal.


This information describes how to manage the owner’s official website processing (hereinafter “site”) and not of other external websites that can be consulted by the user via link.


Additional information may be provided within the different access channels, divided on the basis of the topics covered (Thematic Areas).

This information:

– is an integral part of the site;
– is provided pursuant to art. 13 of the Regulation to those who interact with the web services of the site;
– in some sections of the site, where necessary, it is supplemented by detailed provisions relating to it to the specific processing of personal data.



The processing of personal data will be based on principles of correctness, lawfulness, transparency, limitation of purposes and conservation, minimization and accuracy, integrity e confidentiality, as well as the principle of accountability pursuant to art. 5 of the GDPR.


Users’ personal data will therefore be processed in accordance with the legislative provisions of Regulation and the confidentiality obligations set out therein.


The processing of personal data means any operation or set of operations carried out with or without the aid of automated processes applied to personal data or sets of data personal, such as collection, registration, organization, structuring, storage, adaptation or modification, extraction, consultation, use, communication through transmission, dissemination or any other form of making available, comparison or interconnection, limitation, cancellation or destruction.


The personal data being processed may consist of textual information, images photographic or video and any other information suitable to make the interested party identified or identifiable.

1. Data Controller


The references of the Data Controller are shown on the cover of this information,

2. Personal data being processed.


2.1. Navigation data – log files



The computer systems and applications dedicated to the operation of this website are relevant in the during their normal operation, some data (the transmission of which is implicit in the use of Internet communication protocols) not associated with directly identifiable users.


The collected data includes the IP addresses and domain names of the computers used by users who connect to the site, the URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used in submitting the request to the server, size of the file obtained in response, the numeric code indicating the status of the response given by server (successful, error, etc.) and other parameters regarding the operating system and the environment computer used by the User.


These data are processed, for the time strictly necessary, for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its regular functioning.

2.2. Data provided voluntarily by the user


The voluntary and explicit sending of e-mails to the addresses indicated in the different channels of access to this site and the compilation of specifically prepared “formats” (masks) entail the subsequent acquisition of the sender / user address and data, necessary for respond to the requests produced and / or provide the requested service.


Specific summary information will be reported or displayed on the pages of the site prepared for particular services on request.

2.3. Third party data provided voluntarily by Users


In the use of particular services, the processing of personal data of third parties may occur subjects, communicated to the Data Controller by the user.


With respect to these hypotheses, the User acts as an independent data controller, assuming everyone legal obligations and responsibilities.


In this sense, the user grants the widest indemnity on this point with respect to any dispute, claim, request for compensation for damage from processing that should reach the owner of the processing by third parties, whose personal data have been processed through its use of site services in violation of the applicable personal data protection rules.


In any case, if the user provides or otherwise processes personal data of third parties in the use of the site, guarantees from now – assuming all related responsibility – that this particular hypothesis of treatment is based on the prior acquisition – by the user – of the consent of the third to the processing of information concerning him.

2. Purpose of the treatment


The Website of the Data Controller carries out processing of personal data within the limits of what this is strictly necessary for the performance of institutional functions, excluding processing when the purposes pursued can be achieved through anonymous data or methods that allow the data subject to be identified only in case of need.


Specific purposes, relating to individual treatments, may be reported in detail within the various channels of access.
Within them, the user can find additional information on the processing of personal data.


The personal data collected through the site can be used, with the consent of the interested party, to satisfy your requests for:


– requests for info and contact;
– sending CV.

3. Processing methods


Personal data are processed with automated tools for the time strictly necessary a achieve the purposes for which they are collected.


Specific security measures are observed to prevent the loss of data, illicit or unlawful use correct and unauthorized access.

4. Optional supply of data


The user is free to provide personal data contained in the application forms for the various services offered in portal.
Failure to provide the mandatory data required will make it impossible to obtain service.

5. Transfer, communication and dissemination of personal data


No data is shared outside the European Economic Area.


The personal data of users who request the sending of informative material (mailing-list, replies to queries, notices and newsletters, deeds and provisions, etc.) are used solely for the purpose of executing the service or provision requested and are communicated to third parties only in cases where:


– this is necessary for the fulfillment of requests;

– the communication is imposed by legal or regulatory obligations.


The treatments connected to the web services of this site are handled exclusively by the Data Controller treatment.

6. Retention of personal data


The personal data processed for the simple navigation of the site will be kept for the time strictly necessary for this functionality.
For the purposes of requesting the sending of informative material or commercial information, the data personal data will be kept for a period of 2 (two) years.


In any case, the possibility for the Data Controller to keep is reserved the personal data of users for the period of time envisaged and permitted by Italian law for protection of its interests pursuant to art. 2947 of the Italian Civil Code.

7. Rights of the data subject


Pursuant to art. 15 and ss. of the GDPR, users have the right to ask the Data Controller processing, at any time, access to their personal data, rectification or cancellation of the same, or to oppose their treatment pursuant to art. 21 of the Regulation.


Users also have the right to request the limitation of processing in the cases provided for by art. 18 of the Regulation, as well as to obtain in a structured format, commonly used and readable by automatic device the data concerning you, in the cases provided for by art. 20 of the Regulation.


Requests must be sent in writing to the Data Controller at the address whose references are indicated in cover of this information.


In any case, users always have the right to lodge a complaint with the competent supervisory authority (Guarantor for the protection of personal data), pursuant to art. 77 of the Regulation, if believe that the processing of their data is contrary to the legislation in force.

8. Changes


The Data Controller reserves the right to modify or simply update the content of the this privacy policy, in part or completely, also due to changes in the law applicable and will notify users as changes are introduced.


The Data Controller invites users to regularly visit this section to take knowledge of the most recent and updated version of the privacy policy in order to always be updated.



The comments made by the user on the website of the data controller allow to collect the data shown in the comments form as well as the visitor’s IP address and the browser user agent string in order to facilitate spam detection.


An anonymized string, created from the user’s email address (otherwise called hash), can be provided to the Gravatar service to see if it is in use. The Gravatar service privacy policy is available here:


After approval of the comment, the user’s profile image is visible to the public in the context of the comment released.

10. Media


In the event of uploading images to the website, it is advisable to avoid uploading content that includes embedded position data (EXIF GPS).


Visitors to the website can download and extract any location data from images on the website.

11. Content Embedded From Other Websites


The articles on the Site may include embedded content (for example videos, images, articles, etc.).


The content incorporated from other websites would detect the visitor’s track as if the latter had navigated to the site in question.


These websites can collect user data, use cookies, integrate further third-party tracking and monitor interaction with them, including tracking the interaction with the embedded content if you have an account and if you are connected to those sites. web.

12. Contacts


To exercise the above rights or for any other request, you can write to the Data Controller treatment whose references are indicated on the cover of this information.