In compliance with the obligations deriving from the national legislation (Legislative Decree 30 June 2003 n.196, Personal Data Protection Code) and the community legislation (General Data Protection Regulation n. 679/2016, GDPR) and subsequent changes, this site respects and protects the users’ and visitors’ privacy, making any possible and proportionate effort not to infringe the users’ rights.
Legal basis of the use of personal data
The provision of data and the consent to the collection and processing of data is optional, the user can refuse consent and withdraw a consent already provided (through this page) at any time. However, refusing consent may make it impossible to provide certain services and the browsing experience on the site may be compromised.
From 25th May 2018 (when the GDPR became law), this site will process some of the data based on the legitimate interests of the data controller.
Collected data and purpose
Like all websites, this site also makes use of log files in which the information that is collected in an automated manner is kept during user visits. The information collected could be the following:
internet protocol (IP) address;
type of browser and device parameters used to connect to the site;
name of the Internet service provider (ISP);
date and time of visit;
visitor’s original referral source and exit page;
possibly the number of clicks.
The above information is processed in an automated form and collected in an exclusively aggregated form in order to verify that the website functions properly and for security reasons (as of 25th May 2018 such information will be treated according to the legitimate interests of the owner).
For security purposes (spam filters, firewalls, virus detection), the automatically recorded data may also include personal data such as IP address, which could be used, in compliance with applicable laws, in order to block any attempt to cause damage to the site itself or to other users and any harmful activity or crime. Such data are never used for the identification or profiling of the user, but only for the protection of the site and its users (from 25th May 2018 such information will be treated according to the legitimate interests of the owner).
The data received will be used exclusively for the provision of the requested service and only for the time that is necessary to provide such service.
The information that the users deem to make public through the services and tools made available to them is provided by the user voluntarily, exempting this site from any liability regarding any violation of the norms. It is up to the user to verify that they have permission to enter personal data of third parties or contents that are protected by national and international standards.
The data collected by the site during its operation are used exclusively for the above-mentioned purposes and are kept for the time that is strictly necessary to carry out the specified activities. The collected data will never be given to third parties for any reason, unless it is a legitimate request by the judicial authority and only in the cases provided by the law.
The data used for security purposes (e.g. to block attempts to damage the site) are kept for 7 days.
Place of data processing
The data collected by the site are processed at the headquarters of the Data Controller, Sant’Anna Institute
Session cookies are used to distinguish between connected users, to avoid that a required feature is provided to the wrong user and to prevent cyber attacks on the site. Session cookies do not contain personal data and last only for the current session, i.e. until the browser is closed. There’s no need to consent to them.
The functionality cookies used by the site are strictly necessary for the use of the site, in particular they are linked to a specific functionality requested by the user such as the Login, for which no consent is required.
This site also acts as an intermediary for third-party cookies, which are used to provide additional services and functionalities to visitors and to improve the use of the site itself, such as buttons for social media or video. This site has no control over third-party cookies, which are entirely managed by third parties. As a result, the information about the use of these cookies and their purpose, as well as how to disable them, are provided directly by third parties on the pages indicated below.
Further information about Google Analytics cookies can be found on the Google Analytics Cookie Usage on Websites page.
The user can selectively disable the collection of data by Google Analytics by installing the appropriate component provided by Google on their browser (opt out).
For more information about the use of data and their processing by Google, it is recommended to view the information on the page provided by Google and on the page on how to use the data by Google when using sites or apps of partners.
Plugin Social Network
The collection and use of the information obtained by means of the plugin depend on the respective privacy policies of the social networks, to which you need to refer.
Data transfer in extra EU countries
This site may share some of the collected data with services located outside the European Union, in particular with Google, Facebook and Microsoft (LinkedIn) through social plugins and Google Analytics. The data transfer is authorized according to specific decisions of the European Union and the Guarantor for the protection of personal data, in particular the Decision 1250/2016 (Privacy Shield – here the information page of the Italian Data Protection Authority), for which no further consent is required. The above-mentioned companies guarantee their adherence to the Privacy Shield.
This site processes the data of users in a lawful and correct manner, adopting the appropriate security measures to prevent unauthorized access, disclosure, modification or unauthorized destruction of data. Data processing is carried out using IT and / or telematics tools with organizational methods and a logic that is strictly related to the indicated purposes. In addition to the data controller, in some cases, specific categories of persons involved in the organization of the site (administrative, commercial, marketing, legal, system administrators) or external subjects (suppliers of third-party technical services, postal couriers, hosting providers, IT companies, communication agencies) may have access to the data.
In accordance with the European Regulation 679/2016 (GDPR) and the national legislation, the User can, in accordance with the procedures and within the limits established by the current legislation, exercise the following rights:
Request confirmation of the existence of personal data concerning them (right of access);
Know their origin;
Receive intelligible communication;
Have information about the logic, the methods and the purposes of data processing;
Request data updating, rectification, integration, cancellation, transformation into anonymous form, blocking of data that have been processed in violation of law, including those data that are no longer necessary for the pursuit of the purposes for which they were collected;
Where processing is based on consent, receive the data provided to the controller in a structured and readable form by a data processor and in a format commonly used by an electronic device;
Lodge a complaint to the Supervisory Authority (Privacy Guarantor – link to the Guarantor page);
More generally, exercise all the rights that are recognized by the current provisions of the law.
Requests should be sent to the data controller via this page.
In the event that the data are processed based on legitimate interests, the rights of users’ data are guaranteed (with the exception of the right to data portability that is not foreseen by the regulations), in particular the right to object to data processing that can be exercised by sending a request to the data controller.
The data controller is Sant’Anna Institute, with registered office in Via Marina Grande, 16 80067 Sorrento (NA) Italy. The requests relating to the exercise of rights mentioned in art. 7 of the Code can be forwarded to email@example.com. Requests relating to the identity of the other data processors designated by the Company as well as the requests referred to in the previous paragraph 6, letters a), b) and c) may also be formulated verbally.