General Site Privacy Policy: www.laziodisco.it
(Art. 13 of GDPR 679/2016)
This statement describes the methods of management of the official web portal of the Regional Body for the Right to Study and Promotion of Knowledge – DiSCo in reference to the processing of personal data of users, identified or identifiable, who consult it and interact with it and with the web services accessible by electronic means. The information is provided pursuant to Art 13 of the European Data Protection Regulation (GDPR 679/2016).
The information is made only for the official website of the Regional Board for the Right to Study and Promotion of Knowledge – DiSCo (www.laziodisco.it) and not for other external websites that may be consulted by the user through links on the portal pages.
Data controller
The collection and processing of data is carried out by the Regional Body for the Right to Study and the Promotion of Knowledge – DiSCo, based in Rome, Via Cesare de Lollis 22-24/B as the Data Controller pursuant to Art. 24 of the European Regulation 679/2016 and in the figure of the Director General Dr. Paolo Cortesini.
Purpose of Treatment
Personal data provided by users are used for the sole purpose of performing the service or provision requested and expressed in the purposes of processing and are communicated to third parties only if this is necessary for that purpose. No data resulting from the web service is communicated or disseminated, except in cases expressly provided for by law.
Place and method of data processing
Processing related to the web services of this site takes place at the headquarters of the Regional Body for the Right to Study and Promotion of Knowledge – DiSCo and is handled only by technical personnel in charge of processing. Personal data are processed by automated tools for the time strictly necessary to achieve the purposes for which they were collected.
Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access.
Type of data processed:
- Navigation data
The computer systems and software procedures used to operate this website acquire, in the course of their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
This information is not collected to be associated with identified data subjects, but by its very nature could, through processing and association with data held by third parties, allow users to be identified.
This category of data includes IP addresses or domain names of the devices used by users who connect to the site, the URI (Uniform Resource Identifier) notation addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user’s operating system and computer environment. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct operation and are kept for the time strictly necessary. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the site.
- Data provided voluntarily by the user
The optional, explicit and voluntary sending of electronic mail to the addresses indicated on this site involves the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data included in the message. Specific information on the processing of personal data, will be progressively reported in the pages of the site prepared for particular services on request.
Optional provision of data: apart from what has been specified for navigation data, the user is free to provide the personal data contained in the request forms to the Organization. Failure to provide them may make it impossible to obtain the information or service requested.
Rights of data subjects
Notice is hereby given that, at any time, the interested party may exercise:
- Right to ask the Data Controller, ex Art. 15 Reg. 679/2016/EU, for access to their personal data;
- Right to ask the Data Controller, ex Art. 16 Reg. 679/2016/EU, to be able to rectify one’s personal data, where the latter does not contravene current legislation on data retention;
- Right to ask the Data Controller, ex Art. 17 Reg. 679/2016/EU, to be able to delete one’s personal data, where the latter does not contravene current legislation on data retention;
- Right to ask the Data Controller, ex Art. 18 Reg. 679/2016/EU, to be able to restrict the processing of their personal data;
- Right to object to processing, ex Art. 21 Reg. 679/2016/EU.
- Right to withdraw consent, where required, ex art 7 par.3 Reg. 679/2016/EU
In order to simplify the way of submission and reduce the time for feedback, requests are invited, using the Exercise form for the rights of the data subject to
Data Controller:
Regional body for the right to study and the promotion of knowledge – DiSCo
Via Cesare De Lollis, 22
00185 – Rome privacydisco@laziodisco.it
The Data Protection Officer can be reached at the DiSCo Lazio office at Via Cesare De Lollis 24/b, 00185 Rome, at the following tel. 0649701589 and e-mail address: dpo@laziodisco.it
The updated list of External Data Processors, can be found at the DiSCo Lazio office at Via Cesare De Lollis 24/b, 00185 Rome.