Privacy Notice.
1. Owner of Data Processing.
Following consultation of the portal http://interreg-governance.regione.puglia.it/, data relating to identified or identifiable individuals may be processed.
The data controller is “Regione Puglia” Lungomare N. Sauro, 33 70100 – Bari.
2. Location of Data Processing.
The processing operations related to these sites take place at the regional data center at the headquarters of the in-house company InnovaPuglia S.p.A., Strada Provinciale per Casamassima Km 3, Valenzano (BA), which operates as a qualified IaaS Cloud Service Provider.
Processing operations are handled only by authorized personnel of the data controller and/or the appointed data processor, to perform platform management operations.
3. Purpose and Retention of Data.
The personal data provided by users is used solely for the purpose of providing the web services available on the portal within the scope of the SA-Governance Strategic Project – Interreg IPA South Adriatic 2021/2027.
Processing is necessary for the performance of a task carried out in the public interest. The data will be disclosed to third parties only if necessary for the aforementioned services and to perform maintenance operations.
4. Period of Data Retention.
No data deriving from the web service (system logs and traces, first and last name, and email address) will be communicated or disseminated, except in cases expressly required by law.
Personal data voluntarily provided by users for registration to the platform services (forum, newsletter, etc.) will be retained for the entire duration of use of the service, as well as for the validity and monitoring period of the SA-Governance Strategic Project – Interreg IPA South Adriatic 2021/2027 , in accordance with European regulations on cooperation funds.
After this period, the data will be permanently deleted.
5. Types of Data Processed.
Only browsing data is processed for this portal.
The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of internet communication protocols. This information is not collected to be associated with identified data subjects, but by its very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes the IP addresses or domain names of computers used by users connecting to the site, the URI (Uniform Resource Identifier) addresses of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response from the server, and other parameters relating to the user’s operating system and IT environment.
This data is used solely to obtain anonymous statistical information on the use of the website and to verify its operationing, and is deleted immediately after processing.
The data could be used to ascertain responsibility in the event of hypothetical computer crimes against the site: except for this eventuality, web contact data currently does not persist for more than a few days.
6. Data voluntarily provided by the User.
The optional, explicit, and voluntary sending of emails to the email addresses collected on the site entails the subsequent acquisition of the sender’s address, which is necessary to respond to requests, as well as any other personal data included in the message.
Specific summary information will be progressively reported or displayed on the site pages dedicated to particular services upon request.
If the user wishes to subscribe to the portal’s services, they will be asked to provide the following personal data:
- Name
- Surname
- E-mail address
- Telephone
7. Cookie Policy.
This document, in accordance with the simplified procedures for providing information and obtaining consent for the use of cookies, published in the Gazzetta Ufficiale No. 126 of June 3, 2014, and required by the general provision of the Italian Data Protection Authority of May 8, 2014, provides visitors with information on what cookies are, how they are used, and how to manage them.
Cookies are small text strings that websites visited by users send to their terminal (usually the browser), where they are stored before being re-transmitted to the same websites upon the same user’s next visit. Cookies consist of portions of code installed in the browser that assist the Data Controller in providing the service according to the purposes described. Some of the purposes for which cookies are installed may also require the user’s consent.
This website use cookies to send information to any service providers.
“Profiling” cookies are also used (aimed at creating user profiles and used to send advertising messages in line with the preferences expressed by the user while browsing the internet).
The site do not allow the sending of third-party cookies. The use of so-called “session” cookies (which are not stored permanently on the user’s computer and disappear when the browser is closed) is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to enable safe and efficient browsing of the site. The so-called session cookies used on these sites avoid the use of other IT techniques that could potentially compromise the privacy of users’ browsing and do not allow the acquisition of personal data that could identify the user. The user can prevent the use of cookies at any time and at his or her discretion by changing the browser options.
Analytical cookies (which monitor the use of the site made by users for website optimization purposes) are used exclusively to collect information, in aggregate form, on the number of users and how they visit the site. These cookies are created and used directly by the site, without the intervention of third parties.
8. Processing Methods.
Personal data is processed using automated tools only for the time strictly necessary to achieve the purposes for which it was collected.
The necessary technical and organizational measures are adopted to ensure, for the processing in question, compliance with applicable legislation and that additional information for attributing personal data to a specific data subject is stored separately.
Specific security measures are observed to prevent data loss, illicit or incorrect use, and unauthorized access.
The designated Data Processors or authorized persons have adequate operating instructions, with particular reference to the adoption of security measures appropriate to the risks, in order to guarantee the confidentiality and security of the data. A detailed list of these entities is available from the data controller.
9. Right to Complain.
A subject who believes that the processing of personal data concerning him or her violates the GDPR has the right to lodge a complaint with a supervisory authority, in particular in the Member State where he /she lives, works, or in the place where the alleged infringement occurred.
10. Rights of the Subjects.
Subjects have the right, at any time, to obtain from the data controller confirmation as to whether or not personal data concerning them is being processed, and, where that is the case, to obtain: the right to withdraw consent to the processing of personal data (Article 7, paragraph 3 of the GDPR), access to personal data and the information contained therein (Article 15 of the GDPR), the right to rectification (Article 16 of the GDPR), the right to erasure (Article 17 of the GDPR), the right to restriction of processing (Article 18 of the GDPR), and the right to object (Article 21 of the GDPR).
Pursuant to Article 37, paragraph 7 of the GDPR, the contact details of the Data Protection Officer (DPO) are provided:
- e-mail: rpd@regione.puglia.it
Who can be contacted to exercise the aforementioned rights, according to the procedures set forth in Article 12 of the GDPR, and/or for any clarifications regarding personal data protection.