Privacy policy

POLICY NOTICE PURSUANT TO ART. 13 OF EU REGULATION 2016/679

(GENERAL DATA PROTECTION REGULATION)

 

This notice, provided pursuant to Article 13 of the European Data Protection Regulation (GDPR 2016/679, hereinafter referred in short as GDPR), describes the processing of personal data of users of the website of the Interdepartmental Center for Research Ethics and Integrity (CID Ethics) of the CNR (https://www.ethics.cnr.it/).

The information relates exclusively to the site referred to at the URL https://www.ethics.cnr.it/ and not to any other sites or web pages whose links may possibly be indicated.

 

  1. Data Controller

The data controller is the National Research Council (CNR) with registered office in Piazzale Aldo Moro, 7 – 00185 Rome, represented in its internal articulation by the Interdepartmental Center for Research Ethics and Integrity (CNR CID Ethics).

The data controller’s reference contact for exercising the data subject’s rights with regard to data processing is the CID Ethics Coordinator, who can be contacted at the following e-mail addresses: cnr.ethics@cnr.it / PEC: cid.ethics@pec.cnr.it

 

  1. Data Protection Officer

The Data Protection Officer of the CNR can be contacted at the following e-mail address: rpd@cnr.it ; PEC: rpd@pec.cnr.it

 

  1. Purpose and legal basis of the Processing

The processing of users’ data is necessary for the performance of a task carried out in the public interest or in the exercise of public authority entrusted to the data controller (pursuant to Art. 6(1)(e)) and in order to supply and improve the web services provided for the purpose of ensuring transparency, correctness and

accessibility of information regarding the activities of the Interdepartmental Center for Research Ethics and Integrity.

 

  1. Recipients of Data

Users’ personal data are processed exclusively by the persons authorised to do so by the Center’s Coordinator, selected from the staff currently in service.

 

  1. Types of data processed and methods of processing

The web service is configured to collect the following information:

  • the IP address
  • the operating system;
  • the type of browser;
  • the type of device (PC, smartphone, etc.).

 

The data is received and stored by means of web service logfiles.

The Data Controller takes appropriate security measures to prevent unauthorised access, disclosure, modification or destruction of Personal Data.

 

 

 

5.1 Browsing data

The computer systems and software procedures used to operate the CID Ethics-CNR website acquire certain personal data, the transmission of which is implicit in the use of Internet communication protocols.

This category of data includes the IP addresses and/or domain names of the computers and terminals used by the users, the URI/URL (Uniform Resource Identifier/Locator) addresses of the resources requested, the time of the enquiries, the method used in submitting them to the server, the size of the file obtained in response, the numerical code indicating the status of the response received from the server (successful, error, etc.) and other parameters relating to the user’s operating system and computer environment.

 

These data, necessary for the use of the web service, are stored automatically by the server used and are processed for the purpose of:

  • controlling the correct operation of the site
  • monitor and identify anomalies and/or computer crimes.

 

5.2 Cookies and other tracking systems

Cookies are portions of code, installed within the browser, transmitted from the server to the client, and it is the client that uses them, in subsequent sessions of access to the site, to identify itself.

Access to the site involves the automatic activation of technical session cookies, limited to what is necessary to ensure the safe and efficient navigation of the site. Users’ consent is not required for their installation, as they are directly functional to navigation and temporary. The eventual use of cookies by this website or by the

owners of third-party services used by this website, unless otherwise specified, has the purpose of providing the service requested by the user, in addition to the further purposes described in the cookie policy.

Cookies and/or third-party services are not used for user profiling.

 

  1. Storage

In order to guarantee the security of the site from possible hacker attacks, users’ personal data will be stored for 12 months in order to be able to identify the origin of any intrusions.

 

 

  1. Transfer of Data

No transfer of your personal data to third countries is contemplated.

 

 

  1. Rights of Data Subjects

With regard to the data referred to in paragraph 5, users have the right to access, oppose, delete or remove them.

In view of the nature of the data (only ‘logfiles’), it is not possible to request that they be updated or corrected.

 

 

In order to exercise one or more rights, the user may address a request to the referent contact of the data controller indicated in paragraph 1. of this information notice.

Lastly, the Regulation recognises the right to file a complaint with the Italian Data Protection Authority (Art. 77) or to seek judicial redress (Art. 79), if the user believes there has been a violation of his or her rights.