This section describes the modalities for site management regarding the management of users’ personal data.
The policy concerns procedures, timing and nature of the information which data controllers must provide to the users when they connect to web pages, regardless of the purpose of the connection.
The data controller is ITHACA S.r.l. , based in Torino, Via P.C. Boggio 61.
Data protection location and authorized personnel
The data related to the services on this website will be handled at this site internet service provider’s headquarters and at data controller’s headquarters. The data are managed only by authorized personnel, including maintenance and administration operations on the elaboration systems.
Types of handled data
Navigation data and technically necessary
Computer systems and software procedures used for the correct website operation acquire, during their normal operation, some personal data whose transmission is implicit in the Internet communication protocols. This information is not collected to be associated with a specific person but, for their nature, could identify users through processing and association with personal data held by third parties. This data category includes IP addresses or computer domain names used by users connecting to the website, addresses of the requested resources in URI notation (Uniform Resource Identifier), requested time, method used to submit a specific request to the server, size of the file obtained in reply, numerical code indicating the status of the server response (successful, error , etc) and other parameters related to the operating system and to the user’s IT environment. These data are used only for anonymous statistical information purposes on the website use and to check its correct operation; they are deleted immediately after processing. Data could be used to verify the responsibility in case of computer crimes against the website.
Data voluntarily supplied by the user
The identification of the user might be possible thanks to additional information submitted by the concerned person: for example, by filling data collection forms; or through optional, clear and voluntary e-mail sending to web addresses listed on this website with the aim to acquire sender’s address, necessary to reply to all the other requests, and any other personal data included in the communication.
Profiling data relate to custom or end user’s choice are not directly acquired. It is still possible that this information is acquired by autonomous and distinct subjects through links or third party elements. See also the Cookies section.
Purposes of the processing operations, communication and dissemination of data
User’s personal data may be used only in order to perform the requested services and may be disclosed to external third parties only when necessary thereto. Services include: usage and mere consultation of the website; registration and access to restricted areas; newsletter subscription and reception; reports; contact requests; project participation, etc. Some services display dedicated information. In any case, no data derived from web services is disseminated or published without the user’s prior approval. Finally, please note that in some cases (not subject to the ordinary management) Public Authorities can also request personal information, to which the data controller is obliged to reply.
Optional supply of data
In addition to those specified on navigation data, the user is free to provide personal data to specific request on products and/or services. Without this information, which is essential, it may be impossible to fulfill the request.
Management of personal data treatment approval
When required and in any case after having read the policy, the interested party will express his personal data handling and disclosure approval for the purposes and limits described, which would otherwise prevent the data controller from developing and providing the services required by the interested party.
Method of data handling
The personal data handling, defined as collection, registration, organization, storage, processing, modification, cancellation and destruction or the combination of two or more of these operations, occurs by manual, computing and telematic tools, also in an automatic way, and strictly related to the declared purposes and, in any case, in order to ensure security and confidentiality and for the time strictly necessary to attain the purposes for which they have been collected. The confidential data are processed legally and accurately, are collected and stored for the specified reasons, are precise and, if necessary, updated, relevant, complete and not exceeding the purposes for which they have been collected and then processed, in respect of the basic measures of security, rights, freedoms, and dignity of the interested parties, with particular attention to the confidential nature of personal identities and the right to have this information protected. Specific safety measures are in place to prevent loss of data, illegal or improper use and unauthorized access.
Rights of the parties involved
Individuals whose personal data refer to have the right to obtain at any time confirmation whether such data exist and to know their content and origin, to verify their correctness or to request that such data are integrated or updated or rectified. Pursuant to the above mentioned article, the interested party has the right to ask for cancellation, conversion into anonymous form or blocking the data when their treatment breaks the law, as well as the right to object to their treatment, in any way, on legitimate grounds.
The European and Italian legislation is applied to personal data management, in particular the Legislative Decree 30 June 2003, n . 196 and subsequently amended and supplemented, as well as measures of the Data Protection Supervisor.
To contact the data controller: tel. 011 19751111 – firstname.lastname@example.org – www.ithaca.earth/en/contact. Data Processor designated for confirmation in case of exercise of the rights (Article 7) is the President.