Notice on the processing of the personal information contained
in the institutional portal
1. Why this notice
It will be updated in line with the evolution of regulations and with the technical, technological and organisational measures adopted.
Here it follows a description of the website management procedures in relation to the processing of the data of users accessing it.
2. Data owner
The owner of the processing of personal information is the Directorate General for Immigration and Integration Policies - Division IV - Via Fornovo, 8 - Rome.
3. Place of data processing
The processing related to the web services of this website is made within the headquarters of the Authority mentioned above, and is made by the technical staff in charge of such processing, or by eventual maintenance operators. No data deriving from the web service is either communicated or distributed, unless expressly provided for by the Law. The personal information provided by users is used to the only purpose of performing the service or the activity requested and indicated in the processing purposes, and is communicated to third parties only if necessary to such end.
4. Type of information processed
- Surfing data:
The IT systems and software procedures dealing with the operation of this website collect – in the course of their normal activity – a series of personal information whose transmission is implicit in the use of Internet communication protocols.
Such information is not collected to be associated to specific individuals, but in consideration of their nature it might allow the identification of users through processing and association with data held by third parties identified.
This category of data includes IP addresses or domains of the computers of users connecting to the website, the URI (Uniform Resource Identifier) addresses of the resources requested, the time of request, the method used to file the request to the server, the size of the file received as a reply, the numerical code indicating the status of the reply provided by the server (success, error, etc.) and other parameters relating to users’ operating system and IT environment.
This data is used to the only purpose of deriving anonymous statistical information on the use of the website and to check its correct operation, and is kept for the time deemed strictly necessary. Data might be used to assess liabilities in case of theoretical IT crimes to the detriment of the website.
- Data provided by users on a voluntary basis:
The optional, explicit and voluntary sending of e-mail messages to the addresses contained in this website entails the subsequent acquisition of the sender’s address, necessary to reply to the message, as well as of eventual additional personal information contained in the e-mail.
Specific summary information will be progressively shown in the website pages destined to particular services on-demand.
No personal data of users is acquired by the website.
The use of the so-called session cookies (that are not persistently stored in the computer and disappear as the browser is closed) is strictly limited to the transmission of session id (made up of random numbers generated by the) necessary to allow the secure and efficient exploration of the website.
The so-called session cookies used in this website prevent resorting to other IT techniques potentially detrimental for the confidentiality of users’ surfing, and do not allow the acquisition of user’s ID personal data.
The use of permanent cookies is strictly limited to the acquisition of statistical data relating to the access to the website and/or to retain user preferences (language, layout, etc.). The Portal avails itself of a software to detect the access to the website resorting to the use of permanent cookies, in order to collect statistical information on the "unique users" of the website. These cookies, defined as "Unique Visitor Cookies", contain an alphanumeric code identifying the surfing computer, without however collecting personal information.
5. Processing methods
Personal information is processed by means of automated tools for the time strictly necessary to fulfil the purposes for which it was collected.
Specific security measures were implemented to prevent the loss of data, unlawful or incorrect use, and unauthorised access.
6. Interested parties’ rights
The subjects which personal data refers to are entitled at any time to obtain the confirmation of the eventual existence of such data and to know its content and origin, assess its correctness or ask for its updating or integration, or adjustment (art. 7 of Legislative Decree no. 196/2003).
In compliance with the same article, interested parties are entitled to ask for the cancellation, transformation under anonymity or block of the data processed in violation of the law, as well as to oppose data processing in any case, on legitimate grounds.
The e-mail address firstname.lastname@example.org is available to the website users. Through such e-mail it is possible to exercise the rights as per art. 7 of Legislative Decree no. 196 of 30th June 2003.