This information is provided to inform you pursuant to art. 13 of the European Regulation n. 679/2016 (hereafter GDPR) regarding the use of your personal data. The Entity undertakes to respect and protect its confidentiality by processing the personal data provided by you in compliance with the provisions of law aimed at ensuring the security, accuracy, updating and relevance of the data with respect to the stated purposes. processing of your personal data.
The Data Controller is Stefano Vitali (e-mail: firstname.lastname@example.org; phone: +390667232216). For the Parco archeologico di Ostia antica is the Director Alessandro D'Alessio; the referent is Cristina Genovese.
Type of data and methods of processing
The optional, explicit and voluntary sending of e-mail messages to the addresses indicated on the website entails the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data included in the same request. The optional, explicit and voluntary registration through the appropriate web form (newsletter) on our site entails the subsequent acquisition of all the data reported in the fields filled in by the user and the processing is carried out exclusively in fulfillment of the institution’s own institutional activities.
The data provided will be processed with the aid of automated processes suitable to guarantee the security, confidentiality and integrity of the data, exclusively by technical personnel authorized to process and for the time strictly necessary to achieve the purposes for which they were collected in compliance with the legislation on the protection of personal data.
Specific security measures have been adopted to prevent the loss of data, illicit or incorrect use and unauthorized access.
Data Processors and Authorized Persons
The Entity may use third parties for the performance of activities and related processing of personal data of which it retains ownership. In accordance with the provisions of the law, these subjects ensure levels of experience, capacity and reliability that ensure compliance with the current provisions on data processing, including data security and have been designated for this purpose as Data Processors by formal deed. . The Managers are subject to periodic checks in order to ascertain the maintenance of the levels of guarantee registered when the initial assignment was entrusted.
Your personal data are also processed by previously authorized internal staff and to whom appropriate instructions are given in order to measures, expedients, modus operandi, aimed at ensuring the concrete protection of your personal data.
The Authority’s website acquires, during normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This is information that is not collected to be associated with identified interested parties, but which by their very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes IP addresses or domain names of the computers used by users connecting to the site, the addresses in the Uniform Resource Identifier (URI) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (success, error, etc.) and other parameters relating to the operating system and the user’s computer environment.
These data, necessary for the use of web services, are also processed for the purpose of:
- obtaining statistical information on the use of services (most visited pages, number of visitors per hour or day, geographical areas of origin, etc.)
- check the correct functioning of the services offered The data could be used to ascertain responsibility in case of hypothetical computer crimes to the detriment of the site: except for this eventuality, data on web contacts persist for a time not exceeding that necessary for the purposes for which they are collected and subsequently treated.
Types of cookies used
a) Technical and functional cookies
These cookies are necessary to allow navigation on the institutional sites of the organization and to use various functions and services requested by users.
The use of these cookies allows the Authority, for example, to increase the security of the service requested by the user by blocking access following repeated failed login from a reserved area, or to remember the preference, for example the language, regarding the web pages visited.
Optionality of data supply
Apart from what is stated of navigation data, the user is free to provide personal data contained in the various registration or access forms, those for requesting information or sending suggestions and recommendations or for requesting the sending of informative material or for other communications or for using the services provided on the site. Failure to provide such data may make it impossible to provide the services requested.
Rights of users
As one of the subjects concerned with the personal data indicated above, you have the faculty to exercise your rights in accordance with the methods and within the limits set by the current privacy legislation.
In relation to the processing of personal data, you have the right to request:
- access: you can request confirmation whether data is being processed concerning you, as well as further clarification about the information referred to in this statement, as well as a right to receive the data themselves, within reasonable limits;
- correction: you may request us to rectify or supplement the data that you have supplied or that is otherwise in our possession, if inaccurate;
- cancellation: you may request that your data acquired or processed be erased, if they are no longer needed for our purpose or where there are no disputes or litigation in place, in case of withdrawal of consent, or your opposition to the treatment, in the case of unlawful processing of data, or if there is a legal obligation to cancel;
- limitation: you may request the limitation of the processing of your personal data, when one of the conditions arises set out in Art. 18 of the GDPR; in this case, the data will not be processed, except for storage, without the user’s consent, with the exception of what is stated in paragraph 2 of the same article.
- opposition: you can oppose at any time the processing of your data which have as a legal basis the legitimate interest of the data controller and/or the processing of your data for marketing purposes including profiling; your opposition will always and in every case prevail over our legitimate interest in processing your data for marketing purposes;
- portability: you can ask to receive your data, or ask us to transmit them to another data controller indicated by you, in a structured format, of common use and readable by an automatic device.
Furthermore, pursuant to Art. 7, par. 3, GDPR, you can exercise your right to withdraw consent at any time, without prejudice to the lawfulness of the processing based on consent previously granted.
The user has the right to lodge a complaint with the Supervisory Authority, which in Italy is the Guarantor for the Protection of Personal Data.
Data retention period
Personal data are processed with automated tools for the time strictly necessary to achieve the purposes for which they were collected.