1. General information about Personal Data processing
We aim to inform you and all users of the website www.jma.it of the policy adopted for the processing of Personal Data through the site and to highlight our commitment and attention to safeguarding your privacy. This statement is also provided pursuant to the General Data Protection Regulation (GDPR) (EU 2016/679) and the Italian Privacy Code (DL 196/2003). In accordance with the provisions of the GDPR, the processing operations will comply with the principles of lawfulness, fairness, transparency, purpose and retention limitation, data minimization, accuracy, integrity, and confidentiality.
2. Data Owner and Controller
The owner of data processing is VAT number: IT05172850967. Email: email@example.com.
3. Types of Data collected and purposes of processing
According to the GDPR, Personal Data means any information relating to users that identifies them personally, either alone or in combination with other information. When you visit this website, we only collect and store Personal Data if you actively communicate it via multiple sources, email, and other means. Notwithstanding the above basic conditions, however, the web server of the host automatically registers information about accesses to this website (Browsing or Usage Data). We do not require or collect any sensitive personal information, that is, according to the provisions of the GDPR (Art. 9), Personal Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, data concerning health, or sexual orientation.
3.1. Browsing Data
This site collects non-sensitive Browsing Data by automatic means to enable and improve user navigation (e.g., IP address, date/time of the visit and its length, any referring URL, the pages visited on the site, the device used, and other information). The processing of such information allows you to access the site and fully enjoy its features and services. Furthermore, Browsing Data may be used to verify that the site is functioning properly. From time to time, Browsing Data is processed anonymously for statistical purposes. Browsing Data is stored only temporarily in compliance with the applicable law. In particular, your IP address will be processed during the connection process so that we can make this website available. It is based on Art. 6 para. 1 lit. f) GDPR. The legitimate interest is in the stated purpose. Browsing Data could also be used to ascertain responsibility in case of hypothetical crimes against the site.
3.2. Data provided voluntarily
The optional, explicit, and voluntary submission of Personal Data through this website involves the subsequent acquisition of your provided data, necessary for the provision of the requested service. In particular, the voluntary dispatching of electronic mail to the addresses indicated on this website entails the subsequent acquisition of your email address, necessary to reply to your requests, and also any other Personal Data contained in the message. The legal basis is Art. 6 para. 1 lit. f) GDPR, and the company’s legitimate interest lies in the purpose just mentioned.
4. Connection to third-party websites or platforms
This website may contain links to other third-party websites or platforms, such as social networks like Facebook and Twitter, to share its content. We cannot control the usage of cookies or other monitoring technologies of such websites to which this Policy does not apply, so we cannot be held responsible for their conduct with respect to Privacy Law. You are encouraged to read their privacy policies to verify how they collect and process personal information.
5. Mandatory or optional nature of processing
You have no contractual or legal obligation to provide any third party with Personal Data. So, apart from what is specified for Browsing Data, you are free to provide personal information optionally, explicitly, and voluntarily, according to the above-mentioned purposes. However, failure to provide them may make it impossible to complete the request.
6. Legal basis of processing
The legal basis of the processing of Personal Data is art. 6 of the GDPR if one of the following applies: — consent has been given for one or more specific purposes; — provision of data is necessary for the performance of an agreement and/or for any pre-contractual obligations thereof; — processing is necessary for compliance with a legal obligation; — processing is related to a task that is carried out in the public interest or in the exercise of official authority; — processing is necessary for the purposes of the legitimate interests.
7. Place of processing
Personal Data are processed by us in Italy and in any other places where the parties involved in the processing are located.
8. Communication and transfer of Data
Personal Data are processed by internal staff duly authorized to do so under their respective job duties. Whenever necessary and/or instrumental to the above-mentioned purposes, they may also be processed by third parties, appointed, if necessary, as Data Processors: companies and consultant firms providing assistance and/or consulting or performing related services on behalf of us, e.g., hosting, maintenance of IT systems, updating of the website. We will not transfer any personal information outside the European Economic Area (EEA) unless you have explicitly authorized such transfer or the transfer of personal information outside the EEA is allowed by the GDPR on another legal basis. Personal Data shall not, under any circumstances, be disseminated to unknown persons.
9. Processing methods and security measures
Personal Data are processed with IT, automated and electronic tools and, in limited cases, by using documentary means, following organizational procedures and modes strictly related to the purposes indicated. In accordance with the GDPR, we apply all industry-standard security measures to protect your personal information as is available to us within the hosting services, software, plugins, and addons used by this website. Specific security measures have been implemented to prevent data loss, unlawful or improper use, and unauthorized access, including data encryption (SSL/TLS) and a powerful firewall against common types of attacks, with protection from known security vulnerabilities, hacks, and malware. While we adopt primary security measures, at the same time, we cannot exclude the safety risks that are naturally involved in the online transmission of Data. You accept the inherent risks of providing personal information over the Internet and will not hold us responsible for any breach of security unless this breach is due to negligence or willful default.
10. Retention of Personal Data
Personal Data collected by this website will be kept – for each type of data processed – only as long as it is needed to provide you with the required services or to meet legal obligations or for the minimum period prescribed by the law. In order to determine the appropriate retention period for personal information collected and stored by this website under your consent, we will take into account multiple factors to ensure that personal information is not stored for longer than the necessary or appropriate period, including: — the purpose for which our site holds personal information; — legal and regulatory obligations in relation to that personal information; — any specific request in relation to the deletion of personal information; — legitimate business interests. We will promptly delete or anonymize personal information that is no longer needed or retained according to the law.
11. Affected rights
Under the GDPR, you are entitled to receive confirmation as to whether we hold any personal information about you. If you would like to request to review, correct, update, suppress, restrict, or delete Personal Data that you have previously provided, or if you would like to request to receive an electronic copy of your Personal Data for purposes of transmitting it to another company (to the extent this right to data portability is provided to you by applicable law), you may contact us by writing at firstname.lastname@example.org. We will respond to your request consistent with applicable law. In your request, please make clear what Personal Data you would like to have changed, whether you would like to have your Personal Data suppressed from the database or otherwise let us know what limitations you would like to put on the use of your personal information. In any case, you will always be entitled to file a complaint with the competent supervisory authority (the Italian Data Protection Authority) at www.garanteprivacy.it, pursuant to art. 77 of the GDPR, if you believe that the processing of your Data violates applicable law.
12. Additional information about Data collection and processing