Last updated on 16/11/2022
- WHO PROCESSES YOUR DATA
- WHICH DATA DO WE PROCESS
- WHAT ARE THE PURPOSES OF DATA PROCESSING?
- HOW DO WE PROCESS YOUR DATA?
- HOW LONG DO WE PROCESS YOUR DATA?
- TO WHOM DO WE COMMUNICATE OR TRANSFER YOUR DATA?
- WHAT ARE YOUR RIGHTS AND HOW CAN YOU EXERCISE THEM?
In this document, we describe how we manage the website https://www.italianpeptidesociety.it (hereinafter "Website") with reference to users personal data processing. The Website is managed by the scientific association ItPS - Società Italiana Peptidi, with headquarter in Via Ugo Schiff 6, 50016 Sesto Fiorentino, Firenze, Italy (hereinafter "ItPS").
2) WHO PROCESSES YOUR DATA
The data controller is the scientific association ItPS - Società Italiana Peptidi, with headquarter in Via Ugo Schiff 6, 50016 Sesto Fiorentino, Firenze, Italy, email address: email@example.com ("ItPS").
3) WHICH DATA DO WE PROCESS
- Navigation data: The information systems and software procedures relied upon to operate this Website collect personal data as part of their standard functioning; the transmission of such data is an inherent feature of Internet communication protocols. This information is not gathered to be associated with identified subjects but by their very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes the IP addresses or domain names of the computers used to connect to the Website, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (success, error, etc.) and other parameters relating to the operating system and the user's IT environment. These data are used for the purpose of obtaining statistical information on the use of the Website and to check its correct functioning and they are deleted in line with the requirements of applicable law. The data could be used to ascertain responsibility in case of possible criminal actions or damages against the Website only to the extent permitted by applicable law.
- Identification data, contact data and other personal information: Optional sending of e-mail messages to the addresses indicated on this Website entails the subsequent acquisition of the sender's address, necessary to respond to the requests, and of any other personal data included in the message. If you collect, process and communicate to us information of third parties, you will need to do so in accordance with the provisions of the GDPR and, therefore, you will need to give the third parties prior information on the purposes and methods of processing and, if necessary, you will need to collect their free and express consent before carrying out the processing activity.
Through our Website you can also send a message to request for information or assistance; to do so, you can fill in a form with your name and surname, the email address to be contacted with the reply to your request, and, if necessary, a short text message.
Furthermore, your email address can be processed when you decide to subscribe to our newsletter.
If you are part of our press and media contact lists, we may process the data you provided for your work, such as your name, surname, email and other contact details, agency or company for which you work.
Specific summary information notices will be progressively reported or displayed on the Website pages set up for particular services on request.
4) WHAT ARE THE PURPOSES OF THE DATA PROCESSING?
We process your personal data for the following purposes and we indicate the respective legal bases:
- To manage and operate our Website, providing you access to it, to improve it and to solve potential problems in accordance with the GDPR, Article 6 (1) (f). Processing is based on ItPS's legitimate interest in presenting its activities and its products to the public, ensuring the functioning of the Website, improving its appearance and user experience. For these purposes ItPS acts as data controller.
- To send you newsletters and invitations to events organized by ItPS in accordance with the GDPR, Article 6 (1) (a). When you subscribe to the newsletter, ItPS, as data controller, with your consent uses your data (your email address) to send you communications via email about ItPS, such as news and promotions, commercial and advertising communications about the products and services offered, invitations to events organized by ItPS (or in which they take part). Failure to provide your data does not affect your ability to browse our Website. You can withdraw your consent with future effect at any time by sending us an email at the addresses indicated above or by using the link offered on the bottom of each newsletter you receive.
- To send you information material and answers to your requests in accordance with the GDPR, Article 6 (1) (b) and (f). You can send us messages and requests through the forms on our Website or directly to the addresses on the same; we use your information to answer your requests. Processing is based on the performance of the contract with the data subject, including the fulfilment of any requests you made or on the legitimate interest of ItPS to respond to your messages or requests. Failure to provide your data may make it impossible for ItPS to fulfil your requests. ItPS is the data controller for this purpose.
- To communicate with our press contacts in accordance with the GDPR, Article 6 (1) (a) or (f). If you are part of our press and media contact lists, we may process data you provided to send you information of interest to your work, such as the organization of events by ItPS, the introduction of new products or other initiatives that we advertise through our press channels. The processing is based on ItPS's legitimate interest for sponsoring its activities to the audience through traditional channels, and, where required under applicable law, your consent. If you no longer wish to receive our information, you can contact us at the contact details indicated above to object or withdraw your consent, as appropriate. ItPS is the data controller for this purpose.
The provision of you data is neither a statutory nor a contractual requirement. You are not obliged to provide us with your data, however, failure to do so may prevent you from using all features of the Website or our the full range of our Services.
5) HOW DO WE PROCESS YOUR DATA?
Your personal data can be processed with automated and/or paper-based tools.
The security of your personal data is important to us. We adopt - and we require our service providers to adopt - adequate technical and organizational security measures to prevent data loss or destruction, even accidental, unlawful or incorrect uses and unauthorized access to data, in compliance with applicable laws. Furthermore, IT systems are set in a manner that allows to use personal and identification data only if necessary to achieve specific processing purposes.
We implement multiple technologies and security procedures to protect personal data from the risks described above.
However, we would like to remind you that electronic transmission and information storage are not 100% safe. Therefore, we are not able to guarantee that loss, misuse or alteration of the data will never occur, despite the security measures we implement to protect your personal data.
We do not use automated individual decision-making that would produce legal effects for you or would similarly significantly affect you.
6) HOW LONG DO WE PROCESS YOUR DATA?
7) TO WHOM DO WE COMMUNICATE OR TRANSFER YOUR DATA?
Our authorized staff, according to respective needs, will process your personal data. Furthermore, your data will be processed by our suppliers for technical and organizational services functional to the processing purposes stated above, such as for example suppliers of technical assistance services for the Website; suppliers of hosting services; suppliers of services for the multiple sending of marketing communications; suppliers of documents and data archiving services. These parties act as our data processors based on our instructions and on the agreements signed with us.
We might disclose your personal data to authorities or public bodies and to any other legitimate recipient pursuant to the law. In this case, the recipients will act as autonomous data controllers according to their respective institutional purposes.
To receive the updated list of your personal data recipients you can contact us at the contacts indicated above.
8) WHAT ARE YOUR RIGHTS AND HOW CAN YOU EXERCISE THEM?
Pursuant to - and subject to certain restrictions under - applicable personal data protection law, you can request to access your personal data, to verify its accuracy or to ask its rectification or update at any time.
You can also request to erase your personal data, as well as to limit your data processing in the cases provided by the law and you can object to the processing of your data on grounds relating to your particular situation, at any time, unless for the existence of compelling legitimate grounds of processing by the data controller or as otherwise restricted under applicable personal data protection law.
The right to object to the processing of personal data can be exercised at any time in cases of processing for direct marketing purposes.
You can also request portability of your data, and receive such data in a structured format, commonly used and machine-readable, and you can request that your data be transferred to another data controller without any obstruction from our part.
You can lastly withdraw your consent to the processing of personal data at any time.
Lastly, you can lodge a complaint with the competent supervisory authority or contact the authority if the exercise of your rights is subject to delay, limitation or exclusion by the data controller.
The contact details of the national supervisory authorities can be found here: https://edpb.europa.eu/about-edpb/board/members_en.
The contact details of the German state data protection authorities can be found here: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html. You can also exercise all other rights provided to you under national data protection laws.