Information on the processing of personal data of the users visiting the websites of the Emilia-Romagna Region

pursuant to Article 13 of the EU Regulation 2016/679

1. What is this information?

Visiting the Emilia-Romagna Region websites may result into processing data relating to identified or identifiable natural persons.

The information provided below describes, as required by the EU Regulation 2016/679, the processing operations performed on the personal data of the users visiting those websites.

2. Data controller

The data controller is the Giunta of Regione Emilia-Romagna, located in Bologna (Italia), Viale Aldo Moro, n. 52 - CAP 40127.

3. Data protection officer

The Emilia-Romagna Region's Data Protection Officer (DPO) can be contacted at the email address dpo@regione.emilia-romagna.it or by the Emilia-Romagna Region in Viale Aldo Moro 30, Bologna.

4. Data recipients

The data collected in the course of visiting the Emilia-Romagna Region websites may be processed by third parties which have been appointed as data processors by the Emilia-Romagna Region pursuant to Article 28 of the Regulation.

The personal data collected as above are also processed by staff from the Emilia-Romagna Region, acting on specific instructions concerning purposes and arrangements of such processing.

5. Legal basis for the processing

The personal data mentioned on this page are processed by the Emilia-Romagna Region in discharging its tasks that serve the public interest or are related to the exercise of its official authority; therefore it does not need your explicit consent.

5.1. Data communicated by users

The present statement does not appeal to data provided by users sending messages on the basis of the user’s free, voluntary, explicit choice, to our contact addresses, or filling in and sending the forms made available on our websites, for which we provide specific information notices.

5.2. Categories of personal data and purposes of the processing

Browsing data

The information systems and software procedures relied upon to operate this web site acquire personal data as part of their standard functioning; the transmission of such data is an inherent feature of Internet communication protocols.

This data category includes the IP addresses and/or the domain names of the computers and terminal equipment used by any user, the URI/URL (Uniform Resource Identifier/Locator) addresses of the requested resources, the time of such requests, the method used for submitting a given request to the server, returned file size, a numerical code relating to server response status (successfully performed, error, etc.), and other parameters related to the user's operating system and computer environment.

These data are necessary to use web-based services and are also processed in order to

- extract statistical information on service usage (most visited pages, visitors by time/date, geographical areas of origin, etc.);

- check functioning of the services.

Browsing data are kept for no longer than is necessary for the purposes for which they are collected and subsequently processed (except where judicial authorities need such data for establishing the commission of criminal offences).

Cookies and other tracking devices

No cookies are used to profile users nor are other user tracking systems implemented.

So-called session (non-persistent) cookies are used exclusively to the extent this is necessary to enable secure, efficient browsing.

Storage of session cookies in terminal equipment or browsers is under the user's control, whilst cookie-related information is stored server-side after HTTP sessions in the service logs like all other browsing data.

6. Recipients of personal data

Your personal data are not subject to communication or dissemination

7. Transfer of personal data to non-EU countries

Your personal data are not transferred outside the European Union.

8. Right to lodge a complaint

If a data subject considers that the processing of personal data relating to him or her as performed via this website infringes the Regulation, he or she has the right to lodge a complaint with the Italian data protection authority “Garante per la protezione dei dati personali” pursuant to Article 77 of the Regulation, or else to bring a judicial proceeding against the Garante pursuant to Article 79 of the Regulation.