1. Processing of personal data
2.a. Personal data processed
Browsing data. The software systems and procedures on which this website runs might process some personal data whose transmission is inherent to the Internet’s communication protocols. The aforementioned data category (which includes, e.g. and not exhaustively, IP and DNS addresses) is processed by the controller for statistical reasons and in an anonymous form, but can be cross-correlated through a series of operations in order to render the user identifiable, for instance to ascertain its liability in case of damages to the website’s infrastructure.
Cookies. Cookies are small, automatically generated text files that get downloaded by the user’s device after browsing the website. Some of those files (session cookies) are removed automatically at the end of the browsing session.
2.b. Processing purposes
The user’s personal data are gathered and processed in respect of the general principles of fairness, lawfulness and transparency. The processing of user data is done for the following activities: Respond to requests, inquiries, comments or concerns; Identify and analyse usage trends, including for the purposes of research, audits, reporting; notify you about changes or updates to European Papers.
2.c. Processing modalities
In order to comply with the aforementioned obligations and to achieve the aforementioned goals, the personal data processed will be handled both through a digital database and through a physical archive. All personal data will be processed in compliance with the minimum security measures sanctioned by the applicable law, in order to minimize the risks of data destruction or loss, of unauthorised access and of processing beyond the scope of its original purpose.
2.d. Data disclosure by the user
The disclosure of the personal data concerning the fields marked or non-marked with an asterisk in the Newsletter form or in the Reply form that follows any work published on the website is necessary.
2.e. Data disclosure towards third parties
The user’s personal data may be disclosed, through various means, to the data controller and/or processor.
2.f. Data subject’s rights
With regard to the processing of its data, the user can exercise, even by delegation or through a proxy, the rights granted by Art. 7 of the Legislative Decree No 196 of 30 June 2003 (see below), i.e. the right of access, the right to obtain the data rectification, updating or integration, the right to erasure, anonymization or blocking of the personal data unlawfully processed, the right to opt out for legitimate reasons and the right to opt out from the processing of personal data with marketing or commercial purposes.
2.g. Data controller
The data controller is European Papers, as represented by its owner and director, prof. Enzo Cannizzaro, established at European Centre for European Law c/o University of Rome “Unitelma Sapienza”, Viale Regina Elena, 295 – I-00161 Rome (Italy).
European Papers, pursuant Art. 13 of Legislative Decree 30 June 2003, No 196, communicates the following information about the processing of personal data that will be required when using its website.
3.a. Nature of subjects
European Papers will process the personal data provided, and primarily:
- personal, identification and informative data, entered in the procedures of registration to the Newsletter or to Reply to works published on the website;
- other data necessary to comply with certain obligations arising from laws.
3.b. Aims of treatment
European Papers will process the data for administrative purposes and/or to comply with specific obligations under the contract or previewed by law.
In particular, the data provided will be object of treatment aimed to:
- registration to the Newsletter and Replying to the works published on the website;
- comply with specific requests of information even by e-mail;
- carry out statistical surveys;
- comply with certain obligations arising from laws, European Union rules and regulation and by requests and instructions of Authorities or supervisory bodies.
3.c. Processing modalities
The personal data you provide can be processed as foreseen by Art. 4, lett. a), of Legislative Decree No 196/2003, and will be stored and/or processed with the help of electronic, telematics and physical (documentation on paper) instruments, fairly and lawfully, to carry out the purposes outlined above.
Personal data are protected by the adoption of the minimum security measures provided by Arts 33, 34, 35, and Annex B of the Legislative Decree No 196/2003, that ensure their confidentiality, integrity, accuracy, availability and updatedness.
3.d. Data retention
The personal data of a registered user will be stored in a way that permits user identification just for the time necessary to the purposes for which they were collected and subsequently processed. The registered user can request, at any time, to delete his own data and to exercise further right provide by Art. 7 of the Legislative Decree No 196/2003 (see below). Rights of the data subject with reference to the processing of personal data, the data subject may exercise, even by proxy or by power of attorney to an individual or association, the rights granted by Art. 7 of Legislative Decree No 196/2003 (see below). The text of the article is reported at the end of this document.
3.e. Data controller and data processor
European Papers is the data controller, with its registered office at Viale Regina Elena, 295 – I-00161 Rome (Italy). In order to exercise the rights provided by Art. 7 of Legislative Decree No 196/2003 (see below), the data subject can contact data processor at firstname.lastname@example.org.
Art. 7. Legislative Decree No 196/2003 – "Right to access personal data and other rights"
1. A data subject shall have the right to obtain confirmation as to whether or not personal data concerning him exist, regardless of their being already recorded, and communication of such data in intelligible form.
2. A data subject shall have the right to be informed:
a. of the source of the personal data;
b. of the purposes and methods of the processing;
c. of the logic applied to the processing, if the latter is carried out with the help of electronic means;
d. of the identification data concerning data controller, data processors and the representative designated as per Section 5(2);
e. of the entities or categories of entity to whom or which the personal data may be communicated and who or which may get to know said data in their capacity as designated representative(s) in the State’s territory, data processor(s) or person(s) in charge of the processing.
3. A data subject shall have the right to obtain:
a. updating, rectification or, where interested therein, integration of the data;
b. erasure, anonymization or blocking of data that have been processed unlawfully, including data whose retention is unnecessary for the purposes for which they have been collected or subsequently processed;
c. certification to the effect that the operations as per letters a) and b) have been notified, as also related to their contents, to the entities to whom or which the data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected.
4. A data subject shall have the right to object, in whole or in part:
a. on legitimate grounds, to the processing of personal data concerning him/her, even though they are relevant to the purpose of the collection;
b. to the processing of personal data concerning him/her, where it is carried out for the purpose of sending advertising materials or direct selling or else for the performance of market or commercial communication surveys.