Privacy Policy – PROTON

Subject: Notice pursuant to Article 13 of the Italian Legislative Decree no. 196/2003

This page describes how to manage the site in relation to the processing of personal data of website Users.

This notice is given to those who interact with the on-line services available at the following website also pursuant to art. 13 of the Italian Legislative Decree no. 196/2003 – Italian Code for protection of personal data: https://www.projectproton.eu

This notice is prompted by Recommendation no. 2/2001 implemented on May 17th 2001 by the European Authorities for personal data protection, brought together in the Working Party established by Art. 29 of Directive no. 95/46/EC in order to identify several minimum requisites for the collection of personal data online, and, in particular, the procedures, times and the nature of the information that data controllers must supply Users when the latter connect to web pages, regardless of the purposes of connection.

DATA CONTROLLER

Following the website navigation the details concerning an identified or identifiable natural person (data subject) can be treated. In accordance with article 28 of the Privacy Code the Data Controller is the PROTON Consortium, represented by youris.com, based in Dréve du Pressoir 38, B-1190 Brussels (Belgium).

PLACE OF DATA PROCESSING

The data processing related to the website’s services takes place at the Secretariat of youris.com located in Milan (Italy) Via Torino 2. The applicable law is therefore the Italian Privacy Code considering the effective and real processing activity and the context in which the personal data are processed.

The data processing is performed by internal personnel officially appointed and trained in maintaining safety and confidentiality of personal data.

The data generated with navigation and the data provided voluntarily by the User via e-mail or via the registration form to access the offered services will be stored and kept in the database of the Hosting & Cloud Service Provider on which youris.com relies.

Through special statements laid down in contracts, the a.m. Provider claims that the servers used to host and store the site database are located in data centres within the European Union.

The services offered are in compliance with the relevant legislation on data protection thanks to the adoption of appropriate safety measures.

PURPOSE OF THE PROCESSING OF PERSONAL DATA VIA THE WEBSITE

The personal data collected through the website, and/or voluntarily provided by the data subjects will be used directly and/or by Consortium Members for the following purposes:

a) to carry out statistics and reports in anonymous form (to assess the download of the material provided, the number of times a website was accessed, the most visited pages, the average visit duration, the country of origin of Users etc.);

b) to provide information and answers about our services;

c) to send newsletters and information on the services offered by the PROTON Consortium by means of traditional contact methods, i.e. phone calls made by an operator or automated phone calls and similar methods (e.g. fax, e-mail, text messages etc.).

TYPES OF PROCESSED DATA

a) Data provided voluntarily by the User
The explicit and voluntary provision of personal data by the User is essential in order to have access to certain services offered by the Data Controller through the website (e.g. Newsletter Subscription) and it involves the acquisition of personal data and contact details as well as any other personal data included in the missive, which are required to respond to requests or to provide services available.

b) Navigation Data (Data deriving from User’s navigation)
The computer system in routine activities can store some of your browsing data. These data, although not collected to be associated with your identity, may indirectly allow your identification through processing and association with data held by PROTON Consortium. For this reason they could be considered “personal data” according to the Privacy Code. This category of data (which includes, by way of example but not limited to, IP addresses and domain names of the User’s computer) is collected by the Data Controller for statistical purposes in anonymous form, but by means of some data processing procedures it could be possible to trace the User identification in order to ascertain any liability for crimes committed via the Website or damages against it.

c) Cookies
Cookies are small text files that are stored on the User’s computer’s browser directory when visiting certain websites. The website uses cookies for specific and limited purposes, namely to provide easier navigation and for the purposes of internal security, of statistical analysis related to navigation and of system administration. Session cookies allow Users to be recognized within a website so any page changes or item or data selection you do is remembered from page to page. Session cookies are temporarily stored in the computer memory only during a User’s browsing session and are automatically deleted from the User’s computer when the browser is closed. Persistent cookies remain in the browser’s subfolder and are activated again once the User visits the website that created that particular cookie thus facilitating the navigation and making it faster (with the “keep me logged in” option). Analytical cookies collect anonymous data for internal purposes with the aim of providing a better browsing experience to the User. These data help us to understand how visitors use our website, the number of visits, the most visited pages, the average duration of visits and much more, allowing us to improve the content of our website and the way it is presented. These are third-party cookies, which are sent and managed by a Third Party whom the Data Controller has engaged to store User preferences and for marketing purposes. No personal information is collected about you or about your computer.
All collected data are anonymous and aggregated.

d) Google Analytics
This website uses Google Analytics, a simple, easy-to-use tool that helps website owners measure how Users interact with website content. Google Analytics gives us the ability to track the visitor interactions by using first-party cookies that can record information about the time and the page a User has seen, for example the URL of the page, and “remember” what a User has done on previous pages or any interactions with the website.
Google Analytics tracks and traces the website visitors IP address to identify the visitors by providing their geographical location. Google Analytics does not collect any personal information about the website Users it reports website trends without identifying individual visitors.

PROTON Consortium shall not use (and shall not allow any third party to use) this Service to record, collect or upload any data that identify an individual (such as for example name, email address, IP address, billing information) or other data that can be reasonably linked to such information by Google. You may decline cookies by deactivating them in your browser but this may prevent you from accessing certain or all features of this website.

OPTIONAL PROVISION OF DATA

Except for the navigation data needed to support implementation of computer and telecommunication protocols, the provision of personal data is optional and not mandatory.
Failure to provide requested personal data will however make it impossible to obtain the service requested by the User and to respond to requests.

METHODS OF DATA PROCESSING

In addition to the data collection, the processing of your personal data may involve their recording, storage, modification, communication, cancellation. The data processing shall be carried out by authorized personnel with the use of electronic equipment. Storage of personal data shall be in electronic form for the time strictly necessary to meet the purposes and in accordance with local regulations.

With regards to the personal information you provide, please note that all the necessary steps will be taken to ensure the confidentiality and security of shared data, in compliance with the provisions of the Privacy Code. In particular, we will implement all the technical, organisational, logistical and procedural security measures in line with technological developments pursuant to the Code in order to guarantee the minimum level of data protection required by the legislation in force.

DATA COMMUNICATION

The personal data can be communicated to employees and internal staff of the Data Controller as well as to any consultants and to those entitled to it by virtue of provisions laid down by law, by regulations and Community legislation. Personal data collected for pursuing the above mentioned purposes shall be disclosed, in so far as they are concerned, to PROTON Consortium, including but not limited to the following categories:

a) Organisations that are part of the PROTON Consortium;

b) Persons in charge of managing the website and the related activities;

c) Persons who provide services for the management of the information system of the company;

d) Persons carrying out monitoring, auditing and certification activities with regard to the business in which organisations are in, even in the customers’ interest;

The communication of personal data for such purposes is mandatory for the required services and hence the processing of these data requires User’s consent.

DATA RETENTION

The data will be stored and processed for the time necessary to fulfil the business.

At a later stage the data will be preserved only for the time required by law.

USERS’ RIGHTS

The subjects to whom the personal data refer are entitled to receive confirmation as to the existence of their personal information at any time. Furthermore data subjects are entitled to know content and origin, to verify accuracy or to request integration, updating or correction of data concerning themselves (pursuant to Art. 7 of Legislative Decree no. 196/2003).

In accordance with the above mentioned Article the data subjects have the right to request cancellation and transformation into anonymous form of the data relating to them and processed in violation of the law as well as to object to the processing of such data and to have processing stopped when there is a justified objection.

Requests shall be addressed to the Data Processor.

Below we report an exhaustive list of the data subject’s rights:

Article 7 – Right of access to personal data and other rights

1. The Interested Party is entitled to receive confirmation as to the existence of his/her personal information, even if not yet recorded, and the communication of this information in a comprehensible form.

2. The Interested Party has the right to obtain the following information on:
a) the source of personal data;
b) the purposes and processing methods;
c) the logic applied when the data is processed with the use of electronic equipment;
d) the identity of the Data Controller, Data Processor and the designated representative in accordance with Article 5, Paragraph 2;
e) the subjects or categories of subjects to whom the personal data may be communicated, or who can learn about them as appointed representatives of the State, of managers or employees.

3. The Interested Party has the right to obtain:
a) updating, rectification or, when interested, integration of data;
b) cancellation, transformation into anonymous form or blocking of data processed unlawfully, including data whose retention is unnecessary for the purposes for which the data were collected or subsequently processed;
c) evidence that operations (a) and (b) have been communicated, including the exact content, to those to whom the data were disseminated, unless this requirement proves impossible or requires manifestly disproportionate measures with respect to the protected right.

4. The Interested Party is entitled to oppose the following, either in whole or in part:
a) for legitimate reasons, the processing of personal data, even if pertinent for collection purposes;
b) the processing of his/her personal data for the purpose of sending advertising materials, direct sales, or for carrying out market research or commercial communication.

Requests shall be submitted through following means:
e-mail to: silvia.raimondi@youris.com

CONSENT TO PERSONAL DATA PROCESSING

After having read the privacy information above, the Data Subject can expressly accept – by using the designated section – data collection/recording and give consent to the processing of his/her personal data, within the limits and for the purposes and duration defined in the Privacy.