PRIVACY AND PROTECTION OF PERSONAL DATA
of users consulting the website: https://archibiblio.istat.it
pursuant to Article 13 of Regulation (EU) 2016/679
WHY THIS INFORMATION
The information contained in this page is provided in accordance with the art. 13 of Regulation (EU) 2016/679 (hereinafter Regulation) and have the purpose of describing the methods of processing the personal data of users who consult the sites belonging to the domain “istat.it”.
The following information does not concern other sites, pages or online services accessible through hypertext links published on the site but referring to resources outside the ‘istat.it’ domain.
HOLDER OF THE TREATMENT
Following consultation of the site listed above, data relating to identified or identifiable natural persons may be processed.
The data controller is the National Institute of Statistics, with headquarters in Via Cesare Balbo 16, 00184 Rome (PEC: protocollo@postacert.istat.it; switchboard: +39 06.46731).
RESPONSABLE FOR DATA PROTECTION (WHERE PRESENT)
The Data Protection Officer (DPO) can be reached at the following address: National Institute of Statistics – Personal Data Protection Officer, via Cesare Balbo 16, 00184 Rome, email responsibleprotezionedati@istat.it.
LEGAL BASIS FOR PROCESSING
The personal data indicated on this page are processed by Istat for the performance of the public interest tasks entrusted to it (Article 15 of Legislative Decree No. 322/1989), as well as to ensure the functionality of the site.
DATA PROCESSED AND PURPOSE OF THE PROCESSING
Navigation data
The computer systems and software procedures used to operate this site acquire, in the course of their normal operation, certain personal data whose transmission is implicit in the use of Internet communication protocols.
This category of data includes the IP addresses or domain names of the computers and terminals used by users, the URI/URL (Uniform Resource Identifier/Locator) notation addresses of the resources requested, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user’s operating system and computer environment.
These data, necessary for the use of web services, are also processed for the purpose of:
obtain statistical information on the use of the services (most visited pages, number of visitors per time slot or per day, geographical areas of origin, etc.);
– monitor the proper functioning of the services offered.
Browsing data are not retained for more than seven days (except in the case of criminal investigations by judicial authorities).
Data communicated by the user
The optional, explicit and voluntary sending of messages to the Controller’s contact addresses, the private messages sent by users to institutional profiles/pages on social media (where this possibility is provided for), as well as the filling in and forwarding of forms on the Controller’s websites, entail the acquisition of the sender’s contact data, necessary for replying, as well as all the personal data included in the communications.
Specific information will be published on the pages of the Controller’s sites set up for the provision of certain services.
Cookies and other tracking systems
Cookies are small text fragments, usually consisting of letters and/or numbers, which are sent by the Site and stored by the browser installed on your device for browsing. Cookies are then transmitted back to the Site on your next visit.
Cookies make it possible to store information about visits to the Site and are a very useful technology, as they help the Site to function more efficiently. Without cookies, the Site would have no way of ‘remembering’ certain information, such as, for instance, the contents of a shopping cart.
Cookies can be classified according to:
- duration: session or persistent technical (navigation) cookies;
- provenance: first-party or third-party cookies;
- purposes: strictly necessary cookies, performance analysis cookies and behavioural advertising cookies.
No use is made of cookies for user profiling. The only processing carried out concerns the production of statistics, with pseudonymised data, on navigation on the indicated website.
The configuration adopted, so as to exclude the processing of identification data, collects the following information:
- The IP address, which is masked at least in its fourth component (xxx.xxx.x.0)
- The operating system used
- The type of browser
- The type of device (PC, smartphone, etc.)
Use is made of technical session (non-persistent) cookies, strictly limited to what is necessary for the safe and efficient navigation of the sites, in order to allow you to browse the site and make full use of its features. Without these cookies some necessary services cannot be used. They will therefore always be used and sent, unless the user changes the settings in their browser.
HOW TO DISABLE COOKIES
The user may deny consent to the use of cookies by selecting the appropriate setting on their browser.
Below are links explaining how to disable cookies for the most popular browsers (for other browsers you may use, we suggest you look for this option in the software’s help).
To delete cookies already stored on the device: even if the authorisation to use third-party cookies is revoked, cookies may have been stored on the user’s device before this revocation. For technical reasons, it is not possible to delete such cookies, but the user’s browser allows their deletion in the privacy settings. The browser options contain a ‘Delete Browsing Data’ option that can be used to delete cookies, site data and plug-ins.
RECIPIENTS OF DATA
The recipients of the data collected following consultation of some of the services listed above are the entities designated by the Data Controller, pursuant to Article 28 of the Regulation, as data processors, such as the providers of services for the development, provision and operational management of the technological platforms of the sites accessible by telematic means at the web address indicated. The full list of Data Controllers under Art. 28 GDPR can be requested from the Data Controller.
The personal data collected are also processed by the data controller’s staff, who act on the basis of specific instructions on the purposes and methods of processing.
RIGHTS OF INTERESTED PARTIES
The interested parties have the right to obtain from the National Statistics Institute, in the cases provided for, access to their personal data and the correction or cancellation of the same or the limitation of the processing that concerns them or to oppose the processing (articles 15 and following of the Regulation). The appropriate application may be submitted by contacting the Controller at the above-mentioned addresses.
RIGHT OF COMPLAINT
Interested parties who believe that the processing of their personal data relates to this website have the right to a right against the Guarantor for the protection of personal data, as provided for by art. 77 of the Regulation, or to assume suitable judicial offices (Article 79 of the Regulation itself).
UPDATING OF INFORMATION
This Privacy Policy is current as of 06/06/2023 and may be subject to change, of which the persons concerned will be promptly informed.