This page describes how to manage the portal of the Autonomous Region of Valle d’Aosta/Vallée d’Aoste regarding the processing of personal data of users who consult it. This is information provided pursuant to art. 13 of Regulation EU 2016/679, General Data Protection pursuant to art. 13 of EU Regulation 2016/679, General Regulation on the protection of data of those who interact with the site of the Autonomous Region of Valle d’Aosta/Vallée d’Aoste from the address www.regione.vda.it and not for other external websites and possibly linked to this via link.
Additional information may be provided within the different access channels, divided on the basis of the topics covered (Thematic Areas).
1. FINALITY OF DATA PROCESSING
The collected data are processed in compliance with the rules established by the Regulation for the following purposes:
- carrying out its tasks in the public interest or in any case related to the exercise of its public authority, including the purposes of archiving, historical research and analysis for statistical purposes;
- compliance with obligations laid down by law, regulations;
- community legislation: the provision and execution of “Newsletter” services.
Specific purposes, related to individual processing, may be reported in detail within the various access channels. Within them, the user can find additional information on the processing of personal data.
2. TYPE OF DATA PROCESSED
2.1. Personal data provided voluntarily by the user
During the provision and execution of the Services offered by the regional site, the user voluntarily provides some personal data (name, surname, email, etc.) for the purposes referred to in point 1 of this statement.
These data are collected following the completion of the specific fields, present in the individual services or as a result of sending to the Owner of the processing of e-mails to the e-mail addresses indicated on this site; some data are essential to provide appropriate response to requests from users. In any case, the processing of sensitive and judicial data that, if provided voluntarily by the user, will be duly deleted is excluded.
2.2. Browsing data – Log files
The computer systems and applications dedicated to the operation of this website detect, during their normal operation, some data (the transmission of which is implicit in the use of Internet communication protocols) not associated with directly identifiable users.
The data collected includes the IP addresses and domain names of the computers used by users who connect to the site, the addresses in URI (Uniform Resource Identifier) notation of the requested resources, the time of the request, the method used to submit the request to the server, the file size obtained in reply, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters concerning the operating system and the computer environment used by the user.
These data are processed, for the time strictly necessary, for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its smooth operation.
2.3. Cookies For information
3. COMMUNICATION AND/OR DISSEMINATION
The collected data will be processed exclusively by the staff and collaborators of the Regional Authority. These data are processed, in the role of Data Processor pursuant to art. 28 of the Regulations, by the regional company IN.VA. S.p.a., which carries out management and maintenance of information systems on behalf of the Region.
Alcune operazioni di trattamento potrebbero essere altresì effettuate anche da altri soggetti terzi, ai quali la Regione affida talune attività, o parte di esse, funzionali all’erogazione dei servizi.
On such additional persons, designated as Data Processors, are imposed by the Region, by contract or other legal act in accordance with EU or Member State law, appropriate obligations regarding the protection of personal data through operational instructions, with particular reference to the adoption of appropriate technical and organizational measures, in order to ensure the confidentiality and security of data pursuant to art. 32 of the Regulation.
Apart from these hypotheses, the data will not be disclosed to third parties or disseminated, except in cases specifically provided for by national or European Union law.
4. TRANSFER OF DATA TO NON-EU COUNTRIES
The data collected and processed are not transferred to companies or other entities outside the Community.
5. DATA RETENTION PERIOD
The criteria used to determine the period of retention of personal data are those suggested by the Italian rules in force on storage and, in any case, compliance with the principles of lawfulness, necessity and proportionality, as well as the purposes for which the data were provided.
6. RIGHTS OF USERS (AS “DATA SUBJECTS”)
Users can exercise at any time the rights provided by art. 15 and ss. of EU Regulation 2016/679 where applicable. These include, in accordance with the provisions of Articles 13, paragraph 2, letters (b) and d): the right to request the rectification or erasure of registration data concerning him, the restriction of processing or to oppose their processing in the cases provided for; the right to lodge a complaint with the Guarantor for the protection of personal data, following the procedures and indications published on the official website of the Authority on www.garanteprivacy.it
7. DATA CONTROLLER
The data controller, concerning identified or identifiable persons who have consulted this site, is the Autonomous Region of Valle d’Aosta/Vallée d’Aoste, based in Aosta, Piazza Deffeyes, 1.