Italian National Agency for New Technologies, Energy and Sustainable Economic Development
INMRI logos
NATIONAL INSTITUTE OF IONIZING RADIATION METROLOGY

Privacy and cookies

PRIVACY POLICY PURSUANT TO ART. 13 OF REGULATION (EU) 679/2016 ON THE PROCESSING OF PERSONAL DATA (GDPR - General Data Protection Regulation)

This privacy policy is provided by ENEA - National Agency for New Technologies, Energy and Sustainable Economic Development pursuant to art. 13 of EU Regulation 2016/679 - General Data Protection Regulation, with respect to the processing of personal data provided through the website https://www.inmri.enea.it/en/ (hereinafter also "Website”).

This policy is provided only for the processing of personal data of Users (Data Subjects) collected through the Website and not for other websites that may be viewed by clicking on links (such as in the case of redirection to social networks).

1. IDENTITY AND CONTACT INFO OF THE DATA CONTROLLER

The Data Controller is ENEA - National Agency for New Technologies, Energy and Sustainable Economic Development, based at Lungotevere Thaon di Revel 76, 00196, Rome. You can contact the Data Controller by writing to the address above, or by sending an email to the following certified email address: .

2. CONTACT DETAILS OF THE DATA PROTECTION OFFICER (DPO)

The Data Protection Officer (DPO) for ENEA was appointed by Provision no. 34/2020/PRES of 6 February 2020. For communications relating exclusively to the processing of personal data, the DPO can be contacted at the following email address: .

3. PURPOSES AND LEGAL BASES FOR THE PROCESSING

Users' personal data are processed in order to:

  • Reply to requests sent to email addresses on the website.
  • Provide the services offered by ENEA and requested by the User (i.e. participation in courses, etc.).
  • Fulfil legal or administrative obligations.

4. NATURE OF DATA PROVISION

The provision of personal data through registration forms and the sending of communications to the email addresses on the Website for requesting information is optional. However, in the event of failure to provide the requested data, ENEA will not be able to provide the User with services that may be requested.

5. TYPES OF DATA PROCESSED

5.1. Navigation data

During their normal operation, the computer systems and applications used to operate this Website acquire some data (whose transmission is implicit in the use of Internet communication protocols) that are not associated with directly identifiable users.

The data collected include IP addresses of the computers used by Users connecting to the website, the addresses in the Uniform Resource Identifier (URI) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (success, error, etc.) and other parameters relating to the operating system and the user's computer environment.

5.2. Data provided voluntarily by the User

Other personal data collected are those provided by the User by sending communications to the email addresses specified on the Website and when registering.

The optional, explicit and voluntary sending of non-compulsory personal data, including through the sending of emails to the addresses specified on this website, entails the subsequent acquisition thereof, the sender's address necessary to respond to requests, as well as any other personal data included in the message.

6. PROCESSING METHOD AND STORAGE PERIOD

Personal data are processed using electronic tools in compliance with the provisions of art. 32 of the GDPR 2016/679 and the other regulations and specific Provisions of the Personal Data Protection Authority regarding security measures.

The Data Controller shall ensure that the personal data being processed are:

  • Processed in a lawful, proper and transparent manner with respect to the Data Subject.
  • Collected and recorded for specific, explicit and legitimate purposes, and used in other processing operations in that are terms compatible with these purposes, and in any case to the extent that the processing is necessary for the fulfilment of the aforementioned purposes (in this regard, the use of personal data and identifying data must be reduced to a minimum).
  • Accurate, and updated if necessary.
  • Pertinent, complete and not exceeding the purposes for which they are collected and subsequently processed.
  • Stored in a form that allows their deletion, correction (as well as the consequent notification of any recipients to which the personal data subject to a request for correction or deletion have been disclosed), as well as the restriction or objection to their processing;
  • Stored in a form that allows the identification of the data subject for a period of time not exceeding what is necessary for the purposes they were collected and subsequently processed for.

More specifically, browsing data shall be kept for the duration of the browsing session on the Websites, while personal data voluntarily provided by the User shall be kept for the time necessary to respond to the requests of the Data Subject, for the time necessary for the performance of the services requested through the Website and for the data retention times imposed by legal or regulatory obligations.

The sending of emails to the addresses specified on this Website entails the subsequent acquisition of the sender's address, necessary to respond to the requests, as well as any other personal data included in the message.

The personal data provided by the Data Subjects who submit such requests are used only to perform the services envisaged or to respond to any questions and are disclosed to third parties only if necessary for such fulfilment.

ENEA adopts the necessary security measures envisaged by the GDPR to protect the data collected in order to prevent the risks of loss or theft of data, unauthorised access or illegal or improper uses.

7. CATEGORIES OF RECIPIENTS

For the purposes detailed in art. 3, Users' personal data may be disclosed or made accessible to:

  • ENEA employees and contractors in their capacity as persons authorised to process data pursuant to art. 29 GDPR.
  • Any additional outsourced service providers on behalf of the Data Controller (e.g. IT service providers and/or postal services) as Data Processors.
  • All parties whose right to access such data is recognised by regulatory or authoritative measures; to all natural and/or legal persons, public and/or private when necessary or functional to the performance of the services requested through the Website, in the ways and for the purposes illustrated above.

In no case will personal data be disclosed, disseminated, sold or otherwise transferred to third parties for unlawful purposes, and in any case without providing suitable information to the Data Subjects and obtaining their consent in advance, where required by law.

This without prejudice to any disclosure of data at the request of judicial or public security authorities, in the manner and in the cases envisaged by law. Personal data shall not be transferred abroad to countries or international organisations not belonging to the European Union that do not guarantee an adequate level of protection, recognised pursuant to art. 45 GDPR on the basis of an adequacy decision of the EU Commission. If for the provision of the services of the Website it is necessary to transfer personal data to countries or international organisations outside the EU for which the Commission has not adopted any adequacy decision pursuant to art. 45 GDPR, this will take place only in the presence of adequate guarantees provided by the recipient country or organisation pursuant to art. 46 GDPR and provided that the data subjects have actionable rights and effective remedies.

In the absence of an adequacy decision by the Commission pursuant to art. 45 GDPR or of adequate guarantees pursuant to art. 46 GDPR, including binding corporate rules, the cross-border transfer shall only take place if one of the conditions indicated in art. 49 GDPR occurs.

8. RIGHTS OF THE DATA SUBJECTS

Articles 15-22 of the Regulation grant the data subject the exercise of the following rights:

  • Request confirmation of the existence or otherwise of one’s personal data (art. 15 par. 1).
  • Obtain information about the purposes of the processing, the categories of personal data, the recipients or categories of recipients to whom the personal data have been or will be disclosed, and when possible the storage period (art. 15 par.1 lett a, c).
  • Have the data corrected or deleted (art. 16 and 17).
  • Obtain the restriction of processing (art. 18).
  • Obtain information from the Data Controller on the recipients which the personal data have been disclosed to and any corrections or deletions or restrictions on processing (art. 19).
  • Obtain the portability of the data, i.e. receive them from a Data Controller in a structured, commonly used format that is readable by automatic devices, and transmit them to another data controller without impediment (art. 20).
  • Object to an automated decision-making process relating to natural persons, including profiling (art. 21 and 22).
  • If the processing is based on consent, be able to withdraw such consent at any time (art. 7, para. 3).

Data Subjects have the right to lodge a complaint with the Supervisory Authority pursuant to art. 77 of the Regulation, or to take appropriate legal action.

9. HOW TO EXERCISE YOUR RIGHTS

The above rights are exercised by submitting a request to the Data Controller by sending an email to . The request can be made freely and without following any specific format by the Data Subject, who shall be entitled to receive an appropriate reply within a reasonable amount of time, depending on the circumstances of the case.

To exercise his/her rights, the Data Subject may use non-profit bodies, organisations or associations whose statutory objectives are in the public interest and which are engaged in the protection of Data Subjects’ rights and freedoms with regard to the protection of personal data, for this purpose giving them an appropriate mandate. The Data Subject may also be assisted by a trusted person.

You can receive more information on the purposes and methods of processing your personal data by writing to and specifying “Privacy” in the subject.

To know your rights, lodge a complaint/report/appeal and to remain updated on the laws regarding the protection of individuals with regard to the processing of personal data, the Data Subject can contact the Personal Data Protection Authority, consulting the website at http://www.garanteprivacy.it/.


COOKIE POLICY

1. What is a cookie and what is it for?

A cookie is a small file that is sent to the browser and saved on the user's device (PC, Tablet etc.) when you access and use the website https://www.inmri.enea.it/en/  (hereinafter also referred to as "Website”).

Cookies allow an efficient operation of the Website and improve its performance, including through the collection and analysis of aggregate information, which allow the Website operator to understand how to improve the Website’s structure and sections. Using cookies it is also possible to collect information for statistical purposes, mainly to personalise the user's browsing experience, remembering their preferences (e.g. language, currency etc.).

Cookies are classified according to their duration and the website that set them, so different cookies are used depending on the individual purposes.

2. What cookies do we use?

The Site uses cookies and other technical identifiers and first and third-party analytics cookies that are comparable as indicated in the COOKIE GUIDELINES AND OTHER TRACKING TOOLS (Register of GPDP measures no.231 of 10 June 2021, web doc. No.9677876).

Technical cookies

Technical cookies can be divided into browsing or session cookies, which guarantee normal browsing and use of the Website (e.g. coordinating the modules that make up the pages of the Website or correlating the pages visited to the same working session), and analytical cookies, similar to technical cookies only if used for optimising the Website directly by the website operator (so-called first-party analytical cookies), who may collect aggregate information on the number of users and how they visit the Website (e.g. to compile statistics on the most-visited pages, to collect aggregate data on visits by operating system, browser etc.).

Session cookies

Use of session cookies is strictly limited to the transmission of session identifiers (consisting of server-generated random numbers) and software usage data necessary to allow secure, efficient navigation of the website: session variables (so-called cookies) can avoid the use of computer techniques that are potentially detrimental to the confidentiality of user navigation and do not allow the acquisition of identifying personal data. Session cookies are not stored permanently on the user's device (PC, Tablet etc.), but rather are recorded locally for periods of time established according to the session variables (whose values stored on the device's hard disk can still be deleted; you can also disable cookies by following the instructions provided by the main browsers). Session cookies remain stored on the device for a short period of time and are then deleted when the web browser is closed.

Persistent cookies

Persistent cookies save a file in the memory of your device (PC, Tablet etc.) for a long period of time. This type of cookie has an expiration date. Persistent cookies allow websites to remember information and settings at subsequent visits by users, thus making browsing more convenient and faster. When the cookie expires, it is automatically deleted the next time you log on to the website that created it.

Third-party cookies

Third-party cookies are set by a website other than the one you are visiting and reside on servers other than the one you are visiting. Therefore, the use of data collected by these external operators through cookies is subject to their respective privacy policies.

The Matomo Analytics software is used to provide detailed and real-time reports on website visitors, including the search engines of origin, keywords used, language used and most visited pages. The software is installed on Agid platforms (https://webanalytics.italia.it/), therefore the data generated by the traffic and the aggregate processing are stored in its database, thus remaining within AGID, ensuring full compliance with the GDPR. For more information on this analytical software: https://matomo.org/.

To consult the privacy policy of the company Matomo Analytics, owner of the software, please refer to the website https://matomo.org/privacy/. The explanation below illustrates in more detail the cookies used on our site and the related purposes for which they are used.

While browsing this website, the user may also receive cookies on his/her device that are sent to interact directly with social platforms.

The website incorporates Facebook, Twitter, YouTube, and LinkedIn buttons and widgets.

The owner of the Website does not have access to the data that are thus collected and processed independently by the operators of social network platforms.

For more information on how the data collected by social networks (Twitter, Facebook, LinkedIn etc.) are processed, please refer to the privacy policies of those services.

3. Details of the cookies used

The explanation below provides more detail on the cookies used on our website and their purposes.

Necessary (1)

The necessary cookies help make a website usable by enabling basic functions such as browsing the page and accessing the secure areas of the website. The website cannot function properly without these cookies.

NAME

SOURCE

PURPOSE

EXPIRATION

TYPE

hex (32)

inmri.enea.it

This is a session cookie which is deleted when you close your internet browser.

Session

HTTP Cookie

Statistics (2)

Statistical cookies help website owners understand how visitors interact with websites by collecting and transmitting information in anonymous form.

NAME

SOURCE

PURPOSE

EXPIRATION

TYPE

_pk_id#

inmri.enea.it

Used by the Matomo Analytics platform.

1 year

HTTP Cookie

_pk_ses# inmri.enea.it Used by the Matomo Analytics platform. Track the visitors's page requests during the session 1 day HTTP Cookie

Detailed information on third-party cookies used on the website is provided, as well as the links through which the user can receive more information and request deactivation of cookies.

Social network buttons and widgets

Social buttons are the ones on the website that depict social network icons (e.g. Facebook and Twitter) and that allow users who are browsing to interact directly with social platforms with a click.

Social buttons that track users are not used on the website, but only links that refer to the Owner's accounts on the social networks depicted. Below are the links where the user can read the privacy policies relating to the management of data by Social Networks

https://en-gb.facebook.com/about/privacy

https://en-gb.facebook.com/help/instagram/155833707900388

https://www.linkedin.com/legal/privacy-policy

https://twitter.com/en/privacy

https://www.youtube.com/intl/ALL_it/howyoutubeworks/user-settings/privacy/

4. How long do we keep your data?

The data are kept for the amount of time indicated in the table above. In order to complete statistical processing, the data for analytical purposes (statistics) are kept in aggregate form for a further two months (for a total of 26 months).

The browsing data collected by the website are kept for the time necessary to allow the browsing of the website itself and in any case for the time specified in the table above.

5. How can I disable cookies?

Most browsers are configured to accept, control or even disable cookies through their settings. Please note, however, that disabling technical cookies, even partially, could compromise the operation of the Website and/or limit its functionality.

In contrast, disabling third-party cookies does not affect navigability in any way.

Below are the links to the instructions provided by the main browsers for managing the settings on the installation of cookies:

Chrome: https://support.google.com/chrome/answer/95647?hl=en

Firefox: https://support.mozilla.org/en-US/kb/block-websites-storing-cookies-site-data-firefox

Internet Explorer: https://support.microsoft.com/en-us/help/17442/windows-internet-explorer-delete-manage-cookies

Opera: https://help.opera.com/en/latest/web-preferences/#cookies

Safari: https://support.apple.com/en-gb/guide/safari/sfri11471/mac

Microsoft Edge: https://support.microsoft.com/en-us/microsoft-edge/delete-cookies-in-microsoft-edge-63947406-40ac-c3b8-57b9-2a946a29ae09

feedback