Pursuant to Regulation (EU) 2016/679 (hereinafter 'GDPR'), the following document describes how the personal data of users consulting the website www.blueskills.ogs.it (hereinafter 'the website') are processed.
DATA CONTROLLER
The Data Controller is the National Institute of Oceanography and Applied Geophysics - OGS (hereinafter also "OGS" or "Data Controller"), located in Borgo Grotta Gigante 42/c - 34010 Sgonico (TS).
In order to exercise the rights recognized by the REGULATION (EU) 2016/679 (hereinafter "GDPR" or "Regulation") or to ask for any clarification regarding the processing of personal data, the Data Controller can be contacted at the following address: privacy@inogs.it.
The Data Controller has appointed a Data Protection Officer, who can be reached at the following address: dpo@inogs.it.
WHAT ARE COOKIES?
Cookies are small text files that are sent to the user’s browser (Internet Explorer, Mozilla Firefox, Google Chrome, etc.) by the websites visited. Once in the browser, cookies are stored in order to be retransmitted to the same websites the next time the same user visits them.
Cookies are used for different purposes: carrying out computer authentication, session monitoring, storing information on specific configurations concerning users accessing the server, storing preferences, or to facilitate the use of online content, such as keeping track of items in a shopping cart or information for filling out a computer form, etc.
Cookies can also be used to profile users, i.e. to 'observe' their behaviour, for example in order to send targeted advertising, measure the effectiveness of the advertising message and adopt consequent commercial strategies. In this case we speak of profiling cookies.
The same result can also be achieved by means of other tracking tools or techniques, including fingerprinting.
In the course of browsing a website, the user may also receive cookies from different websites or web servers (so-called 'third-party' cookies); this happens because the website visited may contain elements such as, for example, images, maps, sounds, social buttons ('I like' Facebook, etc.) specific links to web pages from other domains that reside on servers other than the one on which the requested page is located. In other words, they are those cookies that are set by a website other than the one you are currently visiting.
Technical cookies are defined as those used for the sole purpose of "carrying out the transmission of a communication over an electronic communications network, or to the extent strictly necessary for the provider of an information society service which has been explicitly requested by the subscriber or user to provide such service" (see Art. 122, paragraph 1, of the Privacy Code - Legislative Decree 196/03 as last amended by Legislative Decree 101/18).
In other words, technical cookies serve to carry out navigation or provide a service requested by the user. They are not used for any other purpose and they are normally installed directly by the website owner.
Without the use of technical cookies, certain operations could not be carried out or would be more complex and/or less secure, such as home banking activities (displaying account statements, bank transfers, paying bills, etc.). For these operations, technical cookies are indispensable, since they allow the user to be identified and maintained within the session.
Therefore, technical cookies cannot be disabled and users' prior consent is not required for their installation (pursuant to Article 122 of the Privacy Code), as they are considered strictly necessary because the storage of information is essential to provide a service requested by the user.
Analytics cookies, also defined as "statistical", may be first or third party cookies. They are installed to collect information about the website and monitor its use by users.
The Italian Data Protection Authority has specified that such cookies can be assimilated to technical cookies if they are used for website optimisation purposes directly by the owner of the website itself, who may collect statistical information in aggregate form on the number of users and in which way they visit the site (see provision of 8 May 2014 and Guidelines on cookies and other tracking tools of 10 June 2021).
If the processing of such statistical analyses is entrusted to third parties, user data must be minimized in advance and may not be combined with other processing or transmitted to other third parties. Under these conditions, the same rules on information and consent apply to analytics cookies as to technical cookies.
In contrast, profiling cookies are used to create profiles relating to the user and are used in order to send advertising messages in line with the preferences expressed by the user when surfing the web. They are referred to in Article 122 of the Code where it provides that "the storage of information in the terminal equipment of a contracting party or user or access to information already stored is permitted only on condition that the contracting party or user has given his or her consent after having been informed in the simplified manner set out in Article 13(3)" (Article 122(1) of the Privacy Code).
COOKIES USED ON THIS SITE
The site uses the following technical cookies
|
Cookie name |
Default expiration time |
Description |
|
SSESS<ID> |
1 month |
If you are logged in to this website, a session cookie is required to identify and connect your browser to your user account in the server backend of this website. |
|
cookiesjsr |
1 year |
When you visited this website for the first time, you were asked for your permission to use several services (including those from third parties) that require data to be saved in your browser (cookies, local storage). Your decisions about each service (allow, deny) are stored in this cookie and are reused each time you visit this website. |
Non-technical cookies
To enable the display of videos, the Data Controller uses the services offered by the Youtube platform, provided by Google and in particular by the company Google Ireland Limited for users of Google services who are resident in the European Economic Area. In any case, the installation of cookies entails the fact that personal data may be transferred to the United States of America.
In this regard, pursuant to Art. 49(1), letter a) of the GDPR, we would like to inform you that the Court of Justice of the European Union (CJEU) ruled on 16 July 2020 (so-called "Schrems II Judgment") on the data transfer regime between the European Union and the United States, invalidating the "Privacy Shield" adequacy decision, adopted in 2016 by the European Commission following the lapsing of the "Safe Harbor" agreement: in short, the Court found that the US legal system does not guarantee an adequate level of protection with respect to the personal data of European citizens. The transfer of data to that country therefore presents potential risks to the rights of the Data Subject.
As an example, under US law, Google may be required to disclose processed personal data in the event of lawful requests by public authorities (e.g. where there is a need to safeguard national security). For more information, please consult:
- the section of the Privacy Guarantor's website (in Italian) on the transfer of personal data abroad;
- Google's privacy policy on the processing of personal data.
For the installation of cookies, the website will require, also pursuant to Article 49(1)(a) of the GDPR, a specific consent. In its absence, the Data Subject will still be able to browse the website without benefiting from the video contributions.
MANAGING AND DISABLING COOKIES
It is also possible to visit the site without cookies, although in this case it may not be possible to take full advantage of all its functions or services offered. The Data Controller provides the possibility to choose the cookies to be installed by clicking on the banner or on the "Edit cookie settings" link at the bottom of each page.
Most browsers accept cookies automatically. You can prevent the automatic recording of cookies by selecting the "do not accept cookies" option from those proposed.
Please find below a list of instructions for managing cookies in relation to the most popular browsers:
Chrome - https://support.google.com/chrome/answer/95647?hl=it&topic=14666&ctx=to…
Firefox - https://support.mozilla.org/it/kb/Gestione%20dei%20cookie
Internet Explorer - https://support.microsoft.com/it-it/help/17442/windows-internet-explore…
Safari - https://support.apple.com/it-it/guide/safari/sfri11471/mac
If you use a mobile device, you should refer to its instruction manual to find out how to manage cookies.
To find out what cookies are stored on your terminal device and disable them individually, please visit the following page: http://www.youronlinechoices.com/it/le-tue-scelte
You can delete any cookies already stored on your hard drive at any time.
RIGHTS OF THE DATA SUBJECT
The Controller informs you that you, as a data subject, have the right to request:
. access to personal data and information (Art. 15 of the GDPR);
. rectification or erasure of the same (Articles 16 and 17 of the GDPR);
. the restriction of the processing of personal data (Art. 18 of the GDPR).
Finally, you may:
. object to the processing of your personal data under the conditions and within the limits set out in Article 21 of the GDPR;
. exercise your right to data portability (Art. 20 GDPR).
Where the processing is based on the data subject's consent, the data subject has the right to withdraw it at any time without affecting the lawfulness of the previous processing.
The data subject may exercise his or her rights by contacting the Controller at the contact details indicated above.
With regard to processing operations based on consent (pursuant to Article 6(1)(a) and Article 9(2)(a) of the GDPR), we inform you that you have the right to revoke such consent at any time, without prejudice to the lawfulness of the processing based on the consent given prior to the revocation.
RIGHT OF COMPLAINT
If a data subject considers that his or her personal data is being processed in breach of the provisions of the GDPR, he or she has the right to lodge a complaint with the competent supervisory authority (Data Protection Authority or any other competent authority) pursuant to Article 77 et seq. of the GDPR.