Privacy

Information on personal data processing

Dear User,

in order to allow you the access to the pages on the website hermes-fet.eu (hereinafter also “HERMES website”), we kindly ask you to read the rules we apply for management of personal data in accordance with the provisions of the European Regulation 2016/679 (“GDPR”) and in compliance with the Provision of the Italian Protection Authority for Personal Data Processing n. 229 of 8 May 2014.

The disclosure is provided only for the above-mentioned domain and not for other websites that may be accessed by the user through links to other domains.

Therefore, following consultation of this website, data may be processed on persons identified or identifiable, for which we provide the following information:

Data Controller

The Data Controller for data provided by users is the Fondazione Istituto Italiano di Tecnologia (hereinafter “IIT”), based in Genova, Via Morego n. 30.

Data Protection Officer

The Data Protection Officer is the Responsible person of the Data Protection Department, Rödl&Partner, Milan - Telephone +39 010 71781 - email: This email address is being protected from spambots. You need JavaScript enabled to view it..

Purposes and Legal bases of data processing

The purposes of data processing refer to Internet browsing on the HERMES website.

The processing of your personal data is based on the following purposes and legal bases:

Types of data processed

Browsing data

The IT systems and software procedures for operation of this website acquire, during normal operation, some personal data the transmission of which is implicit in the use of Internet communication protocols.

This information is not collected to be associated with identified parties concerned, but by its very nature could, through processing and association with data held by third parties, allow identifying users.

This category of data includes IP addresses or domain names of computers used by users that connect to the website, URI (Uniform Resource Identifier) ​​addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response from the server (successful, error, etc.) and other parameters regarding the operating system and the user’s IT environment.

This data is only used to obtain anonymous, statistical information regarding website use and to verify its correct operation and they are deleted after processing. The data could be used to ascertain liability in case of hypothetical computer crimes against the site.

Data provided voluntarily by the user

The optional, explicit and voluntary sending of e-mail to the addresses indicated on this website involves the subsequent acquisition of the sender's address required to reply to information requests, and any other personal data included in the message.

COOKIES

This web site exclusively uses cookies classified according to their characteristics, or:

Browsing/session cookies

The use of so-called browsing/session cookies (which are not stored permanently on the user's computer and are deleted once the browser is closed) is strictly limited to the transmission of session identifiers (formed by random numbers generated by the server) which are necessary to enable a safe and efficient exploration of the site.

In particular, the IT systems and software procedures for operation of the website acquire, during normal operation, some data transmission is implicit in the use of Internet communication protocols. This is information that is not collected to be associated with identified parties concerned, but that by its very nature could, through processing and association with data held by third parties, allow identifying users.

Cookies analytics

The use of the so-called cookies analytics is made for the sole purpose of obtaining anonymous statistical information on the use of the website (e.g. the number of website visitors, their origin or the operating system used) and to check its proper functioning.

This category of data includes IP addresses or domain name systems of computers used by users that connect to the website, URI (Uniform Resource Identifier) ​​addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response from the server (successful, error, etc.) and other parameters regarding the operating system and the user’s IT environment.

Functionality cookies

The Functionality cookies on the website improve the service by allowing users to navigate as a function of certain pre-determined criteria and to improve the quality of the service.

Third party cookies

The Website could use cookies from the following third party:

Cookies from google.com are used for navigation statistics (Google Analytics).

Methods of processing and storage of data

The data may be processed either by computer or paper for the time strictly necessary to achieve the purposes for which they were collected, complying with the rules on protection of personal data, including those related to data security, to prevent data loss, illegal or incorrect use and unauthorized access.

Mandatory or optional nature of providing data

The provision of data for the above-mentioned purposes is mandatory. Refusal to provide such data makes it impossible to follow up on the processing.

For what concerns browsing data, the user can state his/her choice regarding the use of cookies by the IIT website, also through the browser settings or through the site Youronlinechoices.

Below, the links that show the procedures to follow in order to configure the settings of the most used browsers:

Categories of recipients of personal data

Any data provided by users will be disclosed only to IIT’s Staff who manage HERMES website. Data could also be disclosed to external parties which provide services of data hosting, software maintenance, technical assistance and back up of the data.

However, the obligation of IIT to communicate the data to the Judicial Authority remains unaffected, whenever a specific request is made in this regard, even without your consent, for the above-mentioned purposes to control bodies, law enforcement agencies or the judiciary that will process them, at their express request, as independent Data controllers for institutional purposes and/or by law during investigations and controls. The data may also be disclosed to third parties (for example, partners, professionals, agents, etc…), as independent Data controllers, for the performance of instrumental activities to the above-mentioned purposes.

Rights of the data subject

The parties to which the personal data refer have the right to obtain at any time confirmation of the existence of such data and to know the content and origin verify its accuracy or request its integration or updating, or correction (Article 12 of GDPR).

In particular, the interested subject has the right to obtain indication on (Article 15 of GDPR):                                                            

The interested subject has the right to obtain:

  1. update, rectification or, when interested, integration of data (Article 16 of GDPR);
  2. the cancellation, anonymization or blocking of data processed unlawfully, including data whose storage is not required in relation to the purposes for which the data were collected or subsequently processed (Article 17 of GDPR);
  3. certification that the operations under letters a) and b) have been notified, also regarding their content, to those to whom the data were communicated or made known, except where such compliance is impossible or involves a manifestly disproportionate use of means with respect to the protection of this right.