Privacy Policy
Pontifical Athenaeum Regina Apostolorum, with registered office in Rome, at Via degli Aldobrandeschi no. 190, in his capacity of Data Controller (hereinafter also “APRA” or “Data Controller”) pursuant to Article 13 of the Regulation (EU) no. 2016/679, bearing the so-called “General Data Protection Regulation” (“GDPR”), hereby informs those who interact with APRA through the website http://www.upra.org (hereinafter also «Site«) and use the services provided through it about the data management policies adopted.
This Privacy Policy refers exclusively to the data collected through the Site and to the cookies used for browsing the Site’s web pages and does not extend to data collected directly, or through cookies, from sites managed by other parties to whom the Site refers.
This document constitutes a simplified and general privacy policy, pursuant to article 12 GDPR; the detailed privacy policy pursuant to article 13 GDPR will be delivered before the begin of each data process.
General principles of data processing
APRA implements adequate technical and organizational measures in order to guarantee, and be able to demonstrate, that the processing of data provided by you is carried out in accordance with the provisions of the GDPR taking into account the nature, scope, context and purposes of the processing, as well as of the risks, for the rights and freedoms of natural persons, connected to the data processing and its different probabilities and seriousness. This document is therefore subject to periodic review, in order to ensure full adherence and compliance with the procedures and practices followed by APRA.
Data Controller
The Data Controller is, pursuant to Article 4 GDPR, Pontifical Athenaeum Regina Apostolorum, with registered office in Rome, at via degli Aldobrandeschi no. 190.
Data Protection Officer
In order to offer You an easier contact point for exercising the rights by GDPR, the Data Controller has appointed its own Data Protection Officer (“DPO”), the Attorney Elena Maggio, who can be contacted to the following email address dpo.emaggio@upra.org or by calling the telephone number +39 346.0145547, as well as writing, with a communication addressed to the head office of the Data Controller, to the attention of the DPO.
Personal Data and Purposes of processing
For the purposes of this Privacy Policy we inform you that the Site (or third party applications that this Site uses) automatically collects technical navigation data using technical cookies.
With your prior consent, APRA also process non-technical cookies for the collection of data relating to navigation.
Legal basis and purpose of processing
Technical cookies (Necessary, Functional and Performance) are processed exclusively for traffic management purposes, in aggregate and anonymized form, also to understand how APRA can improve the quality of navigation of the Site and, therefore, pursuant to art. 6, par. 1, lett. b), of the GDPR, continuing to browse the Site lawfully processing by APRA.
The processing of non-technical cookies (Analytics and Advertisement), aimed at improving your browsing experience and for the purpose of promoting the training initiatives organized, is subordinated to your free and express consent that you can express through the banner of the Site by selecting all or some of the cookies.
Way of processing
APRA will process Your personal data in compliance with the guarantees of confidentiality and adequate security measures provided by the current legislation, with and without the aid of IT tools, with logic strictly related to the purposes of the processing.
Retention of personal data
Technical cookies (Necessary, Functional and Performance) are processed for the time of the browsing session and are subsequently aggregated for statistical purposes.
Non-technical cookies (Analytics and Advertisement) are stored by APRA for 1 year, unless consent is revoked in advance.
Transfer and disclosure of personal data
Your personal data will be processed within the European Union or in countries where transfer is permitted under the GDPR.
In no case Your data will be disclosed to third parties, unless specifically requested by the judicial authority.
Data Subject’s rights
In connection with the personal data provided by You, pursuant to Articles 15-22 GDPR, You have the right to:
-
- access and ask for a copy;
- ask the correction;
- ask the deletion;
- obtain the limitation of processing;
- object to the processing;
-
- receive the personal data provided to the Data Controller, in a format of common use and readable by automatic device;
- lodge a complaint with the Italian Data Protection Authority pursuant to Article 77 GDPR. To this end You can use the template made available by the Data Protection Authority at the following link: http://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/4535524.
For exercising Your rights or for revoking Your consent, You can contact the DPO, the Attorney Elena Maggio, sending an email to the following email address dpo.emaggio@upra.org or by calling the following telephone number +39 346.0145547, as well as writing with a communication addressed to the head office of the Data Controller, to the attention of the DPO.
Your request will be detected as soon as possible and, however, in the terms of GDPR.
Information pursuant to Article 13 GDPR on the processing of personal data carried out by the Pontifical Athenaeum Regina Apostolorum
EVENTS
The Pontifical Athenaeum Regina Apostolorum, with registered office in Rome, via degli Aldobrandeschi n. 190, in its capacity as Data Controller (hereinafter also ‘Controller’ or ‘Athenaeum’) pursuant to Article 13 of Regulation (EU) no. 2016/679, containing the ‘General Regulations on the Protection of Personal Data’ (hereinafter also GDPR), hereby intends to inform you about the methods of processing of your personal data provided for the purpose of responding to the request for information and / or booking regarding a specific event organized by the Pontifical Athenaeum Regina Apostolorum.
Data controller
The data controller is, pursuant to Art. 4 GDPR, the Pontifical Athenaeum Regina Apostolorum, with registered office in Rome, Via degli Aldobrandeschi n. 190.
Data Protection Officer
In order to offer interested parties an easy point of contact for the exercise of the rights recognised to them by the GDPR, the Data Controller has designated as its Personal Data Protection Officer (‘DPO’), lawyer Elena Maggio, who can be contacted at the following e-mail address dpo.emaggio@upra.org or by calling the number 346.0145547, as well as by writing, with a communication addressed to the Data Controller’s registered office, to the attention of the Personal Data Protection Officer.
Personal Data Protection Officer
In order to offer interested parties an easy point of contact for the exercise of the rights recognised to them by the GDPR, the Data Controller has designated as its Personal Data Protection Officer (‘DPO’), lawyer Elena Maggio, who can be contacted at the following e-mail address dpo.emaggio@upra.org or by calling 346.0145547, as well as by writing, with a communication addressed to the Data Controller’s office, to the attention of the Personal Data Protection Officer.
Types of data processed
In order to provide you with the information requested and/or to allow you to book the event, the Data Controller asks you to provide the following types of personal data when filling out the form
- personal data: such as name and surname
- contact data: e-mail address.
The provision of the above-mentioned data (i.e. first and last name and e-mail address) is necessary in order to process your request.
Purpose and legal basis of processing
Personal and contact data are processed pursuant to Art. 6, par. 1, lett. b) of the GDPR, as they are necessary to respond to your request for information and/or participation in the event and, therefore, the manifestation of consent is not necessary.
Pursuant to Art. 6, par. 1, lett. f) of the GDPR, the Data Controller may process your personal and contact data in order to send you communications aimed at promoting further projects of the Data Controller that may be of your possible interest; as well as for sending the newsletter of the University (or of its internal institutions).
You may, however, object at any time to the continuation of the processing, according to the procedures described in the ‘Rights of data subjects’ section of this Information Notice, without prejudice to the processing carried out up to that point by the Data Controller.
Method of processing
The Data Controller will process your data in compliance with the guarantees of confidentiality and the appropriate security measures provided for by the regulations in force with and without the use of IT tools, with logic strictly related to the purposes of the processing.
The Data Controller also makes use of third parties, appointed for this purpose as data processors pursuant to Article 28 GDPR.
Communication of personal data to third parties
Under no circumstances will the Data Controller disclose your personal and contact data to third parties.
Purpose and legal basis of processing
Personal and contact data are processed pursuant to Art. 6, par. 1, lett. b) of the GDPR, as they are necessary to respond to your request for information and/or participation in the event and, therefore, the manifestation of consent is not necessary.
Pursuant to Art. 6, par. 1, lett. f) of the GDPR, the Data Controller may process your personal and contact data in order to send you communications aimed at promoting further projects of the Data Controller that may be of your possible interest; as well as for sending the newsletter of the University (or of its internal institutions).
You may, however, object at any time to the continuation of the processing, according to the procedures described in the ‘Rights of data subjects’ section of this Information Notice, without prejudice to the processing carried out up to that point by the Data Controller.
Method of processing
The Data Controller will process your data in compliance with the guarantees of confidentiality and the appropriate security measures provided for by the regulations in force with and without the use of IT tools, with logic strictly related to the purposes of the processing.
The Data Controller also makes use of third parties, appointed for this purpose as data processors pursuant to Article 28 GDPR.
Communication of personal data to third parties
Under no circumstances will the Data Controller disclose your personal and contact data to third parties.
Transfer of personal data
Your personal data will be processed and stored within the European Union or in other countries in accordance with Articles 45, 46, 47 and 49 GDPR.
Personal data retention period
All of your personal data processed for the above purposes will be retained until you request the interruption of the processing, without prejudice to the processing carried out up to that point by the Data Controller.
Rights of data subjects
In relation to the personal data you provide, pursuant to Articles 15-22 of the GDPR, you have the right to
- access and request a copy
- request rectification;
- request erasure;
- obtain the restriction of processing
- object to the processing;
- object at any time to the processing of Personal Data carried out for direct marketing purposes, including profiling insofar as it is related to such direct marketing, as well as in the cases referred to in Article 21(1) GDPR;
- receive the data provided to the Controller in a structured, commonly used and machine-readable format
- lodge a complaint with the Garante pursuant to Article 77 of the GDPR. For this purpose, you may use the form made available by the Garante per la protezione dei dati personali at the following link: http://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/4535524.
In order to exercise your rights or to revoke your consent, you may contact the DPO, lawyer Elena Maggio, by writing to the following e-mail address dpo.emaggio@upra.org or by calling 3460145547, as well as by writing to the Data Controller’s office for the attention of the Data Protection Officer.
Your request will be acknowledged as soon as possible and, in any case, within the terms of the GDPR.
This Policy was last revised on 16 November 2022.
Cookie Policy
This «Cookie Policy» section has the specific aim of illustrating the different types of cookies installed on the Site, the purposes and how to use the same as well as providing indications about the ways in which You can deny, even later, your consent and / or modify, at any time and in an easy way, the options related to the use of cookies by the Site.
What are cookies?
Cookies are small text strings that sites visited by the user send to Your terminal through the browser used to open and consult the web pages, where they are stored before being re-transmitted to the same sites at the next visit by the same user. While browsing on a web site, user can also receive on his terminal cookies that are sent from different websites or web servers (so-called «third parties»), on which certain elements may reside (such as, for example, images, maps, sounds, specific links to pages of other domains) present on the site that user is visiting.
In the Provision no. 231/2021, the Italian Data Protection Authority has identified the following macro-categories of cookies.
- Technical cookies (Necessary, Functional and Performance): these cookies are used for the sole purpose of “transmitting a communication over an electronic communication network, or as strictly necessary for the provider of an information society service explicitly requested by the subscriber or user to provide this service» (see Article 122, paragraph 1, of Legislative Decree No. 196/2003, also Privacy Code). They are not used for other purposes and are normally installed directly by the website owner or manager. They can be divided into:
- navigation or session cookies, which ensure normal navigation and use of the site (allowing, for example, to make a purchase or authenticate to access restricted areas);
- first-party analytical cookies that are only used to produce aggregated statistics and in relation to a single site or a single mobile application;
- third-party analytical cookies that mask at least ¼ of the IP address if the third parties refrain from combining the cookies thus minimized with other processing.
For the installation of technical cookies, prior consent of users is not required, while the obligation to provide information pursuant to art. 13 of the GDPR, obligation that APRA fulfils with this document.
- Non-technical cookies (Analytics and Advertisement): which are used to trace specific actions or recurring behavioral patterns in the use of the offered functionalities back to specific, identified or identifiable individuals for the purpose of grouping the different profiles within homogeneous, multi-sized clusters; this is aimed in turn to enable the controller to, inter alia, provide increasingly customized services beyond what is strictly necessary for the delivery of the given service and also send targeted advertising messages, i.e. messages that are in line with the preferences expressed by the user in the context of their web-browsing activities.
For the installation of non-technical cookies is required Your prior consent that you can, at any time, revoke or change; refusal to install these cookies can make your browsing experience less enjoyable.
How do cookies work and how can they be eliminated?
Each user can set the browser of his terminal in such a way that it accepts / rejects all cookies or displays a warning whenever a cookie is proposed, in order to be able to evaluate whether to accept it or not.
The user is enabled, however, to modify the default configuration (by default) and disable cookies (i.e. block them definitively), setting the highest level of protection.
The ways to block or delete cookies from your device vary depending on the type of terminal and depending on the type of browser used.
If is used a fixed device (pc, laptop, notebook, netbook and similar) it is needed to change the browser settings:
- Edge [guide: https://support.microsoft.com/it-it/help/4468242/microsoft-edge-browsing-dataand-privacy];
- Chrome [guide: https://support.google.com/chrome/answer/95647?hl=it];
- Firefox [guide: https://support.mozilla.org/it/kb/Bloccare%20i%20cookie];
- Safari [guide: https://support.apple.com/it-it/HT201265].
If it is used a mobile device (smartphone or tablet) it is needed to change the settings of the terminal:
- Apple [guide: https://support.apple.com/it-it/HT201265];
- Android [guide: https://support.google.com/chrome/answer/95647?hl=it].
For more information, please consult the thematic page of the Italian Authority: https://www.garanteprivacy.it/cookie.
For more technical profiles please refer to the guide developed by Google and available at the link: https://www.cookiechoices.org/
What types and categories of cookies does the University use on the Site and for what purposes?
Site use this technical cookies:
| Name | Part | Purpose | Expire* |
| PHPSESSID | First | Traffic management | Session |
| _gid | First | Traffic analysis | Session |
| _gat | First | Traffic management | Session |
| _gclxxxx | First | Traffic management | 2 months |
| _ga | First | Traffic management | 1 year |
| Vuid | Third
Vimeo |
Traffic management | 1 year |
| __cf_bm | Third
Vimeo |
Traffic management | Session |
| ppc_last_visited_page | First | Traffic management | Session |
| cookielawinfo-checkbox-necessary | First | Cookie policy management | 1 year |
| cookielawinfo-checkbox-performance | First | Cookie policy management | 1 year |
| OJSSID | First | Traffic management | Session |
| cookielawinfo-checkbox-advertisement | First | Cookie policy management | 1 year |
| cookielawinfo-checkbox-analytics | First | Cookie policy management | 1 year |
| cookielawinfo-checkbox-functional | First | Cookie policy management | 1 year |
| cookielawinfo-checkbox-others | First | Cookie policy management | 1 year |
| PHPSESSID | Third
Unibo |
Session managment | Session |
| unibo_cookie_consent | Third
Unibo |
Cookie managment | 1 year |
| MoodleSession | First | Session managment | Session |
| JSESSIONID | Third | Session managment | Session |
| date_ | Third
www.istituticulturalidiroma.it |
Event date recording | 1 year |
| _zcsr_tmp | Third
Zoho |
Security managment | Session |
APRA Site use, with Your consent, this non-technical cookies:
| Name | Type | Part | Purpose | Expire* |
| _gid | Performance | First | Traffic analysis | Session |
| _gat | Performance | First | Traffic management | Session |
| _gclxxxx | Performance | First | Traffic management | 2 months |
| _ga | Performance | First | Traffic management | 1 year |
| _ga_xxxxxxxxxx | Performance | First | Traffic management | 1 year |
| _fbp | Targeting | First | View targeted advertising | 2 months |
| _gat_UA-XXXXXX-X | Targeting | First | View targeted advertising | Session |
| NID | Targeting | Third
|
View targeted advertising | 6 mesi |
| VISITOR_PRIVACY_
METADATA |
Targeting | Third
|
View targeted advertising | 5 mesi |
| VISITOR_INFO1_LIVE | Targeting | Third
|
View targeted advertising | 5 mesi |
| li_gc | Targeting | Third
|
View targeted advertising | 5 mesi |
| IDE | Targeting | Third
DoubleClick |
View targeted advertising | 1 year |
| UserMatchHistory | Targeting | Third
|
View targeted advertising | 1 month |
| Lidc | Targeting | Third
|
View targeted advertising | Session |
| AnalyticsSyncHistory | Targeting | Third
|
View targeted advertising | 1 month |
| CONSENT | Targeting | Third
|
View targeted advertising | 1 year |
| Bscookie | Targeting | Third
|
View targeted advertising | 1 year |
| YSC | Targeting | Third
|
View targeted advertising | Session |
| Bcookie | Targeting | Third
|
View targeted advertising | 1 year |
| li_sugr | Targeting | Third
|
View targeted advertising | 2 months |
| CONSENT | Targeting | Third
|
View targeted advertising | 1 year |
| _ga_xxxxxxxxxx | Analytics | First | Targeting | 1 year |
| _gat_gtag_xxxxxxxxxxxxx | Analytics | First | Traffic managment | Session |
| Crmcsr | Marketing | Third
Zoho |
Targeting | Session |
| _pk_ses.jKq2nmwqlV.fcbd | Analysis | Third
Unibo |
Analysis of page visits | Session |
| _pk_id.jKq2nmwqlV.fcbd | Analysis | Third
Unibo |
Analysis of page visits | 1 year |
| Gclid | Marketing | First | Advertising managment | 1 month |
| _gid | Analysis | First | Analysis of page visits | Session |
| _ga | Analysis | First | Analysis of page visits | 1 year |
*Expire means the time of permanence of the cookie on the user’s terminal.
Privacy Policy Changes
APRA reserves the right to change this privacy policy at any time. It is suggested to check at the end of the document, the «Last revision date» to verify when the last update dates.
Any change in this policy will take effect from the date of publication on the Site.
Date of the last revision 27 of May, 2024