Pontifical Athenaeum Regina Apostolorum, with registered office in Rome, at Via degli Aldobrandeschi no. 190, in his capacity of Data Controller (hereinafter also “APRA” or “Data Controller”) pursuant to Article 13 of the Regulation (EU) no. 2016/679, bearing the so-called “General Data Protection Regulation” (“GDPR”), hereby informs those who interact with APRA through the website http://www.upra.org (hereinafter also «Site«) and use the services provided through it about the data management policies adopted.

This Privacy Policy refers exclusively to the data collected through the Site and to the cookies used for browsing the Site’s web pages and does not extend to data collected directly, or through cookies, from sites managed by other parties to whom the Site refers.

This document constitutes a simplified and general privacy policy, pursuant to article 12 GDPR; the detailed privacy policy pursuant to article 13 GDPR will be delivered before the begin of each data process.

General principles of data processing

APRA implements adequate technical and organizational measures in order to guarantee, and be able to demonstrate, that the processing of data provided by you is carried out in accordance with the provisions of the GDPR taking into account the nature, scope, context and purposes of the processing, as well as of the risks, for the rights and freedoms of natural persons, connected to the data processing and its different probabilities and seriousness. This document is therefore subject to periodic review, in order to ensure full adherence and compliance with the procedures and practices followed by APRA.

Data Controller

The Data Controller is, pursuant to Article 4 GDPR, Pontifical Athenaeum Regina Apostolorum, with registered office in Rome, at via degli Aldobrandeschi no. 190.

Data Protection Officer

In order to offer You an easier contact point for exercising the rights by GDPR, the Data Controller has appointed its own Data Protection Officer (“DPO”), the Attorney Elena Maggio, who can be contacted to the following email address [email protected] or by calling the telephone number +39 346.0145547, as well as writing, with a communication addressed to the head office of the Data Controller, to the attention of the DPO.

Personal Data and Purposes of processing

For the purposes of this Privacy Policy we inform you that the Site (or third party applications that this Site uses) automatically collects technical navigation data using technical cookies.

With your prior consent, APRA also process non-technical cookies for the collection of data relating to navigation.

 

Legal basis and purpose of processing

Technical cookies are processed exclusively for traffic management purposes, in aggregate and anonymized form, also to understand how APRA can improve the quality of navigation of the Site and, therefore, pursuant to art. 6, par. 1, lett. b), of the GDPR, continuing to browse the Site lawfully processing by APRA.

The processing of non-technical cookies, aimed at improving your browsing experience and for the purpose of promoting the training initiatives organized, is subordinated to your free and express consent that you can express through the banner of the Site by selecting all or some of the cookies.

 

Way of processing

APRA will process Your personal data in compliance with the guarantees of confidentiality and adequate security measures provided by the current legislation, with and without the aid of IT tools, with logic strictly related to the purposes of the processing.

Retention of personal data

Technical cookies are processed for the time of the browsing session and are subsequently aggregated for statistical purposes.

Non-technical cookies are stored by APRA for 1 year, unless consent is revoked in advance.

 

Transfer and disclosure of personal data

Your personal data will be processed within the European Union or in countries where transfer is permitted under the GDPR.

In no case Your data will be disclosed to third parties, unless specifically requested by the judicial authority.

 

Data Subject’s rights

In connection with the personal data provided by You, pursuant to Articles 15-22 GDPR, You have the right to:

• access and ask for a copy;
• ask the correction;
• ask the deletion;
• obtain the limitation of processing;
• object to the processing;
• receive the personal data provided to the Data Controller, in a format of common use and readable by automatic device;
• lodge a complaint with the Italian Data Protection Authority pursuant to Article 77 GDPR. To this end You can use the template made available by the Data Protection Authority at the following link: http://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/4535524.

For exercising Your rights or for revoking Your consent, You can contact the DPO, the Attorney Elena Maggio, sending an email to the following email address [email protected] or by calling the following telephone number +39  346.0145547, as well as writing with a communication addressed to the head office of the Data Controller, to the attention of the DPO.

Your request will be detected as soon as possible and, however, in the terms of GDPR.

---

Cookie Policy

This «Cookie Policy» section has the specific aim of illustrating the different types of cookies installed on the Site, the purposes and how to use the same as well as providing indications about the ways in which You can deny, even later, your consent and / or modify, at any time and in an easy way, the options related to the use of cookies by the Site.

What are cookies?

Cookies are small text strings that sites visited by the user send to Your terminal through the browser used to open and consult the web pages, where they are stored before being re-transmitted to the same sites at the next visit by the same user. While browsing on a web site, user can also receive on his terminal cookies that are sent from different websites or web servers (so-called «third parties»), on which certain elements may reside (such as, for example, images, maps, sounds, specific links to pages of other domains) present on the site that user is visiting.

In the Provision no. 231/2021, the Italian Data Protection Authority has identified the following macro-categories of cookies.

1. Technical cookies: these cookies are used for the sole purpose of “transmitting a communication over an electronic communication network, or as strictly necessary for the provider of an information society service explicitly requested by the subscriber or user to provide this service» (see Article 122, paragraph 1, of Legislative Decree No. 196/2003, also Privacy Code). They are not used for other purposes and are normally installed directly by the website owner or manager. They can be divided into:

• navigation or session cookies, which ensure normal navigation and use of the site (allowing, for example, to make a purchase or authenticate to access restricted areas);
• first-party analytical cookies that are only used to produce aggregated statistics and in relation to a single site or a single mobile application;
• third-party analytical cookies that mask at least ¼ of the IP address if the third parties refrain from combining the cookies thus minimized with other processing.

For the installation of technical cookies, prior consent of users is not required, while the obligation to provide information pursuant to art. 13 of the GDPR, obligation that APRA fulfils with this document.

1. Non-technical cookies: which are used to trace specific actions or recurring behavioral patterns in the use of the offered functionalities back to specific, identified or identifiable individuals for the purpose of grouping the different profiles within homogeneous, multi-sized clusters; this is aimed in turn to enable the controller to, inter alia, provide increasingly customized services beyond what is strictly necessary for the delivery of the given service and also send targeted advertising messages, i.e. messages that are in line with the preferences expressed by the user in the context of their web-browsing activities.

For the installation of non-technical cookies is required Your prior consent that you can, at any time, revoke or change; refusal to install these cookies can make your browsing experience less enjoyable.

 

How do cookies work and how can they be eliminated?

Each user can set the browser of his terminal in such a way that it accepts / rejects all cookies or displays a warning whenever a cookie is proposed, in order to be able to evaluate whether to accept it or not.

The user is enabled, however, to modify the default configuration (by default) and disable cookies (i.e. block them definitively), setting the highest level of protection.

The ways to block or delete cookies from your device vary depending on the type of terminal and depending on the type of browser used.

If is used a fixed device (pc, laptop, notebook, netbook and similar) it is needed to change the browser settings:

• Edge [guide: https://support.microsoft.com/it-it/help/4468242/microsoft-edge-browsing-dataand-privacy];
• Chrome [guide: https://support.google.com/chrome/answer/95647?hl=it];
• Firefox [guide: https://support.mozilla.org/it/kb/Bloccare%20i%20cookie];
• Safari [guide: https://support.apple.com/it-it/HT201265].

If it is used a mobile device (smartphone or tablet) it is needed to change the settings of the terminal:

• Apple [guide: https://support.apple.com/it-it/HT201265];
• Android [guide: https://support.google.com/chrome/answer/95647?hl=it].

For more information, please consult the thematic page of the Italian Authority: https://www.garanteprivacy.it/cookie.

For more technical profiles please refer to the guide developed by Google and available at the link: https://www.cookiechoices.org/

 

What types and categories of cookies does the University use on the Site and for what purposes?

Site use this technical cookies:

Name	Part	Purpose	Expire*
AnalyticsSyncHistory	Third Linkedin	Timing	1 month
li_gc	Third Linkedin	Cookie policy management	1 year e 11 months
CFTOKEN	First	Browsing management	1 day
CFID	First	Browsing management	1 day
cookielawinfo-checkbox-advertisement	First	Cookie policy management	1 year
cookielawinfo-checkbox-analytics	First	Cookie policy management	11 months
cookielawinfo-checkbox-functional	First	Cookie policy management	11 months
cookielawinfo-checkbox-necessary	First	Cookie policy management	11 months
cookielawinfo-checkbox-others	First	Cookie policy management	11 months
CookieLawInfoConsent	First	Cookie policy management	1 year
PHPSESSID	First	Browsing management	Session

 

APRA Site use, with Your consent, this non-technical cookies:

 

Name	Category	Part	Purpose	Expire*
_gid	Statistics	Third Google	Analysis of Site use	1 day
_gat	Statistics	Third Google	Analysis of Site use	1 minute
_gat_UA-85363870-3	Statistics	Third Google	Analysis of Site use	1 minute
_ga	Statistics	Third Google	Analysis of Site use	2 years
bscookie	Targeting	Third Linkedin	Analysis of Linkedin services	2 years
bcookie	Targeting	Third Linkedin	Analysis of Linkedin services	2 years
lidc	Targeting	Third Microsft	Analysis of Microsft services	1 day
_gcl_au	Targeting	Third Google	Personalize advertising	3 months
_fbp	Targeting	Third Facebook	Personalize advertising	3 months
IDE	Targeting	Third Doubleclick	Personalize advertising	2 years
UserMatchHistory	Targeting	Third Linkedin	Personalize advertising	1 month
YSC	Targeting	Third Google	Video viewing recording	Session
VISITOR_INFO1_LIVE	Targeting	Third Google	User terminal analysis for video quality estimation	6 months
_gat_gtag_UA_85363870_3	Targeting	Third Google	Access management	1 minute
_gat_gtag_UA_85363870_4	Targeting	Third Google	Access management	1 minute
lang	Preference	Third Linkedin	Management of the language	Session

*Expire means the time of permanence of the cookie on the user’s terminal.

 

Privacy Policy Changes

APRA reserves the right to change this privacy policy at any time. It is suggested to check at the end of the document, the «Last revision date» to verify when the last update dates.

Any change in this policy will take effect from the date of publication on the Site.

 

Date of the last revision 4 of January, 2022