PERSONAL DATA PROCESSING
FOR THE WI-FIGUESTFBK SERVICE OF FONDAZIONE BRUNO KESSLER
Pursuant to art. 13 of EU Regulation no. 2016/679 (GDPR), and in general in compliance with the principle of transparency provided therein, below is the information regarding the processing of personal data.
1. PURPOSE OF PROCESSING
The processing of your personal data takes place within the WiFiGuestFBK service and is aimed at carrying it out. In particular, data will be processed for the following purposes:
a) provision of wireless Internet access service (Wi-Fi);
b) fulfillment of legal obligations;
c) scientific and statistical research.
2. LEGAL BASIS FOR THE PROCESSING AND OBLIGATION TO PROVIDE DATA
All the purposes of the processing are attributable to the provision of the GuestFBK WiFi service. The provision of data for the purposes detailed above is mandatory and failure to provide it will make it impossible to provide the requested service.
Fondazione Bruno Kessler may, within the limits and in the cases identified by the Privacy Protection Authority, access information stored in a user's terminal, store information or monitor user operations for the time strictly necessary for communication transmission or to provide a specific service requested by the Customer, as well as to fulfill any oversight obligations provided by the law.
3. TYPES OF DATA PROCESSED
For service needs, the following categories of data can be processed:
1) personal data, general information, address and other contact details, taxpayer Id. number, telephone number;
2) traffic data (e.g. time and duration of connection).
4. PROCESSING METHOD
Personal data will be processed:
● manually as well as through automated systems;
● by the System Administrators authorized to carry out these tasks, in accordance with the law;
● using appropriate measures to ensure the confidentiality of personal data and avoid access by unauthorized third parties.
Data will be processed using electronic and/or telecommunication systems in compliance with current regulations and limited to the above purposes.
No automated decision-making process nor profiling activity is expected.
5. DURATION OF DATA RETENTION
The data will be stored for the entire duration of the relationship and also subsequently, for the sole purpose of fulfilling all legal obligations; they will be canceled and destroyed as soon as they become superfluous in relation to the above purposes.
Traffic data (e.g. time and duration of connection) are deleted or anonymized when they are no longer necessary for communication transmission unless otherwise required by law.
6. DATA DISCLOSURE
Without prejudice to data disclosure requirements in fulfillment of legal and contractual obligations, the data collected and processed may be disclosed, upon specific request, to the judicial authority.
The data may be shared anonymously with FBK research staff for scientific and statistical research purposes only.
Personal data is not subject to disclosure.
7. PLACE OF PROCESSING
Personal data are processed mainly on European Union territory, or with the aid of IT tools that involve processing in countries for which the Commission has made a decision on the adequacy of personal data protection.
8. DATA SUBJECT RIGHTS
Pursuant to Chapter III of the GDPR, the data subject may exercise the following rights at any time:
● request access to their personal data and obtain a copy thereof;
● if theyconsider them to be inaccurate or incomplete, request amendment or integration, respectively;
● if the legal conditions are met, oppose the processing of their data, request its cancellation or exercise the right of limitation;
● ask for the portability of their data to another subject in a format that facilitates its consultation and use;
● submit a complaint to the Supervisory Authority (Privacy Authority).
9. DATA CONTROLLER
The Data Controller of personal data is Fondazione Bruno Kessler, based in Trento, via Santa Croce, 77.
For contacts and information specifically relating to the protection of personal data, including the exercise of the aforementioned rights, the data subject can write to email@example.com.
10. CONTACT DETAILS OF THE PERSONAL DATA PROTECTION OFFICER
Pursuant to art. 37 of the GDPR, the Data Controller has designated a Data Protection Officer (DPO) who can be contacted through the following channels: firstname.lastname@example.org, tel. +39.0461.314.370.
Version update on August 18th, 2020