PRIVACY NOTICE FOR WEBSITE USERS
according to article 13 of the Regulation (EU) 2016/679 (“GDPR”) General Data Protection Regulation
DATA CONTROLLER
IIGM Foundation (Italian Institute for Genomic Medicine)
Tax Number: 97696250014
Registered office: Piazza Bernini, 5 – 10138 – Torino (TO) – Italy
Place of business: c/o IRCCS – SP142 km 3,95 – 10060 – Candiolo (TO) – Italy
In accordance with Art. 13 of the Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter “GDPR”), IIGM Foundation (Italian Institute for Genomic Medicine) (hereinafter “Data Controller” or “IIGM”), as Data Controller, informs you (hereinafter “User”) that your personal data will be processed for the following purposes and in the following manner:
- Types of data collected
The Data Controller processes identification data and usage data of the User collected during the User’s navigation through the Data Controller’s website (hereinafter “Website”). The Data Controller’s website can be reached at https://www.iigm.it/ (hereinafter, “Personal data” or “Data”).
The information related to the network used by the User (e.g. IP address) may also be collected and processed by the Data Controller.
- Purposes and legal basis of processing
The User’s personal data will be processed for the following purposes:
a) allow the user to send messages to the Controller via the contact form;
b) acquire statistics and metrics to ensure the proper functioning of the Website;
c) exercise the rights of the Data Controller (e.g. data processing for exercise or defence of legal claims)
The legal basis for the data processing is the following:
- With regard to the purpose (a), processing is necessary for the performance of a contract to which the User is party or in order to take steps at the request of the User prior to entering into a contract;
- With regard to the purposes (b) and (c), the legitimate interest of the Data Controller, in particular, to monitor the proper functioning of the Website and to process Personal data where necessary for the establishment, exercise or defence of legal claims, constitute the legal basis for the Personal Data processing.
Users may not communicate Data for the above-mentioned purposes. Failure to provide the Data, however, may make it impossible for the Website to provide its services.
The User’s Data can also be processed through Cookies. In order to obtain more information about the processing, please visit the Cookie Policy at the following link.
- Retention time
The Data Controller will store and process Personal data for the period of time necessary to fulfill the purposes specified in this Privacy notice. Your Data will not be retained for a longer period of time unless the current law requires a more extended retention period. The Italian Civil Code requires to store all the documents of commercial or legal relevance for the period of 10 years. The Personal Data can also be stored for the period of time necessary for the establishment, exercise or defence of legal claims.
- Disclosure of personal data
The User’s Personal data will not be disseminated but they may be made accessible, where necessary, for offering of services or for statutory obligations to:
– employees or collaborators of the Data Controller in Italy or abroad, in their capacity of subjects authorized to process Personal data and/ or system administrators.
– third-party companies or other subjects (e.g. IT consultants etc.) which carry out activities in outsourcing on behalf of the Data Controller, in their capacity of Processors.
- Transfer of personal data
The personal data will be stored on servers located within the European Union and managed by third-party companies duly appointed as Processors.
The Data Controller may transfer the User’s Personal data to a third country. The data will be transferred exclusively to countries considered “adequate” and therefore, “safe” by the European Commission or to the companies which ensure appropriate safeguards pursuant to Articles 44-50 of the GDPR.
- Users Rights
You may exercise the rights granted by the GDPR (articles 15-22), including:
- The right to receive confirmation as to whether the Data Controller is processing the User’s Personal data (access rights);
- The right to update, modify and/ or correct Personal data (right of rectification);
- The right to request the erasure of data or the restriction of the processing. This right can be granted if the process is unlawful or the Data Controller no longer needs the Personal data for the purposes of the processing (right to be forgotten and right to restriction of processing);
- The right to oppose to the processing (right of opposition);
- The right to propose a complaint to the Supervisory Authority in case of violation of the regulations regarding the protection of Personal data;
- The right to receive an electronic copy of the User’s Personal data (in a structured, commonly used and machine-readable format) and right to transmit those Data to another Data Controller without hindrance from the Data Controller to which the Personal Data have been provided (right to Data portability).
- Data Controller contact information
The Data Controller: IIGM Foundation (Italian Institute for Genomic Medicine)
Registered office: Piazza Bernini, 5 – 10138 – Torino (TO) – Italy
Place of Business: c/o IRCCS – SP142 km 3,95 – 10060 – Candiolo (TO) – Italy
The user can contact the Data Controller to exercise his rights granted by the GDPR by sending e-mail at info@iigm.it
- Data Protection Officer
The Data Controller has appointed a Data Protection Officer that may be contacted at the following address:
ARGO BUSINESS SOLUTIONS SRL
Contact: Fabio Cassanelli
E-mail: iigm@argobs.it
- Information not contained in this policy
More details concerning the collection or processing of Personal Data may be requested from the Data Controller at any time. Please see the contact information at the beginning of this document.
- Changes to this privacy policy
The Data Controller reserves the right to make changes to this Privacy notice at any time by notifying its Users within this Website at the following link: https://www.iigm.it/privacy-policy-en
Privacy Notice updated on: 2024, March 1st