This Privacy Policy has the aim of describing the purposes and the methods through which the Italy-India Association for the cooperation between the two countries (“Associazione Italia-India per la cooperazione fra i due paesi” – AIICP), as data controller (“Controller” or “Association”), collects and processes the personal data of the user (“User”) who interacts with the website https://italindia-aiicp.it (“Website”) and with the different services and other related websites offered by the same.
The information enclosed in this Privacy Policy is provided pursuant to Article 13 of the Regulation (EU) 2016/679 of 27 April 2016 (“Regulation”) and Italian Legislative Decree no. 196/2003 as subsequently amended and supplemented (“Privacy Code”) and the enforceable provisions of law, as well as the decisions taken by the Italian Data Protection Authority (“Autorità Garante per la protezione dei dati personali”) and Guidelines of the European authorities.
The information regarding the data processing is provided only for the Website and for the processing carried out by the Association and does not extend to the processing carried out by third parties through other websites in case accessible by the User through specific links. As far as these further processing is concerned, the Association does not take any responsibility since the User has to take into consideration the privacy policies of the third parties’ websites.
1. Controller and place of processing
The Controller of the processing is the Italy-India Association for the cooperation between the two countries – AIICP, with headquarter in Via Agnello 18, 20121 Milan.
Personal data are mainly processed at the Controller’s headquarter, inside the European territory, but for the proper implementation of the associative aims, they may be processed also by parties who cooperate with the Association and are located in India. It should be added that, with regard to the services entrusted or offered by third parties, the data provided or acquired through the Website may also be processed outside the Italian State and/or outside the European Union.
In case of transfer of data to countries that do not have standards of protection equivalent to those identified by European legislation, the Controller is committed to take the proper measures for such transfer. The User has the possibility to know the countries where the data are transferred by sending a specific request to the Controller’s reference details specified herebelow.
2. Methods of data processing
The Controller processes the User’s data by taking proper security measures in order to avoid unauthorised access, as well as the disclosure, modification or cancellation of these data. The processing is carried out with both manual and digital and/or telematic tools, with organizational methods and approaches that are strictly linked and limited to the above – mentioned purposes.
3. Purposes of data processing and legal basis of the processing
The Controller, through the Website, may process User’s data for the purposes of providing the different type of services offered by the Website and requested by the User, and in particular:
a) Contacts: the User, through the Website, may voluntary choose to send communications and/or contact requests to the Association (for example by making an information request, reporting a disruption or failure of the Website, etc.), to the addresses specified on the Website as well as through the specific form “Contacts”. For the aforementioned purpose, the User will be asked to provide his name and e-mail in order to receive any reply from the Association, as well as to provide the subject and text of the message. The submission of such data is necessary and any refusal to provide such information will not allow the User to receive any feedback, services or information requested. These data will be processed by the Association for the purposes exclusively related to User’s request. In the text of the message, the User is kindly asked not to provide any “sensitive” or “particular” personal data – the latter as indicated in Article 9 of the Regulation – that the Association does not have the necessity to collect in order to manage the User’s request. These “sensitive” or “particular” personal data include, for example, political beliefs such as membership of labor union or political parties, health status, membership of religious organizations, sex life, etc. Anyway, possible sensitive or particular data (not necessary for the purposes of Art. 9 of the Regulation) spontaneously provided by the User to the Association will not be processed in the framework of any feedback;
With reference to the above-mentioned purposes, the legal basis of the data processing is represented by the execution of the service explicitly requested by the User.
b) Pursuit of the legitimate interests of the Association and/or third parties (for example other users or entities connected to the Association): the User’s data, for example, may be used in order to pursue the right of defence in court, the handling of the complaints and litigation, the prevention of fraud and/or illegal activities;
c) Statistical data and analysis: the anonymous and aggregated User’s data that do not allow to identify him directly, may be used for statistical analysis, for enhancing technical assistance, for the evolutionary maintenance of the platform and services of the Website offered to Users, for the development of the contents of the Website, for the correction and development of research and analysis techniques.
The legal basis of the processing for the aforementioned purposes is the legitimate interest of the Association and/or third parties, which do not prevail over the fundamental rights and freedoms of the User and which represent the legal basis of the processing.
d) Purposes linked to the execution of the obligations, regulations, national and European legislations as well as deriving from decisions taken by the Authorities legitimized to do so by law.
For this processing the law basis is represented by an obligation required by the enforceable legislation.
e) Sending of newsletters, in order to inform the User about the activities and initiatives of the Association through the transmission of communications via e-mail, to the e-mail address provided by the User, with reference to the activities and initiatives, invitations to events organized by the Association or promoted by the Association, invitations to events etc. The subscription to the newsletter and to the promotional communications will be made by entering the User’s contact details, namely the e-mail address, in the “Contacts” form and selecting the specific optional tick box. The legal basis of this processing is represented by the User’s consent that will be requested at the bottom of the contacts form and may be revoked at any time by clicking on the “unsubscribe” link at the bottom of the communications sent via e-mail. In this way the User has the possibility to refuse further transmissions. The consent is optional, the lack of same will only preclude the User from receiving the newsletters of the Association, obviously without affecting the possibility of using the Website’s functions or continuing to benefit from other services requested by the User.
4. Categories of data subject to processing
The Controller receives and collects, through the Website, the information regarding the User visiting the pages of the Website and taking advantage of the services available on it. In particular, the Association acquires and processes the following information.
4.1 Data collected through browsing and cookie
The IT systems and the software procedures used to run this Website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication channels. This category of data regards IP addresses or domain names of the computers and terminals run by users, URI/URL (Uniform Resource Identifier/Locator) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file received in response, the number code specifying the status of the response provided by the server (successful, error, etc.) and other parameters relating to the User’s operating system and computer system. These data, necessary in order to benefit from the online services, are processed so as to:
- obtain statistical information on the use of the services (most visited pages, number of visitors per time slot or day, geographical areas of origin, etc.);
- control the proper operation of the offered services.
Browsing data are not stored for longer than necessary as well as for the potential need of a criminal investigation by the judicial authority.
Secondly, with regard to the collection the User’s data through cookies and similar technologies, we suggest to check the Cookie Policy.
4.2 Data provided voluntarily by the User
The optional, explicit and voluntary sending of messages to the Association’s contact addresses, the private messages sent by Users to institutional profiles/pages also on social media, as well as the submission and forwarding of the forms on the Association’s Website, involve the collection of the sender’s contact data, necessary to reply, as well as all the personal data enclosed in the communications.
If necessary, specific information will be published on the pages of the Website arranged for the provision of certain services.
5. Communication of data to third parties
Data provided by the User as well as those collected by the Association will not be published and may be communicated, for the purposes and methods described above, to the categories of entities indicated below:
- collaborators, consultants or professionals used by the Association for the fulfilment of tasks of a technical or organisational nature (such as IT service providers), or with whom the Association cooperates, for the supply and operation of its services, including information services;
- people, Association or professional firms providing assistance and consulting activities to the Association, with particular but not exclusive regard to accounting, administrative, legal, tax and financial matters;
- entities linked or under the common control with the Association, for administrative, accounting, organizational, internal control purposes, etc.;
- parties to whom the right to have access and/or receive the data is lawful according to the provisions of law, regulations, orders of the competent authorities.
The parties belonging to the aforesaid categories will use the data as autonomous data controllers pursuant to the law or as data processors duly appointed by the Association. Moreover, data may also be disclosed to the staff who will process them as authorized persons.
The list of the parties to whom the data are or may be communicated can be requested to the Association by contacting the addresses indicated in the section “Users’ Rights and Contacts”.
6. Data storage
The data are processed for the time necessary to carry out the activities mentioned in paragraph 3, then they will be stored in compliance with the limitation periods identified by the Civil Code or specific provisions of law, for administrative purposes and/or to enforce or defend a right or a legitimate interest, and they will be deleted when the purposes for which they were collected no longer exist.
7. User’s rights and contacts
The User may exercise, in the cases expressly regulated by law and where applicable, the rights granted by the Regulation. In particular, the User has the right to ask for:
- confirmation that User’s personal data are being processed and, if so, to ask the processing controller to have access to the information concerning to the same processing (for example purposes, categories of data processed, recipients or categories of data recipients, storage period, etc.);
- the rectification of any inaccurate or incomplete data;
- the deletion of the data (for example if the personal data are no longer necessary with regard to the purposes for which they were collected, in case of withdrawal of consent on which the processing is based; etc.)
- the restriction of the processing (for example in the case the User challenges the accuracy of the data; if the processing is unlawful and the User is against the removal of the personal data; if the data are necessary for the exercise or defence of User’s right in court, even if the data controller no longer needs them; if the right to object is exercised, for the time necessary to verify the existence of the lawful reasons).
- in a commonly used format and readable by automatic tools the User’s personal data and to forward them to another data controller, or to obtain the direct transmission from one data controller to another, if technically feasible (so-called data “portability”).
Moreover, the User has the right to challenge, in whole or in part, for lawful reasons, the processing of his own personal data.
These rights can be exercised directly by sending a communication to the following e-mail address: info@italindia-aiicp.it
Lastly, if the User deems that the processing of his/her personal data carried out through the Website is in breach of the provisions of the Regulation and of the applicable legislation on the protection of personal data, the User has the right to lodge a complaint with the Italian Data Protection Authority (www.garanteprivacy.it), pursuant to Article 77 of the same Regulation, or to take proper legal actions (Article 79 of the Regulation).
8. Collection of data through Cookies
8.1. What is a Cookie
A cookie is a small text strip that a website sends to browser and saves on the User’s computer when visiting a website. Cookies are used by the Association in order to let the Website work properly or to improve its performance. In general, cookies may be used for both technical and additional purposes: while technical cookies are used as they are strictly necessary for the technical working of the Website as well as to provide the service expressly requested by the User, as better illustrated hereinafter, the cookies used for additional purposes (for example analytical cookies) may be used to carry out analysis, in order to improve the contents in line with the preferences expressed during surfing, as indicated below.
8.2 Technical cookies / session cookies
Technical cookies are fundamental in order to allow the User to move within the Website and to use its services. These cookies are strictly necessary and are used to store a single identifier in order to manage and identify the User as unique with respect to other users who are visiting the Website in the same moment, in order to provide the User with a consistent and accurate service. Moreover, these cookies allow the Website to remember your choices (for example language, country of origin, etc.), to allocate requests on multiple servers, to store when the User gives his/her consent to certain options, to allow the User to view contents and videos using Adobe Flash Player.
The storage of session cookies in terminals or browsers is under the User’s control, whereas on the servers, at the end of the HTTP sessions, the information concerning the cookies stay recorded in the service logs, with storage times in any case no longer than seven days as other surfing data.
These cookies do not need the User’s consent.
8.3 Third parties’ analytical cookies
On the Website, the Association may use third parties’ analytical cookies, for the purposes mentioned above, and in particular Stripe (_ga, __stripe_sid, __stripe_mid), in order to carry out analyses on the ways by which the Users browse the Website, on the number of pages visited or the number of clicks made on a page during browsing. The Association processes the results of this analysis only if the third party uses cookies in connection with the browser installed on the computer or on other devices used by the User to browse.
These cookies collect the User’s data by adopting mechanisms of anonymisation that reduce the identification power of the data, and are used by the Association to carry out statistical analyses, which are not able to directly identify the User, on how the User browses, the number of pages visited or the number of clicks made on a page during browsing. The duration of these cookies is 2 years for _ga, 1 day for __stripe_sid,e 1 year for __stripe_mid)
In order to get information on the way by which analytical cookies can be managed as well as to disable them, we suggest to check the third parties’ privacy policies and the cookies options by clicking on the following link https://docs.woocommerce.com/document/privacy-payments/#woocommerce-gateway-stripe
8.4 Disabling cookies via browser
The User may also delete the cookies created by the Website through the settings of his/her own browser.
The majority of the browsers are set to accept cookies. However, the User may set his/her browser to limit the number of cookies accepted or block all cookies by changing the browser settings as follows:
Microsoft Internet Explorer
Click the “Tools” symbol in the top right corner and select “Internet Options”. In the pop-up window select “Privacy”. Here the User can change the setting of the cookies.
https://windows.microsoft.com/it-it/internet-explorer/delete-manage-cookies#ie=ie-11-win-7
Google Chrome
Click the “adjustable spanner” symbol in the top right corner and select “Settings”. Now select “Show advanced settings” and change the “Privacy” settings.
https://support.google.com/accounts/topic/2373959?hl=it&ref_topic=2373957
Mozilla Firefox
From the drop-down menu in the top left corner select “Options”. In the pop-up window select “Privacy”. Here the User can change the settings of the cookies.
https://support.mozilla.org/it/kb/Attivare%20e%20disattivare%20i%20cookie#firefox:win7:fx38
Safari
From the drop-down menu in the top right corner select “Preferences”. Select “Security” and here you can change the settings of the cookies.
https://support.apple.com/it-it/HT201265
However, it has to be highlighted that disabling the use of all cookies on the Website (including technical cookies) will compromise some of its functions.
8.5 Further information with regard to the cookies
The website www.allaboutcookies.org contains instructions for managing cookies on the most common browsers; alternatively it is possible to check the documentation enclosed with the software used on its own device.
9. Privacy changes and Cookie Policy
The Controller holds the right to make changes to the current Privacy Policy at any time, by announcing them through publication on the Website. We suggest the User to check these type of updates on the Website.
If the changes are considerable and/or have a high impact on the User’s rights, the Association may also communicate them to the User through a different method (for example, by sending an email).