INFORMATION ABOUT THE PROCESSING OF PERSONAL DATA
of users who register to access the Papyrus web area managed by the Museo Egizio, pursuant to Article 13 of Regulation (EU) 2016/679
WHY THIS INFORMATION?
Pursuant to Regulation (EU) 2016/679 (hereafter the “Regulation”), this page describes the methods of processing personal data of users who access the areas devoted to the study of papyri at the following addresses on the Museo Egizio website:
• papyri.museoegizio.it
• collezionepapiri.museoegizio.it
This information does not relate to other sites, pages or online services that may be reached through hypertext links published in the area but relating to resources outside the domain of the Museo Egizio website, or to any links to the official social pages of the Museo Egizio which provide information about the privacy policy of the social service provider (such as facebook.com).
The pages that are part of the third level domains (e.g. rivista.museoegizio.it, shop.museoegizio.it) present privacy policies concerning their own services.
DATA CONTROLLER
Following consultation of the sites listed above, the data of identified or identifiable natural persons may be processed. The data controller is the Fondazione Museo delle Antichità Egizie di Torino (hereafter referred to as FME) with headquarters in Turin, Via Accademi a delle Scienze no. 6, IT-10123 email privacy.museoegizio.it, telephone +39 011.561.7776)
DATA PROTECTION MANAGER
The Data Protection Manager (DPM) can be contacted at the following address: Fondazione Museo delle Antichità Egizie di Torino: Via Accademia delle Scienze n. 6, IT-10123, Torino (To) email: dpo@museoegizio.it.
PURPOSES AND LEGAL BASIS OF THE TREATMENT
The personal data provided at the time of registration for the service is processed by the FME in the execution of its tasks and purposes of scientific disclosure including the task of improving the site browsing experience and gathering useful information. Below, the various purposes of the processing are listed at (P) with the respective legal basis at (B):
WHAT PERSONAL DATA IS PROCESSED
Data for registration to the service for access to the Papyrus area :
* obligatory data
Subscription to the Newsletter service :
Navigation data
During normal operation, the computer systems and software procedures used to operate this site acquire some personal data whose transmission is implicit in the use of Internet communication protocols.
This category of data includes IP addresses or domain names of computers and terminals used by the users, the URI/URL (Uniform Resource Identifier/Locator) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numeric code indicating the status of the response given by the server (success, error, etc.) and other parameters relating to the operating system and the user's IT environment.
These data, necessary for the use of web services, are also processed for the purpose of:
• obtaining statistical information on the use of services (most visited pages, number of visitors by time or day, geographical areas of origin, etc.);
• check the correct functioning of the services offered.
The navigation data do not persist for more than seven days and are cancelled immediately after their aggregation (except in the case of the need to investigate crimes by the judicial authority).
Data communicated by the user
The optional, explicit and voluntary sending of messages to the contact addresses of the FME, as well as the compilation and submission of the contact forms present on the website of the Museo Egizio, entail the acquisition of the contact details of the sender, which are necessary to reply, as well as all personal data included in the communications.
Specific information will be published on the pages of the third-level websites of museoegizio.it, which are adapted for the provision of certain services.
Cookies and other tracking systems
No cookies are used for user profiling, nor are other tracking methods used.
Instead, session cookies (not persistent) are used in a way strictly limited to the need of safe and efficient site navigation. The storage of session cookies in terminals or browsers is under the user's control, whereas on the servers, at the end of the HTTP sessions, information relating to cookies remains recorded in the service logs, with storage times not exceeding seven days, like the other navigation data.
METHOD OF PROCESSING
The data processing takes place through the use of instruments and procedures suitable for guaranteeing a high level of security and confidentiality, and may be carried out both through our website and through other electronic instruments, and sometimes with the aid of paper supports.
DATA ADDRESSEES
Employees and/or collaborators of the FME may become aware of the personal data of the users. These subjects are formally appointed by the Foundation as persons authorized to process data. They will process the user's data exclusively for the purposes indicated in this information notice and in respect of the provisions of the Regulation.
Users working for third parties may also learn about the personal data by processing personal data on behalf of the FME as “external data processors” pursuant to Article 28 of the regulation, such as, for example, suppliers of IT and logistics services functional to the operation of the sites, or providers of outsourcing or cloud computing services, as well as professionals and consultants.
RIGHTS OF INTERESTED PARTIES
Interested parties have the right to obtain from FME, in the cases envisaged, access to personal data and their correction or cancellation or the limitation of the processing that concerns them or to oppose the processing (Articles 15 and following of the Regilation). A specific application to the FME should be presented by contacting the Data Protection Manager at the FME (Fondazione Museo delle Antichità Egizie di Torino: Via Accademia delle Scienze no. 6, IT-10123, Torino (TO) email: privacy@museoegizio.it).
RIGHT TO FILE A COMPLAINT
Interested parties who consider that the processing of personal data relating to them carried out on this site is in violation of the provisions of the Regulation have the right to lodge a complaint with the supervisory authority, as provided by Art. 77 of the same Regulation, or to take the appropriate judicial action (Art. 79 of the Regulation).
