Privacy Policy of www.ipazia-caad.uniupo.it

www.ipazia-caad.uniupo.it collects certain Personal Data of its Users.

This document may be printed using the print command available in the settings of any browser.

Data Controller

Università degli Studi del Piemonte Orientale “Amedeo Avogadro”
P. IVA n. 01943490027, Codice Fiscale 94021400026
sede del Rettorato in Via Duomo, n. 6 – 13100 Vercelli.

Indirizzo email del Titolare: affarigiuridici@uniupo.it

Types of Data Collected

Among the Personal Data collected by www.ipazia-caad.uniupo.it, either independently or through third parties, are: Tracking Tools; Usage Data; first name; last name; email address; Data provided while using the Service; telephone number; and Data communicated for the purpose of accessing the Service. Comprehensive details regarding each category of Personal Data collected are provided in the relevant sections of this Privacy Policy or through specific information notices displayed prior to the collection of such Data.
Personal Data may be freely provided by the User, or, in the case of Usage Data, collected automatically during the use of www.ipazia-caad.uniupo.it.
Unless otherwise specified, all Data requested by www.ipazia-upocaad.it
are mandatory. Failure to provide such Data may make it impossible for www.ipazia-caad.uniupo.it to deliver its Services. In cases where www.ipazia-caad.uniupo.it indicates that certain Data are optional, Users are free to withhold such information without affecting the availability or functionality of the Service.

Users who are uncertain as to which Data are mandatory are encouraged to contact the Data Controller. The use of Cookies—or other tracking technologies—by www.ipazia-caad.uniupo.it, or by the owners of third-party services utilised by www.ipazia-caad.uniupo.it, is intended to provide the Service requested by the User, in addition to the other purposes described in this document and in the Cookie Policy.

The User bears sole responsibility for any third-party Personal Data obtained, published, or shared through www.ipazia-caad.uniupo.it.

Methods and Place of Processing of the Collected Data

Methods of Processing

The Data Controller adopts appropriate security measures to prevent unauthorised access, disclosure, alteration or destruction of Personal Data.
Processing is carried out using IT and/or telematic tools, with organisational methods and logics strictly related to the purposes indicated.

In addition to the Data Controller, in some cases, the Data may be accessible to other persons involved in the operation of www.ipazia-caad.uniupo.it (such as administrative, commercial, marketing or legal staff, and system administrators) or to external parties (such as third-party technical service providers, postal carriers, hosting providers, IT companies, or communication agencies) appointed, if necessary, as Data Processors by the Data Controller. An updated list of Data Processors may be requested from the Data Controller at any time.

Place of Processing

Data are processed at the operational offices of the Data Controller and in any other locations where the parties involved in the processing are situated. For further information, please contact the Data Controller.
The User’s Personal Data may be transferred to a country other than the one in which the User is located. To obtain further details on the place of processing, the User may refer to the section concerning detailed information on the processing of Personal Data.

Retention Period

Unless otherwise specified in this document, Personal Data are processed and stored for as long as required by the purpose for which they were collected and may be retained for a longer period in order to comply with legal obligations or based on the User’s consent.

Purposes of Processing the Collected Data

The User’s Data are collected to allow the Data Controller to provide the Service, comply with legal obligations, respond to enforcement requests, protect its own rights and interests (or those of Users or third parties), detect any malicious or fraudulent activity, and for the following purposes: Statistics, Platform and hosting services, Collection of privacy preferences, Contacting the User, Interaction with social networks and external platforms, and Displaying content from external platforms.

For detailed information on the purposes of processing and on the Personal Data processed for each purpose, the User may refer to the section entitled “Details on the Processing of Personal Data.”

Details on the Processing of Personal Data

Personal Data are collected for the following purposes and by means of the following services:

Collection of Privacy Preferences

The website www.ipazia-caad.uniupo.it uses the plugin Complianz | GDPR/CCPA Cookie Consent to collect, store, and manage users’ preferences regarding the processing of personal data and the use of cookies, as required by applicable privacy regulations (GDPR and Legislative Decree 196/2003, as amended).

Complianz Consent Solution
The Complianz Consent Solution allows the Data Controller to record and retrieve users’ consent to the processing of personal data, as well as the preferences expressed concerning the acceptance of cookies.

To this end, the plugin uses a Tracking Tool (the browser’s localStorage) which temporarily stores information on the user’s device until it is processed. Once registered, the temporary information is automatically deleted.

Personal Data processed: data communicated during consent management; tracking tools.
Place of processing: Italy – [Complianz Privacy Policy]

Complianz Cookie Solution
The Complianz Cookie Solution enables the Data Controller to collect and store users’ preferences regarding the use of cookies and other tracking tools on the website www.ipazia-upocaad.it.

Personal Data processed: tracking tools.
Place of processing: Italy – [Complianz Privacy Policy]

Statistics
Consent and cookie management services, such as those provided by Complianz, enable the Data Controller to monitor and analyse website traffic data, in order to understand user behaviour and enhance the browsing experience.

Statistic

The services contained in this section enable the Data Controller to monitor and analyse website traffic data and are used to track User behaviour.

WordPress Stats
WordPress Stats is an analytics service provided by Automattic Inc. or Aut O’Mattic A8C Ireland Ltd., depending on how the Data Controller manages Data Processing.

Personal Data processed: Usage Data; Tracking Tools.
Place of processing: United States – [Privacy Policy]; Ireland – [Privacy Policy].

Social Networks and external platforms

Questo tipo di servizi permette di effettuare interazioni con i social network, o con altre piattaforme esterne, direttamente dalle pagine di www.ipazia-caad.uniupo.it.
Le interazioni e le informazioni acquisite da www.ipazia-caad.uniupo.it sono in ogni caso soggette alle impostazioni privacy dell’Utente relative ad ogni social network.
Questo tipo di servizio potrebbe comunque raccogliere dati sul traffico per le pagine dove il servizio è installato, anche quando gli Utenti non lo utilizzano.
Si raccomanda di disconnettersi dai rispettivi servizi per assicurarsi che i dati elaborati su www.ipazia-caad.uniupo.it non vengano ricollegati al profilo dell’Utente.

Pulsante e widget sociali di Instagram (Meta Platforms, Inc.)

Il pulsante e i widget sociali di Instagram sono servizi di interazione con il social network Instagram, forniti da Meta Platforms, Inc.

Dati Personali trattati: Dati di utilizzo.

Luogo del trattamento: Irlanda – Privacy Policy.

– – –

Questo tipo di servizi permette di visualizzare contenuti ospitati su piattaforme esterne direttamente dalle pagine di www.ipazia-caad.uniupo.it e di interagire con essi.
Questo tipo di servizio potrebbe comunque raccogliere dati sul traffico web relativo alle pagine dove il servizio è installato, anche quando gli utenti non lo utilizzano.

Widget Instagram (Meta Platforms Ireland Limited)

Instagram è un servizio di visualizzazione di immagini gestito da Meta Platforms Ireland Limited che permette a www.ipazia-caad.uniupo.it di integrare tali contenuti all’interno delle proprie pagine.

Dati Personali trattati: Dati di utilizzo; Strumenti di Tracciamento.

Luogo del trattamento: Irlanda – Privacy Policy.

Google Fonts (Google Ireland Limited)

Google Fonts è un servizio di visualizzazione di stili di carattere gestito da Google Ireland Limited che permette a www.ipazia-caad.uniupo.it di integrare tali contenuti all’interno delle proprie pagine.

Dati Personali trattati: Dati di utilizzo; Strumenti di Tracciamento.

Luogo del trattamento: Irlanda – Privacy Policy.

YouTube Data API (Google Ireland Limited)

YouTube Data API è un servizio di visualizzazione di contenuti video gestito da Google Ireland Limited che permette a www.ipazia-caad.uniupo.it di integrare funzionalità normalmente eseguibili su YouTube in modo che gli Utenti possano guardare, cercare e gestire i contenuti YouTube direttamente all’interno di www.ipazia-caad.uniupo.it. Tramite questo Servizio, www.ipazia-caad.uniupo.it potrebbe raccogliere Dati direttamente o indirettamente sui o dai dispositivi dell’Utente, anche mediante l’utilizzo di Strumenti di Tracciamento. Gli Utenti possono limitare tale accesso ai propri Dati tramite la pagina delle impostazioni relative alla sicurezza fornita da Google. Gli Utenti, in qualsiasi momento, possono contattare il Titolare per chiedere ulteriori informazioni sulle impostazioni relative alla privacy attraverso i recapiti forniti in questo documento. I Dati raccolti tramite il Servizio potrebbero inoltre essere utilizzati per aiutare terzi a mostrare annunci pubblicitari personalizzati sulla base degli interessi. Gli Utenti possono decidere di non ricevere tale pubblicità personalizzata tramite le impostazioni del proprio dispositivo o visitando la pagina di opt-out della Network Advertising Initiative.

Dati Personali trattati: Dati comunicati durante l’utilizzo del servizio; Dati comunicati per poter utilizzare il Servizio; Dati di utilizzo.

Luogo del trattamento: Irlanda – Privacy Policy – Opt out.

 

Questo tipo di servizi permette di visualizzare contenuti ospitati su piattaforme esterne direttamente dalle pagine di www.ipazia-caad.uniupo.it e di interagire con essi.
Questo tipo di servizio potrebbe comunque raccogliere dati sul traffico web relativo alle pagine dove il servizio è installato, anche quando gli utenti non lo utilizzano.

Platform and Hosting Services

These services are intended to host and operate key components of www.ipazia-caad.uniupo.it, enabling the delivery of the website from a single platform. These platforms provide the Data Controller with a wide range of tools, such as analytics tools, user registration management, comment and database management, e-commerce functionalities, payment processing, and more. The use of these tools involves the collection and processing of Personal Data.

Some of these services operate via servers geographically distributed across multiple locations, making it difficult to determine the exact location where Personal Data are stored.

WordPress.com (Aut O’Mattic A8C Ireland Ltd.)
WordPress.com is a platform provided by Aut O’Mattic A8C Ireland Ltd. that enables the Data Controller to develop, operate, and host www.ipazia-caad.uniupo.it.

Personal Data processed: last name; Data provided during the use of the Service; Usage Data; email address; first name.
Place of processing: Ireland – [Privacy Policy].

Cookie Policy

www.ipazia-caad.uniupo.it makes use of Tracking Tools. For further information, Users may consult the Cookie Policy.

Additional Information for Users

Legal Basis for Processing

The Data Controller processes Personal Data relating to the User where one of the following conditions exists:

  • The User has given consent for one or more specific purposes. Note: In certain jurisdictions, the Data Controller may be authorised to process Personal Data without the User’s consent or another of the legal bases specified below, until the User objects (“opt-out”) to such processing. However, this does not apply where the processing of Personal Data is governed by European data protection legislation.

  • Processing is necessary for the performance of a contract with the User and/or the implementation of pre-contractual measures.

  • Processing is necessary to comply with a legal obligation to which the Data Controller is subject.

  • Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Data Controller.

  • Processing is necessary for the legitimate interests pursued by the Data Controller or by third parties.

It is always possible to request that the Data Controller clarify the specific legal basis for each processing operation, in particular to specify whether the processing is based on law, provided for by a contract, or necessary to enter into a contract.

Additional Information on Retention Period

Unless otherwise specified in this document, Personal Data are processed and stored for the period necessary for the purposes for which they were collected and may be retained for a longer period to comply with legal obligations or based on Users’ consent.

Accordingly:

  • Personal Data collected for purposes related to the performance of a contract between the Data Controller and the User will be retained until the execution of such contract is complete.
  • Personal Data collected for purposes related to the legitimate interests of the Data Controller will be retained until such interests have been satisfied. Users may obtain further information regarding the legitimate interests pursued by the Data Controller in the relevant sections of this document or by contacting the Data Controller directly.
  • Where processing is based on the User’s consent, the Data Controller may retain Personal Data for longer periods until such consent is revoked. Furthermore, the Data Controller may be required to retain Personal Data for a longer period to comply with legal obligations or orders from authorities.

At the end of the retention period, Personal Data will be deleted. Consequently, once this period expires, the rights of access, deletion, rectification, and data portability can no longer be exercised.

Users’ Rights

Users may exercise certain rights with respect to the Data processed by the Data Controller.

In particular, to the extent permitted by law, Users have the right to:

  • Withdraw consent at any time: Users may withdraw their consent to the processing of their Personal Data previously given.

  • Object to the processing of their Data: Users may object to the processing of their Data when it is carried out on a legal basis other than consent.

  • Access their Data: Users have the right to obtain information about the Data processed by the Data Controller, regarding certain aspects of the processing, and to receive a copy of the Data processed.

  • Verify and request rectification: Users may verify the accuracy of their Data and request its updating or correction.

  • Obtain restriction of processing: Users may request the restriction of the processing of their Data. In such cases, the Data Controller will not process the Data for any purpose other than storage.

  • Obtain deletion or removal of Personal Data: Users may request the deletion of their Data by the Data Controller.

  • Receive their Data or have it transferred to another controller: Users have the right to receive their Data in a structured, commonly used, and machine-readable format and, where technically feasible, to have it transferred without hindrance to another Data Controller.

  • Lodge a complaint: Users may lodge a complaint with the competent data protection supervisory authority or take legal action.

Users are entitled to obtain information regarding the legal basis for transferring Data abroad, including to any international organisation governed by international law or established by two or more countries, such as the UN, as well as the security measures adopted by the Data Controller to protect their Data.

Details on the Right to Object

Where Personal Data are processed in the public interest, in the exercise of public powers vested in the Data Controller, or to pursue the Data Controller’s legitimate interests, Users have the right to object to such processing on grounds relating to their particular situation.

Users are informed that where their Data are processed for direct marketing purposes, they may object to the processing at any time, free of charge, and without providing any reason. If Users object to the processing for direct marketing purposes, their Personal Data will no longer be processed for such purposes. To determine whether the Data Controller processes Data for direct marketing purposes, Users may refer to the relevant sections of this document.

How to Exercise Rights

To exercise their rights, Users may submit a request to the contact details of the Data Controller provided in this document. Requests may be submitted free of charge, and the Data Controller will respond as promptly as possible, in any case within one month, providing the User with all information required by law. Any rectifications, deletions, or restrictions on processing will be communicated by the Data Controller to each recipient, if any, to whom the Personal Data have been disclosed, unless this proves impossible or involves disproportionate effort. The Data Controller will inform the User of such recipients upon request.

Additional Information

Legal Defence

The User’s Personal Data may be used by the Data Controller in legal proceedings or in the preparatory stages thereof for the defence against any abuse in the use of www.ipazia-caad.uniupo.it or its associated Services by the User.
The User acknowledges that the Data Controller may be obliged to disclose Data pursuant to orders from public authorities.

Specific Notices

At the User’s request, in addition to the information contained in this Privacy Policy, www.ipazia-caad.uniupo.it may provide the User with additional and contextual notices concerning specific Services, or the collection and processing of Personal Data.

System Logs and Maintenance

For operational and maintenance purposes, www.ipazia-caad.uniupo.it and any third-party services it utilises may collect system logs, i.e., files that record interactions and may also contain Personal Data, such as the User’s IP address.

Information Not Contained in This Policy

Further information regarding the processing of Personal Data may be requested at any time from the Data Controller using the contact details provided.

The Data Controller reserves the right to make changes to this Privacy Policy at any time, notifying Users on this page and, where possible, on www.ipazia-upocaad.it, and, if technically and legally feasible, by sending a notice to Users via one of the contact methods in its possession. Users are therefore advised to consult this page frequently, referring to the “last modified” date indicated at the bottom.

If the amendments concern processing activities whose legal basis is consent, the Data Controller will collect the User’s consent again, if necessary.

Legal Definitions

Personal Data (or Data)
Any information relating to an identified or identifiable natural person, directly or indirectly, including in connection with any other information, such as a personal identification number.

Usage Data
Information collected automatically through www.ipazia-caad.uniupo.it (including third-party applications integrated into www.ipazia-caad.uniupo.it), such as: IP addresses or domain names of the computers used by the User connecting to www.ipazia-caad.uniupo.it, addresses in URI (Uniform Resource Identifier) notation, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the server’s response (successful, error, etc.), the country of origin, the characteristics of the browser and operating system used by the visitor, various temporal aspects of the visit (e.g., time spent on each page), and details relating to the navigation path within the Application, with particular reference to the sequence of pages visited, system parameters, and the User’s computing environment.

User
The individual using www.ipazia-caad.uniupo.it, who, unless otherwise specified, coincides with the Data Subject.

Data Subject
The natural person to whom the Personal Data relate.

Data Processor (or Processor)
The natural or legal person, public authority, agency, or other body which processes Personal Data on behalf of the Data Controller, as described in this Privacy Policy.

Data Controller (or Controller)
The natural or legal person, public authority, service, or other body which, alone or jointly with others, determines the purposes and means of processing Personal Data, including the tools used, and the security measures adopted for the operation and use of www.ipazia-caad.uniupo.it. Unless otherwise specified, the Data Controller is the owner of www.ipazia-caad.uniupo.it.

www.ipazia-caad.uniupo.it (or this Application)
The hardware or software tool through which the User’s Personal Data are collected and processed.

Service
The Service provided by www.ipazia-caad.uniupo.it, as defined in the relevant terms (if available) on this site/application.

European Union (or EU)
Unless otherwise specified, any reference to the European Union in this document extends to all current member states of the European Union and the European Economic Area.

Cookies
Cookies are Tracking Tools consisting of small portions of data stored within the User’s browser.

Tracking Tool
A Tracking Tool refers to any technology—e.g., Cookies, unique identifiers, web beacons, embedded scripts, e-tags, and fingerprinting—that allows Users to be tracked, for example by collecting or storing information on the User’s device.

Legal References
Unless otherwise specified, this Privacy Notice applies exclusively to www.ipazia-caad.uniupo.it.

CAAD

Center for Translational Research on
Autoimmune and Allergic Disease

Centro di Ricerca Traslazionale
sulle Malattie Autoimmuni e Allergiche

Corso Trieste 15/A
Novara – 28100 (ITALY)

USEFUL LINKS

Homepage
Our History
Core Facilities
Research Groups
Contact us

Cookie Policy
Privacy Policy ENG
Privacy Policy IT