Why this notice
This page describes the site management methods with reference to the processing of the personal data of the users consulting it. This information is also provided pursuant to articles 13 and 14 of the GDPR and to the adjustment regulations to those who interact with the web service of the owner Ente Parco Nazionale del Pollino, accessible by internet starting from the address: www.parconazionalepollino.it; corresponding to the home page of the official website of the owner.
The informative report is rendered only for the site of the owner and not also for other web sites possibly consulted by the user through links.
The information is also based on Recommendation no. 2/2001 that the European authorities for the protection of personal data, brought together in the Group established by Art. 29 of Directive no. 95/46/EC, adopted on 17 May 2001 to identify certain minimum requirements for the collection of personal data online, and, in particular, the methods, timing and nature of the information that data controllers must provide to users when they connect to web pages, regardless of the purpose of the connection.
The Recommendation and a summary description of its purpose can be found elsewhere on this site.
The data controller
Following consultation of this site, data relating to identified or identifiable persons may be processed.
The "data controller" is the Ente Parco Nazionale del Pollino, with head office in Rotonda (Pz), Complesso Monumentale Santa Maria della Consolazione.
Some processing operations may also be carried out by other third parties, to whom the Park Authority entrusts certain activities, or part of them, functional to the provision of the service. In this case, these subjects will be designated as data processors or persons in charge of the processing.
To the data processors or appointees, if any, the Entity will issue appropriate operating instructions, with particular reference to the adoption of minimum security measures, in order to be able to guarantee the confidentiality and security of the data.
The data may also be communicated, in the event of a request, to the competent authorities, in fulfilment of obligations arising from mandatory legal regulations.
The company Indo S.r.l.s., which can be contacted at firstname.lastname@example.org, has been designated Data Processor pursuant to Article 29 of the Personal Data Protection Code, as it is in charge of maintaining the technological part of the site.
Place of data processing
The processing operations connected to the web services of this site take place at the aforementioned premises of the data controller and are carried out only by personnel of the Office in charge of processing.
No data deriving from the web service is communicated or disseminated, except in cases expressly provided for by law. The personal data provided by users are used solely for the purpose of performing the service or provision requested and are communicated to third parties only if necessary for that purpose.
Types of data processed
The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected in order to be associated with identified interested parties, but by its very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes the IP addresses or domain names of the computers used by users connecting to the site, the URI (Uniform Resource Identifier) notation addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user's operating system and IT environment. This data is used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct operation, and is deleted immediately after processing. The data could be used to ascertain responsibility in the event of hypothetical computer crimes to the detriment of the site: apart from this eventuality, data on web contacts do not currently persist for more than seven days.
Data provided voluntarily by the user
The optional, explicit and voluntary sending of electronic mail to the addresses indicated on this site entails the subsequent acquisition of the sender's address, which is necessary to reply to requests, as well as any other personal data included in the message. Specific summary information will be progressively reported or displayed on the pages of the site set up for particular services on request.
Optional supply of data
Apart from what has been specified for browsing data, the user is free to provide the personal data indicated in the request forms to Ente Parco Nazionale del Pollino or in any case indicated in contacts with the Office in order to request the sending of the newsletter, informative material, or other communications. Failure to provide such data may make it impossible to obtain what has been requested. For the sake of completeness, it should be recalled that in some cases (not covered by the ordinary management of this site) the Authority may request news and information pursuant to Article 157 of the Personal Data Protection Code, as amended by Legislative Decree 101/2018, for the purposes of monitoring the processing of personal data. In these cases, the response is mandatory under penalty of administrative sanction.
Modalities of revocation of consent
For the revocation of specific consents relating to electronic communications (institutional communications, customer satisfaction, etc..), given at the time of request of the various services provided through the portal of the Ente Parco Nazionale del Pollino, please contact the Data Controller at the address provided for the exercise of the rights pursuant to Articles 15 et seq. of the GDPR governed in the next paragraph of this information notice.
Moreover, with reference to the individual newsletter services, it is possible to unsubscribe by means of the links provided at the bottom of the emails sending the newsletters in question.
Personal data are processed by automated tools for the time strictly necessary to achieve the purposes for which they were collected. Specific security measures are observed to prevent loss of data, illegal or incorrect use and unauthorised access.
Interest parties rights
The persons to whom the personal data refer have the right at any time to obtain confirmation of the existence or non-existence of such data and to be informed of their content and origin, to verify their accuracy or to request that they be supplemented or updated, or corrected (Art. 15 et seq. of the GDPR).
Pursuant to the same article, you have the right to request the deletion, transformation into anonymous form or blocking of data processed in violation of the law, as well as to oppose in any case, for legitimate reasons, their processing.