PRIVACY NOTICE PURSUANT TO ARTICLE 13 OF REGULATION (EU) 2016/679 – The General Data Protection Regulation (GDPR)
Fondazione Cariplo protects your data as required under the recently introduced General Data Protection Regulation (GDPR). Specific privacy notices will be displayed any time you (grantees and website users) will be asked to provide personal data.
In compliance with the GDPR, you are hereby informed that:
We, Fondazione Cariplo, are the Data Controller (article 24 of the GDPR).
- The personal data our Foundation collects shall be always processed lawfully and fairly in accordance with the regulatory requirements in force from time to time. In accordance with the general principle that data should be adequate, relevant and limited to what is necessary for the purposes for which they are processed, any special categories of data that may be erroneously provided by grantees shall be promptly deleted from the Foundation’s databases.
- Processing of personal data by our Foundation is grounded in the law, namely in Italy’s Legislative Decree 153 of 1999 under which Foundations are to pursue exclusively public benefit purposes and promotion of economic development in accordance with their respective By-laws.
- Often our Foundation relies on the legal ground of contractual performance to process your data.
- Data collected on the grounds of a law or of contractual performance shall be kept for a reasonable timeframe depending on the purpose of data processing.
- Data will be processed by our employees or contractors/consultants we entrusted with the task to conduct activities in fulfilment of our Foundation’s mission or in connection therewith.
- Third parties processing data on our behalf shall be appointed Data Processors;
- We may communicate or disclose the data to comply with legal requirements or when needed for accounting and financial reporting purposes as per section 9 of Italy’s Legislative Decree 153 of 1999 in relation to our grant-making or other activities;
- We may send the personal data we collected to other parties outside of the European Union, giving appropriate notice thereof. In such instances we shall take all reasonable steps to ensure that individual personal information be treated appropriately;
- Under the GDPR you as data subject have the right to access (article 15), the right to rectification (article 16), the right to erasure (article 17), the right to restriction of processing (article 18), the right to object (article 21), and the right to data portability (article 20) in relation to your personal data held by our Foundation, as well as the right to lodge a formal complaint with the Italian Data Protection Authority (Garante per la protezione dei dati personali) if you believe your personal information has been processed in violation of the GDPR;
- To exercise your rights or for further information on processing of personal data, please contact email@example.com.
Processing of data for the purposes of web navigation
This website’s information systems and software procedures gather certain personal information whose transmission is inherent in the use of Internet communication protocols.
This information is not gathered to be associated with identified individuals. However, for its very nature, if processed and matched with data held by third parties, this information would enable user identification.
The information that may be gathered includes IP address, browser or operating system used, (uniform resource identifiers (URI), domain names and referring/exit pages, time of query, method used and information about query results, other information relating to your visit to the website (see also the section about Cookies) and other information about your operating system and environment.
This type of information may be used to detect cybercrimes in relation to our website and ascertain who is responsible for any such crimes.
For GDPR key definitions and articles see the attachment at the bottom of the page (ITA).
This information is given to users in compliance with the “Simplified Arrangements to Provide Information and Obtain Consent Regarding Cookies of May 8, 2014” issued by the Italian Data Protection Authority (Garante per la protezione dei dati personali).
What are cookies?
Cookies are strings of text that are placed on your device (e.g. personal computer, notebook, smartphone or tablet) when you visit a website, and generally stored directly on the web browser. The website sending the cookies can then read and register the cookies placed on the same device to get information. What kind of information? Each type of cookies does different things.
How many types of cookies are there?
Cookies can be classified into two basic macro-categories, each with its specific features: technical cookies and profiling cookies.
Technical cookies are cookies generally needed for the proper operation of a website and web navigation; without these cookies web pages may not be displayed correctly or you may not be able to use certain services. A technical cookie is essential, for example, to keep users logged-in during their visit to a website or to remember their language or other settings.
Technical cookies can be further distinguished into:
- Browser cookies: these cookies ensure users can navigate the website and use services (e.g. allowing user authentication for access to restricted areas or online shopping);
- Cookie analytics: these cookies can be likened to technical cookies, although only when used directly by the website manager to gather information, in aggregated form, about the number of visitors and their website experience.
- Functional cookies: these cookies record information about the choices made by the user (e.g. language, the products purchased during online shopping) to enhance the website experience.
Profiling cookies are more sophisticated! These cookies profile users for targeted advertising based on user’s choices.
Additionally, cookies can be divided into:
- Session cookies. Session cookies are deleted when you close your browser;
- Persistent cookies. Unlike session cookies, persistent cookies are saved on the browser for a set period of time. There are used, for example, to recognize the device from which the user logs in to facilitate user authentication.
- First-party cookies are cookies generated and managed directly by the website the user is visiting.
- Third-party cookies are cookies generated and managed by third parties, usually under a contract made between the website owner and a third party.
What types of cookies does Fondazione Cariplo use?
Our website uses the following cookies:
Technical cookies to manage the user session that do not entail any profiling ;
PIWIK technical cookies to analyze website traffic data in aggregated and anonymized form;
Google analytics *
Social networks: Facebook, Twitter, Instagram:
Technical cookies: AddThis (Share Buttons)
* This website uses tools that reduce user identification by cookies, e.g. anonymization of user IP address before it is processed or memorized by Google inc.
Here are the links to the most common browsers where you can find information on how to disable memorization or delete cookies already saved on the browser:
Allegato Key GDPR definitions and articles