Pursuant to art. 13 of Regulation 679/2016, we hereby inform users regarding the personal data processing carried out through this website.
Personal data processing on this site takes place in compliance with current legislation on the protection of personal data and is based on principles of correctness, lawfulness, transparency, and data protection.
We specify that this information refers exclusively to the data of those who interact with the services accessible from the home page of the website: https://www.agroecology-europe-hub.org/ (hereinafter also referred to as "the site"), without extending to any other websites reached by the user through the links on the site.
The following are joint data controllers (bound pursuant to article 26 of the GDPR):
For UNISG, the Data Protection Officer (DPO) was selected through a service contract with Spaziottantotto Srl, VAT no. 08283280017, registered office in Via Nino Bixio n.8 - 10138 Turin (TO).
For AEEU not falling within the list specified under Article 37 of the UE Regulation 2016/679, and also considering the indications of the guideline WP243, the data protection officer has not been designated.
The Joint controllers and the DPO can be reached at the mail email@example.com
The privacy notice is a general obligation that must be fulfilled before or at the latest in the event of direct collection of personal data. In the case of personal data not collected directly from the data subject, the privacy notice must be provided within a reasonable time, or at the time of communication (not at the time of data recording) of the data (to third parties or the data subject). Pursuant to the General Regulation for the Protection of Personal Data of natural persons (GDPR – Reg. (EU) 2016/679), the Joint Data Controllers inform you of the following.
Sources and categories of personal data
The personal data held by the Joint Controllers are collected directly from the data subjects. This site does not collect data belonging to special categories of data, by which we mean those suitable for revealing racial or ethnic origin, philosophical or other religious beliefs, political opinions, membership of trade unions, associations, or organizations of a religious, philosophical, political or trade union, the health status, and sex life, except for what is spontaneously communicated by the data subjects regarding their personal opinions and experiences concerning the topic of scientific research as described in the research policy.
During their normal operation, the computer systems and software procedures used to operate this website acquire some personal data whose transmission is implicit in the use of Internet communication protocols. This is information that is not collected to be associated with identified data subjects, but which by their very nature could allow users to be identified through processing and association with data held by third parties. This category of data includes the IP addresses or domain names of the computers used by users who connect to the site, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user's computing environment. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning and are deleted immediately after processing. The data could be used to ascertain responsibility in the event of hypothetical computer crimes against the site.
Profiling data regarding the data subject's consumption habits or choices is not directly acquired. However, it is possible that through links or by incorporating third-party elements, such information may be acquired by independent or different entities. In this regard, see the section on third-party cookies.
Like others, this website saves cookies on the browser used by the user intended for the transmission of information of a personal nature and to enhance the user experience. In fact, cookies are small text strings that the sites visited by the user send to his terminal (usually the browser), where they are memorized, sometimes even with characteristics of wide temporal persistence, to then be re-transmitted to the same sites at the next visit.
By filling in the registration form with their data, the user consents to their use for joining the Agroecology for Europe – HUB application and as regards the AE4EU – Agroecology for Europe – research project, as better detailed in the research policy.
The personal data processed may contain name, surname, e-mail, occupation, and other information voluntarily indicated by the user in the registration form. The collection and/or recording of special category or judicial data is excluded, therefore we invite you not to provide such information when filling out the contact form. If the user voluntarily communicates his/her personal data belonging to special categories (e.g., concerning health status) the Joint Controllers will proceed with the erasure of the very data if it does not affect the personal data processing.
The Data Controller does not intentionally collect or store the personal data of individuals under the age of 18, nor does it intentionally allow such minors to use the Site. Users under the age of 18 are requested not to register on the Site and not to provide personal data.
Data provided voluntarily by the user
The optional, explicit, and voluntary sending of e-mails to the addresses indicated on the site entails the subsequent acquisition of the sender's address and any personal data included in the mail, deemed necessary to respond to provide information to the user or to respond to any other request communicated via the contact form.
Purposes and legal bases of the processing
Personal data is processed (ref. article 6 (1)(a), and (b) of the GDPR): to allow navigation on the site and to help perform the tasks and services requested in the activities carried out by the Joint Controllers relating to the research AE4EU - Agroecology for Europe -.
Furthermore, all personal data may be processed:
Consequences of refusing to provide data
The provision of data by the data subject is optional but essential for data processing for the purposes indicated in letters a), b) and c). If data subjects fail to communicate their essential data and do not allow the data processing, it will not be possible to proceed with the completion and implementation of the tasks and services offered and to follow up on the contractual obligations undertaken which will further harm or influence accounting, fiscal and administrative regulatory obligations.
Apart from that specified for navigation data, the user is free to provide personal data for cookies and specific requests through forms, e.g., on products and/or services. Failure to provide such data may make it impossible to obtain what has been requested. For all non-essential data, including those belonging to special categories, the provision of data is optional. In the absence of consent or the incomplete or incorrect provision of certain data, including those belonging to special categories, the required fulfilments could be so incomplete as to cause damage or penalties, or loss of benefits. This may happen both due to the inability to guarantee the adequacy of data processing to the purposes for which it is performed and for the possible mismatch of the data processing results required by the relevant regulations, meaning that the Joint Controllers of the data processing will not be responsible for any sanctions or afflictive measures.
Methods of data processing
The data connected to the web services of the site are processed with automated tools only for the duration strictly necessary to achieve the purposes for which they were collected; they take place at the server in Italy or the EU and are only handled by technical personnel in charge of processing, or by persons in charge of maintenance and administration operations. Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access, and loss of confidentiality. The facility is equipped with anti-intrusion devices, firewalls, logs, and disaster recovery. Specific data encryption and segregation mechanisms and user authentication and authorization mechanisms are used.
Data processing means the collection, recording, organization, storage, processing, modification, erasure, and destruction or the combination of two or more of these operations. In relation to the aforementioned purposes, personal data processing takes place through manual, computerized, and telematic tools, with logic strictly related to the stated purposes. And in any case, so as to guarantee the security and confidentiality of personal data, it will therefore be processed in compliance with the methods indicated in art. 5 EU Reg. 2016/679, which foresee, among other things, that the data be processed lawfully and correctly, collected and recorded for specific, explicit and legitimate, exact, and if necessary updated, relevant purposes complete and not excessive in relation to the purposes of the processing, respecting fundamental rights and freedoms, as well as the dignity of the data subject with particular reference to confidentiality and personal identity, through protection and security measures. The Joint Controllers have prepared and will further improve the access security and data retention system.
An automated decision-making process (e.g., profiling) is not established.
The data processing will take place mainly in Italy and the EU but could also take place in non-EU and non-EEA countries if deemed necessary for the efficient fulfillment of the objectives pursued with due respect to the guarantees given to and interests of the data subjects. Finally, when the data subject requests connections and links that originate from non-EU and non-EEA countries, the data processing will take place in those non-EU and non-EEA countries. The Joint controller will have no responsibility and control over such data processing.
Data retention period
Personal data will be kept, in general, as long as the purposes of the data processing persist according to the category of data processed.
Categories of recipients
The data (only the essential ones) are communicated
The data collected will not be disseminated without anonymization or unless otherwise mandated by law. Except as specified for Cookies and third-party elements, without the prior general consent of the data subject for communications to third parties, it will be possible to carry out only services that do not provide for such communications. If needed, specific and timely consents will be requested and the subjects who receive the data will use them as independent data owners
In some cases (not as a part of routine management of this site) the authorities may request reports and information for the purpose of inspecting personal data processing. In these cases, the answer is mandatory, the lack of which may result in a penalty of an administrative fine.
Rights of the data subjects
At any time the data subject may: exercise his/her rights (access, rectification, erasure, restriction, portability, opposition, absence of automated decision-making processes) when required against each Joint Data Controller, pursuant to articles from 15 to 22 of the GDPR (link to the regulation); propose a complaint to the Guarantor (www.garanteprivacy.it); if the processing is based on consent, revoke this consent given, taking into account that the revocation of the consent does not affect the lawfulness of the processing based on the consent before the revocation.
Addresses and contacts
You may exercise the abovementioned rights by writing to firstname.lastname@example.org – HUB or sending a registered letter with acknowledgment to one of the Joint Controllers at the addresses indicated at the beginning of this document. The complete list of data processors is available upon request.
This document constitutes the Web Policy of the site https://www.agroecology-europe-hub.org/ and is subject to updates. It is the user's responsibility to consult the document and its updates.