Privacy Policy

PRIVACY POLICY ON THE PROCESSING OF PERSONAL DATA FOR WEBSITE USERS

 WWW.CAFOSCARISHOP.IT

This policy, in line with the (EU) Regulation 2016/679 (General Data Protection Regulation, ‘EU Regulation’), is to appoint Ca’ Foscari University of Venice as Data Controller for the processing of personal data and any other relevant operation related to the access of users in the www.cafoscarishop.it website.

The Company 2.0 – DUEPUNTOZERO S.A.S. of Cacciani Federico & C., Viale Giovanni Mariotti, 1 43121 – Parma (PR) –
VAT No.: 02757200346 is the Website Manager and is in charge of data protection

1. Data Controller

The Data Controller is Ca’ Foscari University of Venice (‘University’), with registered office in Dorsoduro 3246 – 30123 Venice (certified e-mail – PEC: [email protected]), as represented by the pro tempore Rector ([email protected]).

2. Data Protection Officer

The Data Protection Officer, appointed under Article 37 of the EU Regulation, can be contacted c/o Ca’ Foscari University of Venice – Data Protection Officer, Dorsoduro 3246, 30123 Venice, e-mail address: [email protected]. 

3. Data Origin and Type

Personal data that will be processed are:

Navigation data

The computer systems and software procedures used to operate this site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.

The following fall into this category:

• IP addresses of the users’ devices;
• date and time when the request was received;
• the URI / URL (Uniform Resource Identifier / Locator) addresses of the requested resources;
• the numerical code indicating the status of the response given by the server (successful, error, etc.);
• the size of the response (in bytes);
• URI / URL address of the page of origin (referrer);
• browser recognition string (user agent).

These data are not stored for more than 7 days, after which they are automatically deleted (except for any need to ascertain crimes by the judicial authorities).

Furthermore, data necessary for the use of web services are processed anonymously, in order to check the correct functioning of the services offered.

Data communicated by the user

 The optional, explicit and voluntary sending of messages to the contact addresses indicated on the site (such as, for example, [email protected]), as well as the compilation and forwarding of the forms on it, involve the acquisition of data contact of the sender, necessary to reply, as well as all personal data included in communications.

Specific information is published on the pages of the site dedicated to the provision of certain services.

Statistics on the use of the internet

 The University uses the Google Analytics service of the company Google, Inc. (hereinafter “Google”) to generate statistics on the use of the website (for example, on the use of services, most visited pages, number of visitors per band hourly or daily, geographical areas of origin, etc.). In order to carry out these activities, Google Analytics does not collect personal data, as all users’ IP addresses are anonymized as soon as they are received from the network and before being stored or processed.

Cookies and other tracking methods

Cookies are small text files sent by the websites visited and stored in the browser used. Cookies contain information that is reused during the same visit to the site or later, even after days. Cookies are safe: in fact, they only store the information that is entered by the browser and cannot be used to access the computer. If the information collected with cookies is encrypted, only the website will be able to read it.

There are two macro-categories of cookies:

• technical cookies, necessary for the correct functioning of the website and to allow navigation: without them it may not be possible to display the pages correctly or use some services; for example, a technical cookie is essential to keep the user connected throughout the visit to a website, or to memorize the language, display settings, etc .;
• profiling cookies, which have the task of profiling the user and are used in order to send advertising messages in line with the preferences expressed by the user while browsing.

This website releases only technical cookies.

4. Purposes of the Processing

The purposes for which the user is asked to provide the Data Controller with their personal data are as follows: to allow browsing on the site https://www.cafoscarishop.it/ and to use the services available there, including the services of virtual purchase assistance. Please note that it is possible to make purchases without registering on the site. Furthermore, the data may be processed for the eventual defense of one’s interests in court and for the fulfillment of legal obligations.

5. Data Processing Methods

Users’ data are processed by electronic means and are subject to protection measures that ensure they are processed confidentially and safely. More specifically, the Data Controller shall provide adequate technical and organizational measures to protect the personal data subject to processing from loss, theft, and unauthorized use or alteration of the information.

The processing of personal data complies with the principles of correctness, lawfulness, transparency, and the protection of the privacy and rights of the subjects, and with any other principle defined under Article 5 of the Regulation.

Furthermore, the data are retained in an encrypted form on the e-commerce portal. The HTTPS protocol, which enables using encrypted communications, also guarantees website security and protection.

6. Purpose and legal basis of the processing

The provision of personal data is necessary for the pursuit of the purposes described above.

The legal basis of the processing is represented by art. 6.1.e (“execution of a task of public interest”), from art. 6.1.b (“execution of a contract of which the interested party is a party or the execution of pre-contractual measures adopted at the request of the same”) and by art. 6.1.c (“fulfillment of a legal obligation”).

7. Recipients of personal data

The recipients of the personal data collected are any Data Processors appointed by the Data Controller (eg., the company that manages the site), as well as the natural persons employees and / or collaborators of the University specifically authorized to process the data for the purposes indicated above.

The personal data of the interested party will not be disclosed or transferred outside the national territory.

The Subjects’ data shall not be disclosed or transferred out of Italian territory.

8. Data Storage Period

The determination of the retention period of personal data responds to the principle of necessity of treatment. Personal data will therefore be kept for the entire period necessary to carry out the purposes indicated in point 4. In particular, the data relating to navigation will be kept for 7 days, while those relating to any requests for 36 months.

Once the above terms have elapsed, the user’s data may be deleted, anonymized and / or aggregated.

9. Rights of the Data Subjects

Data subjects are entitled to the following rights:

1. a) right of access to personal data (Article 15 of EU Regulation);
2. b) right to rectification or integration of personal data (Article 16 of EU Regulation);
3. c) right to erasure (or right to be forgotten), within the limitations defined by Article 17, par. 3 of EU Regulation;
4. d) right to restrict processing to the conditions defined under Article 18 of EU Regulation;
5. e) right to data portability, as defined under Article 20 of EU Regulation;
6. f) right to object processing at any time (Article 21 of EU Regulation);
7. g) right to complain to the Data Protection Officer (Article 77 of EU Regulation);
8. h) right to take action before the Court (Article 79 of EU Regulation).

10. Exercise of the Rights of Data Subjects

To exercise their rights, the data subjects may submit a request, without formal procedures, by directly contacting the Data Protection Officer via e-mail to [email protected] or by sending a communication to the following postal address: Ca’ Foscari University of Venice, Data Protection Officer, Dorsoduro n. 3246, 30123 Venice, or via certified mail (PEC) to [email protected].

Alternatively, the concerned subject may contact: Ca’ Foscari Shop ––Ca’ Foscari University of Venice, Dorsoduro 3243, 30123 Venice, or send an e-mail to [email protected].

Last updated on 24.05.2021.