Privacy

PRIVACY POLICY

This ItaliaDomani Portal (hereafter “Portal”) provides information on the institutional activities carried out by the State General Accounting Department of the Ministry of Economy and Finance.

With this privacy policy, rendered in accordance with Article 13 of Regulation (EU) 2016/679 (hereafter “Regulation”), we inform you of the processing of personal data that may be acquired when consulting the Portal. 

DATA CONTROLLER

The Data Controller is the Ministry of Economy and Finance - State General Accounting Department, based in Via XX Settembre, 97 (which can be contacted at the Public Relations Office - PRO at the address http://www.mef.gov.it/comunica-con-noi/linea-diretta-cittadini/urp.html) (hereafter also “Controller” or “Department”).

The processing of personal data relating to the management of the Portal and its functions is entrusted to the company Sogei S.p.A., which is designated by the Controller, in accordance with Article 28 of the Regulation, as processor.


DATA PROTECTION OFFICER

In view of its organisational structure, the Ministry of Economy and Finance has appointed, in accordance with Article 37 of the Regulation, a Data Protection Officer (“DPO”) with the role of overseeing the correct application of the rules on personal data protection with reference to processing falling under the remit of the Ministry and its Departments.

The Data Protection Officer (DPO) can be reached at the following address:

LEGAL BASIS AND PURPOSE OF PROCESSING

When users access and browse on the Portal, their personal data may be collected and used for the purposes and by virtue of the legal bases identified below. 

Processing necessary to comply with obligations to which the Controller is subject (Art. 6, par. 1, lett. c, GDPR)

To comply with the obligations to which it is subject, the Department may process the personal data of users to:

  • comply with obligations deriving, by way of example but without limitation, from the civil, tax, European and/or other legislation, guidelines and/or measures issued by the Authorities and other competent institutions;
  • comply with legal, accounting, tax and administrative obligations related to management of the Portal;
  • inform and/or follow up requests from the competent Authorities, administrative and/or judicial, in compliance with the provisions of applicable legislation.

Processing necessary for the performance of tasks in the public interest or in the exercise of official authority vested in the Controller (art. 6, par. 1, lett. e, GDPR) 

The Department may process the personal data of users for purposes closely related to the fulfilment of its institutional functions. 

Processing necessary for the purposes of the legitimate interests pursued by the Controller (art. 6, par. 1, lett. f, GDPR)

In pursuing a legitimate interest, the Department may process the personal data of users to:

  • obtain statistical and anonymous information on use of the Portal functional to the conduct of research, economic and statistical analyses;
  • guarantee and control the security and correct functioning of the Portal and any services available on the Portal and requested by users;
  • establish, exercise or defend legal claims.


DATA PROCESSED

Browsing data

The IT systems and software procedures in charge of the functioning of the Portal acquire, during their normal exercise, some personal data whose transmission is implicit in the use of internet communication protocols.

This category of data includes the IP addresses or domain names of computers and terminals used by users, addresses in URI/URL (Uniform Resource Identifier/Locator) notation of the requested resources, time of the request, method used to submit the request to the server, size of the file obtained in response, numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the IT environment of users.

Those data are processed for the sole purpose of guaranteeing the correct use of the web services as well as with the aim of obtaining statistical information on use of the services (most visited pages, number of visitors per time bracket or day, geographical area of origin, etc.).

Data communicated by the user

The optional, explicit and voluntary transmission of messages to the contact addresses of the State General Accounting Department, private messages sent by users to the institutional profiles/social media pages (if this is possible), as well as the completion and submission of the forms present on the websites of the Department, involve the acquisition of the contact details of the sender, necessary to respond, along with all personal data included in the communications.

Specifications and further information may be published on the pages of the Portal dedicated to the provision of certain services. 

Cookies and other tracking systems

Cookies are strings of text that websites visited by users (so-called “first parties”) or other websites or servers (so-called “third parties”) position and archive on the computer of users, only for them to be sent back to the same websites at the next visit.

Based upon their different function and purpose, cookies are split into “technical cookies” and “profiling cookies”:

  • technical cookies are necessary to facilitate browsing or to provide a service requested by users; their installation does not require the consent of users;
  • profiling cookies are aimed at modulating the supply of a service and/or sending personalised advertising messages, in line with the preferences manifested by users when browsing on the internet; they may only be installed with the consent of users.

The Portal does not use cookies for profiling its users. Only technical cookies are used, strictly in a limited manner as necessary to ensure secure and efficient browsing on the Portal.

DATA RECIPIENTS

The data processed by the Controller may be communicated to:

  • third parties, instructed to carry out services of management and maintenance of the Portal, as well as to acquire services and IT solutions connected to use of the Portal itself;
  • professionals instructed to carry out assistance and consultancy activity;
  • Authorities, entities and/or public and private institutions to which the data must be communicated to comply with specific obligations envisaged by laws, regulations or community legislation, or by virtue of orders of those Authorities.

The data subject of disclosure will be exclusively those necessary to achieve the specific purposes for which they were provided or collected.

 

TRANSFER OF PERSONAL DATA TO THIRD COUNTRIES OR INTERNATIONAL ORGANISATIONS

The personal data are not transferred to third countries or international organisations.

DATA STORAGE PERIOD

In accordance with Art. 5, par. 1, lett. e) of the GDPR, the data collected are stored for a period not exceeding the time necessary for the purposes for which they were collected and subsequently processed, in line with the provisions of legal obligations. In particular:

  • browsing data do not persist for more than 12 months, without prejudice to any requirements of security and/or assessment by the judicial authority;
  • data provided voluntarily by users through requests sent via the available communication channels will be stored for the time strictly necessary to process them, after which they will be erased, except where otherwise envisaged by the applicable legislation;
  • data provided by users for use of the services made available on the Portal may be stored for the time necessary to provide that service, after which they will be erased, except where otherwise envisaged by the applicable legislation or by other specific information provided prior to the use of those services. 

     

RIGHTS OF THE DATA SUBJECTS

The data subjects have the right to obtain from the Ministry of Economy and Finance - State General Accounting Department, in the anticipated cases, access to their personal data and the rectification or erasure of the same or restriction of processing relating to them or to object to their processing (Articles 15 et seq. of the Regulation). The specific request to the State General Accounting Department is presented by contacting the Data Protection Officer at the following email address: responsabileprotezionedati@mef.gov.it.

Data subjects who believe that the processing of personal data relating to them carried out via the Portal violates the provisions of the Regulation have the right to lodge a complaint with the Ministry of Economy and Finance - State General Accounting Department, as envisaged by Art. 77 of the Regulation, or to take action judicially (Art. 79 of the Regulation).