• www.edu.caen.it

Website security precautions: For the purpose of the website management, we adopted specific security precautions aimed to assure the user with safe access and to protect the information contained in on the website from loss or cancellation, even unintentional.

We assign a username and a password to the companies requiring access to the website reserved area. The passwords are generated with a method ensuring that they do not contain any reference to data easily referred to the user with the aim to avoid any abuse. The user is committed to maintain his own password confidential.

Legal References: this privacy policy is written conforming to the following regulations: (EU) 2016/679, Art. 10 of directive n. 95/46/CE and 2002/58/CE, as updated by 2009/136/CE, regarding Cookies.

Purpose of the data processing: your data will be processed for the purposes described in the following paragraphs. If related to legislative or contractual obligations it will be enough to read this policy, if related to other purposes, the provision of data will be optional for you and your refusal to the data processing does not compromise the continuation of the relationship or the adequacy of the data processing itself.

User’s data are collected to allow us to provide our services to you and for the following purposes: contacting the user, sending email messages, interactions with social networks, statistical purposes and showing contents using external platforms.

The types of personal data used for each purpose are indicated in the specific sections of this document. Personal data collected through this site refer to:

1. Navigation and usage data, cookies
2. Data provided voluntarily by the user

Collected personal data may refer both to the user and to third parties to whom the user provides the data.

The user assumes the responsibility of the personal data of third parties published or shared through the site and guarantees to have the right to communicate or disseminate them, releasing the data controller from any liability to third parties.

For the purposes of the following data processing, the Data Controller may become aware of sensitive or judicial data as defined by the Privacy Code, when necessary for the purposes specified below, and in particular:

• Email address,
• Contact details such as email address,
• Personal data,
• University or school of belonging,
• Images / videos of projects in which faces of students, professors, etc
• Any other data voluntarily disclosed by the user (e.g by a CV delivery)

Your sensitive data being processed are only those strictly relevant to the obligations, tasks or purposes described above and will be treated in compliance with the instructions contained in the relevant general authorizations of the Italian Data Protection Authority (Garante per la protezione dei dati personali).

1. Navigation data

The IT systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of the Internet communication protocols. This information is not collected to be associated with identified interested parties, but which by their very nature could, through data processing and in association with data held by third parties, allow users to be identified.

This category of data includes IP addresses or domain names of the computers used by users connecting to the site, the addresses in the Uniform Resource Identifier (URI) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (success, error, etc.) and other parameters relating to the operating system and the user’s computer environment.

These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the site.

Cookies
Our website uses cookies like almost all the other websites. Cookies are small text files that the sites visited by the user (but also other sites or webservers) send and record on his computer (or mobile device), to be then retransmitted to the same sites (or webservers), the next visit of those, thus sending information.

Cookies are now essential tools as they allow modern sites to work at their best, allowing maximum customization, interaction, and fluency in navigation. But they can also be used to monitor user browsing and then send advertising messages associated with this.

Cookies can be:

• Session cookies (if they expire when the browser is closed) or permanent cookies (if they remain until the expiration of a term, that could be even years);
• First party or third-party cookies (in this second case they are set by a site or a webserver different from the one that the user is visiting at that time);
• technical cookies (sometimes needed for a complete or better use of the site) or profiling cookies (aimed to create a user profile then used to send advertising messages associated with the preferences expressed during previous navigations).

The Italian Data Protection Authority (Garante per la protezione dei dati personali) considers technical cookies the session cookies, the functional cookies and – only under certain conditions – the analytics cookies. In the provision of 8 May 2014, the Authority specified that analytics cookies can be assimilated to technical cookies only if used for the purpose of optimizing the site directly by the owner of the site itself, which can collect information in aggregate form on the number of users and how they visit the site.

More information on the types of cookies, their characteristics and how they work can be found on the following websites:

• http://www.allaboutcookies.org,
• http://www.youronlinechoices.com,
• http://cookiepedia.co.uk,
• Garante Order of 8 May 2014 (https://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/doc…)

According to the provision of 8 May 2014 of the Privacy Guarantor, analytics cookies can be assimilated to technical cookies only if they are used for site optimisation purposes directly by the owner of the site itself, who may collect information in aggregate form on the number of users and how they visit the site.

On our website there are those cookies indicated and analysed in the appropriate Cookie Policy page.

Choice

You may choose to stop receiving our newsletter or marketing emails by following the unsubscribe instructions included in these emails, or you can visit the “Email Subscription Preferences” page.

2. Data voluntarily provided by the user.

Sending e-mails to the addresses indicated on the site

The optional, explicit, and voluntary sending of e-mails to the addresses indicated on this website entails the acquisition of the sender’s address, needed to reply to requests, as well as any other personal data included in the message.

Compilation of the data collection form

On the “Contact” and “Share Your Work” pages, allow interested parties to request information by entering some personal data (such as name, e-mail address, university). These data will be processed manually and also through the use of IT tools by the specifically appointed personnel of CAEN SpA, exclusively to respond to the user’s request. The personal data introduced in the Form are divided into two categories: mandatory and optional, as shown in the procedure for requesting information. The provision of mandatory data and the related processing for the purposes indicated above are strictly functional to the execution of the request. The other data collected serve to help CAEN S.p.A. to offer an even better service. We point out that at any time you can exercise, directly addressing the Data Controller, the rights specified in the appropriate section called “RIGHTS OF THE INTERESTED”.

Photos and video publication

The site allows interested parties to view their photos and videos, collected during tradeshows, events, projects or company visits. These data will be processed by CAEN S.p.A. for purposes related to the presentation of products or projects and to the organization of events. The data processing will be carried out with IT and telecommunication tools with methods strictly connected to the purposes indicated above. The data will be processed until the revocation of the explicit consent and will subsequently be deleted, unless otherwise indicated by the interested party. The provision of data is optional, you can request the removal from this site and from company archives. The data are to be disseminated only on this site and will be processed exclusively for the aforementioned purposes by specifically appointed personnel. The interested party is requested, upon evaluation of the above, to give us its consent to the data processing (through explicit request during the recording of photos and videos, in case of non-public events). The interested party at any time can exercise, by contacting the Data Controller, the rights recognized by the current legislation regarding the protection of personal data.

Data processing method: The data processing is carried out by adopting the appropriate security measures to prevent unauthorized access, disclosure, modification, or cancellation of Personal Data. In particular, the data processing is carried out by means of:

• IT tools, with organizational methods strictly related to the purposes indicated above.
• Entrusting data processing operations to third parties.

Each data processing is carried out in compliance with the procedures described in Chapter II of Regulation (EU) 2016/679.

Communication: your data will be stored at our office and will be communicated exclusively to the competent parties for the fulfilment of the services necessary for a proper management of the relationship, ensuring the protection of the interested party rights.

Your data will be processed only by personnel expressly authorized by the Data Controller and, in particular by the following categories of persons in charge:

• Managers and administrative staff (reading, writing, communication, removal),
• Managers and IT staff (reading, writing, change, removal).

In addition to the Data Controller and the internal staff, in some cases, third parties (such as technical service providers, postal carriers, hosting providers, IT companies, communication agencies) may access to your data. Your data may also be disclosed to other third parties, in particular to:

• Constitutional bodies
• Consultants and freelancers
• Anyone who is a legitimate recipient of communications required by law or regulation.

In addition to the owner and internal employees, in some cases, external parties may have access to the Data (such as third party technical service providers, postal couriers, hosting providers, IT companies, communication agencies). Your data may be disclosed to third parties, in particular to:

• Freight forwarders, Transporters, Post Offices, Logistics Companies;
• Consultants and freelancers, also in associated form;
• Bodies that manage the delivery service for ordinary and commercial correspondence;
• to other subjects (companies and consultants appointed for this purpose responsible) who provide services for purposes auxiliary to the relationship between you and edu.caen.it within the limits strictly necessary to carry out the tasks such as: tax compliance, accounting, management of information systems, financial services, credit recovery.

Some of the above-mentioned persons may not be in Italy because of the multinational nature of our company, so your personal data may be transferred abroad, even outside the European Union in countries that do not guarantee an adequate level of personal data protection according to the standards established by Italian and European legislation on personal data protection. Personal Data may be transferred abroad only in relation to professional information and only for purposes that are instrumental to your work at the Company or related to company activity. The Data Controller is responsible for verifying the compliance of the aforementioned persons with national and European legislation regarding the data processing of personal data.

Dissemination: personal data, without prejudice to the absolute prohibition to disclose the data suitable for revealing the state of health, may be disseminated, according to the procedures described above, to:

• Publication of photos / videos / presentations for which explicit consent has previously been requested.

Data retention: Data processing related to the web services of this website take place at the company headquarters and are handled by technical staff in charge of data processing.

Your personal data will be stored, in the manner indicated above, for the minimum time required by the legislative and contractual nature or until the request for cancellation by the interested party. At the time of collection, the data will be stored in specific folders on the company management systems and/or in paper archives. At the time of cancellation, it is possible that the data are still stored in anonymous form.

Interested parties’ rights: The persons to whom the personal data refer have, at any time, the right to obtain confirmation of the existence or not of the same data and to know its content and origin, verify its accuracy or request its integration or updating, or correction.

You also have the right to obtain from the Data Controller the cancellation, communication, updating, correction, integration of personal data concerning and, in general, exercise all the rights provided by Chapter III of the GDPR, Articles 12 to 23, including the right to issue a complaint to the supervisory authority.

Further information on data processing:

Defence in court

The User’s Personal Data may be used by the Data Controller to defend the website in court or in the stages leading to its eventual establishment, from abuses in the use of the website or its related services by the User.

Specific information

Specific information could be presented on the pages of the Website in relation to particular services or processing of the data provided by the user or by the interested party.

Maintenance
User’s personal data can be processed with additional methods and purposes related to the website maintenance.

System logs

For needs related to operation and maintenance, this website and any third-party services used by it, may collect system logs, which are files that record the interactions – including navigation – and that may also contain personal data, such as the IP address.

Information not contained in this policy

Further information related to the processing of Personal Data can be requested at any time to the Data Controller.

Social Media

edu.caen.it may include social media features, such as the Facebook Like button, widgets such as the “Share This” button or interactive mini-programs that run on our website. These features may collect online usage information through cookies or web beacons. Social media features and widgets are either hosted by a third party or hosted directly on our website. Your interactions with these features are governed by the privacy statement of the social media company providing them.

Personal Data of Children

As noted in the Terms of Use, we do not knowingly collect or solicit Personal Data about children under 16 years of age; if you are a child under the age of 16, please do not attempt to register for or otherwise use the Services or send us any Personal Data. If we learn we have collected Personal Data from a child under 16 years of age, we will delete that information as quickly as possible.

Service Providers

We may employ third party companies and individuals to facilitate our Website (“Service Providers”), to provide the Website on our behalf, to perform Website-related services or to assist us in analyzing how our Website is used.

These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

Analytics

We use third-party Service Providers to monitor and analyze the use of our Website.

Google Analytics

Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Website. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network.

You can opt-out of having made your activity on the Website available to Google Analytics by installing the Google Analytics opt-out browser add-on. The add-on prevents the Google Analytics JavaScript (ga.js, analytics.js, and dc.js) from sharing information with Google Analytics about visits activity.

For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: https://policies.google.com/privacy?hl=en

Link to third-party sites

Our Website may contain links to other sites that are not operated by us. If you click on a third party link, you will be directed to that third party’s site. We strongly advise you to review the Privacy Policy of every site you visit.

We have no control over and assume no responsibility for the content, privacy policies, or practices of any third party sites or services.

Changes To This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page. You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

CAEN S.p.A. is not responsible for the processing of personal data that may be carried out by and through websites to which this website refers via links.