Briefing note and Data Controller
This brief is provided as required by art. 17 of Italian Legislative Decree no. 196/2003 (henceforth the “Decree”), refers to the internet website www.eastwest.eu (henceforth the “Website”) and is addressed to everyone who accesses the Site, even without registering, with regard to the use of “Cookies” via the website itself and the relative processing of the user’s pertinent data.
This briefing note is not valid and does not concern other websites that may be consulted via any external links that may be found on the Website, and in particular, with regard to any services provided by the manager of payment/transfer services provide on the Website and used by the user. The Controller has no kind of access or control over cookies and/or other technologies used to trace surfers that use websites accessible from the Website via links. In relation to this, we invite surfers to verify the briefing notes and the conditions of use of said third party sites.
The Data Controller is Eastwest European Institute srl, with legal headquarters in Rome, Via Gregorio VII no. 368, VAT. No. 12156961000 (the “Company” or “Controller”).
TYPES OF DATA PROCESSED BY MEANS OF COOKIES
A Cookie is a text file that the website sends to users’ computer browsers. The browser stores the information and sends it on to the website server as soon as the user’s browser access the site once again. A Cookie generally contains the name of the internet domain (website IP address) from which the Cookie is sent, the indication of its expiry date and a numerical code. The Cookies used on websites exclusively perform a technical purpose and in no instance are they used to examine, analyse or provide user behaviour within the Website in question.
The Website uses two types of Cookies, of a technical nature: (a) the session Cookies, meaning the temporary cookies that remain in the computer browser’s cookie folder until the user ends his/her browsing session; (b) the permanent Cookies, meaning the Cookies that remain in the browser’s Cookie folder for longer (until the expiry of the individual Cookie).
The session Cookies are used for the transmission of session identification information (casual numbers generated by the server ) required to enable the safe and efficient navigation of the Website and, in particular, to enable the user to carry forward information throughout the Website pages without being required to input it many times, in order to enable the Controller to draw up anonymous statistics on Website user fruition and to improve the structure of the Website itself. The session Cookies are used within the Website but do not allow the acquisition of the user’s personal details.
The use of permanent Cookies, wherever it is activated within the Website, is exclusively designed to support the user in the use of specific functional aspects of the Website, such as those that involve the compilation of forms or user registration, in order to show the user’s name or details whenever they access the Website and potentially fill in the forms in question in advance.
COOKIE ACTIVATION AND DE-ACTIVATION
The permanent cookies will be used only if specific Website services are activated (such as, by way of example.; “recall the password on this computer”) and the user asks to take advantage of these services, the technical operation of which necessarily calls for the use of these Cookies.
In these instances, the user is always given the option of accepting the use of these cookies or not at any time, by modifying the browser’s settings. If the Cookies are de-activated, it will however not be possible to access all the services and all the functions available on the Website.
The user may easily remove all Cookies installed in the Cookie folder, by following the procedures foreseen by the browser of choice. The user may also de-activate specific services (such as, for example: “remind me of the password on this computer”) and the related Cookie every time they access the Website, by following the instructions provided.
It should be remembered that information systems and the procedures involved in Website operation, during the course of said operation, acquire certain details of the interested party, the transmission of which is implicit in the use of internet communication protocols. This information (such as IP addresses or the dominion names of the computers used to navigate on the Website, the URL addresses of the requested resources, the time the request was made, the method used to present the request to the server, the size of the file obtained as an answer, the digital code indicating the state of the answer provided and other parameters concerning the operating system and the navigator’s computer environment) are not collected by the Controller in order to be associated to identified navigators, even though, given their very nature and/or through processing and associations, they might enable the identification of the navigator. This information is used by the Data Controller for the sole purpose of obtaining anonymous statistical information on the use of the Website in order to verify its functionality; they could, in any case, be used to certify responsibility in the event of computer crime and/or legal violations.
PROCESSING METHODS – SAFETY MEASURES
The processing of the data collected by the Controller via the Website takes place using essentially computer driven instruments and according to logical instructions that are connected to the purpose for which they are collected. The Controller guarantees the security of the data in compliance with article 11 of the Decree.
COMMUNICATION AND DISTRIBUTION OF THE DATA
The Controller shall not, for any reason, transfer the data collected via the Website nor communicate or distribute the same for any other reason than those foreseen by this briefing note.
Assignees, joint controllers and persons responsible for data processing
The Controller’s managers, auditors, employees and collaborators are entitled by the former to process the data collected via the Website to the extent to which they are assigned to do so, in compliance and within the limitations of their respective functions and assignments.
The person responsible for data processing, on the Controller’s behalf, is Eastwest European Institute srl Executive Director. The competent authorities and the providers of certain services, and in particular computer consultants and suppliers, given their appointments and/or the legal obligations shouldered by the Controller, may be considered as joint controllers or persons responsible for the processing of the user’s personal data.
The data collected via the Website shall be stored by the Controller for the time strictly necessary to pursue the purposes indicated above for which said data was collected, except for data the conservation of which is required by law.
RIGHTS OF THE INTERESTED PARTIES
All interested parties, which include a mere Website navigator, can call on the Controller in order to exercise their rights as foreseen by the Decree (in accordance with article 7 that is reproduced in its entirety below), and, in particular, may access the data, obtain from the Controller the confirmation of the existence or absence of said data, and their supply in intelligible form; the interested party has the right to know the origin of the data, the purpose and procedures adopted for its processing, the logic used in processing, the controller’s details and the subjects to whom said data may be communicated; the interested party is also entitled to have the data updated, rectified and integrated, its cancellation, transformation into anonymous form or the blocking of any data processed in violation of the law; the interested party has the right to oppose the processing of his/her data given appropriate grounds. To this end the interested party may exercise the above rights by sending an e-mail communication to the address: firstname.lastname@example.org.
Italian Legislative Decree no. 196 of 30 June 2003 – Article 7 (Right to Access Personal Data and Other Rights)
The interested party has the right to obtain confirmation as to whether or not any personal data directly referred to him/her exists, even if it hasn’t yet been written up, and their communication in an intelligible format.
The interested Party has the right to obtain indications concerning:
the origin of the personal data;
the purpose and procedures adopted for their processing;
the logic applied for processing performed using electronic instruments;
the details of the data controller, the persons responsible for the processing and the manager responsible pursuant to article 5, paragraph 2;
as well as those of the subjects or categories of subjects to whom the personal data may be communicated or may in any case become privy to the same, in their position as appointed persons responsible for the country area, person responsible or assignees.
The interested party is also entitled to obtain :
the updating, rectification or, if it is in their interest, the integration of the data;
the cancellation, transformation into an anonymous format or the blocking of any data processed in violation of the law, including those that need not be stored for the purposes for which the data has been collected and subsequently processed;
certification that the operations referred to under letters a) and b) have been brought to the attention, with regard to their content, to those to whom the data has been communicated or distributed, unless such an operation turns out to be impossible or requires a deployment of means that is clearly disproportionate compared to the safeguarded right.
The interested party has the right to entirely or partially oppose:
the processing of any personal data referable to said party, by providing legitimate reasons, even though said processing is pertinent to the purpose of the data collection;
the processing of personal data referable to said party when it concerns the distribution of advertising material or direct sales or the performance of market research or commercial communications.