Last updated January 29, 2021
Any term indicated in capital letter shall have the meaning attributed to it within the EU General Data Protection Regulation no. 2016/679 (hereinafter, “GDPR”) or otherwise provided hereto. For any further information and/or clarifications, it is possible to contact the Data Controller at the following address: via Antonio Salandra 18, 00187 Rome (Italy) email: firstname.lastname@example.org.
Who we are
Our website address is: http://www.cyberethicslab.com. The Website has been designed to minimise the collection as well as the processing of your Personal Data, applying the principles of necessity and proportionality to any Processing activities that the Data Controller carries out.
Why we collect your personal data
CyberEthics Lab. will only process your personal data for the following purpose: to answer to the requests and messages, received through the Website section “Contacts”, and for enrolling you in the “Newsletter”.
What kind of personal data we collect
Personal Data provided directly by you
Provided that you decide to send CyberEthics Lab. an email, or you otherwise interact with CyberEthics Lab. (for instance, via email to ask a question with regards to your privacy rights, or more in general to request information), CyberEthics Lab. may collect your email, name, the content of your message, and any other information necessary to address your request. The legal basis for CyberEthics Lab. to process these Personal Data shall be your informed Consent given at the moment of the interaction.
Website navigation data
If you visit the Website, CyberEthics Lab. may collect technical information such as information about your interaction with the pages of the Website (scrolling, clicking, etc.) or the type of operating system you are using. However, such data will be collected on an aggregate basis, and the collection of said data will not permit the identification any individual user, and in any case the data will not be processed together with other data for the sole purpose of identifying the user.
We process your Personal Data, as long as you, in your quality of Data Subject, have provided us with your Consent for one or more specific purposes.
We also may process your Personal Data if it is necessary for compliance with a legal obligation to which we as Data Controller are subject. Your Personal Data will not be used for any automated decision-making including profiling.
How long we retain your data
CyberEthics Lab. only keeps your Personal Data for the time strictly necessary to fulfil the purpose of the Data Processing for which the data have been collected, and, in any case, within the limits set forth by applicable laws and regulations.
How we protect your data
All the Processing Activities are carried out in compliance with article 32 of the GDPR, with the adoption of appropriate security measures.
In particular, our technical measures include appropriate actions to address online security, risk of data loss, alteration of data or to prevent unauthorised access, taking into consideration the risk of the Processing and of the nature of the Personal Data. The organisational measures that we put in place include restricting access to the Personal Data solely to authorised personnel of the Data Controller.
Who may access your personal data
As a general rule, we are not going to share your Personal Data with third parties, unless we obtain your specific Consent previously.
In particular, access to your Personal Data is allowed by the Data Controller to its authorised staff according to the ‘need to know’ principle. Such staff abide by statutory, and when required, additional confidentiality agreements.
However, we may disclose your information to third parties, such as police or judicial authorities, in order to comply with the law or a judicial order issued by a competent regulatory authority.
We may share your information with our service provider, SiteGround Spain S.L., which is located in Spain.
What rights you have over your data
Pursuant to GDPR, you have several rights concerning the Personal Data we hold about you. If you wish to exercise any of these rights, please use the contact details set out above.
- The right of access. You have the right to obtain access to your Personal Data subject matter of the data Processing. This will enable you, for example, to check that we’re using your Personal Data in accordance with the relevant data protection law. If you wish to access the information, we hold about you in this way, please get in touch.
- The right to rectification. You are entitled to have your Personal Data corrected if it is inaccurate or incomplete. You can request that we rectify any errors in information that we hold by contacting us.
- The right to erasure. This is also known as ‘the right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of part or all of the Personal Data that we hold about you by contacting us. Please remember that it is possible that, pursuant to any applicable law, you may not have all your Personal Data erased.
- The right to restrict processing. You have rights to ‘block’ or ‘suppress’ certain further use of your Personal Data. When processing is restricted, we can still store your Personal Data, but we will not use it further.
- The right to data portability. You have the right to obtain your personal information in an accessible and transferrable format so that you can re-use it for your own purposes across different service providers. This is not a general right, however and there are exceptions. To learn more please get in touch.
- The right to lodge a complaint. You have the right to lodge a complaint about the way we handle or process your Personal Data with the relevant national Data Protection Authority.
- The right to withdraw consent. If you have given your consent to anything we do with your Personal Data (i.e. we rely on consent as a legal basis for processing your information), you have the right to withdraw that consent at any time. You can do so by contacting us. Withdrawing consent will not however make unlawful our use of your information while consent had been apparent.
- The right to object to processing. You have the right to object to certain types of processing. You can, for instance, object to the publication of pictures taken of you within the context of a conference.
Please provide the description of your enquires, indicating also the rights you wish to exercise in your written request Where to us if you wish to exercise said rights in the context of one or several specific processing operations. Your requests will be handled within a maximum of 30 (thirty) working days.