Information on the processing of personal data of users who consult the website www.fersschool.it

Dear User, we would like to inform you how and why the CMCC (hereinafter referred to simply as “CMCC” or “Us”) processes your personal data acquired through the website www.fersschool.it (the “Site” or “Website“).

The document is divided in two sections.

• Section I, containing information generally valid for all processing carried out through the Site;
• Section II, containing information on the processing of personal data collected through contact forms;
• Section III, on the processing of personal data collected through event registration forms, including webinars;
• Section IV, on sending newsletters and other informative communications on our initiatives and activities;
• Section V, on the use of cookies.

The website is managed by the Euro-Mediterranean Center on Climate Change Foundation. The data provided to Us through the Website is processed in accordance with the provisions of the current legislation on the protection of personal data, in particular the Regulation (EU) 2016/679 (General Data Protection Regulation, hereinafter referred to as the “GDPR”).

In compliance with the aforementioned regulations, particularly Article 13 of the GDPR and Directive 2002/58/EC as amended by Directive 2009/136/EC on cookies, as well as the “Cookie and Other Tracking Tools Guidelines” issued by the Italian Data Protection Authority on June 10, 2021, we provide you with the following information regarding the processing of personal data.

This information does not concern other sites, pages or online services that can be reached via hypertext links that may be published on the Site but that refer to resources outside FERS’s domain, such as other entities involved in FERS, newspapers and magazines that talk about FERS, Facebook, Instagram, Linkedin, YouTube. Regarding the processing of personal data carried out by the social media platforms, please refer to the information provided by them in their respective privacy notices. We process personal data provided by users through the pages of the social media platforms dedicated to FERS, as part of its purpose to interact with users (comments, posts, etc.).

 

SECTION I – GENERAL INFORMATION AND BROWSING DATA

Contact details of the Data Controller and Data Protection Officer

The Data Controller of personal data is the Centro Euro-Mediterraneo sui Cambiamenti Climatici Foundation, with registered office in Lecce (LE) – 73100, via Marco Biagi, 5, email: privacy@cmcc.it, certified email (PEC): cmcc@pec.cmcc.it, and telephone number: +39 0832 1902411.

The Data Controller has appointed a Data Protection Officer, who can be contacted at dpo@cmcc.it.

Any requests for clarification regarding the processing of data or to exercise the rights granted by the Regulation, or for further information, can be sent through the aforementioned channels.

Recipients of personal data and data transfer

Personal data collected through the Website may be communicated to:

• Authorized collaborators and employees of the Controller, within the scope of their respective duties;
• Providers of services offered through the Website or related to its functioning, who act as Data Processors pursuant to Article 28 of Regulation (EU) 2016/679, including WP Engine for hosting services.

Personal data will not be transferred to countries or international organizations outside the European Economic Area (EEA) that do not ensure an adequate level of data protection as recognized by the European Commission through an adequacy decision pursuant to Article 45 of Regulation (EU) 2016/679 (“GDPR”).

Should such a transfer become necessary for the provision of the services offered through this Website, and in the absence of an adequacy decision under Article 45, personal data will be transferred only if appropriate safeguards are provided by the recipient, in accordance with Article 46 of the GDPR (including, where applicable, binding corporate rules), and provided that enforceable rights and effective legal remedies for data subjects are guaranteed.

In the absence of both an adequacy decision and appropriate safeguards, the transfer will occur solely under one of the specific derogations set out in Article 49 of the GDPR.

Further recipients of data collected through the Website, or as a result of using certain services provided through external platforms accessible from the Website, will be indicated in specific information notices dedicated to the processing related to such services. Under no circumstances will personal data be communicated, disclosed, transferred, or otherwise transmitted to third parties for illicit purposes without providing appropriate information to the data subjects and obtaining their consent, where required by law. The communication of data may occur upon request of the judicial authority or public security authority, in the manners and cases provided by law.

Browsing and usage data

The computer systems and software procedures used to operate the Website automatically acquire certain personal data, the transmission of which is inherent in the use of Internet communication protocols.

These data are processed for purposes related to the provision of services offered through the Website, including ensuring the proper functioning of the services themselves.

This category of data includes:

• Visitor’s IP address;
• Date and time of access;
• Pages viewed;
• Referring page, if any;
• Browser and operating system used.

These are not collected to be associated with identified individuals, but, by their very nature, they could allow the identification of users through processing and association with data held by the Data Controller or by third parties.

Browsing and usage data are processed to:

• Ensure the proper functioning of the Website and the usability of its services, including the display of content on external platforms and interaction with social networks and external platforms;
• Obtain aggregate and anonymized statistical information about the use of the Website (e.g., most visited pages, number of visitors per hour or day, geographical areas of origin, etc.);
• Protect our systems from possible cyber attacks.

In relation to such data, the legal basis for processing can be found, depending on the cases, in the performance of a contract of which the data subject is a party (pursuant to Article 6, paragraph 1, letter b) of the GDPR) or in the pursuit of a legitimate interest of the Controller (pursuant to Article 6, paragraph 1, letter f) of the GDPR).

Pages on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website. These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

 

Rights of Data Subject

What rights do you have in relation to your personal data?

Rights to access, rectification, and erasure of personal data

As a Data Subject within the meaning of Regulation (EU) 2016/679, you have the right to request Us the access to and the rectification or erasure of your personal data or the restriction of the processing of personal data concerning you or (where the processing is based on the need to pursue the legitimate interest of the data controller or a third party) to object to its processing, in addition to the right to data portability, subject to certain conditions being met.

Right to withdraw consent

You also have the right to withdraw your consent, limited to cases where you have given Us consent to process your personal data. Any consent may be revoked at any time.

How to exercise these rights

For any questions related to privacy and the processing of personal data, as well as to exercise your rights under the GDPR, you can contact us at privacy@cmcc.it and/or dpo@cmcc.it.

Right to lodge a complaint with the relevant Authority

In addition, you have the right to lodge a complaint with the Data Protection Authority, at the addresses and in the manner indicated on the Authority’s institutional website, should you consider that the processing of your personal data violates the provisions of the law.

Nature of data provision

To make use of the services offered through the Website, the user may be required to provide personal data necessary to ensure the use of such services. In particular, for the completion of forms on the Website, the provision of data marked as “required” is necessary for managing and responding to user requests. The user is free to provide the requested data, as there is no legal obligation to provide them. However, failure to provide the data indicated as necessary will make it impossible for the Data Controller to provide the requested service.

Types of data processed – purposes and legal basis of the processing

• Browsing and usage data
• Personal data voluntarily provided by the user

Personal data provided by the subject

The personal data voluntarily provided by the user, through the completion of forms in certain sections of the Website or by sending email messages to the email addresses indicated or accessible through links on the Website, are processed by the Controller for purposes related to the provision of services offered through the Website. In this case, the legal basis for the processing is the performance of a contract of which the data subject is a party, pursuant to Article 6, paragraph 1, letter b) of the GDPR.

In particular, the personal data provided by the data subject may be processed for the following purposes:

• Concerning the data provided through the optional and voluntary sending of email messages to the email addresses indicated on the Website (including, in particular, the sender’s email address and any other personal data included in the message) in order to carry out the necessary processing activities to respond to the user’s requests.
• Concerning the data provided by filling out the newsletter subscription form (email address), in order to send periodic informative communications about FERS news and activities.

 

SECTION II – PROCESSING OF DATA COLLECTED THROUGH CONTACT FORMS

We process the data acquired through the contact forms on the Site in order to comply with your request to receive information, as well as to respond to any further requests you may have. In such case, the lawfulness of the processing activities resides in Article 6(1)(b) of the GDPR.

You are not obliged to send us your data via the contact form, but if you wish to receive information via this communication channel, you must enter the correct data indicated as mandatory. Without them, we will not be able to follow up on your request to be contacted.

Data will be retained for 1 year after acquisition, unless our relationship continues (for example, through our newsletter service). After this period, we may delete and/or aggregate and/or anonymize your data.

 

SECTION III – PROCESSING OF DATA COLLECTED THROUGH REGISTRATION FORMS

We process the data acquired through the schools aaplication forms, including webinars, on the Site in order to register you for the chosen course and provide you with information relevant to it. In such case, the lawfulness of the processing activities resides in Article 6(1)(b) of the GDPR.

Specifically, for in school courses and fee payments, we may ask your specific consent (Article 9(2)(a) of the GDPR) for processing information concerning your nationality, home country and place of residence.

You are not obliged to send us your data via the application form, but this is necessary to complete your application and thus to participate in the school courses, unless you have other ways and/or channels to proceed with your registration.

The data will be retained for 5 years after acquisition, unless our relationship continues (for example, through our newsletter service as per the Section IV). After this period, we may aggregate and/or anonymize your data.

 

SECTION IV – NEWSLETTERS AND OTHER INFORMATIVE COMMUNICATIONS 

Entering and submitting your e-mail address via interactive forms may result in using your e-mail address to subscribe you to our newsletter and/or to send you our newsletter and other informative communications about our initiatives and activities. In such case, the lawfulness of the processing activities resides in Article 6(1)(b) of the GDPR.

We give you the opportunity to object, from the outset, to receiving such communications by clicking on a special virtual button within the same interactive form.

In any case, you may exercise this right to opt out at any time later by clicking on a specific link included in the footer of the message or writing us an e-mail at the aforementioned contacts: it is not necessary to tell us why you no longer wish to receive newsletters and/or other similar communications, it is sufficient to write, even if only in the subject line of the e-mail, a sentence such as “I no longer wish to receive newsletters and other communications of this type”. In this case, we will take care of your request and remove your e-mail from the list of recipients of newsletters and/or other informative communications.

You will, however, always be free to request to receive such communications again.

 

SECTION V – COOKIE POLICY

What are cookies?

Generally speaking, cookies are strings of text that websites (so-called ‘first party’) visited by the user or different websites or web servers (so-called ‘third parties’) place and store in a terminal device available to the user. These files contain information about your browsing activities on the site and can be used for various purposes, such as ensuring the efficient functioning of the Site, improving the user’s browsing experience, storing user preferences, analyzing Site usage, and personalizing content and advertising.

Depending on the function performed, it is possible to distinguish the following types of cookies:

• technical cookies, which are necessary for the operation of the Site and do not require the user’s consent;
• analytics cookies, which are comparable to technical cookies if certain conditions are met;
• non-technical cookies, for which the user’s consent is required, usually used to trace specific actions or behavioural patterns back to specific, identifiable or identified subjects in order to group them into different profiles within homogeneous clusters, so that it is also possible to modulate the provision of the service in a personalised manner, or to send advertising messages in line with the preferences expressed by the user when surfing the web. Non-technical cookies include preference cookies, which allow the Site to store information that affects its behaviour or appearance, such as your preferred language or location, and marketing cookies, which are used to track visitors to websites.

Which cookies we or third parties use, and when we need your consent

Through the navigation of the Site, technical cookies, analytics cookies and non-technical cookies may be installed on your device. For the use of technical cookies, as well as analytics cookies where they are comparable to technical cookies, We do not collect user consent. For the use of non-technical cookies, on the other hand, We collect the user’s consent, which is expressed through the Site’s cookie banner, and which can be revoked by the user at any time through the Site’s widget through which the user can express their preferences at any time. Consent to the use of cookies may also be revoked in the ways indicated at the end of this document.

Non-technical cookies include: preference cookies, which allow the Site to store information that affects its behaviour or appearance, such as your preferred language or location; marketing cookies, which are used to track visitors to websites. The following fall into the category of non-technical cookies:

Third party	Cookie name	Purpose	Deadline
Matomo	_pk_id.*	Matomo sets this cookie to store a unique user ID	1 year
Matomo	_pk_ses.*	This cookie is used to store a unique session ID for gathering information on how the users use the website	30 minutes

 

Analytics opt-out

Opt-out complete; your visits to this website will not be recorded by the Web Analytics tool. Note that if you clear your cookies, delete the opt-out cookie, or if you change computers or Web browsers, you will need to perform the opt-out procedure again.

You may choose to prevent this website from aggregating and analyzing the actions you take here. Doing so will protect your privacy, but will also prevent the owner from learning from your actions and creating a better experience for you and other users.

You are not opted out. Uncheck this box to opt-out. You are currently opted out. Check this box to opt-in.

The tracking opt-out feature requires cookies to be enabled.

 

Further relevant information for the user

The removal of previously installed cookies is also possible thanks to special functions of the browser or device used.

Previously installed cookies in the local browser memory can be removed by completely deleting the browsing history. With regard to third-party cookies, users can manage their preferences and revoke their consent by visiting the relevant opt-out link (if available), using the tools described in the third party’s privacy policy or by contacting the third party directly.

Further information on how to manage cookies in some of the most popular browsers can be found at the following addresses.

Google Chrome: https://support.google.com/chrome/answer/95647

Mozilla Firefox: https://support.mozilla.org/en-US/kb/cookies-information-websites-store-on-your-computer

Apple Safari: https://support.apple.com/en-us/105082

Microsoft Internet Explorer: https://support.microsoft.com/en-us/help/17442/windows-internet-explorer-delete-manage-cookies

Microsoft Edge: https://support.microsoft.com/en-us/windows/manage-cookies-in-microsoft-edge-view-allow-block-delete-and-use-168dab11-0753-043d-7c16-ede5947fc64d

Brave: https://support.brave.com/hc/en-us/articles/360022806212-How-do-I-use-Shields-while-browsing

Opera: https://help.opera.com/en/latest/web-preferences/#cookies

It is also possible for tracking tools on mobile applications to be deactivated via the appropriate device settings, such as mobile advertising settings or tracking settings in general (you can consult your device settings to find the relevant one).

More information regarding the deactivation of interest-based advertising can be retrieved from YourOnlineChoices (EU) or other similar services. With these services it is possible to manage the tracking preferences of most advertising tools.