In accordance with the provisions of Articles 13 and 14 of Regulation (EU) 2016/679 on the Protection of Personal Data (hereinafter also referred to as GDPR), the text below indicates how we respect the privacy of visitors to this site, describing how we collect, use and design personal information, the rights granted to them and how you can contact us.
Personal Data will be processed by the following Joint Controllers:
- AIE – Associazione Italiana Editori (Italian Publishers Association), established in Corso di Porta Romana, 108 – 20122 Milano (MI), Italy
- FGSR – Fundación Germán Sánchez Ruipérez (Germán Sánchez Ruipérez Foundation), established in Paseo de la Chopera, 14 – 28045 Madrid, Spain
The Controllers jointly determine the purposes and means of data processing with regard to the management of the website and the Aldus Knowledge Hub (AKH) platform, and they have determined in a transparent manner their respective responsibilities and roles with regard to compliance with the obligations arising from the Regulation through an internal agreement entered into pursuant to Art. 26 of the EU Regulation.
In particular, AIE (Italian Publishers Association) acts as Coordinator of the ALDUS UP project; FGSR has the editorial coordination of the project’s platform of content and information resources and of all its related activities.
Purposes of Data Processing
We collect through our website personal information, which users are free to provide through our website:
- By sending e-mails for specific requests through the means of contact made available;
- By Filling in the dedicated Community registration form;
for the following purposes:
- Satisfying the specific request submitted by the User through the contact channels;
- Managing the registration, through the activation of a personal account, to the ALDUS UP web platform to allow users access to reserved services and contents;
- Complying with contractual obligations and/or obligations provided for by laws, regulations and Community legislation, by provisions issued by authorities legitimated to do so and by supervisory and control bodies;
- Prior data subject’s consent, publishing the professional profile in the Community section of the Aldus website, in order to give visibility to publishing professionals;
- Prior data subject’s consent, sending out the Aldus Up Newsletter containing updates, informative and commercial communications, advertising of events, market research and other promotional activities promoted, through traditional contact and automated methods, by the Controllers.
The processing of data is based on the principle expressed in Art. 6 of GDPR, according to which the processing is lawful when necessary for the execution of a contractual obligation or for the execution of pre-contractual measures taken at the request of the data subject. The provision of data, for these purposes, is necessary to meet the user’s request, or to improve the relationship between the parties.
The processing of personal data for the purpose of publishing the professional profile in the Community section of the website and for the purpose of promoting the project by sending Newsletters will be based, pursuant to Art. 6 of the GDPR, on the specific consent, if any, expressed by the data subject. The provision of data for these purposes is optional, the refusal does not imply any consequence, except for the impossibility to make their profile public and to receive promotional material related to initiatives related to the project. The data subject can withdraw his/her consent or cancel his/her profile and the subscription to the mailing of the newsletter, at any time, through the specific provided option available in the page “Edit my profile” in the reserved area. You can request to delete your personal account completely by sending an email to firstname.lastname@example.org (use “User account cancellation request” as subject). With reference to newsletter service, you can unsubscribe from it clicking the respective link, which appears at the bottom of every newsletter.
Categories of Personal Data collected
The personal data collected through the website concern precisely personal and contact data, information regarding the data subject’s job qualification and the information contained in the professional profile which is intended to be made public in the Community section of the website.
The Data Controllers do not deliberately collect any special category of personal data through this website.
In addition to the data provided directly and intentionally by the user, the computer systems and software procedures used to operate this website acquire, during their normal operation, some navigation data whose transmission is implicit in the use of Internet communication protocols.
This information is not collected to be associated with identified data subjects, but by their very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes IP addresses or domain names of the computers used by users who connect to the site, URI (Uniform Resource Identifier) addresses of the resources requested, the time of requests, the methods used to submit requests to the server, the size of the files obtained in response, the numerical codes indicating the status of the responses given by the server (successful, error, etc.) and other parameters relating to the operating system and computer environment of users. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning. They could be used to ascertain responsibility in case of crimes.
The processing of personal data means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
As far as security is concerned, we inform you that the database is accessible only by personnel formally authorised to do so by the Controllers, as well as the related operations described above, and that your data will be processed using methods and instruments suitable to guarantee its confidentiality and may be carried out by electronic or automated and non-automated means (paper files), both of which are provided with adequate security measures, as provided for by the GDPR, in order to prevent the loss of data, unlawful or incorrect use and unauthorised access.
Communication to Third Parties
Without prejudice to any communications to comply with legal obligations, the Controllers will communicate the personal data provided by users with attention only to third parties selected for the support of the service requested, or for the performance of the purposes listed above, appropriately designated data processors, such as:
- European Partners of the Aldus project;
- external companies for the management of the information system, website or databases and telecommunications networks;
- advertising agencies;
- market research company;
- Ediser S.r.l. (AIE’s Service Company);
The personal data concerning the user’s profile, created and published on the site, can be consulted and available by all the other users. Finally, the data of the users may be transmitted, in compliance with the law, to the police forces and to the judicial and administrative authorities, for the detection and prosecution of crimes, the prevention and protection from threats to public security, to allow the Controllers to ascertain, exercise or defend a right in court, as well as for other reasons related to the protection of the rights and freedoms of others.
Links to third party sites and use of Social Media
We retain the data provided voluntarily by the person concerned for a period of time necessary in relation to the performance of the services requested, except for the right of the person to request the deletion of his/her personal data and professional profile published at any moment.
Rights of the data subject
In accordance with the GDPR, the Data Subject is entitled to: the right to ask the Data Controller for access to personal data (art. 15), rectification (art. 16), cancellation (art. 17), limitation of the processing of personal data concerning him/her (art. 18), the right to portability of data (art. 20) or to object their processing (art. 21), in addition to the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning the subject or which significantly affects him/her in the same way (art. 22).
Where the processing of personal data is based on the express consent given by the person concerned, pursuant to art. 7 paragraph 3 of the Regulation, the possibility of revoking the consent given for the sending of communications and updates for promotional and commercial purposes, as well as for the publication of the professional profile in the Community section of the website, is recognized.
There is also the right to lodge a complaint with the relevant Supervisory Authority (art. 77 of the Regulation) should the users consider that the processing carried out by the Controllers does not comply with the provisions of the law on the protection of personal data. In Italy, the complaint may be submitted to the local Data Protection Authority. More information on how to submit complaints is available on the website of the DPA, at www.garanteprivacy.it.
Requests may be made to the Data Controller in the following ways:
– by writing to the following e-mail addresses: email@example.com or firstname.lastname@example.org ;
– by registered mail to the addresses: AIE Corso di Porta Romana, 108 – 20122 Milan (Italy) ;
Changes to this policy
Last Policy Update: September 2021