pursuant to article 13 of Regulation (UE) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data (in brief “GDPR”)
SE.TC. is an international cooperation project funded by the Erasmus+ programme of the European Union. It is governed by a Consortium of 7 organisations, which are listed below and acting as Joint Controllers, according to article 26 of the GDPR. The terms “We”, “Consortium”, “Partners”, “Joint Controllers” refer all to the SE.TC. Consortium.
In compliance with the European and Italian legislation in force in the sector, we ensure that the protection of Your personal data is guaranteed and that their confidentiality and integrity are preserved when You browse our website https://www.setc-project.eu/, and use it to ask for registrations (by using the proper “Google form”), to obtain information on our activities, to login the private area devoted to attend courses, to find our contact details and to contact us, to subscribe to newsletter service. The purpose of the website is dissemination and exchange of information about the SE.TC. project. The website falls under the responsibility of the SE.TC. Consortium. It is not concerned with commercial transactions or with the exchange of data for marketing purposes. The SE.TC. website does not work with any third party that serves ads to this site.
We invite You to inspect this policy concerning the modalities, the means and the purposes of processing of Your personal data.
If you have questions, we invite you to contact us about this policy at: info@setc-project.eu
1. Joint Data Controller and Processors
Pursuant to articles 4, 24 and 26 of GDPR, when two or more data controllers jointly determine the purposes and means of the processing, they are defined as Joint Data Controllers. For the purposes of the SE.TC. project, the data controllers set out a specific data sharing agreement.
The Joint Data Controllers are 7 organisations, members of the SE.TC. Consortium, and are listed below:
- Saint Joseph University
- Lebanese University
- Azm University
- UNIMED – Unione delle Università del Mediterraneo
- Université La Sagesse
- Technological University of the Shannon
- Università Telematica Internazionale UNINETTUNO
The Joint Data Controllers take advantage of third parties that provide some services to SE.TC. and / or support it in carrying out certain activities: they have been appointed Data Processors pursuant to article 28 GDPR.
2. Categories of data processed and purposes of processing
A) During browsing through the sections of our Website, which is permitted to any user without need to register, we obtain and process the following personal data, for the specific purposes listed:
i) Browsing data concerning the session. The IT systems responsible for the functioning of this Website acquire, during their normal functioning, certain personal data whose transmission is implicit in the use of Internet communication protocols (e.g. IP addresses, Internet connection and traffic data, domain names of the devices used by Website visitors).
This information is not collected to be associated with identified data subjects or to identify users.
Without prejudice to the specific provisions of paragraph 4 below in relation to the use of cookies on the Website, these data are used for the sole purpose of obtaining anonymous information on the use of the Website and controlling its correct functioning.
The data might be used to ascertain responsibilities in case of possible IT crimes against the Website.
ii) Browsing data concerning services provided by third parties and/or obtained by third parties through the Website. The development of some functionalities of the Website takes place through services provided by third party entities (WordPress, as concerns the plugin for detecting, setting up and saving the preferences of users regarding the language; Google, as concerns monitoring and analysis of traffic data and of the behaviors of users on the Website, map’s functioning and the memorization of user consent to the processing of personal data) through the use of cookies, as specified in the following paragraph.
The processing of the above-specified data has the purpose of ensuring the correct functioning and use of our website, through: a) performance evaluations of the Website during the browsing session, aimed at monitoring and improving the services we offer; b) analysis of the browsing data, in aggregate form, for statistical purposes and to keep track of the behavior of users, without this entailing profiling activity.
B) “Registration forms” webpages (implemented by using Google’s functionalities) are linked to our Website: by filling the forms in with the requested information – some of them are compulsory whereas others are not – you can submit your registration’s request to participate in some of the project activities, and/or to receive information about the project. The personal data collected in such occasions are processed by the SE.TC. partners to issue the services you ask for, to improve the performance and the efficiency of those services, also differing between several professional profiles, interest, etc., and for statistical purposes.
C) Furthermore, our Website shows email addresses: sending, optionally and voluntarily, electronic mail to such address entails the consequent acquisition of the address of the sender, necessary to reply to the requests, as well as of any other personal data that may be included in the letter; by sending the e-mail, you consent to the data processing for the specified purposes.
We process the personal data in question to allow you to contact us, to request information and/or assistance, and to allow us to reply to your requests. The email provider is Google Suite.
3. Legal ground for the processing
More in detail, the SE.TC. partners will process the personal data collected from the users to:
- respond to questions and requests to participate in the project activities;
- provide for registration of participation;
- implement the online activities;
- to assure quality control, monitoring and evaluation;
- to provide for recognition of the participation in the learning activity, through the award of a Certificate of Participation to the participants.
The processing of personal data, depending on cases, is based on the following legal grounds:
- the pursuit of a legitimate interest of the Controller to ensure the security of the Website, control its correct functioning and obtain statistics in relation to its use, as to the browsing data concerning the session, and to eventually exercise or defend a legal claim (article 6, paragraph 1, letter f) of the GDPR);
- the performance of the requested services (article 6, paragraph 1, letter b) of the GDPR), with reference to the personal data that are necessary to create the personal account to access the Platform (marked as compulsory in the registration form);
- the consent given by the user (as time-to-time above indicated) to the processing of data referred to in letters B), C) and D) and for what concerns the use of the browsing data related to services provided by third parties through the Website and/or obtained from third parties through the Website, (article 6, paragraph 1, letter a) of the GDPR). Consent may be withdrawn at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. Shall the personal data be processed for statistical purposes, the provisions of article 89 of the GDPR are fulfilled.
4. Modalities of processing
The processing of personal data will be performed through IT instruments, both automated and not automated (in such case, through human intervention in the management of IT systems) and through the use of analog instruments (paper management), according to logical processes closely correlated to the purposes of the same processing and, in any case, with the support of equipment and with modalities that guarantee the security and confidentiality of the same data, preventing loss of data, illegal or incorrect uses, and unauthorized accesses.
We use technical (“application”) cookies, both first party and third party, for data processing on our Website.
A “cookie” is a small quantity of data that is sent to the browser of the user by a Web server and that is subsequently stored on the hard drive of his or her computer.
Third party cookies are cookies sent by third party domains / partner websites that offer their functionalities inside the pages of the Website and/or in the context of the operation of the Website (e.g., icons to express preferences expressed on social networks). The use of the data collected by these external operators through cookies is subject to the respective privacy policies. For detailed information on the preceding, we suggest referring to the privacy policy of the services listed as third- party cookies available on the respective websites.
Our Website does not use cookies for the transmission of information of a personal nature (e.g. first and last name, e-mail address or telephone number), nor so-called persistent cookies of any kind, or system to track users.
The use of so-called session cookies is strictly limited to the transmission of session identifiers (represented by random numbers generated by the server), necessary to enable the secure and efficient exploration of the website, and to the acquisition of data to save the browsing preferences of the user (e.g., setting the language, managing statistics), in order to optimize the experience on the Website. Session cookies used in this Website avoid recourse to other IT techniques potentially prejudicial to the confidentiality of users’ browsing and do not allow acquisition of personal data identifying the user.
Cookies may be deactivated1 but, should this choice be made, users would not be able to use the related functionalities and services. If You accept the use of cookies you consent to the processing of your data for the above-specified purposes (see paragraph 2).
5. Disclosure and dissemination of data
The entities that may become aware of the personal data are our employees and collaborators, who take care of the administrative management of the Web page and of relations with users / customers. The entity taking care of the management of the Website may, possibly, become aware of the personal data, on the occasion of assistance / maintenance interventions.
Personal data will be processed within any SE.TC. Consortium Partners according to the tasks assigned to it, within and outside the European Economic Area (EEA).
As far as Google services are concerned, Google, LLC will comply with the Data Privacy Framework requirements, thus, we guarantee an appropriate level of protection; furthermore, some Google services are provided by Google Ireland Limited in favour of subjects based and / or operating within the European Union.
Where needed, should we have an obligation to report a crime or in any case the need to pursue a legitimate interest to exercise or defend a legal claim on our part, the data of users might be disclosed to the judicial Authority or to police forces.
Apart from the cases just specified, personal data will not be disclosed to third parties and/or in any way disseminated outside the context of the European Union.
6. Data retention periods
Browsing data is deleted immediately after the processing, at the end of the browsing session (closure of the browser).
Data provided voluntarily by users (by sending emails), will be stored for the 12 months following delivery to users of the requested information, unless further storage of the data is necessary to comply with legal obligations, or the parties enter into another relationship.
Data processed through third party cookies (including sharing cookies) are stored for the period of time provided by the operators, according to the respective privacy policies.
The data collected for the purpose of sending the newsletter will be processed and stored exclusively for the period during which the service will be active: therefore, up to a possible request to no longer receive the newsletter messages.
The other personal data collected through the registration forms will be retained by the project partners until the termination of the SE.TC. project (30/11/2026) to comply with the regulatory obligations. Moreover, the Joint Controllers are required to retain the data until five years after the termination of the project in order for the competent Authorities to verify the compliance with the relevant regulations. Once the retention period has passed, the SE.TC Consortium and potential subcontractors / external providers will take adequate measures to delete all personal data collected within the project.
7. Rights of the data subject concerning the processing of personal data (Articles 15-22 and 77 of the GDPR)
It is possible to submit requests to exercise the rights afforded by the GDPR (access, rectification, erasure, objection, restriction and portability, if the conditions are present) by sending an email to info@setc-project.eu.
To enable us to respond quickly, we kindly ask you – thanking you in advance for your cooperation – to specify your first and last name, e-mail address. Certain requests (for example concerning exercise of the right to access) must be accompanied by a photocopy of an identity document with your signature to verify your identity; it is also necessary to specify the address at which you wish to receive the answer. The answer will be sent within one month of receipt of the request.
The data subject has also the right, if he or she believes the processing of his or her data to be performed in infringement of the provisions of the GDPR, without prejudice to the right to complain to the competent civil or administrative judicial authorities, to lodge a complaint with the Supervisory Authority for the protection of personal data, within the limits of its jurisdiction.
- The following guides for the deactivation or activation of cookies are also available for mainly-used browsers: Chrome | Internet Explorer | Firefox | Safari | Android | iPhone, iPad
In addition, the User may take advantage of the information provided by EDAA (EU), Network Advertising Initiative (USA) and Digital Advertising Alliance (USA), DAAC (Canada), DDAI (Japan) or other similar services, to manage the tracking preferences of the majority of advertising instruments. ↩︎