Regulatory framework - This communication is provided in accordance with the Federal Act on Data Proection (FADP) and the European Union legislation on the processing of personal data (Regulation EU 2016/679 and Directive 2002/58/EC).
Data Controller – is Fondazione IBSA per la ricerca scientifica - Via del Piano – CH 6926 Collina d’Oro - Switzerland (below also the “Controller”).
Data Processors - The updated list of the data processors and the group’s affiliates is available by sending a request to firstname.lastname@example.org
Redirect to external websites - This website can be accessed from other third-party websites using links provided for this purpose. The Controller does not accept any responsibility or liability in relation to the handling of personal data by third-party websites and regarding the management of authentication credentials provided by third parties.
Policy and information notices - This website performs the function of providing information about the activities carried out by the Controller. Therefore, in most cases, it does collect personal data from you.
In certain circumstances, such as for the sections below, you are required to complete a data collection form. In these cases, we provide the privacy notice that specifies the use of the data and the other information required by law. We recommend that you read this notice before providing the data. In addition, in the few cases where personal information is collected for other purposes, this will be clearly highlighted in the legally-required notices, for the purposes of transparency and to make sure you are fully informed.
Consent to the processing of the data - The notices are aimed at defining the limits and methods of the data processing for each service, based on which visitors can freely express their consent (if necessary) and authorise the collection of the data and their subsequent use.
Browsing data or metadata - The information technology systems and software procedures used for this website acquire some traces or metadata (considered personal data), during their normal operation, whose transmission is implicit in the use of Internet communication protocols. The acquisition of this information (which is also called “passive” for this reason) can take place even if you are not registered for the services and without you playing an active role. This category of data includes: IP addresses, the type of browser used, the operating system, the domain name and addresses of websites from which access or exit has been made, information on the pages visited by users within the site, the time of access, the length of stay on the individual page, the analysis of the internal path and other parameters relating to the user’s operating system and computer environment. These technical and electronic data are collected and used exclusively in an aggregate and not immediately identifiable form. They may be used to determine responsibility in the event of alleged computer crimes against the website or on request from the public authorities.
Sections of the data collection website - The following are the sections of the site where you can provide your personal data, together with a brief description of the purposes for which they are collected. The relevant privacy notice is included in the respective pages.
- Contacts (where available): the data received through the contact form (https://www.ibsafoundation.org/forms/contact-us/) of the website is used to respond to requests from you and could be stored and used to send update emails on the activities of the IBSA Foundation, when the visitor has consented to.
Registration to the Events: the data received through the registration form to the events organized by IBSA Foundation are used in accordance to the information notice which you may have access to in the following link, to enable the visitor to register and participate to the event and are stored in order to send update mail on the activities of the IBSA Foundation, when the visitor has consented to.
Processing methods - The processing of personal data is carried out using electronic procedures and media.
Storage of personal data - The personal data are only kept for as long as they are necessary for the purposes they were collected for. In any event, you have the specific rights described further below.
Optional provision of data - The provision of personal data requested from the data subject is optional, unless otherwise specified. However, failure to provide the data may result in the inability to obtain what is requested or to perform the activity indicated.
Place where the data is processed - The processing associated with the web services of (i) the website https://www.ibsafoundation.org takes place at HubSpot Inc., hosted at Amazon Web Services in Frankfurt a.M., Germany; (ii) the website https://www.ticinoscienza.ch takes place at Tinext SA, Morbo Inferiore, Switzerland; each of them performing the management of its server.
Scope of circulation of the personal data - Unless otherwise stated in the specific notices, the personal data acquired through this website are only accessed by persons acting on behalf of the Controller, specifically designated as data processors or persons in charge and responsible for managing the requested service.
Dissemination of the personal data acquired by the site - The personal data acquired by the site are not disclosed to unspecified recipients.
Data flows abroad – The data acquired by the site may be communicated and/or transferred to organizations located in other countries – either in the EU countries or outside Switzerland and European Union. With regard to the possible transfer of the Data to third countries outside Switzerland and European Union, including countries that may not provide the same level of protection envisaged by the applicable legislation, we inform you that the transfer of data abroad is subject to specific guarantees for the protection of personal data through the adoption of standard contractual clauses
Personal data protection rights - In relation to the processing of personal data, the data subject can at any time obtain confirmation of the existence or otherwise of that data held by the Controller and information about its content and origin. The data subject can also request the supplementation or correction of the data or, in the cases provided for by law, the portability, restriction of processing, and erasure of the data processed, in addition to objecting to the processing of the personal data, on legitimate grounds. The data subject can also obtain the updated list of the Data Processors on request. The data subject also has the right to lodge a complaint with the Personal Data Protection Authority if they consider that their rights have not been respected or that they have not received a response to their requests in accordance with the law.
How to exercise your rights - You can exercise your rights by contacting email@example.com
Amendments to the policy - The entry into force of new sector regulations, as well as the ongoing review and updating of user services, may result in the need for changes in how your personal data is processed. This policy may therefore change over time, so we recommend you check this page periodically. To this end, the policy document states the date it was last updated.
Drafting Date: 23/05/2018
Last Update: 09/11/2021