Privacy Policy




This “Privacy Policy” has been drawn up by Istituto Secolare Figlie della Regina degli Apostoli, with its registered offices in Milan, Via Pietro Orseolo No 3 (hereinafter “Istituto F.R.A.”), pursuant to EU Regulation 2016/679 on the protection of personal data (hereinafter the “Privacy Code”), in order to outline the management procedures of the website www.isfra.it (hereinafter the “Website”) and of the services made available through the Website by Istituto F.R.A. (hereinafter the “Services”) regarding the processing of users’ personal data who visit the Website and/or use its Services (hereinafter the “Users”). This Privacy Policy only applies to the Website and not for any other websites that Users may visit via links on the Website.

1. Our Policy
All persons have the right to the protection of their personal data. Istituto F.R.A. respects the rights of its Users to obtain information on the collection and other processing operations of their personal data. Pursuant to the provisions of the Privacy Code, when processing any data that could directly or indirectly identify the User, Istituto F.R.A. shall only process data that is strictly necessary. Consequently, Istituto F.R.A. has designed the Website to minimise the use of Users’ personal data and to exclude the processing of personal data when it can provide services in individual cases through the use of anonymous data or any other means, which identify Users only when necessary or requested by the authorities.

2. Personal data collection
Subscription to the newsletter
It is free to browse the Website and does not require any prior registration.
However, to use certain Services made available for Users, they shall need to register beforehand under a special section of the Website. Only with express consent from the User will this data be used for a whole series of additional activities. In particular, registration is required to receive newsletters from Istituto F.R.A. via e-mail to the address indicated by the User, which will keep Users up-to-date about Istituto F.R.A.’s exclusive initiatives and its activities (hereinafter the “Newsletter”).

Members Area
Moreover, there is an area of the Website which is not freely accessible to all Users: in fact, to access this section of the Website, Istituto F.R.A. must have allocated Users with a username and password. These log-in details allow Users to access the private section of the Website, where they can easily view and find Istituto F.R.A.’s information and confidential material.

Data provided voluntarily by the User
If the User sends e-mails optionally, explicitly or voluntarily to the addresses indicated on the Website, the sender’s address and any other personal data included will then be acquired to reply to the requests. Similarly, if the User provides personal data under the “Contacts” section of the Website, this data voluntarily entered by the User in the appropriate fields will then be acquired by Istituto F.R.A. and processed to reply to the messages and/or requests sent by the User. This is also done to send the User commercial, promotional and/or advertising material via e-mail to the address indicated by the User.

Browsing data
During their ordinary course of operation, the IT systems and software procedures required to run this website will acquire certain personal data, the transmission of which is implicit in the use of Internet communication protocols.
This information is not collected to be associated with identified data subjects. However, by its very nature, it may identify users through the processing and matching of data held by third parties.
This category of data includes the computer IP or MAC addresses of users who visit the Website, as well as the URI addresses (Uniform Resource Identifier) of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file received in reply, the numerical code indicating the status of the reply from the server (successful, error, etc.) and other parameters relating to the operating system and computer of the user.
This data is only used to extract anonymous statistical information on how the Website is used and to ensure that it is running properly.

Cookies
Cookies are files or bits of information that are stored on the hard disk of the user’s computer (i.e. files sent by the website server to the user’s browser) while browsing websites. These cookies are then saved so they can be sent back to the website during subsequent visits.  Cookies are used for various purposes. They have different features and can be used by the owner of the website being visited or by third parties.
The cookies saved on the User’s computer cannot be used to recover any data from the hard disk, spread computer viruses or identify and use the User’s e-mail address.

* The type of cookies used: technical cookies which do not require consent
Istituto F.R.A. only uses technical cookies, i.e. cookies that are strictly necessary for running the Website and ensure that the Website can be browsed as normal. All technical cookies do not require consent and are therefore installed automatically when the User visits the Website. They are not used for any other purposes. More specifically, these cookies include:

Necessary Cookies
These cookies are essential for browsing the Website; they enable various tasks such as the authentication, validation and management of browsing sessions and fraud prevention.

Functional Cookies
These cookies provide added features and enable the tracking of Users’ preferences, such as language selection or font size.

Performance Cookies
These cookies track the pages visited most often by Users and their activity on the Website. They also immediately identify and resolve any technical problems which the User might encounter when browsing the Website. These cookies store aggregate, anonymous information which is not used to collect personal data for advertising purposes.

Session Cookies
Session cookies aim to speed up the analysis of Internet traffic and to help the User access the services offered by the Website.  
They do not acquire Users’ personal data for the website. No Cookies are used to send personal information, nor are any type of persistent cookies or user tracking systems. Session cookies are only used to send session identifiers (consisting of random numbers generated by the server), which are required to allow secure and efficient browsing of the Website.
The session cookies used on this Website mean that we do not need to use any other IT procedures that could potentially jeopardise the confidentiality of user browsing, nor do they acquire any personal data that could identify the user.

* First-party and third-party cookies
The aforementioned categories of cookies are used directly by Istituto F.R.A.; they are therefore “first-party cookies” from the Website.  
This Website does not install third-party cookies on the User’s computer, nor does it install or use profiling cookies.

* User rights
Given that the cookies used by the Website are only first-party technical cookies, as previously mentioned, it is not necessary to obtain Users’ consent before they are installed or up and running. Consequently, these cookies are installed automatically when Users visit the Website.
This is why there are no banners on the Website’s homepage requesting consent for the use of cookies.
However, Users may also decide to uninstall these technical cookies.
To disable the use of first-party technical cookies, Users must therefore change their browser preferences by following the instructions below.
If the data subject refuses the use of cookies, they will not be used but certain services may be restricted. In this case, some of the Website’s functions might not run properly and certain services might not be available. All Users can therefore disable cookies through the software they use for browsing the Internet (i.e. their “browsers”). Many browsers are set up to accept cookies automatically, unless instructed otherwise by the User.

Consequently, Istituto F.R.A. invites Users to check the cookie settings on their browsers and to edit them according to their preferences.
The configuration for managing cookies and User preferences is different for each browser. They can be found under the menu of the browser guide and will show you how to change your cookie preferences.
• For Internet Explorer™: click here
• For Safari™, Safari on iPhone, iPad, or iPod touch: click here
• For Chrome™: click here
• For Firefox™: click here
• For Opera™: click here

3. Optional data provision
Apart from the specifications on browsing data, the User is free to provide personal data either when subscribing to the Newsletter service, or when sending e-mails containing certain personal data, for example, to request information or any other communications.
Please note that if Users fail to provide certain data to Istituto F.R.A., it may not be possible to fulfill their request.

4. Data Controller and Supervisor
The Data Controller of Users’ personal data is Istituto Figlie della Regina degli Apostoli, with its registered offices in Milan, Via Pietro Orseolo No 3, tax code No 97210240152.
The Data Supervisor is Ms Maria Rosaria Redaelli.
Users may also ask Istituto F.R.A. for an updated list of all the other Data Supervisors, specifically appointed pursuant to Article 29 of the Privacy Code, by sending a request to the following e-mail address: istitutofra@isfra.it.
For any other requests, information, clarifications or questions on the processing of personal data, Users should send a written request to Istituto F.R.A. at the following e-mail address: istitutofra@isfra.it.   

5. Processing methods and purposes
Data storage and access
In its capacity as the Data Controller, Istituto F.R.A. will, either directly or through specifically appointed Supervisors, save Users’ personal data onto special databases stored on servers provided by the company Glacom Italia S.r.l., with its registered offices in Toscolano Maderno (BS), Via Trento No 124. The management and updating of the Website is outsourced to this company, which also performs web hosting services for Istituto F.R.A., guaranteeing that all necessary security measures are complied with pursuant to Italian and European legislation on proper personal data processing and protection. The servers made available for this web hosting service are located in Italy.
The data is therefore only processed by staff, including technical staff, who are in charge of the processing in accordance with the principles of fairness, lawfulness, transparency and relevance, and will not exceed the purposes of the collection and the subsequent processing.

The databases can only be accessed by authorised individuals using procedures that guarantee the protection and confidentiality of data, due to the adopted security measures for the prevention of data loss, unlawful or improper use and unauthorised access. The data will be stored for the time strictly necessary for the processing operations depending on Users’ choices, preferences and instructions.

General processing
Istituto F.R.A. will use Users’ data according to the choices they have freely made by giving their consent when the data was collected or thereafter. It will also comply with legal obligations, regulations and European Directives.
Personal data is processed with automated means for the time strictly necessary to achieve the purposes for which it was collected.
This processing may involve the collection, processing, recording and/or storage of personal data. The personal data of Users who ask for documents or information material (answers to questions, additional documentation, etc) is solely used for the service requested and is only passed on to third parties when it is strictly necessary in order to handle the User’s request.

Processing operations subject to the consent, communication and circulation of data
Only with express authorisation from the User will Istituto F.R.A., through its specifically appointed Supervisor, proceed with the processing of Users’ personal data through the use of automated means for the purposes authorised each time by the User. In order to properly perform the activities requested by Users, Istituto F.R.A. will disclose the personal data provided by Users to third party companies, co-controllers or external data supervisors appointed to perform certain activities.
This data will not be circulated.

6. Security
Personal data is collected and stored securely through the use of technical and organisational procedures and measures adopted to protect and secure the information and data collected on the Website.

7. Links to external content
The Website might connect or direct Users to other websites, services or external content beyond Istituto F.R.A.’s control. Once the User has left the Website, Istituto F.R.A. cannot protect the User’s personal data or be held liable for the protection and privacy of any personal data that the User might provide to other websites.

8. User rights
Pursuant to Article 7 of the Privacy Code, Users have the right to obtain confirmation of the existence or otherwise of their personal data, even if not yet recorded, and to request the communication of this data in an intelligible form.
Data subjects have the right to obtain information on:
a) the source of their personal data;
b) the purposes and methods of the processing;
c) how the processing is done if electronic tools are used;
d) the identity of the data controller, the data supervisors and the designated representative, pursuant to Article 5, paragraph 2;
e) the subjects or categories of subjects to whom the personal data may be disclosed or who may come across this data in their capacity as the designated representative of the State, the data supervisor or processor.
Data subjects have the right to:
a) update, correct or, where relevant, supplement their data;
b) cancel, anonymise or block any data being processed illegally, including any data being stored without good reason to the purposes for which it was collected and subsequently processed;
c) obtain confirmation that the parties to which the data has been disclosed or circulated have been notified of the operations specified under points a) and b), including their content, except in the case where this notification proves impossible or requires the use of methods clearly disproportionate to the right being protected.
Users have the right to object, wholly or in part:
a) on legitimate grounds, to the processing of their personal data, even if this data is relevant to the purpose for which it was collected;
b) to the processing of their personal data for the purpose of sending advertising or direct sales material, or for carrying out market research and commercial communications.
Users may exercise the aforementioned rights by writing to Istituto F.R.A. at the following e-mail address: istitutofra@isfra.it.
 
9. Changes to this Privacy Policy
While Istituto F.R.A. will not perform any processing operations, under any circumstances, other than those expressly authorised and/or requested by each User, this Privacy Policy may be amended to comply with new legislation or if Istituto F.R.A. changes its data processing policies.
Every updated version of this Privacy Policy will be published on the Website under the appropriate section: Istituto F.R.A. therefore invites all Users to regularly check the Website to keep up-to-date with the latest uploaded version.

 2006 © Tutti i diritti sono riservati
Istituto Secolare Figlie della Regina degli Apostoli - p.iva 97210240152
Privacy policy - Legal info and Website policy - Sistema GLACOM®