On May 25, 2018, the European Regulation 2016/679 came into force, providing new indications on the processing and management of personal and defined sensitive data. This information is provided in accordance with current legislation on personal data in the framework of the 2016/679 EU Regulation. The information is provided only for this site and not for other websites that may be consulted by the user through our links.
Owner and manager of the processing of personal data
Following consultation of the site, data relating to identified or identifiable persons may be processed. The owner of their treatment is Stefano Gitto. Place of work: Department of Experimental and Clinical Medicine, University of Florence and SOD Internal Medicine and Hepatology, Careggi University Hospital, Largo Brambilla 3, Florence; e-mail: stefano.gitto@unifi.it.
Place of data processing
Our web page is hosted on the Wix.com platform. Wix.com provides us with the online platform that allows us to implement the purposes of the page (promotion and expansion of the scientific activity of the research group called "MEDITRA Research Group" and information and dissemination on liver transplantation). Your data may be stored via Wix.com data storage, databases and general applications. Your data is stored by them on secure servers, protected by firewalls.
Purpose of the processing and legal basis of the processing
This web page is not for profit.
Instead, it has two purposes:
- to promote research in the transplant field allowing a strengthening and expansion of the research group called "MEDITRA Research Group".
- to disseminate and scientific information on various issues concerning liver transplant patients and their families.
The communication, dissemination and information activity towards users is therefore of fundamental importance.
The processing of the personal data acquired takes place for the following purposes:
Sharing of information and evaluations regarding various clinical, social and behavioral issues. Possible sending of communications for training events (eg Webinar).
The legal basis of these treatments is the need to respond to the requests of the interested parties or to carry out information and dissemination activities.
The legal basis of this treatment is the consent freely expressed by the interested party.
Apart from these hypotheses, users' browsing data are kept for the time strictly necessary to manage the processing activities within the limits established by law.
Types of data processed
Navigation data
The computer systems and software procedures used to operate the site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified interested parties, but which by their very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes the IP addresses or domain names of the computers used by users who connect to the site, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user's IT environment. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning and are deleted after processing. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the site.
Data provided voluntarily by the user
The optional, explicit and voluntary sending of e-mails, name, surname, address, telephone number to the addresses indicated on the site or by filling in any forms present on the site for some services dedicated to users entails the subsequent acquisition of the sender's address. necessary to respond to requests, as well as any other personal data included in the message.
Cookies
By cookies we mean a textual element that is inserted into the hard disk of a computer only after authorization. Cookies have the function of streamlining the analysis of web traffic or to signal when a specific site is visited and allow web applications to send information to individual users. No personal user data is acquired by the site in this regard. Cookies are not used to transmit information of a personal nature, nor are persistent cd cookies of any kind used, or systems for tracing users. The use of so-called session cookies is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to allow safe and efficient exploration of the site. The so-called session cookies used on the site avoid the use of other IT techniques that are potentially prejudicial to the confidentiality of users' browsing and do not allow the acquisition of the user's personal identification data.
Optional supply of data
Apart from what is specified for navigation data, the user is free to provide personal data or not.
Methods of processing and data retention times
Personal data are processed with automated tools for the time necessary to achieve the purposes for which they were collected. Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access. The data are kept for the time necessary for the pursuit of the purposes indicated in this information and will be deleted at the end of this period, unless the data must be kept for legal obligations or to assert a right in court.
Rights of interested parties
Within the limits and under the conditions established by law, the owner is obliged to respond to the requests of the interested party regarding personal data concerning him. In particular, based on current legislation:
The interested party has the right to obtain from the data controller confirmation as to whether or not personal data concerning him is being processed and, in this case, to obtain access to personal data and the following information:
the purposes of the processing;
the categories of personal data in question;
when possible, the retention period of the personal data provided or, if not possible, the criteria used to determine this period;
the existence of the right of the interested party to ask the data controller to correct or delete personal data or limit the processing of personal data concerning him or to oppose their treatment;
the right to lodge a complaint with a supervisory authority.
The interested party has the right to obtain from the data controller the correction of inaccurate personal data concerning him without undue delay. Taking into account the purposes of the processing, the interested party has the right to obtain the integration of incomplete personal data, also by providing an additional declaration.
The interested party has the right to obtain from the data controller the cancellation of personal data concerning him without undue delay and the data controller is obliged to cancel the personal data without undue delay within the limits and in the cases provided for by current legislation. The data controller communicates to each of the recipients to whom the personal data have been transmitted any corrections or cancellations or limitations of processing within the limits and in the forms provided for by current legislation.
The interested party has the right to obtain from the data controller the limitation of the processing.
The interested party has the right to receive in a structured format, commonly used and readable by an automatic device, the personal data concerning him provided to a data controller and has the right to transmit such data to another data controller without impediments from part of the data controller to whom he provided them.
To exercise the rights listed above, the interested party must submit a request using the following contact points through which the Data Protection Officer can also be contacted by writing to stefano.gitto@unifi.it.
We reserve the right to change this privacy policy at any time, so please check it frequently. Changes and clarifications will take effect immediately upon their posting on the website.
This version of the information on the processing of personal data was updated on 30.3.2022 and may be modified in the future.