Privacy

WHY THIS NOTICE This page describes how to manage the site in relation to the processing of personal data of users who consult it. This is an information that is provided pursuant to articles 13 and 14 of the GDPR UE 2016/679 (henceforth GDPR) and the national legislation in force to those who interact with the web services of the website “CARTA DI IDENTITÁ ELETTRONICA” for the protection of personal data, accessible electronically from the address: cartaidentita.interno.gov.it The information is provided only for the site indicated and not to other Web sand not for other websites that may be consulted by the user through links. The information is also based on Recommendation no. 2/2001 that the European authorities for the protection of personal data gathered by the Group established by art. 29 of Directive no. 95/46/EC, adopted on 17 May 2001 to establish minimum requirements for collecting personal data online and, in particular, the manner, timing and nature of the information that data controllers must provide users when they connect to web pages, regardless of the purpose of the link. The purpose of this privacy policy is to provide clear information on the data collected by the above-mentioned website and on the use of this data. The consultation of this website by the user, includes the release of personal data. For these purposes the Owner of the treatment is the Ministry of the Interior based in Rome (Italy), Piazza del Viminale 1 and the external Responsible is the Italian State Printing Works and Mint (Istituto Poligrafico e Zecca dello Stato), with legal seat in Rome (Italy), Via Salaria 691. The user’s personal data are treated by subjects authorized by the Owner and by Managers of the treatment specifically appointed and instructed by the Ministry of the Interior as Owner or by autonomous “Owners”, authorized to access the data according to law provisions, regulations and norms. The user’s personal data are also processed by the subjects designated as System Administrators under the Provision of the Guarantor for the Protection of Personal Data of November 27, 2008 as amended and supplemented. PROCESSING METHOD Personal data are processed with automated tools for the time strictly necessary for the consultation of the website www.cartaidentita.interno.gov.it and for purposes related and instrumental to the consultation. All the data are processed automatically and collected in an exclusively aggregate form in order to verify the correct functioning of the site, and for security reasons. Data processing will be performed using instruments and methods aimed at ensuring the confidentiality and security of data, in compliance with the provisions of Articles 32 et seq. of the GDPR and in accordance with the relevant national legislation in force. Specific security measures are observed to prevent data loss, illegal or incorrect use and unauthorized access. LEGAL BASIS AND LAWFULNESS The processing of personal data for the above-mentioned purposes does not require consent as necessary to allow the consultation of the site cartaidentita.interno.gov.it. The personal data provided by users who request registration on the website are used only to provide the service requested. The data provided by the user in the CIE Verification section of this site are not stored in permanent storage on the servers. DATA PROCESSING The processing operations related to the web services of this website are performed at the above mentioned location and are handled only by the technical staff of the structure in charge of processing, or by any persons authorized to perform occasional maintenance operations. No data from the web service is disclosed to third parties. NATURE OF DATA AND DATA RETENTION PERIOD Browsing Data Computer systems and software procedures used for this website acquire, during their normal operation, some personal data transmitted automatically through the use of Internet communication protocols. Such informations are not collected with the aim of identifying the interested parties, but for their nature could, through elaborations and associations with data held by third parties, allow the identification of the users. This category of data includes IP addresses or domain names of computers used by users to connect to the website, URI (Uniform Resource Identifier) of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the response from the server (successful, error, etc..) and other parameters regarding the operating system and computer environment. Data provided voluntarily by the user The optional, explicit and voluntary sending of electronic mail to the addresses indicated on this website implies the subsequent acquisition of the sender’s address, which is necessary to reply to requests, as well as any other personal data included in the message. These data are kept for the time necessary to process the requests received. After this time, your data will be anonymized or deleted, unless it is necessary to keep it for other and different purposes provided for by express provision of law (eg archiving purposes). Cookies No personal user data is acquired by the site. We do not use cookies to transmit information of a personal nature, nor do we use so-called persistent cookies of any kind, or systems for tracing users. The use of so-called session cookies (which are not permanently stored on the user’s computer and disappear when the browser is closed) is strictly limited to transmitting session identifiers (consisting of random numbers generated by the server) necessary to enable a safe and efficient website. The so-called session cookies used in this site avoid the use of other IT techniques that could potentially compromise the confidentiality of users’ browsing and do not allow the acquisition of personal data identifying the user. For further information on the type of cookies used, their purpose and how to disable them, please refer to the specific section. NATURE OF DATA PROVISION AND CONSEQUENCES OF ANY REFUSAL Besides the information provided for browsing data, the user is free to provide the Ministry of the Interior with the personal data contained in the request forms or indicated in contacts with the Ministry of the Interior in order to request the sending of informative material or other communications. Therefore, any refusal to provide obligatory data will imply the impossibility of pursuing the purposes of the processing referred to in this informative note and of obtaining what has been requested. Please note that in some cases (not object of the ordinary management of this website) the Authority may request information for the purpose of controlling the processing of personal data. In these cases the answer is obligatory under penalty of administrative sanction. RIGHTS OF DATA SUBJECTS s a Data Subject, pursuant to and in accordance with the GDPR, you are entitled to the following rights, which you may exercise toward the Ministry of the Interior:
  • the right to obtain from the Controller the confirmation as to whether or not personal data concerning are being processed and to information provided for in Article 15 of the GDPR and in particular those relating to the purposes of the processing, the categories of personal data concerned, the recipients or categories of recipient to whom the personal data have been or will be disclosed, the envisaged period for which the personal data will be stored, etc;
  • the right to obtain, where inaccurate, the rectification of personal data. The data subject shall have the right to have incomplete personal data completed in relation to the purposes of treatment (Article 16);
  • Right to erasure (right to be forgotten), where any of the cases referred to in art. 17 applies;
  • right to restriction of processing, in cases provided for in art. 18;
  • right of portability of data under Art. 20;
  • right to object to the processing pursuant to art. 21;
  • the right to withdraw consent at any time without prejudice to the lawfulness of the processing based on the consent given before the revocation, only for the purposes for which the legal basis is the consent (art. 7).
These rights may be exercised by request sent by registered letter with return receipt to the Data Protection Officer (DPO) at the following address: Piazza del Viminale, 1 – 00184 Rome, or by e-mail to the following address: anna.palombi@interno.it, using the specific form available on the website of the Guarantor Authority for the protection of personal data. Please note, that the user has the right to complain to the Guarantor for the Protection of Personal Data or other supervisory authority under Article 13, paragraph 2, letter d) of the GDPR CHANGES TO THIS POLICY This Policy may be updated from time to time. We encourage you to periodically check the privacy policy address.