PRIVACY POLICY AND PERSONAL DATA PROCESSING

With this information we wish to inform you about how we process the personal data of users (hereinafter "Personal Data") who consult the website oremusprosynodo.org (hereinafter "Site").

Below you will find information on how we collect, use and transfer the User's Personal Data (hereinafter "User"), or all that information that can be used to identify or contact the User.

1. DATA CONTROLLER

The Data Controller is the Dicastero per la Comunicazione (hereinafter "DPC") - Via della Conciliazione 5, 00120 - Vatican City, Tel. +39 06 698 45726 e-mail: policies@spc.va.

2. PERSONAL DATA SUBJECT OF THE PROCESSING

The Personal Data being processed will consist of data suitable for making the User identified or identifiable. In particular, the Personal Data processed through the Site are as follows:

a. Navigation data

During their normal operation, the IT systems and software procedures used to operate the Site acquire some Personal Data whose transmission is implicit in the use of Internet communication protocols. This category of data includes the IP addresses or domain names of the computers used by the User who connect to the Site, the addresses in URI (Uniform Resource Identifier)​​notation of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numeric code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the User's IT environment. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the Site and to check its correct functioning, to identify anomalies and / or abuses. The data could be used to ascertain responsibility in the event of hypothetical computer crimes against the Site or third parties.

b. Data voluntarily provided by the User

In the use of particular services the User may be required to provide additional Personal Data that the User will voluntarily provide if he wishes to use these services.

3. LEGITIMACY OF THE PROCESSING OF YOUR PERSONAL DATA

The information we collect mostly comes directly from the User: it was voluntarily provided to us or was necessary for the provision of our services.

The provision of Personal Data, which is used exclusively for the purposes listed in point 2. c., Is optional.

4. PURPOSE AND METHOD OF TREATMENT

The processing of the User's Personal Data, with specific consent, where necessary, has the following purposes:

a. allow navigation and consultation of the Site and its contents;

b. allow the provision of the requested services;

c. ensure the conservation, security and custody of data;

d. fulfill legal obligations;

e. guarantee security and prevent fraudulent conduct.

The DPC will not process the information provided by the User for purposes other than those explicitly indicated above.

Furthermore, the DPC will not make automated decisions based on the information provided.

All Personal Data collected are processed with automated and manual tools for the time strictly necessary to achieve only the purposes indicated above and in order to guarantee their integrity, confidentiality and security.

5. RECIPIENTS OF THE DATA

Personal Data may be communicated by the DPC to other public and private subjects only by virtue of the law, regulation and / or related order of the Judicial Authority.

The Personal Data collected are processed by specifically authorized personnel (employees of the DPC or third parties in charge of the maintenance and development services of the systems used for the computerized management of Personal Data as well as third parties who manage the management of network traffic) exclusively for purposes related to the exercise of their functions. They act on the basis of specific instructions provided regarding the purposes and methods of the processing itself in compliance with the confidentiality and security of the Personal Data themselves and in relation to the services to which they are assigned.

Some of the User's Personal Data may be shared and / or transferred, again for the processing purposes referred to in the previous point 4. with recipients who are outside the Vatican City State. In any case, the DPC will put in place all the appropriate precautions and rules of conduct useful for preserving the integrity and confidentiality of the data according to the applicable regulations.

If there are third party service providers, they will only have the Personal Data that are necessary for carrying out their activities, but they will not be able to process the data of which they become aware for further purposes. Furthermore, such third parties are required to process the Personal Data of which they become aware in accordance with this Privacy Policy and the applicable regulations on the protection of personal data.

6. COOKIES AND OTHER TRACKING SYSTEMS

The DPC uses its own session technical cookies (non-persistent) strictly limited to what is necessary for safe and efficient navigation of the Site.

7. STORAGE, SECURITY AND DATA CUSTODY

The DPC keeps the collected Personal Data, accurately, completely and updated, as long as these are necessary for the provision of the services to which the Personal Data are linked.

Browsing data only will be kept for a period of 12 months for ascertaining responsibility in case of hypothetical computer crimes against the Site or third parties in the event of a request by the competent Police Authorities.

We can assure you that all the necessary steps have been taken to guarantee the security of the Personal Data to the User once they have been collected, through the use of computer systems with limited access and the use of protected storage solutions according to the standards of security provided for the security measures indicated by best practices.

The DPC adopts specific security measures to prevent data loss, illicit or incorrect use and unauthorized access.

8. INTERESTED PARTIES RIGHTS

Users to whom the Personal Data refer, in their capacity as interested parties, can at any time exercise:

- the right of access or to have a copy of the Personal Data, allowing you to know the type of User Personal Data processed by the DPC and the characteristics of the treatment that is performed;

- the right to request the correction of Personal Data in the event of omissions or errors;

- cancellation or limitation of treatment;

- the right to object to the processing.

The interested party also has the right to withdraw / revoke his consent at any time, without however affecting the lawfulness of the treatment based on the consent given before the revocation / withdrawal.

9. METHOD OF EXERCISE OF THE RIGHTS OF THE INTERESTED PARTY AND DELETION OF OPTIONAL SERVICES

For the exercise of the rights, referred to in point 8, the interested party may contact the DPC by sending an email to policies@spc.va with the subject "PERSONAL DATA".

10. CHANGES

This privacy policy will automatically accept the regulatory changes that may intervene on the matter. The DPC reserves the right to modify this privacy policy to update its content; it is the User's responsibility to periodically check for any changes. If this policy is subject to acceptance in case of modification it will be subject to new acceptance by the User.

Browsing the Site implies acceptance of this Privacy Policy.