Italian National Agency for New Technologies, Energy and Sustainable Economic Development
Privacy e Cookie ENG
DISCLOSURE PURSUANT TO ARTICLE 13 OF 2016/679 EU REGULATION CONCERNING PERSONAL DATA PROCESSING (GDPR-General Data Protection Regulation)
This policy is provided only for the processing of personal data of Users (Data Subjects) collected through the Website and not for other websites that may be viewed by clicking on links (such as in the case of redirection to social networks).
1. IDENTITY AND CONTACT INFO OF THE DATA CONTROLLER
The Data Controller is ENEA - National Agency for New Technologies, Energy and Sustainable Economic Development, based at Lungotevere Thaon di Revel 76, 00196, Rome. You can contact the Data Controller by writing to the address above, or by sending an email to the following certified email address: .
2. CONTACT DETAILS OF THE DATA PROTECTION OFFICER (DPO)
The Data Protection Officer (DPO) for ENEA was appointed by Provision no. 34/2020/PRES of 6 February 2020. For communications relating exclusively to the processing of personal data, the DPO can be contacted at the following email address: .
3. PURPOSES AND LEGAL BASES FOR THE PROCESSING
Users' personal data are processed in order to:
- Reply to requests sent to email addresses on the website.
- Receive communications and invitations from the press office following registration on the site.
- Fulfil legal or administrative obligations.
The optional, explicit and voluntary sending of non-compulsory personal data, also by forwarding e-mail messages to the addresses indicated on this site, involves the subsequent acquisition of the same, of the sender's address necessary to respond to requests, as well as any other personal data included in the message.
4. NATURE OF DATA PROVISION
The provision of personal data through registration forms and the sending of communications to the email addresses on the Website for requesting information is optional. However, in the event of failure to provide the requested data, ENEA will not be able to provide the User with services that may be requested.
5. TYPES OF DATA PROCESSED
5.1. Navigation data
During their normal operation, the computer systems and applications used to operate this Website acquire some data (whose transmission is implicit in the use of Internet communication protocols) that are not associated with directly identifiable users.
The data collected include IP addresses of the computers used by Users connecting to the website, the addresses in the Uniform Resource Identifier (URI) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (success, error, etc.) and other parameters relating to the operating system and the user's computer environment.
5.2. Data provided voluntarily by the User
Other personal data collected are those provided by the User by sending communications to the email addresses specified on the Website and when registering.
The optional, explicit and voluntary sending of non-compulsory personal data, including through the sending of emails to the addresses specified on this website, entails the subsequent acquisition thereof, the sender's address necessary to respond to requests, as well as any other personal data included in the message.
6. PROCESSING METHOD AND STORAGE PERIOD
Personal data are processed using electronic tools in compliance with the provisions of art. 32 of the GDPR 2016/679 and the other regulations and specific Provisions of the Personal Data Protection Authority regarding security measures.
The Data Controller shall ensure that the personal data being processed are:
- Processed in a lawful, proper and transparent manner with respect to the Data Subject.
- Collected and recorded for specific, explicit and legitimate purposes, and used in other processing operations in that are terms compatible with these purposes, and in any case to the extent that the processing is necessary for the fulfilment of the aforementioned purposes (in this regard, the use of personal data and identifying data must be reduced to a minimum).
- Accurate, and updated if necessary.
- Pertinent, complete and not exceeding the purposes for which they are collected and subsequently processed.
- Stored in a form that allows their deletion, correction (as well as the consequent notification of any recipients to which the personal data subject to a request for correction or deletion have been disclosed), as well as the restriction or objection to their processing;
- Stored in a form that allows the identification of the data subject for a period of time not exceeding what is necessary for the purposes they were collected and subsequently processed for.
More specifically, browsing data shall be kept for the duration of the browsing session on the Websites, while personal data voluntarily provided by the User shall be kept for the time necessary to respond to the requests of the Data Subject, for the time necessary for the performance of the services requested through the Website and for the data retention times imposed by legal or regulatory obligations.
The sending of emails to the addresses specified on this Website entails the subsequent acquisition of the sender's address, necessary to respond to the requests, as well as any other personal data included in the message.
The personal data provided by the Data Subjects who submit such requests are used only to perform the services envisaged or to respond to any questions and are disclosed to third parties only if necessary for such fulfilment.
ENEA adopts the necessary security measures envisaged by the GDPR to protect the data collected in order to prevent the risks of loss or theft of data, unauthorised access or illegal or improper uses.
7. CATEGORIES OF RECIPIENTS
For the purposes detailed in art. 3, Users' personal data may be disclosed or made accessible to:
- ENEA employees and contractors in their capacity as persons authorised to process data pursuant to art. 29 GDPR.
- Any additional outsourced service providers on behalf of the Data Controller (e.g. IT service providers and/or postal services) as Data Processors.
- All parties whose right to access such data is recognised by regulatory or authoritative measures; to all natural and/or legal persons, public and/or private when necessary or functional to the performance of the services requested through the Website, in the ways and for the purposes illustrated above.
In no case will personal data be disclosed, disseminated, sold or otherwise transferred to third parties for unlawful purposes, and in any case without providing suitable information to the Data Subjects and obtaining their consent in advance, where required by law.
This without prejudice to any disclosure of data at the request of judicial or public security authorities, in the manner and in the cases envisaged by law. Personal data shall not be transferred abroad to countries or international organisations not belonging to the European Union that do not guarantee an adequate level of protection, recognised pursuant to art. 45 GDPR on the basis of an adequacy decision of the EU Commission. If for the provision of the services of the Website it is necessary to transfer personal data to countries or international organisations outside the EU for which the Commission has not adopted any adequacy decision pursuant to art. 45 GDPR, this will take place only in the presence of adequate guarantees provided by the recipient country or organisation pursuant to art. 46 GDPR and provided that the data subjects have actionable rights and effective remedies.
In the absence of an adequacy decision by the Commission pursuant to art. 45 GDPR or of adequate guarantees pursuant to art. 46 GDPR, including binding corporate rules, the cross-border transfer shall only take place if one of the conditions indicated in art. 49 GDPR occurs.
8. RIGHTS OF THE DATA SUBJECTS
Articles 15-22 of the Regulation grant the data subject the exercise of the following rights:
- Request confirmation of the existence or otherwise of one’s personal data (art. 15 par. 1).
- Obtain information about the purposes of the processing, the categories of personal data, the recipients or categories of recipients to whom the personal data have been or will be disclosed, and when possible the storage period (art. 15 par.1 lett a, c).
- Have the data corrected or deleted (art. 16 and 17).
- Obtain the restriction of processing (art. 18).
- Obtain information from the Data Controller on the recipients which the personal data have been disclosed to and any corrections or deletions or restrictions on processing (art. 19).
- Obtain the portability of the data, i.e. receive them from a Data Controller in a structured, commonly used format that is readable by automatic devices, and transmit them to another data controller without impediment (art. 20).
- Object to an automated decision-making process relating to natural persons, including profiling (art. 21 and 22).
- If the processing is based on consent, be able to withdraw such consent at any time (art. 7, para. 3).
Data Subjects have the right to lodge a complaint with the Supervisory Authority pursuant to art. 77 of the Regulation, or to take appropriate legal action.
9. HOW TO EXERCISE YOUR RIGHTS
The above rights are exercised by submitting a request to the Data Controller by sending an email to . The request can be made freely and without following any specific format by the Data Subject, who shall be entitled to receive an appropriate reply within a reasonable amount of time, depending on the circumstances of the case.
To exercise his/her rights, the Data Subject may use non-profit bodies, organisations or associations whose statutory objectives are in the public interest and which are engaged in the protection of Data Subjects’ rights and freedoms with regard to the protection of personal data, for this purpose giving them an appropriate mandate. The Data Subject may also be assisted by a trusted person.
To know your rights, lodge a complaint/report/appeal and to remain updated on the laws regarding the protection of individuals with regard to the processing of personal data, the Data Subject can contact the Personal Data Protection Authority, consulting the website at http://www.garanteprivacy.it/.
1. What is a cookie and what is it for?
A cookie is a small file that is sent to the browser and saved on the user's device (PC, Tablet etc.) when you access and use the website https://www.enea.it/en (hereinafter also referred to as "Website”).
Cookies allow an efficient operation of the Website and improve its performance, including through the collection and analysis of aggregate information, which allow the Website operator to understand how to improve the Website’s structure and sections. Using cookies it is also possible to collect information for statistical purposes, mainly to personalise the user's browsing experience, remembering their preferences (e.g. language, currency etc.).
Cookies are classified according to their duration and the website that set them, so different cookies are used depending on the individual purposes.
2. What cookies do we use?
Technical cookies can be divided into browsing or session cookies, which guarantee normal browsing and use of the Website (e.g. coordinating the modules that make up the pages of the Website or correlating the pages visited to the same working session), and analytical cookies, similar to technical cookies only if used for optimising the Website directly by the website operator (so-called first-party analytical cookies), who may collect aggregate information on the number of users and how they visit the Website (e.g. to compile statistics on the most-visited pages, to collect aggregate data on visits by operating system, browser etc.).
Use of session cookies is strictly limited to the transmission of session identifiers (consisting of server-generated random numbers) and software usage data necessary to allow secure, efficient navigation of the website: session variables (so-called cookies) can avoid the use of computer techniques that are potentially detrimental to the confidentiality of user navigation and do not allow the acquisition of identifying personal data. Session cookies are not stored permanently on the user's device (PC, Tablet etc.), but rather are recorded locally for periods of time established according to the session variables (whose values stored on the device's hard disk can still be deleted; you can also disable cookies by following the instructions provided by the main browsers). Session cookies remain stored on the device for a short period of time and are then deleted when the web browser is closed.
Persistent cookies save a file in the memory of your device (PC, Tablet etc.) for a long period of time. This type of cookie has an expiration date. Persistent cookies allow websites to remember information and settings at subsequent visits by users, thus making browsing more convenient and faster. When the cookie expires, it is automatically deleted the next time you log on to the website that created it.
Third-party cookies are set by a website other than the one you are visiting and reside on servers other than the one you are visiting. Therefore, the use of data collected by these external operators through cookies is subject to their respective privacy policies.
While browsing this website, the user may also receive cookies on his/her device that are sent to interact directly with social platforms.
The website incorporates Facebook, Twitter, YouTube, LinkedIn and Instagram buttons and widgets.
The owner of the Website does not have access to the data that are thus collected and processed independently by the operators of social network platforms.
For more information on how the data collected by social networks (Twitter, Facebook, LinkedIn etc.) are processed, please refer to the privacy policies of those services.
3. Details of the cookies used
The explanation below provides more detail on the cookies used on our website and their purposes.
The necessary cookies help make a website usable by enabling basic functions such as browsing the page and accessing the secure areas of the website. The website cannot function properly without these cookies.
|_grecaptcha||gstatic.com||This cookie is used to distinguish between humans and bots. This is beneficial for the website, in order to make valid reports on the se of their website||Persistent||HTML|
|_GRECAPTCHA||google.com||This cookie is used to distinguish between humans and bots. This is beneficial for the website, in order to make valid reports on the se of their website||180 days||HTTP|
Used to detect if the visitor has accepted the marketing category in the cookie banner. This cookie is necessary for GDPR compliance of the website
|rc::a||gstatic.com||This cookie is used to distinguish between humans and bots. This is beneficial for the website, in order to make valid reports on the se of their website||Persisten||HTML|
|rc::b||gstatic.com||This cookie is used to distinguish between humans and bots.||Session||HTML|
|rc::c||gstatic.com||This cookie is used to distinguish between humans and bots.||Session||HTML|
Preference cookies enable a website to remember information that changes the way the website behaves or looks, like
your preferred language or the region that you are in.
Used to save information about the visitor's settings
Statistical cookies help website owners understand how visitors interact with websites by collecting and transmitting information in anonymous form.
|DEVICE_INFO||youtube.com||Used to track user's interaction with embedded content||180 days||HTTP|
|i/jot||twitter.com||Set an unique ID for the visitor, that allows third party advertisers to target the visitor with relevant advertisement. This pairing seervice is provided by third party advertisement hubs, which facilitates real-time bidding for advertisers||Session||Pixel|
|remote_sid||youtube.com||Necessary for the implementation and funcionality of YouTube video-content on the website||Session||HTTP|
|RichHistory||twitter.com||Collects data on visitors' preferences and behaviour on the website. This information is used make content and advertisement more relevant to the specific visitor||Session||HTML|
|VISITOR_INFO1_LIVE||youtube.com||Tries to estimate the user's bandwidth on pages with integrated YouTube videos||180 days||HTTP|
|YSC||youtube.com||Registers a unique ID to keep statistics of what videos from YouTube the user has seen||Session||HTTP|
|ytidb::LAST_RESULT_ENTRY_KEY||youtube.com||Store the user's video player preferences using embedded YouTube video||Persistent||HTML|
|yt-remote-cast-available||youtube.com||Store the user's video player preferences using embedded YouTube video||Session||HTML|
|yt-remote-cast-installed||youtube.com||Store the user's video player preferences using embedded YouTube video||Sessione||HTML|
|yt-remote-connected-devices||youtube.com||Store the user's video player preferences using embedded YouTube video||Persistent||HTML|
|yt-remote-device-id||youtube.com||Store the user's video player preferences using embedded YouTube video||Persistent||HTML|
|yt-remote-fast-check-period||youtube.com||Store the user's video player preferences using embedded YouTube video||Session||HTML|
|yt-remote-session-app||youtube.com||Store the user's video player preferences using embedded YouTube video||Session||HTML|
|yt-remote-session-name||youtube.com||Store the user's video player preferences using embedded YouTube video||Session||HTML|
Social network buttons and widgets
Social buttons are the ones on the website that depict social network icons (e.g. Facebook and Twitter) and that allow users who are browsing to interact directly with social platforms with a click.
Social buttons that track users are not used on the website, but only links that refer to the Owner's accounts on the social networks depicted. Below are the links where the user can read the privacy policies relating to the management of data by Social Networks
4. How long do we keep your data?
The data are kept for the amount of time indicated in the table above.
The browsing data collected by the website are kept for the time necessary to allow the browsing of the website itself and in any case for the time specified in the table above.
5. How can I disable cookies?
Most browsers are configured to accept, control or even disable cookies through their settings. Please note, however, that disabling technical cookies, even partially, could compromise the operation of the Website and/or limit its functionality.
In contrast, disabling third-party cookies does not affect navigability in any way.
Below are the links to the instructions provided by the main browsers for managing the settings on the installation of cookies: