Privacy Policy

With this information we wish to inform you about how we process the personal data of users (hereinafter “Personal Data”) who consult the website www.ior.va (hereinafter “Portal”).

Below you will find information on how we collect, use and transfer the Personal Data of the User (hereinafter “User”), i.e. all the information that can be used to identify or contact the User.

1. DATA CONTROLLER
The data controller is the Istituto per le Opere di Religione (hereinafter “IOR”) – Cortile Sisto V – 00120 Vatican City, Tel. +39 06 698 83 354 e-mail: [email protected].

2. LEGITIMACY OF THE PROCESSING OF USER PERSONAL DATA
The information we collect mostly comes directly from the User: it is provided voluntarily or is necessary for the provision of our services.

3. PURPOSE AND METHOD OF TREATMENT
The processing of the User’s Personal Data, with specific consent, where necessary, has the following purposes:

1. allow navigation and consultation of the Portal and its content;
2. allow the provision of the requested services (e.g. newsletter);
3. ensure the conservation, security and custody of data;
4. fulfil legal obligations;
5. guarantee security and prevent fraudulent conduct.

The IOR will not process the data provided by the User for purposes other than those explicitly indicated above.

The IOR will furthermore not make automated decisions based on the information provided.

All the Personal Data collected are processed with automated and manual tools for the time strictly necessary to achieve only the indicated purposes above and in order to guarantee their integrity, confidentiality and security.

4. COOKIES AND OTHER TRACKING SYSTEMS
The IOR uses its own session technical cookies (non-persistent) strictly limited to what is necessary for the safe and efficient navigation of the Portal. The IOR may also use third-party cookies for data analysis.

For detailed information concerning the types of cookies used, please consult our specific Cookie Policy information page.

5. STORAGE, SECURITY AND DATA CUSTODY
The IOR keeps any Personal Data collected accurately, completely and updated, as long as they are necessary for the provision of the services to which the Personal Data are linked.

We can assure you that all the necessary steps have been taken to guarantee the security of your Personal Data once they have been collected, through the use of computer systems with limited access and the use of protected storage solutions according to the standards of security provided by the security measures indicated by best practices.

The IOR adopts specific security measures to prevent data loss, illicit or incorrect and unauthorised access.

6. RIGHTS OF THE PARTIES CONCERNED
Users to whom the Personal Data refer, in their capacity as the parties concerned, can at any time:

• exercise the right of access or to have a copy of their Personal Data, allowing them to know the type of User Personal Data processed by the IOR and the characteristics of the treatment that is performed;
• exercise the right to request that their Personal Data be rectified in the event of omissions or errors;
• request the cancellation or limitation of processing;
• exercise the right to oppose the processing.

The parties concerned also have the right with withdraw/revoke their consent at any time, without prejudice to the lawfulness of the processing based on the consent given prior to revocation/withdrawal.

7. METHOD FOR EXERCISING THE RIGHTS OF THE PARTIES CONCERNED AND UNSUBSCRIPTION TO OPTIONAL SERVICES

To exercise their rights, referred to under point 6, the parties concerned may contact the IOR by sending an email to [email protected] with the subject “PERSONAL DATA”.

Should Users have subscribed to the newsletter service, they may at any time revoke their consent by using the link “Unsubscribe Newsletter” at the bottom of the received communication and their personal data will be deleted.

Navigating the Portal implies acceptance of this Privacy Policy.