It is an Information Notice, pursuant to Articles 13 and 22 of the Italian Personal Data Protection Code (Legislative Decree 196/03, the so-called "Privacy Code") as well as the General Resolution on cookies adopted by Italian Data Protection Authority on May 8, 2014, provided to those who connect to the website idp.cloud.tisparkle.com of Telecom Italia Sparkle.
The Information Notice is given solely for the above mentioned website (hereinafter "Website" or "this Website") and its subdomains, if any, and does not cover any other websites browsed/navigated by users via the Website links.
The Website is owned and managed by Telecom Italia Sparkle.
Telecom Italia Sparkle ensures compliance with the regulations on personal data protection (privacy law), in line with the provisions of the Code of Ethics of the Telecom Italia Group.
Type of data processed and purposes of processing
The IT systems and software procedures that ensure the functioning of this Website, acquire personal data during their standard operation which are implicitly communicated whilst using Internet communication protocols.
This information is not collected to be associated with identified data subjects; yet, because of its nature, it might allow for users/visitors to be identified (e.g. IP addresses, domain names of the computers of users connecting to the Website, the code indicating the status of the server's response, the type of browser. etc.) via processing with data held by third parties.
This data is used solely for statistical information (and thus are anonymous) and to check the proper operation of the Website. Data on web contacts are kept for up to six months, subject to any investigations on IT crimes committed to the detriment of the Website.
No data deriving from the web service will be communicated or disseminated.
Scope of the service accessed through this Website, is to provide to users single sign on to each single user organization, by means of federated data administered by the Identity Provider, and exchanged with other organizations federated to IDEM (the Italian Universities and research institutions federation for the federated authentication and authorization to get access to network and/or IT on-line resources), and EduGAIN (the worldwide network that interconnects identity federations around the world, in order to get access to content, services and resources for the global research and education community, thus enabling the trustworthy exchange of information related to authentication, authorization and identity - AAI).
1.1. Personal data processed
During a federated authentication, the following data is retrieved from the relevant single user home organization:
For all users:
- IP address
- Referrer address
Only for authenticated users, the following are required attributes:
while the following are desired attributes:
To summarize, in the table below, in order to allow access to the service each attribute is listed as mandatory or desired:
||used as a unique and anonymous identifier
||to discriminate the affiliation of those entitled
||to communicate with the user regarding the requested service
1.2 Purpose of the processing of personal data
The IP and referrer addresses of all web page visitors are stored in the web server log file for debugging purposes.
1.3. Third parties to whom personal data is disclosed
No data will be released to third parties. Personal data inherent to attributes is only shown to each single user her/himself upon authentication.
2.1 General information on Cookies
Cookies are small text files that are sent by the websites visited by users to their terminal equipment (typically to users' browser), where they are stored and then backer-transmitted to the same websites every time these are visited via the same terminal equipment. In addition, every website can send the so-called 'third party' cookies, i.e. cookies generated by websites other than the website being visited by the user (via elements included therein such as banners, images, maps, sounds, files specific links to web pages of different domains).
Depending on their duration, cookies can be session cookies (i.e. temporary cookies which are automatically cancelled by the terminal equipment at the end of the browsing session, closing the browser) and persistent cookies (i.e. cookies that remain stored on the terminal equipment until their expiry or cancellation by the user).
Cookies serve different purposes. First of all, they are used to carry out the transmission of a communication or to provide the service requested by the user; specifically, they enable the operation and optimization of the website, the performance of IT authentication and the prevention of unlawful use, the monitoring of sessions; they also improve the browsing experience of users, e.g. by keeping active the connection to reserved areas during their navigation across the pages of a website without having to re-enter their User-Id and password, storing specific information on users themselves (including their preferences, type of browser and computer used).
These cookies are "technical" (the user's prior consent is not necessary), because some of the aforesaid operations could not be carried out or would be more complex and/or less secure without them.
This Website can use both session cookies and persistent cookies. The cookies generated directly by this Website are:
"technical" cookies used: a) to customize the user interface (e.g., to store user preferences such as language, currency, page display format, connection area); b) to ensure a better use of the website and of its audio-visual content (e.g., via programs such as Flash Player); c) for a proper website connection (e.g., by appropriately directing the user's requests across)
2.3 "Third party" Cookies
This Website also allows for the transmission to the user device of cookies of third parties with which Telecom Italia Sparkle has a collaboration. As a technical intermediary, Telecom Italia Sparkle simply sends these cookies without managing their operation (thus having no control over, nor access to any information given/acquired) because their operation falls within the responsibility of third parties. For these cookies, the information notice and the consent forms of such third parties are available by clicking on the links. Such third parties are:
a. subjects whose services are used by Telecom Italia Sparkle to collect aggregate/statistical information on the users visiting this Website. In fact, the service Google Analytics (www.google.com/privacy) provided by the company Google.
2.4 Management of Cookie-related decisions
Cookies can be managed by the user via his/her browser.
The user can manage his cookie preferences via major browser applications (Internet Explorer, Mozilla Firefox, Google Chrome, Apple Safari), thereby cancelling/removing (some or all) cookies or changing his browser settings to disable cookies or restrict them to specific websites. For more information on how to change your browser settings (usually from the toolbar), you can visit the 'Help' web pages of the providers of the said browsers (available also via any common search engine).
The supply of Website services is not prevented per se where cookies are disabled; however, if all the cookies, including technical cookies, are cancelled/blocked, some operations may not be completed or may become more complex and/or less secure, including some activities in the Website Reserved Area (in fact, cookies allow for and maintain the user identified during a session).
3. Data supplied voluntarily by users/visitors
When users/visitors, connecting to this Website, send their personal data to have access to given services or to send email requests, this implies the acquisition by Telecom Italia Sparkle S.p.A. of the sender's address and/or other personal data that are processed solely to respond to the user's request or to supply the service.
The personal data supplied by users/visitors will be communicated to third parties only where such communication is required to meet the users/visitors' requests.
Data processing procedures
Personal data are processed by automatic or electronic means and/or manually (for example on paper) for the time that is strictly required to achieve the purposes for which data were collected and, in any case, in accordance with the applicable laws and regulations in force.
Data Protection Code of Conduct
Your personal data will be protected according to the Code of Conduct for Service Providers,
a common standard for the research and higher education sector to protect your privacy.
Your personal data is deleted on request of the user or if the user hasn't used the service for two years.
Data Controller, Data Processor and categories of Persons in charge for the Processing
The Data Controller is Telecom Italia Sparkle with offices in Viale Parco de' Medici 61 - I 00148 Rome. The updated list of Data Processors may be viewed on http://www.tisparkle.com/
under the heading "Elenco dei responsabili del trattamento dei dati personali".
The data of users/visitors may be processed by Company employees within the Departments indicated in the aforesaid list. Such employees act as Persons in charge of Processing, under the direct authority of the respective Data Manager.
Rights of the persons concerned
Users/visitors have the right to access the data concerning themselves at any time and to exercise the other rights specified in article 7 of the Privacy Code (e.g. to request the source of personal data, the rectification, updating or integration of inaccurate and incomplete data, the erasure or blocking of data that has been processed unlawfully, to object to the processing on legitimate grounds through the toll free number 800 405 800, or, alternatively via email firstname.lastname@example.org .
Telecom Italia Sparkle S.p.A.