Privacy Policy
Last updated: 2 July 2026
Data controller
The data controller is {{University of Verona — legal name, registered office and certified email (PEC) to be confirmed with the Privacy Office}}. Data Protection Officer (DPO): {{contact to be confirmed, e.g. rpd@ateneo.univr.it}}.
Nature of the site and data processed
This site is an informational showcase for the VITAM.BIO research project. It does not require or collect users' personal data: there are no contact forms, newsletter sign-ups, registrations or restricted areas, and no profiling activity. The only data that may be processed is navigation data (technical logs) collected automatically by the hosting provider for the operation and security of the site — for example IP addresses, date and time of access, and technical information about the device or browser. This data is not used to identify users or for marketing purposes.
Purposes and legal basis
Technical navigation data is processed solely to ensure the operation, security and correct delivery of the site (legal basis: the controller's legitimate interest in the security and continuity of the service, Art. 6(1)(f) GDPR, and related technical obligations). The site carries out no processing for marketing or profiling purposes.
Cookies
The site uses only the technical cookies necessary for it to function and does not use profiling cookies or third-party statistical analysis tools. See the Cookie Policy for details.
Recipients and data processors
Technical data may be processed by the hosting provider ({{Hostinger — appointed as data processor; data-centre region to be confirmed, EU}}) to the extent necessary to deliver the service. The data is neither disclosed nor sold to third parties for commercial purposes.
Data transfers
Data is processed, where possible, within the European Union. Any processing by providers with infrastructure outside the EU takes place subject to adequate safeguards under Art. 44 et seq. GDPR (e.g. standard contractual clauses). {{To be verified based on the hosting configuration.}}
Retention
Technical logs are retained by the hosting provider for the time strictly necessary for security and diagnostic purposes, in accordance with its policies and applicable law.
Rights of data subjects
Data subjects may exercise the rights provided by Art. 15-22 GDPR: access, rectification, erasure, restriction, objection and data portability. It is also possible to lodge a complaint with the Italian Data Protection Authority (www.garanteprivacy.it). To exercise these rights or for any request concerning processing: {{controller / DPO contact to be confirmed}}.
Changes
The controller reserves the right to update this policy. Changes will be published on this page together with the relevant update date.
Legal references: Regulation (EU) 2016/679 (GDPR); Legislative Decree 196/2003 as amended by Legislative Decree 101/2018; measures of the Italian Data Protection Authority.