IDEM Federation Privacy

Privacy policy

Name of the service

CNR-ILC IdP

Service description

Identity Provider of Cnr-Istituto di Linguistica Computazionale “Antonio Zampolli” users, Pisa Headquarter and Genova Division, for authentication and attribute release in the following federations: eduGAIN and IDEM-GARR.

Personal data processed

In the case of federated authentication, the following data are released by the IdP:

  • commonName(name and surname)
  • surname
  • givenName (name)
  • email
  • eduPersonPrincipalName(User ID)
  • eduPersonAffiliation (user affiliation)
  • eduPersonEntitlement (access rights to specific resources)
  • eduPersonTargetedID (persistent and unique anonymous identifier that contains no personal information)

Legal notice

The services provided by the Cnr-Istituto di Linguistica Computazionale “Antonio Zampolli” are subject to the rules on personal data protection. The request for use of the services provided involve the acceptance of the conditions set out below.

personal data protection

n compliance with the Code for the Protection of Personal Data (Legislative Decree no. 196/03), the Cnr-Istituto di Linguistica Computazionale “Antonio Zampolli” (hereinafter referred to as the Manager) guarantees the confidentiality in the treatment, manual, computer and telematic , the personal data of users and informs its users the following.

Source of acquisition of personal data

1. Navigation data

The computer systems and software procedures for the operation of the network services acquire, during their normal operation, some personal data whose transmission is implicit in the communication protocols of the Internet. This information is not collected to be associated with identified, but by their very nature could, through processing and association with data held by third parties, to identify users.

This category of data includes IP addresses or domain names of the computers used by users, the URI (Uniform Resource Identifier) ​​of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the response from the server (successful, error, etc.) and other parameters regarding the operating system and computer environment.

These data are used only to obtain anonymous statistical information on the site and to ensure proper operation; they are deleted immediately after processing. The data could be used to ascertain responsibility in case of computer crimes against the site.

2. Data provided by the user

Some personal information is collected directly by means of completing the application forms account for the use of network services.

The personal data of authorized services are collected and processed exclusively by the Manager to maintain and manage user profiles, process the authentication request submitted to the system, as well as for purposes related to obligations under applicable laws, regulations and legislation, by instructions given by authorities legitimated and by the vigilance and control.

Communication and dissemination of data

For the conduct of the Manager makes use of its employees and collaborators, as well as external parties in charge or responsible for processing the data for the above purposes. The updated list of the people in charge of the treatment is made available on application.

Rights of the person concerned

Each person concerned has the right to exercise the rights under Art. 7 of Legislative Decree no. 196/031, including request confirmation of the existence of data concerning him, their communication in intelligible form, the origin, the logic and purpose of treatment, as well as obtain l ‘ integration, updating or rectification; the person concerned may object to the processing for sending advertising materials or direct selling or for carrying out market research or commercial communication.

Data controller

The data controller is the Consiglio Nazionale delle Ricerche, headquartered in Rome, Piazzale Aldo Moro n. 7.