With the entry into force of the Regulation n. 2016/679 of the European Parliament and of the European Council of 27 April 2016, concerning the protection of individuals with regard to the processing of personal data, the Ministry of Economy and Finance (hereinafter "MEF"), as owner of the processing of personal data resulting from the use of this site (hereinafter "CLOUDIFY NoiPA Portal" or "Site"), has adopted technical and organizational measures to ensure that the same is in compliance with the rules and principles provided by the Regulation.
The information contained in this page are made pursuant to article 13 of the Regulation (EU) n. 2016/679 and the national regulatory framework on personal data protection.
Data controller
The Data Controller through the CLOUDIFY NoiPA Portal is the Ministry of Economy and Finance, via XX Settembre 97, 00187, Rome, to which is possible to refer to exercise the rights pursuant articles 15 to 22 of the Regulation (EU) n. 2016/679, or via e-mail at capodipartimento.dag@pec.mef.gov.it
Responsible for data protection
The MEF has appointed the Data Protection Officer (DPO), whose contact details are the following:
• responsabileprotezionedati@mef.gov.it;
Treatment purposes
CLOUDIFY NoiPA Portal is the digital transformation of the NoiPA program developed by the MEF to evolve and expand the services provided by the NoiPA system, to broaden the range of administration to the entire PA, generating significant savings for public spending.
Therefore, the personal data provided during registration are used solely to allow users to send a proposal or comment through the form available on the site.
Legal basis of the processing
The individual gives his/her consent to the processing of personal data during the registration phase to the Portal CLOUDIFY NoiPA for the above-mentioned purposes, pursuant Article 6, paragraph 1, letter a) of Regulation (EU) No. 2016/679.
Communication of data to possible recipients
Data may be accessed or communicated, in compliance with current legislation, to external companies entrusted by the Owner to perform various services, such as, for example, the maintenance and assistance of the CLOUDIFY NoiPA Portal. Therefore, the Controller shall designate such persons as Data Processors pursuant to Article 28 of the Regulation (EU) no. 2016/679, among those providing sufficient guarantees to put in place suitable technical and organizational measures so that the treatment meets the requirements of the Regulation and ensure the protection of the rights of those concerned.
Personal data are not subject to disclosure to undefined entities, in any form, even by making them available or consulted.
Retention period
Personal data will be kept for a period not exceeding the purpose, or rather the ability for users to utilize the site functionality to send a proposal or a comment on the digital transformation program NoiPA.
Rights of the interested party
The parties to which the personal data refer have the right to obtain at any time confirmation of the existence of such data and to know the content and in case, to obtain access to the personal data together with the following information: purposes of treatments, categories of subjects to whom the data may be or will be communicated (including recipients of third countries or international organizations), the identification data of the manager or, if not possible, the criteria used to determine data origin, if they were not collected by the data subject, the existence of an automated decision-making process, including profiling and information on the logic used.
Furthermore, the interested party has the right, in the cases provided by the Regulation(EU) no. 2016/679 to Articles 16 to 21, to obtain:
- The correction of inaccurate personal data
- The integration of incomplete personal data
- Cancellation (“Right to be forgotten”)
- The limitation of the personal data processing (in this case, the data are processed only with the consent of the interested party, except for their necessary preservation or for the other cases permitted by law)
- The portability of data, transmitting them from one Data Controller to another, if technically feasible
- Opposition to their treatment
The related requests must be forwarded to the Data Controller, using the contact details provided in this statement.
Right to propose a complaint
If the interested part considers that Data Controller processing performance may have violated current regulations, he/she has the right to lodge a complaint with the Supervisory Authority for the protection of personal data according to clause 77 of the Regulation (EU) n. 2016/679.
Right of withdrawal of consent
If the processing is based on consent or transactions on particular categories of data, the interested party has the right to withdraw the consent at any time without prejudice to the lawfulness of the treatment based on the consent given prior to the revocation.