Last Updated on 14-Nov-2023
Effective Date 14-Nov-2023

The following Privacy policy is provided in accordance with art.13 of Legislative Decree 196/2003 (Personal Data Protection Code) and art. 13 of EU Regulation no. 2016/679 (General Data Protection Regulation – GDPR). 

This page describes the methods of processing personal data of users who consult the “Aracne project” website, accessible electronically at the address, corresponding to the website of the project ARACNE, funded by the EC under the Grant Agreement no. 101095188 This information is provided in accordance with Legislative Decree 196/2003 (Personal Data Protection Code) and EU Regulation 2016/679 (GDPR) for users who interact with the CREA institution’s web services. Please refer to the privacy policy of the CREA institution’s website as well as other websites accessed by the user via links.

Data Controller:  The Data Controller is the Council for Agricultural Research and Analysis of Agricultural Economics CREA – in the person of the Legal Representative – Via della Navicella 2/4, 00184 Rome – VAT number: 08183101008 – CF: 97231970589 Tel: +39 06 478361 – Fax: +39 06 47836320 – e-mail: Certified Email:

Legal Basis of ProcessingThe personal data provided on this page are processed by CREA and other ARACNE partners exclusively for institutional purposes or purposes related to the exercise of public interest tasks, including scientific research and analysis for scientific purposes.

Types of Personal Data Processed and Purposes of Processing Navigation Data

Navigation dataThe computer systems and software procedures used to operate the website acquire, during their normal operation, personal data that are implicitly transmitted in the use of Internet communication protocols. This information is not collected to be associated with identified interested parties, but by its nature could allow users to be identified through processing and association with data held by third parties. This category of data includes IP addresses or domain names of computers used by users who connect to the site, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters related to the user’s operating system and computer environment. This data is used only to obtain anonymous statistical information about the use of the site and to check its correct functioning. The data is kept on the CREA server and is deleted after one year from the time of acquisition. The data may be used to ascertain liability in case of hypothetical computer crimes against the site.

Data provided voluntarily by the userThe optional, explicit and voluntary sending of emails to the addresses indicated on this site entails the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data included in the message.

Cookie Policy 

The website uses cookies and similar technologies to ensure the correct functioning and improve the user experience of online applications. Please read the detailed cookie policy for information on how cookies are used and how to manage them.

Processing Time and Data Retention PeriodPersonal data are processed using manual and computerized tools strictly for the time necessary to achieve the purposes for which they were collected. Specific security measures are observed to prevent data loss, illicit or incorrect use, and unauthorized access.

Existence of Automated Decision-Making Processes, Including ProfilingThe processing carried out by CREA and ARACNE partners on personal data does not involve any automated decision-making processes, including profiling, which produce legal effects concerning the person or similarly significantly affect the person.

Rights of the Data Subject

The data subject may exercise the rights provided for in art. 7 of Legislative Decree 196/2003 and art. 15 to 22 of EU Regulation no. 2016/679, where applicable (right of access, rectification, erasure, restriction of processing, right to data portability, right to object).

  • Art.15 – access: request confirmation as to whether or not personal data concerning the data subject is being processed, as well as further information regarding the processing.
  • Art.16 – rectification: request the rectification or completion of personal data concerning the data subject that are inaccurate or incomplete.
  • Art.17 – erasure: request the erasure of personal data concerning the data subject, without undue delay, where certain grounds apply.
  • Art.18 – restriction of processing: request the restriction of processing of personal data concerning the data subject, where certain grounds apply.
  • Art.20 – data portability: request to receive the personal data concerning the data subject, or have them transmitted directly to another controller, where technically feasible.
  • Art.21 – right to object: object to the processing of personal data concerning the data subject, unless CREA demonstrates compelling legitimate grounds for the processing which override the interests, rights, and freedoms of the data subject or for the establishment, exercise or defense of legal claims.
  • Art.22 – right not to be subject to automated decision-making: object to automated decision-making, including profiling.

The exercise of these rights can be made by contacting the Data Controller using the contact details provided.

Reporting Complaints

Any complaints regarding non-compliance or criticism of the communication may be reported to the Data Protection Officer (DPO) of CREA, Valentina Longo, at the following email addresses:

Complaint to the Supervisory AuthorityIf the data subject believes that their rights regarding the protection of personal data have been violated, they may file a complaint with the Italian Data Protection Authority (Garante per la protezione dei dati personali), in accordance with art. 77 of EU Regulation 2016/679, which will then carry out the necessary investigations and may implement appropriate measures. The complaint can be submitted by the data subject directly, or on their behalf, by an attorney, an organization, or a non-profit entity. In such cases, a power of attorney must be provided to the Garante for evaluation. The complainant may choose the most appropriate method for submitting the complaint, either by hand delivery to the offices of the Garante (at the specified address) or by sending it to:

  1. a) Registered mail with return receipt to Garante per la protezione dei dati personali, Piazza di Monte Citorio, 121 00186 Rome
  2. b) Certified email to

For the first application, the complaint and any power of attorney must be signed with an authenticated signature, a digital signature, or a handwritten signature (in the latter case, a copy of a valid identification document must be attached). Submitting a complaint is free of charge.