Privacy Policy

The data controller for personal data collected through this website is the organisation responsible for the National Forum on the Digitalization of Justice – Capri 2026, with registered office in Italy.

For any communication regarding the processing of personal data, please contact the controller at the following addresses:

• E-mail: eventodigitalizzazionecapri@gmail.com
• Ordinary mail: please provide the registered office address

The Data Protection Officer (DPO), where appointed, can be contacted at the same e-mail address with the subject "Attention DPO".

The website collects personal data directly (voluntarily provided by the user) and automatically (through browsing). The categories of data processed are as follows:

Voluntarily provided data

• Full name, e-mail address, phone number (registration form, contact or speaker application)
• Affiliated organisation, professional title
• Content of messages sent via the contact form
• Comments published on the site blog (subject to moderation)

Automatically collected data

• IP address and browsing data (pages visited, session duration, browser and operating system used)
• Web server log data
• Data collected via technical cookies (see Cookie section)

No data belonging to special categories under Art. 9 of EU Regulation 2016/679 (GDPR), nor data relating to criminal convictions or offences, are collected.

Personal data collected is processed for the following purposes, each based on a specific legal ground under the GDPR:

a) Management of event registrations

Data provided during registration is processed for the performance of a contract or for pre-contractual measures at the data subject's request (Art. 6(1)(b) GDPR). This includes registration confirmation, sending logistical information and managing attendance.

b) Management of speaker applications

Data provided via the application form is processed on the basis of explicit consent (Art. 6(1)(a) GDPR) for evaluating the presentation proposal and communicating the outcome.

c) Responding to contact requests

Data contained in messages sent via the contact form is processed in the controller's legitimate interest in responding to received communications (Art. 6(1)(f) GDPR).

d) Sending informational communications (newsletter)

Subject to explicit consent (Art. 6(1)(a) GDPR), data may be used to send updates about the Forum, programme, speakers and future editions. Consent may be withdrawn at any time.

e) Technical operation of the site

Browsing data is processed to ensure the security and proper functioning of the site, in the controller's legitimate interest (Art. 6(1)(f) GDPR).

Personal data is retained for the minimum time necessary to achieve the purposes for which it was collected, in accordance with the principles of minimisation and storage limitation under the GDPR.

• Event registration data: for the duration of the event and up to 24 months thereafter for administrative and reporting purposes.
• Speaker applications: until the selection process concludes and, if accepted, for the duration of the engagement and up to 12 months thereafter.
• Contact messages: for the time needed to process the request and in any case no longer than 12 months from receipt.
• Newsletter: until consent is withdrawn by the data subject.
• Browsing data (logs): for a maximum of 30 days, unless required for the investigation of crimes or computer offences.

Upon expiry of the retention periods, data is deleted or irreversibly anonymised.

Personal data is not disclosed to unspecified third parties. It may be communicated, to the extent strictly necessary, to the following categories of recipients:

• Technical and infrastructure service providers (hosting, e-mail platforms, analytics tools), acting as data processors under Art. 28 GDPR, bound by appropriate contractual agreements.
• Co-organising bodies and institutional partners of the Forum, to the extent necessary for event management and after informing data subjects.
• Public authorities (judicial, tax, supervisory) in cases provided for by law or on order of the competent authority.

Data is not transferred to third countries outside the European Economic Area (EEA) unless adequate safeguards are in place (adequacy decisions, standard contractual clauses or equivalent mechanisms under Arts. 44–49 GDPR).

As a data subject, you have the right to exercise the following rights against the data controller at any time, pursuant to Arts. 15–22 GDPR:

• Access (Art. 15): obtain confirmation of the existence of processing and access the personal data concerning you.
• Rectification (Art. 16): obtain the correction of inaccurate or incomplete data.
• Erasure (Art. 17): request the deletion of data ("right to be forgotten"), in cases provided for by law.
• Restriction (Art. 18): request the suspension of processing in certain cases.
• Portability (Art. 20): receive data in a structured, commonly used format for transmission to another controller.
• Objection (Art. 21): object to processing based on legitimate interest or for direct marketing purposes.
• Withdrawal of consent: withdraw consent at any time, without prejudice to the lawfulness of processing carried out prior to withdrawal.

To exercise your rights, send a written request to eventodigitalizzazionecapri@gmail.com. We will respond within 30 days of receipt, unless complexity requires an extension (communicated within the same period).

You also have the right to lodge a complaint with the Italian Data Protection Authority (www.garanteprivacy.it) if you believe the processing of your data violates the GDPR.

The website uses cookies and similar technologies to ensure proper page functioning and, subject to consent, to analyse user behaviour.

Technical cookies (necessary)

These are cookies essential for the operation of the site. They do not require user consent and do not collect data for commercial purposes. They include session cookies, language preference cookies and cookies for managing consent itself.

Analytical cookies (subject to consent)

Subject to consent, the site may use statistical analysis tools (e.g. Google Analytics with anonymised IP) to collect aggregated and anonymous data on how the site is used, in order to improve its content and structure.

Third-party cookies

Some site features (e.g. embedded videos, maps) may generate cookies from third parties. The controller has no direct control over such cookies; please refer to the respective privacy notices of the providers.

You can manage or withdraw consent to cookies at any time through the cookie banner on the site or through your browser settings. Disabling technical cookies may impair the functioning of some site features.

The controller adopts technical and organisational measures appropriate to ensure a level of security proportionate to the risk of processing, pursuant to Art. 32 GDPR. Measures adopted include, by way of example:

• Encrypted data transmission via HTTPS/TLS protocol
• Access to personal data restricted to authorised personnel bound by confidentiality obligations
• Regular updates to systems and software components
• Data backup and recovery procedures
• Periodic assessment of the effectiveness of implemented security measures

In the event of a personal data breach that may pose a risk to the rights and freedoms of data subjects, the controller will notify the supervisory authority within 72 hours pursuant to Art. 33 GDPR and, where necessary, communicate to data subjects pursuant to Art. 34 GDPR.

This privacy notice may be updated at any time to reflect regulatory changes, technological updates or changes in the controller's processing practices.

The updated version will be published on this page with the revision date indicated. In the event of material changes, the controller reserves the right to notify data subjects via a prominent notice on the site or, where an e-mail address is available, by direct communication.

Users are therefore invited to periodically check this page to stay informed about how personal data is processed.

Current version: 1.2 · Publication date: 15 October 2025 · Last updated: 10 May 2026