CAOS
Center for Gravitational Wave Applications and Seismology

Privacy Policy

Website: https://caos-gw.unipg.it
Data Controller: CAOS – Center for Gravitational Wave Applications and Seismology
Address: Via G. Duranti, 93 – 06125 – Perugia (PG)
Last updated: May 1, 2026

1. Introduction

This Privacy Policy describes the methods for processing the personal data of users who visit the institutional website of CAOS (Center for Gravitational Wave Applications and Seismology), accessible at https://caos-gw.unipg.it, created as part of the European research project funded by the MUR and the European Union.

The Data Controller is committed to protecting users’ personal data and complying with current regulations, in particular EU Regulation 2016/679 (GDPR) and Legislative Decree 196/2003 as amended by Legislative Decree 101/2018.

2. Data Controller

The Data Controller for personal data is:

CAOS – Center for Gravitational Wave Applications and Seismology
Via G. Duranti, 93 – 06125 – Perugia (PG)
Website: https://caos-gw.unipg.it

3. Data processed and purposes

3.1 Navigation data

The computer systems and software procedures used to operate this site acquire, during their normal operation, certain data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified subjects, but by its very nature could, through processing and association with data held by third parties, allow users to be identified.

This category includes: IP addresses or domain names of the devices used by users, URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server, and other parameters relating to the user’s operating system and computer environment.

This data is used exclusively to obtain anonymous statistical information on the use of the site and to check its correct functioning. The data is deleted immediately after processing and is not stored or associated with identified or identifiable users.

3.2 Data provided voluntarily by the user

The site does not have contact forms, restricted areas accessible to the public, newsletter subscription forms, or other tools that require the user to enter personal data. Therefore, no personal data is collected voluntarily through the site.

Should the user contact the Data Controller via the institutional addresses that may be indicated on the site, the data transmitted (name, email address, message content) will be processed exclusively to respond to the request and will not be stored beyond the time necessary for this purpose.

4. Legal basis for processing

The processing of navigation data referred to in point 3.1 is based on the legitimate interest of the Data Controller (Art. 6, para. 1, point (f) of the GDPR) in the security and correct functioning of the institutional website.

5. Processing methods

Personal data is processed using automated tools for the time strictly necessary to achieve the purposes for which it was acquired. Specific security measures are observed to prevent data loss, illicit or incorrect use, and unauthorized access.

6. Communication and dissemination of data

Navigation data is not communicated to third parties, sold, or disseminated. It is not transferred outside the territory of the European Union.

7. Cookies

The site exclusively uses technical cookies necessary for the platform’s operation. No profiling cookies or tracking tools are used. For more information, please refer to the site’s Cookie Policy.

8. Rights of the data subjects

Pursuant to Articles 15–22 of the GDPR, users have the right to:

  • access their personal data (Art. 15);
  • obtain its rectification (Art. 16) or erasure (Art. 17);
  • request the restriction of processing (Art. 18);
  • object to processing (Art. 21);
  • request data portability (Art. 20);
  • withdraw consent given at any time, without prejudice to the lawfulness of the processing based on the consent given before the withdrawal.

Since the site does not collect personal data identifying users, the exercise of the aforementioned rights may not find practical application in most cases. Users may still address any request to the Data Controller at the addresses indicated in point 2.

Users also have the right to lodge a complaint with the Data Protection Authority: www.garanteprivacy.it.

9. Changes to this Privacy Policy

The Data Controller reserves the right to modify this Privacy Policy at any time in response to regulatory, technological, or organizational changes. Changes will be effective from the date of publication on this page. Users are therefore invited to consult this section periodically.

For further information on the cookies used by the site, please refer to the Cookie Policy.