Data processing by Telearte
Information on the processing of personal data
ex art. 13 of Regulation (EU) 2016/679
Pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the
The European framework for the protection of individuals with regard to the processing of personal data,
as well as the free movement of such data (General Data Protection Regulation, hereinafter “GDPR”), and in the
Compliance with the Legislative Decree of June 30, 2003, no. 196, as amended by Legislative Decree Aug. 10
2018, n. 101, it is hereby informed that personal data provided by the Subjects proposing research and development projects
Under the decree of the Minister of Economic Development dated June 11, 2020 and the decree of the Director
General of the Directorate General for Business Incentives dated August 5, 2020, will form the subject of
processing in compliance with the confidentiality obligations under the above-mentioned regulations to which the
Ministry of Economic Development – Directorate-General for Business Incentives (hereinafter
“DGIAI”) as the holder of the measure.
1. Subjects of the treatment
Joint data controllers, pursuant to Art. 26 of the GDPR, in that they jointly determined the
purposes and means of processing, are:
– The Ministry of Economic Development (“Ministry”), with its registered office in Rome, Italy, via V.
Veneto 33, 00187 exercising its functions, inter alia, through the Director General of the
The Data Protection Officer can be contacted at the following e-mail address:
firstname.lastname@example.org and to the certified e-mail address:
– Invitalia in the person of its legal representative pro tempore, Dr. Domenico Arcuri, with registered office in
Rome (Italy), via Calabria 46, 00187.
The Data Protection Officer can be contacted at the following e-mail address:
Personal data will also be processed by third parties whose privacy roles are defined in the
compliance with the GDPR, including: i) personnel specially or occasionally authorized and trained on the
Based on specific instructions regarding the purposes and methods of processing (employees, collaborators,
consultants or service providers); (ii) the National Agency for New Technologies, Energy and Development
sustainable economic – ENEA – a public law entity, for the implementation activities of the intervention, for the
Technical and scientific fulfillments related to the evaluation of projects and for verifications regarding the
implementation of the same; iii) the Cassa depositi e prestiti S.p.A. – CDP – for preparatory activities
to the assumption of the resolution of Subsidized Financing; iv) the Lending Banks for the activities
preparatory to the making of the Bank Financing resolution.
Personal data may be shared, for institutional purposes, with parties to whom the
communication is required by legal provisions, regulations or with public entities for the
performance of their institutional functions (by way of example, supervisory and control authorities for the
Conduct of inspection inspections, public security authorities, judicial authorities and law enforcement agencies
judiciary specializing in financial activity investigations).
Further information regarding the processing of personal data by the Joint Holders is provided
in the Disclosure published in the special platform, with restricted access, dedicated to the submission of the
Facility application under the intervention “Research and development projects for the circular economy.”
2. Legal basis for processing
The personal data provided are processed in the performance of public interest tasks or otherwise related
to the exercise of its public powers (pursuant to Article 6(1)(e) of the GDPR and Article 2-
ter of Legislative Decree June 30, 2003, no. 196 s.m.i.) or in order to execute a contract of which
the data subject is a party or pre-contractual measures taken at the request of the same data subject (pursuant to
of Article 6(1)(b) of the GDPR) as well as to fulfill a legal obligation (under Art.
6(1)(c) of the GDPR).
3. Purpose of processing.
Personal data transmitted through the completion and submission of forms and/or applications are processed to
responding to requests from interested parties, instructing an administrative process (such as the management phase
of the procedure for accessing, investigating and disbursing the facility) as well as to fulfill any
legal obligations, including the regulations under Leg. 33/2013, accounting and tax.
The provision of personal data for the above purposes is optional, explicit and voluntary, but in default
it will not be possible for the Data Controllers to proceed with the fulfillment of the institutional purposes, nor
To execute its tasks with consequent prejudice to the provision of related services.
4. Type of data processed
For the definition of personal data, please refer to Article 4(1) of the GDPR, the collection of which is necessary to
To fulfill the above purpose. Data related to criminal convictions and offenses or to
related security measures, as defined by Art. 10 of the GDPR.
Browsing data are related to the user’s operating system and computing environment. These data,
necessary for the use of web services, are also used for the purpose of obtaining statistical information
anonymous about the use of the platform (most visited pages, time slot etc.) and to check its correct
operation and are deleted immediately after processing.
5. Method of processing and storage period
Personal data are processed according to the principles of lawfulness, fairness, transparency and are acquired and
stored with the aid of instruments, including electronic instruments, suitable to guarantee their security and confidentiality according to
The manner prescribed by applicable laws and regulations.
The personal data being processed are adequate, relevant and limited to what is necessary in relation to the
purposes for which they are processed; they are accurate and are updated if necessary.
Personal data will be processed for as long as necessary to manage the entire process
administrative tasks related to the grant application, for subsequent reporting activities, and in
Compliance with regulations on the preservation of administrative records and in accordance with the provisions of
by d.lgs. 33/2013.
Then the data will be deleted from the systems and then stored in offline archives via backup.
6. Place of processing
Personal data are processed at the offices of the Data Controllers and third parties involved through
automated tools for the time strictly necessary to achieve the purposes for which they were collected,
In compliance with the rules of confidentiality and security stipulated in current regulations.
Specific security measures are observed to prevent data loss, illicit or incorrect use, and
7. Rights of data subjects
Data subjects have the right to obtain, in the cases provided for, access to personal data and the rectification or
cancellation of the same or the restriction of processing concerning them or to object to processing (Art. 15 e
ss. of the GDPR). Specifically, by way of example only, the data subject may exercise the following rights:
(a) Right of access to data (Art. 15): the data subject has the right to obtain from the data controller the
confirmation as to whether or not personal data concerning him or her are being processed and, if so, to
obtain access to personal data in a commonly used electronic format and some information about the
processing (e.g., purposes, categories of data processed, recipients to whom they are disclosed, etc.);
(b) Right to rectification of data (Art. 16): the data subject has the right to rectify his or her personal data in the
case they are incorrect, including the right to request the completion of personal data that are not
(c) Right to data erasure or “right to be forgotten”: the data subject has the right to obtain from the data controller
of the processing the deletion of personal data concerning him, and the data controller has
The obligation to delete personal data without undue delay;
(d) Right to restriction of processing: the data subject has the right to obtain from the data controller the
processing the limitation of the processing of their personal data if the assumptions of the law apply;
(e) Right to data portability: the data subject has the right to receive in a structured, usable format
common and machine-readable personal data concerning him or her provided to a holder of the
processing and has the right to transmit such data to another data controller without hindrance from
part of the data controller to whom he or she provided them;
(f) Right to object to processing: the data subject has the right to object at any time to the
Processing of personal data about him or her for reasons related to his or her particular situation;
(g) Right to file a complaint with the Supervisory Authority: without prejudice to any other administrative recourse
or jurisdictional, the data subject has the right to lodge a complaint with the Supervisory Authority for the Protection
of personal data if it believes that the data processing carried out violates current regulations
On personal data protection.
The application for the exercise of rights (Articles 15/22 of the GDPR) may be submitted by data subjects to:
8. Updates to this Policy on the Processing of Personal Data
This information on the processing of personal data may be updated by Telearte s.r.l. in order to
To comply with the legislation, national and European, on the processing of personal data and/or to comply
To the adoption of new systems, internal procedures, or otherwise for any other reason that may be appropriate
This policy may therefore be subject to change over time at any time without notice.
Therefore, the interested party is invited to consult this page of the website periodically.
Last update date: May 2023.