Privacy Policy

Italian Version

Privacy policy statement pursuant to Legislative Decree no. 196 of 30 June 2003 (Personal Data Protection Code), as amended by Legislative Decree 101/2018, and European Personal Data Protection Regulation no. 679/2016

Published: 02/10/2019

Site policy - general provisions

The Telethon Foundation takes the user's privacy very seriously and is committed to respecting it under the terms provided by the applicable regulations (Legislative Decree no. 196 of 30 June 2003, amended by Legislative Decree 101/2018, hereinafter "Code" and Regulation (EU) 2016/679 - hereinafter "Regulation").

This document provides information on the processing of personal data collected by the Telethon Foundation as Data Controller through the website, which constitutes the main website, and the websites, of third level, (hereinafter, for brevity, jointly, the "Site") related to TIGEM and belonging to the Telethon Foundation and therefore constitutes information to the interested users who access them (hereinafter "Users"), pursuant to the aforementioned regulations. The purpose of the privacy policy is to provide the maximum transparency regarding the information that the Website collects and how it uses it.

This privacy policy may be subject to change over time, also as a result of additions and amendments to the relevant laws and regulations or our institutional decisions. Users are therefore invited to periodically consult this section of the Site.

Identity and contact details of the Data Controller and Data Protection Officer

The Data Controller is Fondazione Telethon, with registered office at Via Varese 16/B, Rome, in the person of the Delegate Dr Francesca Pasinelli, pursuant to the Board of Directors' resolution of 7 February 2013 (hereinafter the "Data Controller" or "Controller"). The DPO is identified in the person of Lawyer Michela Maggi available at the following contacts:

Nature of the data processed

Access to the Website is completely free of charge and does not require registration or the provision of any data.

If registration is required in order to access a third-level site or a specific service provided on a page of the main site or third-level sites, the User will be provided with specific information when filling out the registration form.

The third level sites identified to date, but which may change according to the specific needs of the Owner, are the following: – Bioinformatics Core Web Site – Bioinformatic Site - Cilia/Centrosome Complex Interactome Web Site – Bioinformatic Site – Human Chromosome 21 Gene Expression “Atlas” – Disclosure Site – Drugs Network Tool – Bioinformatic Site - Comparative Genomics Analysis of MicroRNA DataBase – Bioinformatic Site – Co-Expression Meta-Analysis of MIRNA Targets – Disclosure Site – Diego di Bernardo’s Lab Web Site – Disclosure Site - Drug Set Enrichment Analysis – Bioinformatic Site - TIGEM Exome Mendelian Disorder Pipeline – Bioinformatic Site - Pathway-based Rational Drug Repositioning – Bioinformatic Site – GeneTRAP Project Web Site – Disclosure Site - – Host-gene Opposite Correlated Targets Web Site 2nd Version– Disclosure Site - Mode of Action by NeTwoRk Analysis – Bioinformatic Site - Clinical Trial of Gene Therapy for MPS VI, a severe lysosomal storage – Disease Disclosure Site – European Project FP7 (HEALTH.2012.2.4.4-1) – Retina Genes Browser – Bioinformatic Site – High-Resolution Expression Atlas revealing the spatiotemporal distribution of 221 miRNAs in the developing and adult wild-type mouse eye. – Disclosure Site – Genes and Drugs Network Tool – Bioinformatic Site – Next Generation Sequencing Analysis – Bioinformatic Site - Energy biogenesis: one key for coordinating two genomes (paper appendix) – Disclosure Site - PDP1 regulates cellular respiration and energy metabolism in Drosophila melanogaster (paper appendix) – Disclosure Site – RNA expression profiles of Retinitis Pigmentosa genes in human and mouse retina – Disclosure Site – Retina Gene Network Browser – Bioinformatic Site - A novel view of the transcriptome revealed from gene trapping in mouse embryonic stem cells. (paper appendix) – Disclosure Site - Genomic analysis of the TRIM family reveals two groups of genes with distinct evolutionary properties (paper appendix) – Disclosure Site

This could for instance be the case for third level sites of a bioinformatics nature where researchers, by registering, can access and upload anonymous or pseudonymised information.

On the pages where registration is to take place, there will be specific information.

In the same way, if in the main site or in one of the third level sites there are pages in which personal data other than navigation data and cookies are collected, with reference to these, on the specific page, suitable information will be provided to acquire consent where necessary,

Given what is specified in the two previous paragraphs, in which reference is made to specific information, we hereby inform Users in relation to the processing of the following data:

  1. The common personal data collected through cookies as specified in the Cookie Policy

  2. Navigation data
Purposes of the processed data and legal basis of the processing

  1. Data provided voluntarily by Users

    When the User sends an e-mail message to the addresses indicated on the Site, the sender's address is acquired, which is necessary in order to respond to requests, as well as any other personal data included in the e-mail.

  2. Navigation data

    The computer systems and software procedures used to operate the site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected in order to be associated with identified interested parties, but by its very nature could, through processing and association with data held by third parties, allow the Users to be identified. This category of data includes IP addresses or the domain names of the computers used by the Users who connect to the site, the URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the Users' operating system and computer environment. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the site.

  3. Cookies

    See the extended information at the following link:

    With the exception of third party cookies and Google Analytics, for which consent is required when the site is opened, the legal basis for processing for the other purposes is the legitimate interest of the data controller in responding to requests received from users (purpose no. 1) and in allowing navigation of the site and the sharing of information as part of the development of scientific research (purpose no. 2 and purpose relating to the use of technical cookies).
Processing methods and data retention times
Personal data are processed by automated tools for the time strictly necessary to achieve the purposes for which they were collected. Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorised access. The data is kept for the time strictly necessary to pursue the purposes indicated in this information notice and will be deleted at the end of this period, unless the data must be kept for legal obligations or to enforce a right in court.

The personal data of the Users may be made available to third parties, autonomous holders of the data processing, for purposes related to the provision of services of interest or in compliance with laws and regulations that require the communication, as well as to supervisory bodies.
The Telethon Foundation reserves the right to
  • transmit the data to third parties (data controllers - art. 4, paragraph 8, GDPR: "the natural or legal person, public authority, service or other body that processes personal data on behalf of the data controller") exclusively for purposes instrumental to what has been expressly requested and carefully selected by us;
  • communicating the data to third parties for activities connected with what is of interest or where this is required by law, regulation or Community legislation.
Transfer of data to non-EU countries

This website may share some of the data collected with services located outside the European Union area. In particular with Google, Facebook and Microsoft (LinkedIn) through social plugins and the Google Analytics service. Please refer to the information/privacy policies contained in the relevant social and third-party sites:

The above companies have agreed to the Privacy Shield.

Users' rights as data subjects

Users may exercise, at any time, their rights under Articles 15-22, GDPR below, by making a request to the email address (alternatively, by writing to the Data Controller Fondazione Telethon - Via Varese 16/B, 00185 Rome).
  1. obtain confirmation of the existence or otherwise of personal data concerning you, even if not yet recorded, and their communication in intelligible form;

  2. ask the Data Controller for access to your personal data, as well as the right to data portability;

  3. obtain the updating and rectification or, when interested, the integration of data;

  4. to oppose, in whole or in part: a) on legitimate grounds, the processing of personal data concerning him/her, even though they are relevant to the purpose of the collection; b) the processing of personal data concerning him/her, where it is carried out for the purpose of sending advertising materials or direct selling or else for the performance of market or commercial communication surveys;

  5. obtain the cancellation and transformation into anonymous form or blocking of data processed in breach of the law, including data whose retention is unnecessary for the purposes for which the data were collected or subsequently processed;

  6. withdraw consent (only for processing for which there is a legal basis for consent) at any time without prejudice to the lawfulness of processing based on the consent given before the withdrawal;

  7. lodge a complaint with a supervisory authority;

  8. obtain certification to the effect that the operations as per numbers 4 and 6 above have been notified, as also related to their contents, to the entities to whom or which the data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected.
Security of your personal data
Fondazione Telethon adopts appropriate and preventive security measures to safeguard the confidentiality, integrity, completeness and availability of your personal data. As established by the regulations governing the security of personal data, technical, logistic and organisational measures are put in place in order to prevent damage, loss (even accidental), alteration, improper and unauthorised use of your data. Similar preventive security measures are adopted by third parties (data processors) to which Fondazione Telethon has entrusted processing operations of your data on its own behalf. On the other hand, Fondazione Telethon is not responsible for untruthful information sent directly by the user (e.g.: correctness of e-mail address or postal address or other personal data), as well as for information concerning him/her that has been provided by a third party, even fraudulently.

* Article 13 Information to be provided where personal data are collected from the data subject 1. Where personal data concerning the data subject are collected from the data subject, the controller shall provide the data subject, at the time when the personal data are obtained, with the following information: a) the identity and contact details of the controller and, where applicable, of its representative; b) the contact details of the data protection officer, where applicable; c) the purposes of the processing for which the personal data are intended and the legal basis of the processing; 4.5. 2016 L 119/40 Official Journal of the European Union EN (d) where the processing is based on point (f) of Article 6(1), the legitimate interests pursued by the controller or by third parties; (e) the recipients or categories of recipients of the personal data, if any; (f) where applicable, the intention of the controller to transfer personal data to a third country or an international organisation and the existence or absence of an adequacy decision by the Commission or, in case of transfers pursuant to Article 46 or 47, or to the second paragraph of Article 49, the reference to appropriate or adequate safeguards and the means by which a copy of such data may be obtained or the place where they have been made available. 2. In addition to the information referred to in paragraph 1, at the time when the personal data are obtained, the controller shall provide the data subject with the following further information necessary to ensure fair and transparent processing (a) the storage period of the personal data or, if that is not possible, the criteria used to determine that period; (b) the existence of the right of the data subject to request from the controller access to and rectification or erasure of the personal data or restriction of processing concerning him or her, as well as the right to data portability; (c) where the processing is based on Article 6(1)(a) or Article 9(2)(a), the existence of the right to withdraw consent at any time without affecting the lawfulness of the processing based on the consent given before the withdrawal; (d) the right to lodge a complaint to a supervisory authority; (e) whether the provision of personal data is a legal or contractual obligation or a necessary precondition for the conclusion of a contract, and whether the data subject is under an obligation to provide the personal data, as well as the possible consequences of failure to provide such data; (f) the existence of automated decision making, including profiling as referred to in Article 22(1) and (4), and, at least in such cases, meaningful information on the logic used, as well as the importance and the envisaged consequences of such processing for the data subject. Where the controller intends to further process the personal data for a purpose other than that for which they were collected, prior to such further processing it shall provide the data subject with information about that other purpose and any further relevant information referred to in paragraph 2. Paragraphs 1, 2 and 3 shall not apply if and to the extent that the information is already available to the data subject.