Management of Rolls, lists of Expert Witnesses and other auxiliaries

Privacy and Cookie Policy of the "Rolls, lists of Expert Witnesses and other auxiliaries" Portal

The Processing of personal data provided within the scope of the "Rolls, lists of Expert Witnesses and other auxiliaries" Portal is carried out by the competent Courts in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 and Legislative Decree 196/2003, as amended by Legislative Decree 101/2018.

Sensitive and judicial data are processed in accordance with the principles laid down in Articles 2-duodecies, 51-52 of Legislative Decree 196/2003. Judicial data are processed and disclosed only where expressly authorised, permitted or required by statutory provision and in compliance with the order of the Italian Data Protection Authority (Garante) of 15 May 2014.

For any communication and/or complaint, please contact the competent court which can be reached through the contact details indicated on the institutional websites.

Some core definitions

Personal Data: any information relating to an identified or identifiable natural person (“Data Subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or one or more factors specific to his or her physical, physiological, genetic, mental, economic, cultural or social identity.

Processing: any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, retention, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Data Controller: means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the data controller or the specific criteria for its nomination may be provided for by Union or Member State law.

Data processor: The natural or legal person, public authority, agency or other entity which processes personal data on behalf of the controller.

Navigation data: This information is not collected in order to be associated with identified data subjects. This category of data includes IP addresses or domain names of computers used by users who access the site, URIs (Uniform Resource Identifiers) of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the response from the server (successful, error, etc.). Referer (the page you came from), user agent (browser type and version) and protocol (e.g. http/1.0, or http/1.1) are also collected.

Data voluntarily provided by the user: personal data that may be included in electronic correspondence to the addresses indicated on the website.

Cookies: Cookies are small text strings sent by the website server to the user's device, where they are stored in order to be retransmitted to the websites the next time the same user visits.

Personal data processed

Personal data will be processed in fulfilment of legal obligations pursuant to Article 6 par.1 lett. c) Regulation (EU) 2016/679, as well as for the performance of its public tasks or in any case connected with the exercise of its public powers and for the purposes related to these tasks, pursuant to Article 6 par.1 lett. e) Regulation (EU) 2016/679.

In particular, the following categories of personal data will be processed:

• Personal Data;
• Special categories of personal data;
• Personal data on criminal convictions and offences;
• Personal data relating to professional qualifications.

We also use data analysis tools provided by Web Analytics Italia (WAI) to collect information on users' interactions with the website in order to improve the online experience and offer relevant content. This data may include information such as IP addresses, browsing data and actions taken on the site.

The first time you log in, the system asks you to confirm certain personal data taken from the smart card or returned by the SPID provider depending on the type of authentication used, as well as information relating to your place of business.

In order to log in, the following information is required: personal data (surname, first name, date of birth, sex, place of birth, tax code, residence) certified e-mail address, professional address, contact details.

In order to fill in the application: personal data, CV information, categories, specialisations, citizenship, judicial data (criminal convictions, preventive measures, undergoing criminal proceedings) to assess the possession of the requirements and qualities provided for by the legislation in force, data contained in the annexes to the application.

For the purposes of the optional, explicit and voluntary sending of messages to the Controller's contact addresses, as well as for the filling in and forwarding of forms on the portal (via the “Contact” form), the sender's contact data, necessary for replying, may be acquired, as well as all personal data included in the communications.

Through the Portal, the User may submit the application for enrolment in the register of Court's consultants and experts in accordance with the provisions of Article 16-novies of Law Decree No. 179 of 18 October 2012, as converted with amendments by Law No. of 17 December 2012, no. 221, the payment of stamps, fees or any other sums, the monitoring of the preliminary investigation phase and the monitoring of the enrolment itself as well as the process of any appeals, requesting the cancellation or modification of the enrolment, verifying and managing any disciplinary proceedings and viewing the communications sent by the Court.

Other types of data processed

• Navigation data;
• Data voluntarily supplied by the User.

As regards navigation data, as is known, the computer systems and software procedures used to operate this portal acquire, during their normal operation, some personal data whose transmission is implicit in the communication protocols of the Internet. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning. Navigation data are stored for a period of six months. The data could be used, if available at the request of the competent authorities, to ascertain responsibility in the event of hypothetical computer offences to the detriment of the website.

As regards, on the other hand, the data provided voluntarily by the user, the voluntary and explicit sending of electronic correspondence to the addresses indicated on this site entails the acquisition of the sender's address and any personal data included in the said correspondence. The data itself is processed by the Administration for the sole purpose of completing the business processes of the affairs to which the correspondence relates, and will not be disclosed to parties outside the processing of the same.

Cookies

This website uses:

• technical cookies: technical cookies are used to navigate the website or to provide a service requested by the user. These cookies are not used for any further purposes and are usually installed directly by the website owner. Without the use of such cookies, some operations on this site may not be performed or may be more complex and/or less secure. The following cookies fall into this category:
  • navigation or session cookies that ensure normal navigation and use of the website (allowing, for example, authentication to access restricted areas);
  • analytical cookies, assimilated to technical cookies only if:
    • used only for aggregate statistics and in relation to a single site or mobile application;
    • anonymised by masking the IP address;
    • not combined by any third parties with further processing for purposes other than statistical analysis only;
  • functionality cookies, which allow the user to navigate according to a set of selected criteria (e.g. language,) in order to improve the service provided to the user.
  The installation of such cookies does not require the prior consent of users, without prejudice to the obligation to provide adequate information regarding the processing of their personal data.

Currently active cookies

Only first-party technical session cookies are currently active on the website:
cookie name: jsessionID

More specifically:

• no use is made of cookies for the transmission of personal information;
• no persistent cookies are used;
• the use of “session cookies” (which are not stored persistently on the user's computer and are deleted when the browser is closed) is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to enable the safe and efficient exploration of the site. The session cookies used on this website avoid the use of other IT techniques potentially prejudicial to the confidentiality of users' navigation and do not allow the acquisition of personal data identifying the user;
• if the reserved area is accessed using user credentials (identification mode reserved for Ministry of Justice employees), the username is traced on the application logs;
• navigation in the reserved area of the Portal is tracked anonymously in navigation logs.

It is always possible for the user to choose to enable or disable cookies by adjusting the settings of their browser according to the instructions made available by the relevant providers at the links below:

Chrome
Firefox
Safari
Internet Explorer
Opera

Purpose of processing, lawfulness and legal basis

The Data Controller will process the data for the fulfilment of the aforementioned regulations through the Portal for the management of rolls and lists in order to set up the Roll of Court-appointed experts and Experts in compliance with the principle of data minimisation.

The processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller (Regulation (EU) 2016/679, Article 6(1)(e)).

The legal basis for the processing is the legislation set out below:

• Data concerning criminal convictions or offences are acquired in accordance with Article 10 of Regulation (EU) 2016/679 and the following applicable statutory provisions:
  • Article 9 (3) of Ministerial Decree No. 109 of 4 August 2023.
  • Article 13(4) of the provisions for the implementation of the Italian Code of Civil Procedure;
  • Article 67 of the provisions for the implementation of the Italian Code of Civil Procedure;
  • Article 16-novies, of Law Decree No. 179 of 18 October 2012, converted, with amendments, by Law No. 221 of 17 December 2012, as introduced by Article 14, paragraph 2, of Law Decree No. 83 of 27 June 2015, converted, with amendments, by Law No. 132 of 6 August 2015;
• Personal data (EU Regulation 2016/679, Article 4, no. 1);
• Special categories of personal data (Regulation (EU) 2016/679, Article 9(1));
• Personal data concerning criminal convictions and offences (Regulation (EU) 2016/679, Article 10);
• Personal data concerning the professional qualifications provided for in Article 3 of Ministerial Decree No. 109 of 4 August 2023, as amended and further detailed in Articles 5 and 8 of the aforementioned Ministerial Decree.

Personal data processing methods

Personal data are processed on hard copies and by automated means for the time strictly necessary to achieve the purposes for which they were collected. Specific security measures are in particular observed to prevent the loss of Data, unlawful or incorrect use and unauthorised access.

As part of the enrolment procedure, the submission of data is mandatory. Failure to provide personal data will make it impossible to register.

Processing is carried out only by authorised and instructed personnel, or by the Data Processors designated by the Data Controller pursuant to Article 28 of the Regulation.

Data Subjects' Rights

Data subjects have the right to obtain from the Controller, in the cases provided for, confirmation as to whether or not personal data concerning them are being processed and, if so, to obtain access to the personal data processed and to the following information: the purposes of the processing, the categories of personal data, the recipients or categories of recipients to whom the personal data have been or will be disclosed (including recipients in third countries or international organisations), the expected period of retention or, if this is not possible, the criteria used to determine this period, the origin of the personal data where not directly disclosed by the data subject, the existence of an automated decision-making process including profiling and information on the applicable rationale.

Furthermore, in the cases provided for in Regulation (EU) 2016/679, the data subject also has the right to:

• withdraw any consent given to the processing of personal data at any time, without prejudice to the lawfulness of the processing based on the consent given before revocation;
• have inaccurate personal data rectified;
• have incomplete personal data integrated;
• have, in the cases provided for in the Regulation, the processing of personal data restricted (in which case, the data are processed only with consent, except for the necessary retention of the data and in the other cases allowed by the law);
• object to the processing of your personal data;
• have (“right to be forgotten”) personal data erased;
• obtain data portability, i.e. the receipt in a structured, commonly used and machine-readable format of personal data and the transmission, without hindrance, of such data to another data controller, where technically feasible.

The data subject may access their personal data and/or request their rectification and/or erasure, where legally possible the restriction of their processing, and object to their processing (Article 15 et seq. of EU Regulation No. 679 of 2016) by sending a communication to the contact details of the data controller Court, which can be reached through their respective institutional websites.

Right to lodge a complaint

Data subjects who believe that the processing of personal data relating to them carried out through this website is in breach of the provisions of EU Regulation No. 679 of 2016 have the right to lodge a complaint with the Italian Data Protection Authority, as provided for in Article 77 of the aforementioned Regulation, or to take legal action (Article 79 of EU Regulation No. 679 of 2016).
Italian Data Protection Authority website: https://www.garanteprivacy.it/diritti/come-agire-per-tutelare-i-tuoi-dati-personali/reclamo

[last updated 5th June 2024]