Regulation (EU) 679/2016 "General Data Protection Regulation (GDPR)", together with Legislative Decree no. 196/2003 "Personal data code" as amended by Legislative Decree no. 101/2018, define rules regarding the protection of individuals with regard to the processing of personal data and the free movement of data. Fondazione Bruno Kessler, aware of the importance of the protection of its personal data, undertakes to process them taking into account the principles of lawfulness, fairness, transparency, purpose limitation, data minimization, accuracy, retention limitation, integrity, confidentiality and responsibility awareness.
FBK is actively engaged in adapting to new regulatory obligations to ensure compliance with the GDPR. In this context, the Corruption Prevention, Transparency and Privacy Unit, ensures the monitoring and organizational-functional support regarding the protection of personal data and supports FBK staff with GDPR compliance matters.
On March 19, 2018 (with a deed registered on March 23, 2018), the Head of the Unit - Dr. Alessandro Dalla Torre - has received a special power of attorney to represent Fondazione Bruno Kessler, binding it with his signature, in performing the duties which fall within the scope of the role assigned to him, allowing him in particular to ensure, on behalf of the Data Controller, the coordination of the aspects relating to regulations on the protection of personal data for the Foundation, which in particular is executed by the signing of Joint Controller agreements, appointments as Data Processor and internal appointments.
Pursuant to art. 37 of GDPR and with the aim of overseeing the privacy system adopted on the relevant legislation, Dr Anna Benedetti has been appointed Data Protection Officer (DPO) on April, 26, 2018 with resolution no. 09/2018 of the FBK Board of Directors and afterwords renewed for and another three-year term on June 18, 2021 with resolution no. 14/2021.
FBK staff may contact the DPO for support and assistance with adaptation to the provisions of the GDPR at help-privacy@fbk.eu, privacy@fbk.eu, privacy@pec.fbk.eu.
The Data Controller is the Foundation as a whole, which exercises completely independent decision-making power over the purposes and methods of processing, including the security profile.
FBK has defined an Organizational Model of privacy related liability aimed at the correct processing of personal data. The model is in line with the Foundation’s organizational chart. On the occasion of the annual update of the general organization chart, the Foundation also updates the line of internal responsibilities regarding the processing of personal data by identifying in the Managers of organizational articulations, regardless of their names (e.g. Centers, Units, Services, ...) the Internal Data Processors for personal data relating to processes of their concern solely.