Privacy Policy

Associazione Italiana per la Sicurezza Informatica (hereafter also “CLUSIT”) and Associazione Utilizzatori Sistemi E tecnologie Dell’informazione (hereafter also “AUSED”) provide, with reference to article 13 of Legislative Decree no. 196/2003 (Personal Data Protection Code) and Recommendation n. 2/2001, Working Party article 29 of Directive 95/46/EC, certain information relating to the processing of your personal data during your visit to the site (hereafter also “Website”).

Collection and processing of personal data

Navigation data

The information systems and software procedures relied upon to operate this website acquire personal data as part of their standard functioning; the transmission of such data is an inherent feature of Internet communication protocols.

Such information is not collected in order to relate it to identified data subjects, however it might allow user identification per se after being processed and matched with data held by third parties.

This data category includes IP addresses and/or the domain names of the computers used by any user connecting with this website, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of such requests, the method used for submitting a given request to the server, returned file size, a numerical code relating to server response status (successfully performed, error, etc.), and other parameters related to the user’s operating system and computer environment.

These data are only used to extract anonymous statistical information on website use as well as to check its functioning; they are erased immediately after being processed. The data might be used to establish liability in case computer crimes are committed against the website.

Data supplied voluntarily

Certain pages of the Site will ask you to provide personal information. In this case, you will be provided with information in accordance with article 13 of Legislative Decree no. 196/2003 concerning the processing of personal data in relation to every intended purpose.


Information regarding cookies used on the website can be found at the following url 

Conferment of data

Except for the foregoing as regards navigation data, the conferment of data for other purposes is optional. If such data is not provided, it may be impossible to pursue such additional purposes.

Purpose and sphere of personal data processing and communication

AUSED and CLUSIT will process your personal data for the technical administration of the Website and other purposes, by way of example but not limited to: registration to the Website.

Only if your express consent is obtained may your data be processed for marketing purposes or notified to third parties for the same purposes. Data will not be disseminated.

Your data will be processed by employees and collaborators of AUSED and CLUSIT as persons in charge of the processing and data processors. Your personal information may be processed by trusted companies that perform tasks of a technical and organizational nature on our behalf, by way of example but not limited to: companies providing site maintenance services. These companies are our direct partner companies having the role of data processors. Their list is constantly updated and available on request by contacting AUSED at the address below or sending an e-mail to

Processing methods

Your personal data will be processed using IT tools for the time necessary to fulfill the purposes for which such data was obtained. Specific security measures are applied to prevent the loss of data, illegal or improper utilization and unauthorized access.

Your rights

At any time you can require information on the processing of your personal data, obtain updating, correction or integration of the same and obtain the cancellation, transformation into an anonymous form, as well as the blocking of data processed unlawfully and object to the processing of your data according to Article 7 of Legislative Decree n. 196/2003 which is shown in full below.

To exercise your rights, please contact AUSED by sending a written notice to the address here below or mailing to

Data Controller

The Data Controllers are

  • Associazione Italiana per la Sicurezza Informatica., with registered headquarters in Milan, Via Comelico 39, 20135 MILANO Italy
  • Associazione Utilizzatori Sistemi E tecnologie Dell’informazione, with registered headquarters in Milan, Viale Umbria, 49 20135 – Milano

Article 7 of Legislative Decree 30 June 2003 n. 196 (Right to Access Personal Data and Other Rights)

  1. A data subject shall have the right to obtain confirmation as to whether or not personal data concerning him exist, regardless of their being already recorded, and communication of such data in intelligible form.
  2. A data subject shall have the right to be informed:
  • of the source of the personal data;
  • of the purposes and methods of the processing;
  • of the logic applied to the processing, if the latter is carried out with the help of electronic means;
  • of the identification data concerning data controller, data processors and the representative designated as per Section 5(2);
  • of the entities or categories of entity to whom or which the personal data may be communicated and who or which may get to know said data in their capacity as designated representative(s) in the State’s territory, data processor(s) or person(s) in charge of the processing.
  1. A data subject shall have the right to obtain
  • updating, rectification or, where interested therein, integration of the data;
  • erasure, anonymization or blocking of data that have been processed unlawfully, including data whose retention is unnecessary for the purposes for which they have been collected or subsequently processed;
  • certification to the effect that the operations as per letters a) and b) have been notified, as also related to their contents, to the entities to whom or which the data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected.
  1. A data subject shall have the right to object, in whole or in part,
  • on legitimate grounds, to the processing of personal data concerning him/her, even though they are relevant to the purpose of the collection;
  • to the processing of personal data concerning him/her, where it is carried out for the purpose of sending advertising materials or direct selling or else for the performance of market or commercial communication surveys.