Privacy Policy

Why a privacy policy

This policy describes how is managed with regard to the processing of personal data of visitors who use it and who interact with the web services offered by IAP, with registered offices at The World Academy of Sciences (TWAS), Strada Costiera 11, 34151 Trieste, Italy and at The U.S. National Academies of Sciences, Engineering, and Medicine, 500 Fifth St. NW, Washington, DC 20001, United States. This policy is a disclosure provided pursuant to Section 13 of the Italian Legislative Decree no. 196 of 30 June 2003, (Code for the protection of personal data; for brevity referred to hereafter as the "Code"). It only applies to this website and does not concern other websites that may be accessed by the user via links. The information provided is also based on the guidelines in the Recommendation No. 2/2001, which was adopted on 17 May 2001 by the European data protection authorities within the Working group set up under Article 29 of European Directive 95/46/EC in order to establish minimum requirements for the collection of personal data online, and, in particular, the manner, timing and the nature of the information to be provided by data controllers to users when they visit the web pages regardless of the purpose.


What is meant by personal data?

Personal Data is every piece of information related to a natural or legal person, body or association, identified or identifiable, also indirectly, through reference to any other information (such as a number or an ID code). Particularly important are:

"identification data": personal data which allow direct identification of a person (e.g. the first and the last name, email address, Tax ID as well as an image, the recording of one’s voice or one’s fingerprint, or medical, accounting or financial information of that person); “sensitive data”: personal data requiring special precautions on account of its nature; sensitive data are any data which may reveal a person’s racial origin or ethnicity, religious or other beliefs, political opinions, membership of parties, trade unions and/or associations, state of health or sex life

"judicial data": personal data which can reveal certain judicial measures which required inclusion in the person’s criminal record (for example, final criminal convictions; paroling; residency and/or movement restrictions; and alternatives to detention). The fact of being a defendant and/or the subject of criminal investigations falls within the scope of this definition as well.
With the evolution of the new technologies, other personal information have taken on a significant role, such as those relating to electronic communications (via the Internet or telephone) and those which enable the geo-location, by providing information about frequented and travelled to places.

For more information on personal data, users can visit:


What does "processing" mean and who are the subjects involved?

Processing (personal data) is an operation or set of operations concerning the personal data.

The code definition is wide-ranging as it includes collection, recording, organization, storage, modification, selection, extraction, usage, blockage, communication, dissemination, cancelation and destruction of data. Each of these operations is a form of data processing.

The individual, the company, the association or any other entity that is actually in control of the processing of personal data is the “data controller”. It is empowered to take the essential decisions on the purposes and mechanisms of such processing including the applicable security measures (Section 4, par 1, let. f), of the Code.

If the personal data is processed by a company or a public administrative body, it is the entity as a whole that acts as the data controller rather than the individual or department/unit that manages or represents such entity (e.g. Chairman, CEO, auditor, Minister, General Director, etc.). The cases where an individual is the data controller mostly concern processing operations performed by self-employed professionals or single-person corporations.

The data controller may entrust with specific data processing management and control tasks of an individual, company, association or organization, even outsider, designated as “data processor” on account of the relevant experience and/or skills. (Section 4, par. 1, let. g), of the Code.

An employee or a co-worker that processes or actually uses personal data on behalf of the Data Controller's organization in accordance with the instructions given by the Data Controller and/or the Data Processor (if the latter has been appointed) is a “persons in charge of the processing” (Section 4, par. 1, let. h), of the Code.

"Data subject" is the individual to which the personal data relates.


Who processes the personal data of the users of this website?

Visiting this site may result into the processing of data concerning identified or identifiable persons. The data controller is IAP, with registered offices at The World Academy of Sciences (TWAS), Strada Costiera 11, 34151 Trieste, Italy and at The U.S. National Academies of Sciences, Engineering, and Medicine, 500 Fifth St. NW, Washington, DC 20001, United States. The processing operations related to the web-based services that are made available through this website are carried out exclusively by IAP personnel and by Interfase srl, via Belpoggio 6/a, 34123 Trieste (website development and maintenance) as data processors.


Where are the personal data processed?

The processing operations related to the web-based services that are made available via this website are stored on the server of Amazon Web Services, P.O. Box 81226, Seattle, WA, United States 98108-1226. When necessary from time to time, data can be processed by the staff of Interfase srl, the company responsible for the website maintenance and development and designated as data processor in accordance with the Code, at the headquarters of this company in via Belpoggio 6/a, 34123 Trieste.


Which categories of personal data are processed?

Navigation data

The electronic systems and software, set to run this website, collect some personal data implicit with the use of internet communication protocols.
Although the collected information is not associated to identified users, by its own nature it may allow user’s identification if processed and associated with third-party data.
This category of data includes: IP addresses or domain names of computers that access the website, the URI (Uniform Resource Identifier) addresses of requested resources, the time of the request, the method for submitting the request to the server, the answer’s file size, the numerical code showing the status of the response supplied by the server (ok, error, etc.) and other parameters relative to operative system and user’s computer environment.
These data are used only for anonymous statistical analyses about this website and to check the site’s correct functioning, and once processed they are immediately deleted. In case of crimes against the site, collected data could be used to investigate for responsibilities: in all other cases, data on web contacts are not stored permanently, unless users request so.


For more information, users can read our Cookie Policy


Data supplied by users on a voluntary basis

Users can provide their data on the basis of a freely chosen, explicit and voluntary option to:

Send communications or to contact IAP

Sending e-mails to the addresses specified at requires the acquisition of senders’ address in order to give feedback on their requests, and implies also the acquisition of other personal data included in the message.

Similarly, phone calls made to the numbers on the site at involve the acquisition of the data reported by the caller or the sender.

Users are recommended not to provide sensitive data of theirs or of third parties, in particular those related to health, without having previously given their consent in the manner prescribed by law.

Subscribe to IAP Newsletter

If you subscribe to the IAP newsletter, you submit your personal information and give us the right to contact you via email. We use the data stored in the registration for the newsletter exclusively for our newsletter and not for any other purposes.

If you unsubscribe from the newsletter we delete all data that was saved with the registration for the newsletter. You can find the link to unsubscribe at the bottom of each newsletter.



The data controller may change this Privacy Policy at any time. Visitors are invited to take a look at date of the last update at the bottom of this page to see when this Privacy Policy was last revised. Any changes in this Privacy Policy will become effective when the data controller makes the revised Privacy Policy available on or through the website.


More Information

Hopefully we have clarified things for the users. If more information is needed, users can contact the data controller through e-mail: