Privacy Policy

This notice provides information about the processing methods for the personal data of users (hereinafter referred to as “Personal Data”) who access the website https://digitalismissio.org (hereinafter referred to as the “Site”). Below, you will find details on how we collect, use, and share Personal Data, including any information that may be used to identify or contact users (hereinafter referred to as the “User”).

1. DATA CONTROLLER The data controller is the Dicastery for Communication (hereinafter referred to as “DPC”), located at Via della Conciliazione no. 5, 00120 Vatican City State, email: spc@spc.va.

2. PERSONAL DATA SUBJECT TO PROCESSING The processing of Personal Data includes any information sufficient to identify or render the User identifiable. Specifically, the following categories of Personal Data are processed via the Site:

   • a. Browsing Data: The computer systems and software procedures required for the operation of the Site automatically acquire certain Personal Data during normal use. This includes IP addresses or domain names of the devices used, URI (Uniform Resource Identifier) addresses of requested resources, request times, methods used to submit requests to the server, file sizes of responses, numerical codes indicating server response statuses (e.g., success, error), and other parameters related to the User’s operating system and IT environment. These data are used solely for anonymous statistical purposes, ensuring the Site’s proper functioning and identifying anomalies or misuse. Data may also be used to investigate potential IT crimes involving the Site or third parties. 
   • b. Data Voluntarily Provided by the User: To access services (hereinafter referred to as “Services”) available on the Site, such as registering or making an order, certain Personal Data must be provided by the User. This includes, but is not limited to, name, surname, email address, and residential address. If payment is made via bank/postal transfer, the DPC processes only the data necessary to complete the order. The DPC does not handle payment data processed by third-party intermediaries. Services and their usage are governed by the Terms of Use. For Customer Service or Webmaster inquiries submitted through the “Contact Us” section, the User’s email address is required to provide a response. Providing Personal Data is optional; however, refusal to do so may result in an inability to access specific services.
     
     

3. LEGAL BASIS FOR PROCESSING THE USER’S PERSONAL DATA The User’s Personal Data is primarily collected directly from the User, either voluntarily or as necessary for providing Services. The provision of Personal Data for purposes outlined in Section 2.b. is optional but necessary to use certain Services.

4. PURPOSE AND METHODS OF PROCESSING The User’s Personal Data is processed, with specific consent where required, for the following purposes:

   • a. Allow navigation and access to the Site and its content;
   • b. Enable the provision of requested Services (e.g., order processing);
   • c. Ensure data security and protection;
   • d. Comply with legal obligations;
   • e. Prevent fraudulent activities and ensure Site security.

   The DPC will not process Personal Data for purposes other than those stated above and does not employ automated decision-making. Personal Data is processed using automated and manual tools, ensuring confidentiality, integrity, and security. Data is retained only for as long as necessary to achieve the purposes outlined.

5. DATA RECIPIENTS Personal Data may be disclosed to authorized public and private entities only in compliance with legal, regulatory, or judicial orders. Authorized personnel, including DPC employees and third-party service providers (e.g., system maintenance or payment processing), process Personal Data exclusively for the purposes stated and in compliance with confidentiality and security requirements.

6. COOKIES AND OTHER TRACKING SYSTEMS The DPC uses session-based technical cookies (non-persistent) solely for secure and efficient Site navigation. Third-party cookies are also used for analytical purposes. For more information, please refer to the Site’s Cookie Policy.

7. STORAGE, SECURITY, AND DATA PROTECTION The DPC ensures that all collected Personal Data is accurate, complete, and up-to-date, retaining it only for the duration necessary to provide requested Services. Browsing data is retained for 12 months to address potential IT security concerns or crimes, as required by authorities. Personal Data used for billing is retained in compliance with applicable laws. Security measures, including limited-access IT systems and encrypted storage, are implemented to safeguard the User’s Personal Data.

8. USER RIGHTS Users, as data subjects, have the following rights regarding their Personal Data:

   • Access and obtain a copy of their Personal Data;
   • Request corrections for inaccuracies;
   • Request deletion or restriction of processing;
   • Object to processing;
   • Withdraw consent at any time, without affecting the lawfulness of processing conducted prior to withdrawal.
     
     

9. EXERCISING RIGHTS AND OPTING OUT To exercise the above rights, Users may contact the DPC via email at policies@spc.va.

10. CHANGES TO THE PRIVACY POLICY This Privacy Policy will be updated to reflect regulatory changes. The DPC reserves the right to modify this Privacy Policy at any time, and Users are encouraged to review it periodically. Continued use of the Site implies acceptance of any updates. For changes requiring explicit consent, Users will be asked to review and accept the revised policy.