ISSN: 2975-0911
© ELFR - European Law and Finance Review
Rivista di Classe A
PRIVACY POLICY
(pursuant to Articles 13 and 14 of Regulation (EU) 2016/679 – GDPR)
This Privacy Policy is provided to users who access and browse the website
https://www.europeanlawandfinancereview.com/ (hereinafter, the “Website”), in accordance with Regulation (EU) 2016/679 (“GDPR”) and the applicable national and European data protection legislation.
1. Data Controller
The Data Controller of personal data is:
Diego Rossano
Editor-in-Chief with intellectual responsibility of the journal
European Law and Finance Review (ELFR)
For institutional purposes, domiciled at:
University of Naples Parthenope
Department of Business and Economic Studies (DISAE)
Palazzo Pacanowski, Via Generale Parisi no. 13
80132 – Naples, Italy
Email: info@europeanlawandfinancereview.com
PEC (certified email): diego.rossano@pec.uniparthenope.it
2. Categories of personal data processed
The Website processes exclusively common personal data, including:
browsing data (e.g. IP addresses, domain names of devices used by users, technical logs);
personal data voluntarily provided by users through the public contact form (name, email address, message content);
personal data provided by reviewers and evaluators through dedicated assessment forms, accessible exclusively via direct and private links sent individually by the journal.
The Website does not process special categories of personal data pursuant to Article 9 GDPR.
3. Purposes of processing and legal basis
Personal data are processed solely for the following purposes:
a) to ensure the proper functioning and navigation of the Website;
b) to manage and respond to requests submitted by users via the public contact form;
c) to manage editorial, scientific and peer-review activities, including the collection of evaluations through dedicated assessment forms reserved for selected reviewers;
d) to comply with legal obligations or requests from competent authorities.
The legal basis for the processing is:
the legitimate interest of the Data Controller (Article 6(1)(f) GDPR) in ensuring the operation of the Website and in managing editorial and scientific activities;
the performance of pre-contractual or professional measures taken at the request of the data subject (Article 6(1)(b) GDPR), limited to communications and collaborations initiated by the journal or by the data subject.
The Website does not carry out marketing activities, profiling, or commercial communications.
4. Methods of processing
Personal data are processed using electronic and telematic tools, in compliance with the principles of lawfulness, fairness, transparency, data minimisation and security laid down by the GDPR.
Appropriate technical and organisational measures are adopted to protect personal data and to prevent unauthorised access, loss or unlawful use.
5. Data retention
Personal data are retained for the time strictly necessary to achieve the purposes for which they were collected and, in particular:
browsing data are retained for the period required by applicable law;
data provided through the public contact form are retained for the time necessary to manage and respond to the user’s request;
data provided by reviewers through assessment forms are retained for the duration strictly necessary to complete the relevant editorial and evaluation procedures, unless further retention is required by law or justified by legitimate editorial needs.
6. Disclosure of data
Personal data will not be disclosed.
They may be communicated exclusively to external parties acting as data processors or independent controllers, insofar as necessary for technical, organisational or legal obligations related to the operation of the Website and the editorial activities of the journal.
7. Transfer of data outside the European Union
Personal data are not subject to systematic transfer to countries outside the European Union.
Any occasional transfer shall take place in compliance with the safeguards provided for by the GDPR.
8. Rights of the data subject
Data subjects may exercise at any time the rights provided for in Articles 15 et seq. of the GDPR, including the right to:
obtain confirmation as to whether or not personal data concerning them are being processed;
access their personal data;
request rectification or updating of data;
request erasure, where applicable;
object to processing or request restriction of processing;
exercise the right to data portability, where applicable.
Data subjects also have the right to lodge a complaint with the competent Data Protection Authority.
Requests may be addressed to the contact details indicated in Section 1 of this Policy.
9. Amendments to this Privacy Policy
This Privacy Policy may be updated at any time.
Users are therefore encouraged to review it periodically.
