BEHAVE Privacy Policy

The following provisions are made in accordance with the EU General Data Protection Regulation 2016/679 and Article 13 of Italian Legislative Decree No. 196/2003. This statement sets out the provisions governing the processing and use of any personal data you provide to the Institute for Educational Technology, CNR (ITD-CNR), including to whom and where those data can be transferred. It also specifies your rights with respect to those data. In accordance with provisions for the protection of personal data of individuals and of other entities set out in Article 13 of Italian Legislative Decree No. 196/2003 (henceforth “Italian Privacy Code”) and in Article 13 of the EU General Data Protection Regulation 2016/679 (henceforth “GDPR 2016/679”), we hereby inform you that any personal data you provide will be processed in accordance with the abovementioned regulations and with the privacy provisions that ITD-CNR is required to observe. The BEHAVE application (, “our application”) is one of the mail results of the BEHAVE project (Behavioral management model across europe; ERASMUS + KA2 Strategic Partnership for school education - 2017-1-IT02-KA201-036540). This privacy policy will explain how the partners (“we”, “us”) of the BEHAVE project use the personal data collected from you when you use the application.


Purposes and obligations of personal data management

ITD-CNR will manage your personal data in accordance with the purposes set out in GDPR 2016/679. Specifically, these concern the performance of ITD-CNR’s public functions and/or activities related to the exercising of its public duties. This includes archiving, search and analysis of data for statistical purposes. Your personal data are needed to fulfil legal requirements, including those concerning communications with the National Research Council (CNR).

What data do we collect?

The BEHAVE application collects just your e-mail address when you sign up to the application. We receive and store certain types of usage information whenever you interact with the application; this information is not Personal Information or Children’s Personal Information. If you use your Google login details, you give Google permission to share the information that you have made public in your Google profile. This only includes your first and last name, your email address and whether your email address has been validated, your age range, a link to your Google profile and, if you have one, your profile picture. Technical information may include the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, operating system and platform. Location is inferred based on IP location. How do we collect your data?

You directly provide us with most of the data we collect. We collect data and process data when you:

  • Register online.
  • Use or view our website via your browser’s cookies.

We receive your data indirectly from Auth0 (, a service managing the application authentication and authorization processes.

How will we use your data?

We use personal data collected through our application for the following purposes:

  • To provide the services you sign up for and to make you aware of any changes to our services.
  • To carry out statistical analysis of the data collected through the BEHAVE application for research purposes.
  • For statistical purposes such as analysing the performance of our sites and apps and to understand how visitors use them.
  • To respond to your queries and to resolve complaints.
  • For security and fraud prevention, and to ensure that our application is safe and secure and used in line with our terms of use.
  • To comply with applicable laws and regulations.
  • To contact you for research purposes, for example about a survey. You can opt out from being contacted in this writing an email to

How do we store your data?

We securely store your data on a server located at Istituto per le Tecnologie Didattiche, via Ugo La Malfa 153, 90146 Palermo (Italy). We have implemented appropriate technical controls to protect your personal data against unauthorised processing and against accidental loss, damage or destruction. You are responsible for choosing a secure password when we ask you to set up a password to access the application. You should keep this password confidential and you should choose a password that you do not use on any other site. You should not share your password with anyone else. Unfortunately, sending information via the Internet is not completely secure. Although we will do our best to protect your personal data once with us, we cannot guarantee the security of any personal data sent to our site while still in transit and so you provide it at your own risk.

What are your data protection rights?

We would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:

  • The right to access – You have the right to request us for copies of your personal data.
  • The right to rectification – You have the right to request that we correct any information you believe is inaccurate. You also have the right to request us to complete the information you believe is incomplete.
  • The right to erasure – You have the right to request that we erase your personal data.
  • The right to restrict processing – You have the right to request that we restrict the processing of your personal data.
  • The right to object to processing – You have the right to object to us processing of your personal data.
  • The right to data portability – You have the right to request that we transfer the data that we have collected to another organization, or directly to you.

If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us at our email, attaching a scan of your passport, driver’s licence, or similar document as proof of identity.


Cookies are text files placed on your computer to collect standard Internet log information and visitor behaviour information. When you visit our application, we may collect information from you automatically through cookies or similar technology

How do we use cookies?

We use cookies in a range of ways to improve your experience on our website, including:

  • Keeping you signed in
  • Understanding how you use our website

What types of cookies do we use?

There are a number of different types of cookies, however, our website uses:

  • Functionality – We use these cookies so that we recognize you on our website and keeping you signed up if you want to. A mix of first-party and third-party cookies are used.
  • Analytics – cookies that are used to collect information about your visit to our site, the content you have viewed, the links you have followed and information about your browser, device and your IP address.

Cookies used:

  • PHPSESSID: a cookie to allow users to sign in.
  • _ga: a cookie to monitor how users interact with application content.

How to manage cookies

You can set your browser not to accept cookies, and manually remove cookies from your browser. However, in a few cases, some of our application features may not function as a result.

Privacy policies of other websites

The BEHAVE application doesn’t contain links to other websites.

Changes to our privacy policy

We keep its privacy policy under regular review and places any updates on this web page. This privacy policy was last updated on 12 September 2019.

The Data Controller and Processor

The Data Controller is the National Research Council - Consiglio Nazionale delle Ricerche (CNR), with registered offices at Piazzale Aldo Moro 7, 00185 Rome (IT).

  • Data Protection Officer (DPO)
  • Certified Email Account:

Where authorised by the Data Controller / Processor, the DPO may appoint one of more intermediary service providers. Where any managing officers are appointed by such providers, the personal data of those officers are to be made available to all interested parties.

How to contact us

If you have any questions about our privacy policy, the data we hold on you, or you would like to exercise one of your data protection rights, please do not hesitate to contact us.

Email us at:

Call us at: +39091680200

Or write to us at:

Istituto per le Tecnologie Didattiche – Consiglio Nazionale delle Ricerche
Via Ugo la Malfa, 153
90146 Palermo (Italy)

How to contact the appropriate authority

If you have any questions about how we use your personal data or if you have a concern about how your personal data is used, please contact the Data Protection Officer at Consiglio Nazionale delle Ricerche, P.le Aldo Moro, 7; 00185, Roma (Italy). Or, email Complaints will be dealt with by the Data Protection Manager, and will be responded to within 30 days. If you are not satisfied with the way your concern has been handled, you can refer your complaint to the Information Commissioner’s Office.