COMPASS

Correctness, Modeling and Performance of Aerospace Systems

FBK Logo
RWTH Logo

This is the Privacy and Cookie Policy for the COMPASS Toolset project website, accessible from https://www.compass-toolset.org.

Pursuant to EU Regulation No. 2016/679 (GDPR), and Legislative decree No. 196 of June 30, 2003 as amended, and in general in compliance with the principle of transparency provided for by the above Regulation with this document we provide the rules we apply for managing personal data in order to allow Users to browse the pages on the COMPASS Toolset project website and to use any of its services (i.e. Project Newsletter).

Data automatically processed and purpose of the processing

When Users browse the website, read its pages, and download the information contained in it, the website acquires some navigation data, whose transmission is implicit in internet communication protocols. In addition to this, a third-party website will automatically collect and store certain information relating to the visit.

This category includes user IP addresses, type of browser used, accessed website addresses, pages visited within the site, access time, the code indicating the response status given by the server and other parameters relating to the operating system and the Users’ IT environment.

This data, needed to use web services, is not collected to be associated with identified data subjects but is used to make the site more useful for its visitors, to obtain aggregated and anonymous statistical information on the use of the site and to check its proper operation. This data could be used to determine responsibility in the event of cybercrime or actions damaging the site.

No information on users/visitors will be sold, shared or used for commercial purposes.

Data provided voluntarily by Users and purpose of the processing

This Privacy Policy encompasses two different processing activities that might take place depending on whether the User is giving consent to this processing activity. The first processing activity relates to acquiring the COMPASS Toolset. The second processing activity relates to the subscription to the Project Newsletter.

Purpose of processing activity 1

With respect to the first processing activity, Users voluntarily and explicitly transmit their personal data (full name, email address, affiliation and country of residence) by filling the Download form on the project website. The purpose of processing the email address is to verify compliance with the Toolset terms of licensing (in particular, verifying whether Users affiliations comply with the license restriction to ESA member states) and to send the download links for the COMPASS Toolset to the User. Users also accept that they may receive one follow-up email to share their experience and feedback on the use of the COMPASS Toolset, or inquiring about opportunities to engage in research or commercial activities related with the COMPASS Toolset and project.

Purpose of processing activity 2

For the second processing activity, Users allow the Data Controllers to subscribe the User to a project newsletter, managed with Google Groups, that will be used to share information about tool updates, and related services and research activities.The amount of emails sent over the project newsletter is limited (typically, not more than one email per month).

The above personal data could also be used to determine the responsibility of Users in the event of any cyber crime against this site. Any sensitive or judicial personal data provided by users will not be processed.

Both processing activities are carried out with the specific consent, which can be withdrawn at any time, of the User in line with article 6, paragraph 1, sub a, GDPR. The consent is collected through a dedicated registration form. Failure to consent to the communication and transfer of data (as described in this Privacy Policy) will make it impossible to benefit from the COMPASS Toolset and/or service updates.

Cookies

This website does not use any cookies.

Data Processing Method

Personal data is mainly processed digitally and in a lawful, fair, relevant manner, limited to what is necessary to achieve the purposes of the processing, for the time strictly necessary to achieve the purposes of the project and in any case in compliance with the principles set forth in art. 5 of the GDPR.

In order to prevent data loss, abuse or incorrect use of data and unauthorised access, specific security measures have been implemented, such as ensuring that the main website operates purely as a static interface without server-side processing or executable code. All personal data storage is delegated to Google systems, which are widely recognized for their security and compliance with industry standards.The full list of measures adopted by FBK for the data protection and security may be found at the following link: https://bit.ly/MisureFBK.

There is no automated decision-making process, nor any profiling activity.

Place of Data Processing and Disclosure of Personal Data

Personal data and contacts are processed in the offices of the Data Controllers located in Trento (Italy) and in Aachen (Germany) and are shared with a limited amount of the staff involved in the project only.

Personal data may be processed by service providers located within the European Union or in countries for which the European Commission has made a decision on their compliance with personal data protection regulations or, alternatively, through the signing with the providers of Standard Contractual Clauses (SCC) of data protection adopted by the European Commission.

The COMPASS newsletter is managed and sent through Google Groups, which complies with European regulations. Additional information is available at https://policies.google.com/privacy.

Personal data shall not be disclosed to third parties.

Duration of Data Retention

Data will be kept as long as the COMPASS Toolset remains available to the public, with gradual deletion of the data attributable to the specific purposes that are no longer pursued.

Rights of Data Subjects

Users (Data Subjects) have the right to contact the Data Controllers at any time to exercise the rights referred to in Articles 15 and subsequent of the GDPR and, in particular for:

  • Right of Access – you have the right to have a copy of the information that is being processed and to make a Subject Access Request (via the project partner organisation’s DPO or relevant expert, contact details below).
  • Right to Withdraw consent – if you have consented to the processing of your data, you may withdraw your consent at any time and after you have revoked your consent, your data shall no longer be processed.
  • Right to Rectification – you have the right to have inaccurate personal data rectified. You may also be able to have incomplete personal data completed.
  • Right to Restrict Processing – you have the right to request the restriction or suppression of your personal data. This means you can limit the way the project uses your personal data rather than having it erased.
  • Right to Erasure – you have the right to have your personal data erased.
  • Right to Data Portability – you have the right to obtain and use your personal data for your own purposes, where the legal basis for processing is consent or the performance of a contract.
  • Right to Object – you have the right to object to the processing of your personal data at any time. Please use the relevant contact details below for this purpose.

For information and contacts specifically relating to the protection of personal data, including the exercise of the above rights, Users can contact us through the COMPASS Toolset email project address:

The right to lodge a complaint with the Data Protection Authority remains unaffected.

In order to to unsubscribe from the newsletter, Users may contact the Data Controllers to submit an unsubscription request at the following email address: . In addition, users have the possibility to unsubscribe from the newsletter via its Google Groups webpage, under the “My membership settings” section, by pressing the Leave group button.

Data Controllers

The Data Controllers are:

Fondazione Bruno Kessler (FBK), established in VIA SANTA CROCE 77, 38122 TRENTO, Italy.
Tel. +39 0461 313370.

&

Rheinisch-Westfälische Technische Hochschule Aachen (RWTH), established in TEMPLERGRABEN 55, 52056 Aachen, Germany.
Tel. +49 241 80 1.

Data Controllers are reachable at .

Contact of the Data Protection Officer

To contact the FBK’s DPO, please send an e-mail to , PEC
To contact the RWTH’s DPO, please send an email to

February 18th, 2025