PRIVACY POLICY – Monitoring Jihadism Project

1. Introduction

This Privacy Policy describes how personal data are processed when users interact with the website www.monitoringjihadism.com, in accordance with Regulation (EU) 2016/679 (“GDPR”). The Monitoring Jihadism Project ensures that all processing activities are lawful, transparent, and limited to what is strictly necessary.

2. Data Controller and DPO Status

2.1 Data Controller

The Data Controller, designated in accordance with the GDPR, is:

Owner of Monitoring Jihadism Project Email: info@monitoringjihadism.com

The Data Controller is identifiable and reachable through the provided contact information, in compliance with Articles 13 and 14 GDPR.

2.2 Data Protection Officer (DPO)

Under Articles 37–39 GDPR, appointing a Data Protection Officer (DPO) is mandatory only when:

  • processing is carried out by a public authority
  • the core activities involve regular and systematic monitoring of individuals on a large scale
  • the core activities involve large‑scale processing of special categories of data (e.g., health data, biometric data, political opinions)

The Monitoring Jihadism Project does not fall within any of these categories, as it:

  • is not a public authority
  • does not conduct large‑scale or systematic monitoring of identifiable individuals
  • does not process special categories of personal data
  • processes only basic identification data (name, surname, affiliation, email)
  • uses analytics tools that collect only anonymised and aggregated data
  • does not perform profiling or behavioural tracking

Therefore, the appointment of a DPO is not required. If a DPO is appointed in the future, the relevant contact details will be published in this Privacy Policy.

3. Categories of Personal Data Processed

3.1 Data voluntarily provided by users

Newsletter subscription (EmailOctopus)

  • Name
  • Surname
  • Affiliation
  • Email address

Registration and access to the database

  • Name
  • Surname
  • Affiliation
  • Email address
  • Password (encrypted)
  • Access logs (IP address, date and time)

Contact form (Brevo)

  • Name
  • Surname
  • Affiliation
  • Email address
  • Message content

3.2 Data collected automatically

  • Technical cookies
  • Anonymised navigation data
  • Aggregated statistical information via Matomo and Google Search Console

4. Purposes of Processing and Legal Bases

4.1 Newsletter distribution

Used exclusively to send updates and communications related to the project. Legal basis: consent (Art. 6(1)(a) GDPR).

4.2 User account creation and database access

Used to create and manage accounts and provide access to restricted content. Legal basis: performance of a contract or pre‑contractual measures (Art. 6(1)(b) GDPR).

4.3 Responding to contact requests

Used solely to respond to user inquiries. Legal basis: consent (Art. 6(1)(a) GDPR).

4.4 Website security and prevention of misuse

Technical data processed to ensure security and prevent abuse. Legal basis: legitimate interest (Art. 6(1)(f) GDPR).

4.5 Statistical analysis via Matomo (independent server)

Matomo is configured in a privacy‑enhanced mode:

  • IP anonymisation
  • no tracking cookies
  • no profiling
  • only aggregated, non‑identifiable data

Collected metrics include:

  • pages visited
  • visit duration
  • device and browser type
  • approximate geographic region
  • navigation flow
  • aggregated technical data

Legal basis: legitimate interest (Art. 6(1)(f) GDPR). More information: https://matomo.org/privacy-policy/ (matomo.org in Bing)

4.6 Monitoring website performance via Google Search Console

Provides aggregated performance data without collecting personal data or installing cookies. Legal basis: legitimate interest (Art. 6(1)(f) GDPR).

4.7 Management of non‑essential cookies

If used, non‑technical cookies are installed only after user consent. Legal basis: consent (Art. 6(1)(a) GDPR).

5. Methods of Processing

Data are processed using electronic tools and appropriate security measures to prevent unauthorised access, alteration, disclosure, or destruction, in accordance with Article 32 GDPR.

6. Data Retention

  • Newsletter: until consent is withdrawn
  • Database account: until the account is deleted
  • Contact form: up to 12 months
  • Technical logs: 6–12 months
  • Matomo data: anonymised and aggregated
  • Cookies: according to their technical duration

7. Recipients and Data Processors

Personal data may be processed by third‑party providers acting as processors (Art. 28 GDPR):

  • EmailOctopus – newsletter management
  • Brevo – contact form management
  • Matomo – anonymised analytics
  • Google Search Console – aggregated performance data
  • Hosting provider – website infrastructure

Users may consult the privacy policies of each provider:

  • EmailOctopus: https://emailoctopus.com/legal/privacy
  • Brevo: https://www.brevo.com/it/company/gdpr/ (brevo.com in Bing)
  • Matomo: https://matomo.org/privacy-policy/ (matomo.org in Bing)

8. Limitation of Responsibility for Third‑Party Processing

The Monitoring Jihadism Project relies on external providers such as EmailOctopus, Brevo, and Matomo. These providers operate under their own privacy frameworks and may process personal data as independent controllers or processors.

While appropriate safeguards and agreements are in place, the Monitoring Jihadism Project is not responsible for processing activities carried out independently by these third‑party providers, nor for any subsequent use, storage, or transfer of data under their exclusive control.

9. Use of Social Media (LinkedIn and Twitter/X)

The Monitoring Jihadism Project maintains official profiles on LinkedIn and Twitter/X. These platforms may process personal data independently as data controllers.

The website does not transfer personal data to these platforms unless the user interacts with social media links or embedded content.

More information:

  • LinkedIn: https://www.linkedin.com/legal/privacy-policy (linkedin.com in Bing)
  • Twitter/X: https://twitter.com/privacy

10. Data Subject Rights

Data subjects have the right, in the cases provided for by the GDPR, to obtain from the Data Controller:

  • access to their personal data (Art. 15)
  • rectification of inaccurate data (Art. 16)
  • erasure (“right to be forgotten”) (Art. 17)
  • restriction of processing (Art. 18)
  • objection to processing (Art. 21)
  • data portability (Art. 20), where applicable

These rights may be exercised by submitting a request through the official form provided by the Italian Data Protection Authority (Garante per la Protezione dei Dati Personali): 👉 https://www.garanteprivacy.it/home/modulistica-e-servizi-online#diritti

Alternatively, users may contact the Data Controller directly at: info@monitoringjihadism.com

11. Right to Lodge a Complaint

If data subjects believe that the processing of their personal data violates the GDPR, they have the right to lodge a complaint with a Supervisory Authority pursuant to Article 77 GDPR, or to seek judicial remedy under Article 79 GDPR.

Forms and instructions are available at: 👉 https://www.garanteprivacy.it/home/modulistica-e-servizi-online#diritti

12. International Data Transfers

Where services involve transfers outside the EU (e.g., EmailOctopus), such transfers are carried out using appropriate safeguards such as Standard Contractual Clauses (SCC), in accordance with Chapter V GDPR.

13. Changes to this Privacy Notice

This Privacy Policy may be updated at any time. Changes will be published on this page.

14. Automated Decision‑Making and Profiling

The Monitoring Jihadism Project does not carry out any automated decision‑making processes, including those referred to in Article 22 GDPR, nor does it perform profiling activities. All data processing operations are conducted manually or through tools that operate exclusively on anonymised and aggregated information, without producing decisions that have legal or similarly significant effects on individuals.

COOKIE POLICY – Monitoring Jihadism Project

1. What are cookies?

Cookies are small text files stored on the user’s device by websites.

2. Types of Cookies Used

2.1 Technical (necessary) cookies

Essential for the functioning of the website. Do not require consent.

2.2 Analytics tools

Matomo (independent server, no cookies)

  • no tracking cookies
  • anonymised, aggregated data
  • legitimate interest

Google Search Console

  • no cookies
  • aggregated, non‑personal data

2.3 Third‑party cookies

No profiling or marketing cookies are currently used. If introduced, consent will be required.

3. Cookie Consent Management

If non‑technical cookies are used, a cookie banner allows users to accept, refuse, customise, or withdraw consent.

4. Managing Cookies via Browser Settings

Users can disable cookies through their browser settings.

SHORT PRIVACY NOTICES FOR FORMS

A) Newsletter (EmailOctopus)

The data you provide (name, surname, affiliation, email address) will be used solely to send the Monitoring Jihadism Project newsletter. Legal basis: consent. You may withdraw consent at any time via the link included in each email. Full privacy notice available on the website.

B) Contact Form (Brevo)

The data you provide (name, surname, affiliation, email address, message) will be used exclusively to respond to your request. Legal basis: consent. Full privacy notice available on the website.

C) Database Registration

The data you provide (name, surname, affiliation, email address, password) will be processed to create and manage your account and provide access to the database. Legal basis: performance of a contract or pre‑contractual measures. Full privacy notice available on the website.

error: Content is protected !!!