⚗️ EVIDE GOVERNANCE LAB  |  Adaptive Evidentiary Governance Research  |  No legal or evidentiary value  |  EVIDE Canonical →
Privacy

Privacy Policy

EVIDE Governance Lab — lab.certifywebcontent.com
Information on personal data processing pursuant to EU Regulation 2016/679 (GDPR).

Last updated: June 2026  ·  Language: English (governing version)

1. Data Controller

Informatica in Azienda — Dott. Emanuel Celano
Via Vaccaro 5, 40132 Bologna, Italy — VAT IT02137271207
Email: info@informaticainazienda.it

2. Nature of the Processing Context

The EVIDE Governance Lab is an experimental research environment. Personal data processed through the Lab is used exclusively for governance architecture research purposes. This context activates the research exemptions under GDPR Art. 89, which may limit certain data subject rights where they would render research purposes impossible or seriously impair them.

3. Data Collected

CategoryDataPurpose
Registration data First name, last name, email address, WhatsApp number, professional domain, job role, motivation statement Identity verification, access management, research context qualification
Access credentials Lab Code (unique pseudonymous identifier), session data Authentication, quota management, API access control
Research activity data Intake session UUIDs, governance payload hashes, timestamps, API call logs, buffer event logs Research record, governance architecture validation, evidentiary lifecycle documentation
Technical data IP address, browser type, access timestamps Platform security, abuse prevention

No data is used for commercial profiling, advertising, or any purpose outside the research scope of the Lab.

4. Legal Basis

  • Art. 6(1)(b) GDPR — performance of the access agreement accepted at registration.
  • Art. 6(1)(f) GDPR — legitimate interest of the controller in platform security and abuse prevention.
  • Art. 89 GDPR — processing for scientific and research purposes, with appropriate safeguards.

5. Data Retention

  • Registration data: retained for the duration of active Lab access and for 24 months after access termination.
  • Research activity data (intake hashes, session UUIDs, buffer event logs): retained indefinitely as part of the research record. These records constitute the forensic observation history of the experimental environment and cannot be deleted without compromising the integrity of the research dataset.
  • Technical access data: retained for 12 months.

6. Data Subject Rights

As a data subject under GDPR, you have the following rights:

  • Right of access to your personal data (Art. 15)
  • Right to rectification of inaccurate data (Art. 16)
  • Right to erasure, subject to the research exemption under Art. 17(3)(d) and Art. 89
  • Right to restriction of processing (Art. 18)
  • Right to object to processing (Art. 21), subject to research exemptions
  • Right to lodge a complaint with the Italian Data Protection Authority (Garante per la Protezione dei Dati Personali, www.gpdp.it)

To exercise your rights, write to: info@informaticainazienda.it

Please note: the right to erasure and the right to object may be limited with respect to research activity records (intake sessions, buffer event logs, evidentiary hashes) where erasure would render the research dataset incomplete or compromise its forensic integrity. This limitation is expressly permitted under GDPR Art. 17(3)(d) and Art. 89(2).

7. Account Termination and Data

Account termination -- whether requested by the researcher or decided unilaterally by the Lab administrator -- results in the immediate deactivation of access credentials. Registration data (name, email, WhatsApp) will be anonymized or deleted within 30 days of termination.

Research activity records (intake session hashes, UUIDs, buffer event logs) are retained as part of the research dataset and are not deleted upon account termination, consistent with the research exemption described above.

8. Data Transfers

Personal data is stored on servers located in Italy (Aruba S.p.A., Italian datacenter). No data is transferred outside the European Economic Area, except where required by law.

9. Cookies

The Lab uses only technically necessary cookies:

  • Session cookie (evidelab_session): manages authentication. Duration: session.
  • Language cookie (lang): stores selected language. Duration: 30 days.

No analytics, advertising, or tracking cookies are used.

10. Changes to This Policy

This policy may be updated at any time. The current version is always available at this URL. Continued use of the Lab after any update constitutes acceptance of the revised policy.

Data Controller: Informatica in Azienda — Dott. Emanuel Celano
Via Vaccaro 5, 40132 Bologna, Italia — P.IVA IT02137271207
Email: info@informaticainazienda.it
Supervisory Authority: Garante per la Protezione dei Dati Personali