Information For Data Processing of the Website
THE DATA CONTROLLER:
PURPOSES OF DATA PROCESSING AND LEGAL BASIS
The personal data processing required to the interested party is made pursuant to Article 6 letter b) (Execution of the contract with the interested parties) and letter c) (data processing for reasons for compliance with a legal obligation) of EU regulation 2016/679, for the following purposes:
- For transversal data processing or related to transversal activitiess or connected to the use of the present website: see below
PLACE OF DATA PROCESSING
The processing related to this website’s services take place at the head office of the University and is carried out by authorized persons. The personal data provided by users who request the sending of information material is used only to perform the service or assistance requested and communicated to third parties only if necessary for said purpose or required by applicable laws or regulations. Personal data may be communicated externally to other public or private entities exclusively for purposes related to the performance of the University’s institutional activities. The personal data is also communicated to the bank treasurer of the University only for the affiliated functions. The personal data shall also be communicated by the University, both during the academic career of students and after graduation, to external individuals, entities and associations, for student orientation initiatives, entry into the working world, for post-graduate training, prior consent of the parties concerned.
TYPES OF DATA PROCESSED
- BROWSING DATA
The IT systems and software procedures for operation of this website acquire, during normal operation, some personal data the transmission of which is implicit in the use of Internet communication protocols. This is information that is not collected to be associated with identified parties concerned, but that by its very nature could, through processing and association with data held by third parties, allow identifying users. This category of data includes IP addresses or domain names of computers used by users that connect to the website, URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response from the server (successful, error, etc.) and other parameters regarding the operating system and the user’s IT environment. This data is only used to obtain anonymous, statistical information regarding website use and to verify its correct operation. The data may be used to ascertain liability in the event of hypothetical computer crimes against the website.
- DATA PROVIDED VOLUNTARILY BY THE USER
The optional, explicit and voluntary sending of e-mail to the addresses indicated on this website involves the subsequent acquisition of the sender’s address required to reply to information requests, and any other personal data included in the message. The personal data provided voluntarily by users, such as data of students, acquired with registration and enrolment or by means of any other specific method of collection, will be processed for the conduct of its institutional activities, within the limits established by law and by regulations, in compliance with the general principles of transparency, correctness and confidentiality as indicated in legislative decree 196/03.
- COOKIES AND WEB BEACONS
The management of the University’s institutional website uses a technology referred to as “cookies”. These are small data files that are stored in the user’s computer when accessing the website or parts thereof. Cookies help us understand which part of the website is the most popular, the path of visitors to the website, and how long they remained on the website. Cookies are used to study traffic patterns in order to improve website performance and best meet the interests and preferences of visitors. Cookies are also used by websites that provide counters to our website. The registration and management of tracks/paths are performed in ways that make the data non-identifiable. Cookies may also be used to recognize the user’s computer the next time the same user visits the website. This saves time, providing the user, for example, with the possibility of not having to register again, or helping the user customize Internet settings. Web beacons may be used on our website. This technology allows seeing which visitors clicked on key elements (such as links or graphics) of a web page or an e-mail. These Web beacons are usually used in conjunction with cookies. If the user does not wish to accept the cookies, they can be disabled by referring to the instructions of the browser producer used.
OPTIONAL DATA CONFERMENT
Apart from as specified for browsing data, the user is free to provide personal data on the forms or in the forms on the University website or however indicated during contacts to request the sending of information material, other communications or to access specific services. The absence thereof may result in the impossibility of fulfilling the request.
LINKS TO OTHER WEBSITES
Some pages of the website may contain links to other websites that are not managed by Politecnico di Milano. The University does not share personal data with these sites. The University is not responsible for the content, security, or privacy measures used by other sites and expressly disclaims all liability.
RECIPIENTS OF PERSONAL DATA
Personal data may be processed by employees or collaborators of the Data Controller who, working under its direct authority, are appointed as responsible or authorized for data processing and are properly trained and receive specific operating instructions.
In particular, they will be processed by technical-administrative staff and professors, in relation to the different activities provided by the related data processing.
STORAGE TIME OF PERSONAL DATA
The data collected will be kept for the time established by current legislation or by the University regulations and the Grant Agreement of the project.
The processing of personal data will be carried out through manual, computerized and telematic means, however, suitable to guarantee their security and confidentiality.
Security measures are used, in compliance with the provisions of Article 32 of the GDPR to prevent the loss of data, illicit or incorrect use and unauthorized access and in compliance with the AgID Circular n. 2/2017 “Minimum ICT security measures for public administrations”.
RIGHTS OF THE INTERESTED PARTIES
- To ask the data controller, pursuant to Article 16, 17, 18, 19 and 21 of Regulation (EU) 2016/679, the access to their personal data and rectification or their cancellation or limitation of the data processing that concern him/her or to object to their processing.
- To submit a complaint to a supervisory authority.
Latest Update May 2020