Privacy policy

This information notice is provided in accordance with Article 13 of Italian Legislative Decree no. 196 of 2003, Code in relation to Personal Data Protection, to users of the portal and internet services of the Università degli Studi di Milano-Bicocca (hereafter “University”) accessible electronically from the homepage http://unimib.it and those at the service of the University.

This information notice is limited to browsing on the aforementioned websites and does not apply to websites external to the University even if consulted by way of links contained on the portal and themed websites.

This information notice describes the methods of managing the University’s web portal and the themed websites in relation to the processing of personal data of users who consult them, choose to register and/or use the online services.

 

  1. Data Controller

Consulting the University portal may involve the processing of data relating to identified or identifiable persons (see section below entitled “Types of Data Processed”).

Registration on the portal and subscription of the online services leads to the processing of personal data relating to individuals or entities.

The data controller concerning this information is the University with legal address at Piazza dell’Ateneo Nuovo, 1 – 20126 Milan.

 

  1. Data processing location

Data gathered through the portal services is processed mainly at the University’s sites. It is performed by identified personnel specially appointed on the basis of the purposes of the requested and subscribed services.

For the this process, the University may make use of assistance from external companies, consultants, consortia, suppliers of software and operating services, by way of identified and appointed personnel, as part of the relevant purposes  and in such a way as to ensure the maximum security and confidentiality of the data.

 

  1. Types of Data Processed

 

3.1 Navigation data

During normal operation, the IT systems and software procedures by which the portal operates collect certain personal data that is implicitly transmitted through the use of internet communication protocols.

That information is used to obtain statistical information on the use of the portal and to check its correct functioning and is not associated with identified users; however, by its nature and by association with data held by third parties, it could allow for the identification of the interested parties. This category includes, for example, the IP address of the system used to connect to the portal.

This data is removed from the systems after the preparation of the statistics and is stored offline exclusively to ascertain liability in the case of computer crimes and it may only be consulted upon request by the judicial authority.

 

3.2 Use of Cookies

Cookies are text files that are stored on the computers of web users to allow them safely and efficiently to browse a website and monitor its use.

The University website uses cookies.

The use of session cookies is strictly limited to technical needs, such as the transmission of session identifiers required to allow safe and efficient browsing of the website.

The University website doesn’t use profiling cookies.

 

Third parties cookies

The information collected by third parties is processed and managed in accordance with the relevant policies, which we recommend reading.

For reference and to ensure transparency, the cookies and privacy policies are listed below.

Google/YouTube: Privacy policy

Twitter: Privacy policy

Facebook: Privacy policy

 

How to disable Cookies

Users can deny consent to the use of cookies by selecting the appropriate settings in their browser. We advise users to look for this option in the help section of the software.

By disabling these cookies users will not be able to use some of the on-line services.

 

3.3 Registration on the portal and online services

When registering to the portal, some personal data is requested that is needed to identify the registered individual. When subscribing for the online services, additional data may be requested, including sensitive data, depending on the specific chosen service. The data processing purposes differ depending upon the service and are described in detail in the respective subscription pages.

 

  1. Optional Provision of Data

Some data required for registration is mandatory and any failure to provide it involves the impossibility of registering to the portal. Similarly, the failure to communicate some data that may be required in order to subscribe to the online services may involve the impossibility of using the chosen service.

Registration and subscription data is provided voluntarily.

Individuals making the registration freely give their consent to data processing, in the awareness that in the absence of that consent the registration and subscription of the services may not take place.

 

  1. Processing Methods

Personal data is processed using automated tools for the time strictly necessary to achieve the purposes for which it was collected.

Specific security measures are in place to prevent loss, unlawful and inappropriate use of data and unauthorised access.

 

  1. Users’ Rights

In accordance with Art. 7 of Italian Legislative Decree no. 196/2003, the interested party may exercise:

the right to know:

  1. a) the origin of the personal data
  2. b) the purposes and methods of processing
  3. c) the logic applied in the case of processing performed with the use of electronic tools
  4. d) the identification details of the controller, managers, individuals or categories of individuals to whom the data may be communicated or who may come to know of it;

the right to obtain from the controller or manager, without delay:

  1. a) the update, rectification or, where applicable, addition to the data
  2. b) the deletion, transformation into anonymous form or block on data processed in breach of the law, including data whose storage is unnecessary in relation to the purposes for which it was collected or subsequently processed
  3. c) confirmation that the operations referred to in letters a-b above have been brought to the attention, also as regards their content, of those to whom the data has been communicated or disseminated, except in the case where that fulfilment is found to be impossible or involves the use of manifestly disproportionate means compared to the protected right;

the right to object in whole or in part:

  1. a) for legitimate reasons to the processing of personal data relating to them, even if relevant to the purpose of its collection
  2. b) to the processing of personal data relating to them for the purposes of sending advertising material or direct sales or to complete market research or sales communication.

The rights may be exercised by sending a request to the Data Controller (Università degli Studi di Milano-Bicocca, Piazza dell’Ateneo Nuovo, 1– 21026 Milan).