Warning: The magic method RestrictCategories::__wakeup() must have public visibility in /var/www-wpmu/htdocs/wp-content/plugins/restrict-categories/restrict-categories.php on line 59
Privacy - Driving Excellence for Research Infrastructures and Core Facilities

PRIVACY POLICY

The data that you provide when using this website and its services shall be processed pursuant to Legislative Decree No.196/2003 (the “Personal Data Protection Code”). Pursuant to Section 13 of Legislative Decree no.196/2003, this information is given to those who interact with the online services of the website of the Executive Masters in Management of Research Infrastructures (EMMRI), electronically accessible at the following internet address:

http://emmri.unimib.it

This information only refers to the EMMRI web page and shall not apply to any other websites possibly visited by the user through any other links.

This information describes the methods used to manage the EMMRI website with regard to processing of personal data of users who visit it, register on it, and subscribe to its online services.

Visiting the EMMRI website will entail a processing of personal data relating to identified or identifiable persons (see the “Categories of processed data” section below).

Registering on the website and subscribing to its online services shall result in a processing of personal data related to natural or legal persons.

  1. DATA CONTROLLER

The Data Controller for the processing of data collected by this website is the University of Milano-Bicocca, with registered office in Piazza dell’Ateneo Nuovo 1 – 20126 Milan, PEC (certified email address) ateneo.bicocca@pec.it

  1. DATA PROCESSOR

Prof. Enrico Guarini (enrico.guarini@unimib.it) was designated as the Data Processor pursuant to Section 29 of the Personal Data Protection Code.

  1. PLACE OF DATA PROCESSING

Data processing related to the website services shall be mostly carried out at the Data Controller’s registered office.

Data processing shall be carried out by specifically assigned staff whose identity is verified, and based on specific goals of the requested and subscribed services.

With regard to the data processing in question, the University may avail itself of the support of external companies, consultants, consortia, software and service providers, through specifically assigned staff whose identity is verified, to the extent of the intended purposes and in such a way as to provide the maximum data security and confidentiality.

  1. CATEGORIES OF PROCESSED DATA

4.1 Website visits

During ordinary operations, the IT systems and software procedures used to operate the EMMRI website acquire some personal data for which transmission is implicitly prescribed in the internet communication protocols.

The information collected is not collected for the purpose of associating it to a person’s identity. However, due to its nature, if associated with data held by third parties, it may allow users to be identified.

This category of data includes, for instance, the IP addresses and domain names of systems used by users to connect to the website.

These data are used to gather anonymous statistical information about website use and to monitor its function. They may also be used to establish liability in cases of any computer-related crimes aimed at the website.

Data shall be released only upon request by the Judicial Authority pursuant to applicable law.

4.2 Cookies

Cookies are small pieces of message sent from a website to the user’s browser (such as Internet Explorer, Mozilla Firefox, or Google Chrome), which are stored and re-transmitted to the same website at the user’s next visit.

The website of the EMMRI uses cookies. Cookies sent from the website are used solely for technical purposes, such as to allow authentication to enter secure sections of the website or to memorise the user’s temporary preferences.

Cookies sent from the website are not used in any way to profile users and do not permit the gathering of any personal information related to users.

Third-party cookies

This website makes use of third-party contents (by means of resource embedding), therefore, during the website visit, additional cookies, both technical cookies and cookies profiling the user, may be sent by third parties to the user’s device.

Information about the processing and consent to use shall be subject to the liability of the providers of these services. The list of services in use is shown below, including a link to information of each service’s privacy policy and use of cookies sent by the relevant server:

Rejection of cookies through changes in the user’s device’s setup

You may reject all or part of the cookies sent both from the website and from third parties, by changing the available settings of your browser. You find specific information on your browser by referring to the “help” function provided with the software or by visiting the relevant producer’s website.

Disabling cookies may impair the functionality of some services or use of some content.

4.3 Website registration and service subscription

When registering on the website, you are requested to provide some personal data which are used to identify the registered user.

When subscribing to the online services you may be requested to provide additional data based on the specific service selected. The purposes for processing data are varied based on the services, and are described in detail on the relevant pages of the subscription.

  1. DATA PROVISION

Some data requested are obligatory, and failing to provide them will result in failure to register on the website.

Similarly, failing to provide certain data which may be requested for subscribing to the online services may result in failure to use the selected service.

Registration and subscription data are provided on a voluntary basis.

Users who register on the website give their consent to data processing on a voluntary basis, and know that, without providing this consent, registration and subscription cannot take place.

  1. PROCESSING METHODS

Personal data shall be shall be processed automatically in the shortest time needed to achieve the goals for which they have been collected.

Specific security measures shall be followed to prevent the loss of, illicit or improper use of, or unauthorised access to, the data.

  1. DATA SUBJECT’S RIGHTS

Data subjects may, at any time, exercise their rights pursuant to Section 7 of Legislative Decree no.196/2003, shown below.

“1. A data subject shall have the right to obtain confirmation as to whether or not personal data concerning him/her exist, regardless of their being already recorded, and communication of such data in intelligible form.

  1. A data subject shall have the right to be informed:
  2. a) of the source of the personal data;
  3. b) of the purposes and methods of the processing;
  4. c) of the logic applied to the processing, if the latter is carried out with the support of electronic means;
  5. d) of the identification data concerning data controller, data processors and the representative designated as per Section 5(2); and
  6. e) of the entities or categories of entity to whom or which the personal data may be communicated and who or which may get to know said data in their capacity as designated representative(s) in the State’s territory, data processor(s) or person(s) in charge of the processing.
  7. A data subject shall have the following rights:
  8. a) to obtain updating, rectification or, where interested therein, integration of the data;
  9. b) to obtain erasure, anonymization or blocking of data that have been processed unlawfully, including data whose retention is unnecessary for the purposes for which they have been collected or subsequently processed;
  10. c) to obtain certification to the effect that the operations as per letters a) and b) have been notified, as also related to their contents, to the entities to whom or which the data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected.
  11. A data subject shall have the right to object, in whole or in part, to the following:
  12. a) on legitimate grounds, to the processing of personal data concerning him/her, even though they are relevant to the purpose of the collection;
  13. b) to the processing of personal data concerning him/her, where it is carried out for the purpose of sending advertising materials or direct selling or else for the performance of market or commercial communication survey”.