In accordance with Article 13 of Regulation (EU) 2016/679 (the General Data Protection Regulation or GDPR of the European Parliament and of the Council concerning the protection of individuals with regard to the processing of personal data, as well as the free circulation of such data and which repeals Directive 95/46/EC, as well as Legislative Decree no. Lgs 196/2003 and ss. mm. ii., in this notice the University of Milan – also referred to below as the ‘University’ and represented by the Rector pro tem) provides users by the sites that are part of the ReadyWeb service (hereinafter also referred to as the “Site”). This notice is provided in relation to the management of the Site, in connection with the processing of the personal data of users who consult the Site, who choose to register and/or who use the proposed online services. This is without prejudice to compliance by the University of Milan with current legislation on transparency and the mandatory publication of data and documents. This information is limited to the sites listed here and has no value for external sites, even if they are accessible from links present on the same:
1. Data Controller, Data Protection Officer (DPO) and Data Processor
The Data Controller is the University of Milan, represented by the Rector pro tem, Via Festa del Perdono 7, 20122 Milan, e-mail firstname.lastname@example.org. In accordance with Article 37 et seq. of Regulation EU 2016/679 (the GDPR), the University has appointed Prof. Pierluigi Perri as DPO c/o ‘Cesare Beccaria’ Dept. Via Festa del Perdono 3, 20122 Milan, e-mail email@example.com.
For information or further information on the use of personal data by the site, please contact WELLNET S.r.l. Via Lombardini 13 Milano (Italia).
2. Purpose of the processing
The personal data that may be processed are:
- IP address;
- browser type and parameters of the device used to connect to the site;
- name of the internet service provider (ISP);
- date and time of visit;
- the visitor’s web page of origin (referral) and exit;
- number of clicks, if any;
- provided voluntarily by the user when using online services offered on the site;
- data provided from time to time by users in relation to the specific service requested.
The aforementioned information is processed automatically and collected in aggregate form in order to verify the proper functioning of the site and for security reasons. This information will be processed on the basis of the legitimate interest of the owner.
For security purposes (anti-spam filters, firewalls, virus detection), automatically recorded data may possibly include personal data such as the IP address, which could be used, in accordance with the law in force, in order to block attempts to damage the site or cause damage to other users, or in any case harmful or criminal activities. In any case, such data will never be used for the purpose of profiling the site’s users, but only for the purpose of protecting the site and its users. The legal bases of the processing are therefore compliance with legal and contractual obligations, the fulfilment of specific requests by the data subject prior to the conclusion of the contract, and the processing of data connected with the management of any complaints or disputes and for the prevention and repression of fraud and any illegal activity.
3. Type of data processed
Personal data are collected for the following purposes and using the following services. The computer systems and application procedures used to operate the site acquire, during their normal operation, certain data whose transmission is implicit in the use of Internet communication protocols. This information is used to obtain anonymous statistical information on the use of the site and to check its correct functioning and is not associated with identified users; however, due to its nature and through association with data held by third parties, it could allow the identification of the interested parties. This category includes, for example, the IP address of the system used to connect to the portal. This data is removed from the systems after the statistics have been processed and is stored off-line exclusively for the purposes of ascertaining liability in the event of computer offences and can only be consulted at the request of the judicial authorities.
For the use of online services that require authentication, registration or the sending of e-mails, personal data freely provided by users are used in various ways. The optional, explicit and voluntary sending of e-mails to the addresses indicated on the website entails the subsequent acquisition of the sender’s address, which is necessary in order to reply to requests, as well as any other personal data included in the message by the user. All the website listed above use the following services:
Only some websites make use of the following services:
For more information and to find out which sites use this service, please consult the cookie settings page of the aforementioned site.
For further information, please refer to section 6 and its sub-sections.
4. Optional supply of data
Some of the data requested (e.g. those for registration) are compulsory and failure to provide them will make it impossible to provide the requested service. Similarly, failure to provide certain data that may be required to subscribe to online services may result in the impossibility of using the chosen service. Registration and subscription data are provided voluntarily. The person who registers freely gives his or her consent to the processing of data, being aware that in the absence of such consent, registration and subscription to services cannot take place. Processing carried out prior to the revocation of consent by the person concerned shall nevertheless remain valid.
5. Manner of processing
The personal data captured is processed in accordance with the principles of lawfulness, fairness and transparency established in Article 5 of the GDPR, including with the use of IT and telecommunications tools that can store and manage the said data and, therefore, can guarantee its security and ensure maximum confidentiality for the data subject.
Cookies are small text files that a website sends to the browser used to browse online to be stored and sent back to that site on a subsequent visit.
The sites listed above use technical cookies and tracking cookies. No profiling cookies are used for purposes other than those stated here. However, there may be other profiling cookies or cookies with purposes different from those stated here that are used by third party services.
6.1 Technical, session (essential for the use of online services and access to restricted areas of the portal) and monitoring cookies
The sites listed above use several http session cookies to manage authentication to restricted areas. The use of session cookies (which are not stored persistently on the user’s computer and are deleted when the browser is closed) is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to allow secure and efficient exploration of the site. Disabling session cookies does not allow you to fully enjoy the resources made available on the site.
Tracking cookies can be disabled without any consequence on portal navigation: to disable them, see the next section.
The site uses the Google Analytics service with anonymised IP (Google Inc.) for the generation of site usage statistics.
Google uses the Personal Data collected for the purpose of evaluating your use of this website, compiling reports and sharing them with other services provided by Google. This Google Analytics integration anonymises your IP address. The anonymisation works by shortening the IP address of the Users within the borders of the member states of the European Union or in other countries which are parties to the Agreement on the European Economic Area. Only in exceptional cases will the IP address be sent to Google’s servers and abbreviated within the United States.
6.2 Technical and tracking cookies used
To find out which first- and third-party cookies are used, their retention period and to proceed with the customisation of your preferences, please consult the impostazioni cookie/cookie settings page.
6.3 How to opt out cookies
Preferences in relation to cookies can be managed directly within the browser used in order to prevent third parties from capturing data indiscriminately (for example).
By using browser preferences, cookies that have been installed can be deleted; this includes cookies in which consent (if granted) to the installation of cookies by this site is stored.
Information on how to handle cookies with some of the more popular browsers can be found on the following web pages:
Internet Explorer: http://windows.microsoft.com/it-IT/windows7/Block-enable-or-allow-cookies
Google Chrome: https://support.google.com/chrome/bin/answer.py?hl=it-IT&answer=95647&p=cpn_cookies
Mozilla Firefox: http://support.mozilla.org/it/kb/Bloccare%20i%20cookie?redirectlocale=en-US&redirectslug=Blocking+cookies
Apple Safari: http://www.apple.com/it/privacy/use-of-cookies/
Alternatively, it is possible to disable Google Analytics cookies only, using the opt-out add-on provided by Google for major browsers. In this way, you will also be able to use the online services.
7. Rights of the data subject
In the appropriate cases, data subjects have the right to obtain, from the University of Milan, access to their personal data and to have that data rectified or erased or to restrict the processing data concerning them or object to such processing (Article 15 et seq. of the Regulation).
Requests should be submitted to the Data Protection Officer (Data Protection Officer, Via Festa del Perdono 7, 20122 Milan – e-mail: firstname.lastname@example.org).
8. Changes to this notice
This information may be changed over time. You should therefore check that you are looking at the latest version by visiting this web page.This information may change over time. You are therefore advised to check, in the Privacy section of the https://readyweb.unimi.it/privacy-policy/ website, that the version you are referring to is the most up-to-date.This information may be changed over time. You should therefore check that you are looking at the latest version by visiting this web page.