INFORMATION IN ACCORDANCE WITH ARTICLE 13 OF EU REGULATION 2016/679 (GDPR) FOR THE PROCESSING OF DATA COLLECTED THROUGH WEB BROWSING
The University of Parma informs the parties concerned that this note pertains to the processing of personal data of Users browsing through the University web portal www.unipr.it, and the federated websites detailed below (See paragraph 11 - LIST OF WEBSITES REFERRED TO BY THE NOTE). The validity of this note is limited to the websites mentioned above, hence the information contained in this document is not relevant to any other websites, even though they are accessible from links provided in them. This is without prejudice to the University of Parma's compliance with current legislation on transparency and the mandatory publication of data and documents. The University undertakes to comply with the general principles of the EU Regulation 2016/679 of lawfulness, correctness, transparency, appropriateness, relevance and necessity in processing the data acquired, using appropriate technical and organisational measures to protect the confidentiality and the rights of users.
1. PARTIES CONCERNED BY DATA PROCESSING
The Data Controller is the University of Parma, with registered office in via Università 12, 43121 Parma, Italy:
Tel.+39 0521 902111
Email: protocollo@unipr.it
PEC: protocollo@pec.unipr.it
The Data Protection Officer can be contacted at the following addresses:
Email: dpo@unipr.it
PEC: dpo@pec.unipr.it
2. PURPOSE OF DATA PROCESSING
The data collected are used exclusively within the University's institutional activities and for the following purposes:
- to enable navigation of the web portal;
- to provide the user with the information and services requested;
- to promote and divulge the results of Research activities, through the presentation of the skills of the University's lecturers and researchers (publication of information relating to: scientific curriculum vitae, projects, publications, etc.);
- carry out sponsorship, promotion and enhancement campaigns of the University's courses and institutional activities;
- to verify the proper functioning of the web portal, carry out monitoring activities for security purposes and identify actions aimed at improving the website (for navigation data);
- fulfil legal obligations, comply with orders from public authorities, ascertain possible liability in the event of hypothetical computer crimes to the detriment of the site or its users.
3. TYPES OF DATA PROCESSED
The IT systems and application procedures used to operate this website acquire during their normal operation the following types of data, in automated form:
- navigation data collected during the visit to the website, transmitted implicitly with the use of Internet communication protocols or in the use of third-party technologies and/or web resources. For example:
- IP address of the device connected to the website (made anonymous during acquisition), type of browser and device used, date and time of visit, web page of origin of the visitor (referral) and exit, etc.;
- data collected through cookies while users are browsing the site. The information and associated management preferences on cookies can be consulted and modified in paragraph 12 - USE OF COOKIES.
- The optional, explicit and voluntary sending of e-mail messages to the addresses indicated on this site entails the subsequent acquisition of the sender's address, which is necessary to reply to requests, as well as any other personal data included in the same request.
- The optional, explicit and voluntary registration through specific web forms present on the site entails the subsequent acquisition of all the data contained in the fields filled in by the user and the processing is carried out exclusively to provide the service requested.
4. LEGAL BASES OF DATA PROCESSING
The legal bases of the processing can be identified as follows:
- performance of tasks of public interest,
- legitimate interest;
- processing of data useful for the prevention and suppression of fraud and any illegal activity;
- processing necessary for the performance of a contract where the data subject is one of the parties;
- consent by the interested party as per Section 6(1) GDPR.
The provision of data and thus consent to the collection and processing of data is optional. The user may withhold consent and may revoke consent already given at any time. However, denying consent may result in the inability to provide certain services and degrade the browsing experience on the web portal.
5. METHODS OF PROCESSING
The personal data collected are processed in compliance with the principles of lawfulness, fairness and transparency, indicated in Article 5 GDPR, including with the aid of computer and telematic tools suitable for storing and managing the data, and, in any case, ensuring their security and protect the utmost confidentiality of the data subject.
For some sites, the processing operations are carried out by the CINECA Consortium or Amazon Web Services (AWS) in their capacity as Data Processor as per Article 28 of the GDPR, are limited to the purposes described in Section 3, and are carried out ensuring adequate security of personal data, including protection from unauthorized or unlawful processing and from accidental loss, destruction or damage, by means of appropriate technical and organizational
6. CATEGORIES OF PERSONS AUTHORIZED TO PROCESS AND TO WHOM THE DATA MAY BE COMMUNICATED
The personal data of users will be known and processed, in compliance with current legislation on the subject, by employees and collaborators of the University (identified as Authorized Persons for Processing) assigned to the management of the portal and involved in the provision of services associated with it. The data may be communicated exclusively:
- to the structures of the University requesting it, for the University’s institutional purposes or in compliance with legislative obligations;
- to non-economic public entities or consortia participated by the University (e.g. MIUR) when the communication is necessary for the performance of institutional functions of the requesting entity;
- to any external parties, identified as Data Processors ex art. 28 RGPD, whose updated list is always available to the Data Controller;
- to Public Security Authorities or other public entities for purposes of defense, state security and detection of crimes, or to the Judicial Authority in compliance with legal obligations, where criminal offenses are identified.
Outside of the above cases, personal data are not in any way and for any reason communicated or divulged to third parties. Finally, personal data will not be transferred to third countries or international organizations unless this is strictly related to specific requests coming from the user, for which special consent will be acquired.
7. DATA RETENTION
In relation to the different goals and the purposes for which they were collected, the data will be kept for the time stipulated by the relevant legislation or for the time strictly necessary for the pursuit of the purposes.
8. RIGHTS OF DATA SUBJECTS
Data subjects have the right to obtain from the University of Parma, in the cases provided for, access to their personal data and the rectification or cancellation thereof or the restriction of the processing concerning them or to object to the processing (Articles 15 et seq. of the Regulations).
The application is made by contacting the Data Protection Officer at the addresses listed in Article 1 of this document. More information can be found on the Rights of Data Subjects page.
9. RIGHT TO COMPLAIN
The interested parties who believe that the processing of personal data relating to them carried out through this site is in violation of the Regulation, have the right to lodge a complaint with the Data Protection Authority, as per Article 77 of the Regulation, or to take appropriate legal action (Article 79 of the Regulation).
10. CHANGES TO INFORMATION
This information may change over time. Hence, it is advisable to check that the version referred to is current by accessing the Privacy section of the web portal.
11. LIST OF SITES REFERRED TO BY THE POLICY
This policy applies to the following sites, all monitored with Web Analytics Italy (WAI):
GROUP A (sites hosted on AWS managed by Cookiebot)
GROUP B (sites hosted on AWS not managed by Cookiebot)
GROUP C (sites hosted by CINECA)
12. USE OF COOKIES
Cookies are small text files that a site sends to the user's browser to be stored and retransmitted to the same site on the next visit. Through cookies it is possible to collect information about users visiting a website (e.g. date, time, pages visited, time spent on the site etc.). Some info may fit the definition of “personal data” and thus be subject to specific legal regulations.
Each site may use different categories of cookies among those described below. These categories are highlighted in the consent request banner proposed to users on their first visit.
Technical cookies
Technical cookies ensure the proper functioning of the site and help make it more user-friendly by enabling basic functionalities such as page navigation and access to the site's protected areas. There is no need to propose the consent banner if only technical cookies are used, since no personal data is involved.
Tracking cookies
The University of Parma uses services to monitor access statistics to its sites to analyse interaction with users by collecting and transmitting information anonimously.
Profiling cookies
The sole aim of profiling cookies is to understand the preferences of individual users, so as to submit specific content of interest to them during browsing.
Third-party cookies
The sites covered by the policy may use third parties content and services as a result of the incorporation in the web pages of external resources (i.e. maps, images, videos) during the drafting of the content, to expand its functionality and improve the browsing experience. Thus, while browsing the user may receive on his device cookies managed by other organizations (so-called “third-party” cookies), typically profiling cookies, without the owner being aware or able to intervene on them.
GROUPS A and B sites Cookie policy (Cookiebot, Google, Meta e Web Analytics Italia)
This website uses cookies. We use cookies to personalise content and ads, provide social media features, and analyse site traffic. Moreover, we share information on how our site is used with our web analytics, advertising and social media partners, who may combine it with other information provided by users or collected through the use of their services. Cookie Policy.
Cookies are small text files that can be used by websites to make the experience more user-friendly.
By law cookies can be stored on the user's device, provided they are essential for operating the site. For all other types of cookies we need user permission.
This site uses different types of cookies. Some cookies are placed by third-party services featuring on our pages.
User consent can be changed or revoked at any time on the Cookie Statement page.
Learn more about who we are, how to contact us and how we handle personal information in our Privacy Policy page.
Indicate your consent ID and the date you contacted us about consent.
Your consent applies to the following websites: disti.unipr.it, saf.unipr.it, mc.unipr.it, smfi.unipr.it, scvsa.unipr.it, sea.unipr.it, smv.unipr.it, dia.unipr.it, dusic.unipr.it, gspi.unipr.it, corsi.unipr.it, www.unipr.it.
Cookies Statement last updated on 07/09/24 by Cookiebot:
These sites use technical and tracking cookies (Google, Meta and Web Analytics Italy), as well as any third-party cookies as described in the section “Third-party cookies”.
GROUP C sites Cookie policy
These sites use technical and tracking cookies (Web Analytics Italy), as well as any third-party cookies as described in the section “Third-party cookies”.