This page contains information concerning the administration of the website of the Free University of Bolzano, and in particular with regard to the processing of user data. It consists of a privacy notice required by the legislative authority pursuant to Article 13 of European Regulation 679/2016 - on the protection of natural persons with regard to the processing of personal data - hereafter referred to as the GDPR - for all individuals visiting the official website of the Free University of Bolzano (hereafter also referred to as the “University”): www.unibz.it.
The privacy notice applies only to the website of the University and not to any other websites that may be accessed via links appearing on the site.
Furthermore, this information notice corresponds to Recommendation 2/2001 adopted 17 May 2001 - Minimum requirements for the online collection of personal data - by the Working Party established in accordance with Article 29, Directive 95/46/EU of the European Parliament on the Protection of individuals with regard to the processing of personal data.
The data controller warrants, in accordance with the statutory provisions, that personal data will be processed taking into account the rights and basic freedoms, and the dignity of the party concerned, and in all cases in accordance with the law and with due regard for the protection of privacy. In particular, data will be processed in accordance with the principles of legality, good faith, transparency, purpose limitation, data minimisation and storage limitation, integrity, accuracy and confidentiality.
As a result of possible changes to the statutory provisions, or the implementation of new technologies on the website that might affect current processing methods, as well as organisational changes to the privacy structure of the data controller, it may be necessary to revise and update this information.
Specific information notices regarding certain services or data processing may be published on the corresponding pages of this website or communicated directly.
The party responsible for data processing (“Titolare del trattamento”) is the Free University of Bolzano, located at Piazza Università 1, 39100 Bolzano (Italy) in the person of its President and legal representative pro tempore.
You can contact the DPO (data protection officer) by sending an e-mail to: email@example.com.
“Personal data” are all information referring to an identified or identifiable natural person, who may be recognised either directly or indirectly, in particular by means of correlation to an identifier, such as a name, an identification number, location data, an online user name or to one or more specific characteristics that are an expression of the physical, physiological, genetic, psychological, economic, cultural or social identity of this natural person.
Navigation data, data supplied voluntarily by users of /visitors to the website, and cookies and similar technologies are among the type of personal data that are processed.
The information systems and software procedures utilised by this internet presence collect some personal data as part of their normal function, the transmission of which is technically necessary - using the Transmission Control Protocol - to surf the internet at all. This is information that is not collected in order to identify the relevant user, although - by processing and assigning the data of third parties - based on the nature of the data it would be possible (e.g. IP address, domain name of the computer used to visit the site). These data are used solely to obtain anonymous, statistical information about visits to the site and whether it is functioning correctly. The data could be used, in the event of damage being caused deliberately to the site, to determine the initiator, and would be saved in this case. These data will not be forwarded or disseminated; if requested, they must be made available to the postal police, the court authorities and the judicial police. Navigation data may be used to determine liability in cases of IT offences to the disadvantage of the unibz website.
The optional, explicit and voluntary sending of electronic mail and/or transmission of personal data entails the acquisition of the address and/or other possible personal data of the sender that is needed in order to respond or to perform the required service. A failure to provide this voluntary data could lead to the desired result not being achieved. This data can only be forwarded to third parties if it is required for the purpose of handling enquiries. The forwarding of data to third parties for marketing and profiling purposes is not permissible.
Notably, this website uses:
unibz does not intentionally collect specific kinds of personal data or sensitive data / judicial data via its website. It is recommended that you do not share such data via the website.
The personal details transmitted by the user via the website are processed for the following purposes:
a) statistical analysis/research on the basis of aggregated or anonymised data, without the user being identified, in order to be able to assess the functions of the website and its user-friendliness and interest;
b) completion of data collection forms for the purpose of receiving the newsletter or general messages by email;
c) the performance of a contract, to which the data subject is party, or for the performance of pre-contractual measures at the request of the person concerned;
d) in order to fulfil a legal obligation to which unibz is subject;
e) to justify, assert or defend against legal claims or, in the case of actions taken by the courts, in the context of their judicial activities.
The lawfulness of the processing of personal data (legal basis) is subject to the conditions set out in art. 6 paragraph 1 of the 2016/679 European Regulation.
Personal data is communicated on a voluntary basis; however, refusing to provide it may mean that it is impossible to deal with an enquiry or a legal obligation, or that the website may not function fully.
The personal data may, in addition to the party responsible for data processing ('titolare del trattamento'), be processed by an order processor or by representatives / persons who have access to personal data and who are subordinate to the controller or order processor, who have been appointed and adequately trained for this purpose.
Personal data may be communicated to third parties for the purposes of handling enquiries, including for the sending of emails, analysing the functional capability of the website, executing legal obligations or with prior consent.
The personal data collected via the services of this website are collected at the various locations of the University by employees who have been specifically assigned this role. Alternatively it will be processed by persons who carry out occasional maintenance work on the website and who have also been appointed for this purpose and are bound by confidentiality. To this end, the University may, in the context of assigning this task, and whilst adhering to the best possible security measures, utilise the help of external companies, consultants, associations, software suppliers and service providers. Some personal data could be transmitted to third countries outside of the EU but only if the transmission of personal data is connected to the performance of the institutional activities of the University. Unibz guarantees that in any case, the electronic or analogue processing of personal data by the recipient shall be in accordance with statutory provisions.
WordPress is a system that unibz makes available to some of its members to autonomously manage websites that are independent of the official one on which this text is written. WordPress users can be members of the Press and Event Management Office, lecturers, researchers or PhD students of unibz (hereinafter referred to as "User/s"). Visitors of such websites may be people who connect to them through the Internet (hereinafter referred to as Visitors).
By its very nature, a website based on WordPress can also be used as a "blog", which is defined as a set of articles, possibly written by different users, ordered chronologically and/or according to arbitrary categories. Articles provide for the possibility of being commented by visitors, as well as by the users themselves; comments, in turn, may include the response of other visitors and this can lead to interesting discussions about the article's content.
The data that users are required to submit when registering are limited to the email address and are mandatory in order to obtain a valid account. When a comment is published, however, in addition to the email address, a visitor is also required to enter his or her name and surname.
Opinions and comments published by users and visitors and the information contained therein will not be used for any other purpose than being published. In particular, this data will not be aggregated or selected by any other kind of database except WordPress itself. Any statistical processing that the user may intend to carry out in the future will be performed exclusively on an anonymous basis.
The dissemination of personal data of users and visitors is directly attributable to the initiative of the individual user/visitor, we guarantee that no further communication or dissemination of the data is intended. In any case, the user or the visitor may at any time exercise the rights guaranteed by Articles. 15 ff. GDPR and send an email to firstname.lastname@example.org.
If users use WordPress to collect any other kind of data subject to EU Regulation n.2016/679, the user will be held personally responsible for the collection and processing of the same, and has to inform visitors and collect their consent in accordance with all applicable laws, and ensure them any right expressly provided by the current legislation.
Personal data shall only be retained for the time that is absolutely essential for the fulfilment of the above mentioned purposes and compliance with the associated statutory requirements. Once this period has elapsed, the data shall be destroyed or anonymised.
No decision-making takes place based solely on the automated processing of personal data that could produce an adverse legal effect on the data subject or have a similarly significant negative impact upon them.
The data subject has the right to access their personal data, to have that data corrected or deleted, the right to limit its processing, the right of objection, the right to data transmission, to complain to the responsible national regulatory authority ( Garante della Privacy: www.garanteprivacy.it), provided that an infringement in the processing of personal data is suspected, plus all other rights recognised by the prevailing statutes (Articles 15 et seq GDPR). If approval has been granted for the processing of personal data, then the data subject has the right to withdraw this approval.
The aforementioned rights may be exercised by contacting email@example.com.
The website of the Free University of Bolzano may contain links to other websites that are not administered by the University and with which the University has no joint proprietorship of personal data. The University shall not be liable for the content and security measures used by these websites, and expressly rejects any liability.
Art. 37, paragraph 2 of the Regulation (EU) 2016/679 of the European Parlament and of the Council of 27 April 2016 provides the obligation for public authorities or public bodies to designate a Data Protection Officer. The Data Protection Officer can be contacted at the following e-mail address: firstname.lastname@example.org.
Latest revision dated 25.05.2018