Regulation EU 2016/679, the "General Data Protection Regulation" (GDPR), provides that everyone has the right to the protection of personal data concerning him or her.

In compliance with articles 13 and 14 of the GDPR, the University of Trento provides users (hereinafter, the "data subjects") and members, with the information below. Users visit the Digital University website through https://webapps.unitn.it/du, members have their data published on the DU website and in provincial, national and European open data websites.

Data controller

The data controller is the University of Trento, via Calepina n. 14, 38122 Trento (TN); email: ateneo@pec.unitn.it; ateneo@unitn.it.

Contact details of the data protection officer

The Data Protection Officer can be contacted at the following email address:rpd@unitn.it.

Purpose of the processing and legal basis

The University of Trento processes personal data for the following purposes, and specifically:

  1. to comply with its transparency obligations in the context of its institutional teaching, research and third mission activities, and as regards the publication of open data;
  2. to promote its institutional activities.

The data of members are processed by the data controller:

  • to comply with a legal obligation (article 6, paragraph 1, point c) of the GDPR), and in particular to comply with legislative decree 33/2013 (see 7 of said legislative decree and Rector's Decree no. 639/2018, Chapter VI, "Accesso Open Data", articles 11 and 12;
  • in the performance of a task carried out in the public interest (article 6, paragraph 1, point e) of the GDPR), i.e. promotion activities and activities supporting scientific research and collaboration pursuant to art. 100 of Legislative Decree 196/2003, as amended.

Categories of processed data

The personal data collected through the website are:

Members data

For the purposes mentioned above, the following categories of data are processed:

  • personal data;
  • contact information;
  • personal photo;
  • information on academic and professional careers (CV),publications, research projects, courses taught, theses supervised, office hours, thesis proposals and personal notices.

Members data are usually obtained from the following University systems: ESSE3, IRIS, Anagrafica Progetti, TEA and ADA. Personal photos, CVs, office hours, and information on thesis proposals and notices are entered directly by members through MyDU and can therefore be made invisible on their personal page, at any time.

Browsing data

As you navigate, the website acquires some personal data, whose transmission is implicit in the use of Internet communication protocols.

This category of data includes: IP addresses or domain names of the computers used by users who connect to the website, the addresses in URI (Uniform Resource Identifier) notation of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user’s operating system and computer environment.

These data are used to obtain anonymous statistical information on the use of the website and to check its correct functioning; they can also be used to investigate any computer crimescommitted against the website or other University computer systems.

The data are not collected to identify the data subjects but, given their nature, they may, through processing and association with data held by third parties, allow for users to be identified.

Data provided voluntarily by the user

The controller acquires the personal data voluntarily provided by the data subjects submitting a request through the Helpdesk, including the e-mail address, which will be processed for the sole purpose of processing the request itself.

Cookie

About cookies

Cookies are small text files that are sent to the user's terminal equipment by visited websites; they are stored in the user's terminal equipment to be then re-transmitted to thewebsites on the user's subsequent visits to those websites.

While browsing the Internet, data subjects may receive two different types of cookies: those of the site they visited ("First-party cookies"), and those of other sites or web servers ("Third party cookies").

Cookies set by this website

The DU website only uses the following first-party technical cookies, which do not require the consent of the data subject

Name

Purpose

Expiration date

cookie-agreed-version 

System cookie that is necessary for the correct functioning of the website.

100 days

cookie-agreed

System cookie that is necessary for the correct functioning of the website.

100 days

. ASPXANONYMOUS

System cookie that is necessary for the correct functioning of the website.

2 mothes

ASP.NET_SessionId

System cookie that is necessary for the correct functioning of the website.

0

 

Third party analytics/statistical cookies

Web Analytics Italia is a platform providing real-time statistics on visitors to Public Administration websites. The data are collected and processed by the centralized Web Analytics Italia (WAI) platform. WAI hosts the statistical data of the websites of the Italian PAs participating in the project.

These are third-party analytics cookies comparable to technical cookies because:

  • they are only used to generate aggregate statistics and for a single website or a single mobile application;
  • at least the fourth component of the IP address is masked;
  • third parties refrain from combining these analytics cookies with other processing (customer files or statistics of visits to other sites, for example) or from transmitting them to third parties.
  • they do not require user consent.

Name

Purpose

Expiration date

_pk_id.XXXXXXXXXX.XXX

WAI

30 days

_pk_ses.XXXXXXXXXX.XXX

WAI

30 minutes

_pk_ref.XXXXXXXXXX.XXX

WAI

6 months

 

How to disable cookie

You can refuse to give your consent to the use of cookies through your browser's settings.

Follow the instructions below to disable cookies on the most popular browsers (for more information, please refer to the instructions in the Help section of your browser).

How to disable third party cookies

Information on how to disable third party cookies are also provided by the third parties responsible for the processing.

How to delete cookies already stored on your computer

When you disable third party cookies, some cookies may have already been stored on your computer. These cookies cannot be deleted, for technical reasons, but you can remove them from your browser in the privacy settings. Your browser contains the "Clear browsing data" option which can be used to delete cookies, site data and plug-ins.

Acquisition of data

Users are required to provide their data to have access to all the web services offered by the website.

Data processing methods

The processing of personal data shall be carried out by automated means by authorised staff. Personal data shall be processed lawfully, fairly and transparently, in a manner that is adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (GDPR, article 5, par. 1).). No profiling is carried out, and decision are not taken by automated means.

Categories of recipients of the personal data

The personal data will be processed by authorized staff and may be disclosed to third parties to comply with a legal requirement and/or a court decision. In particular, the data of members are openly published in provincial, national and European open data websites. As a rule, the data will not be transferred to non-EU countries.

Data storage period

The data will be stored as long as necessary to fulfil the purposes for which they were collected, and in any case for a period not exceeding six months (data subjects) or twelve months (members).

Rights of data subjects and members

The data subjects and members shall exercise the rights referred to in article 15 et seq. of the GDPR at any time.

  • access to personal data and other information (GDPR, article 15);
  • rectification or completion of personal data;
  • erasure of personal data, except where the University is required to store the data for compliance with article 17, paragraph 3, point b), of the GDPR
  • restriction of processing of personal data (see article 18 of the GDPR);
  • object to the processing of personal data concerning them in cases where this is permitted pursuant to article 21 of the GDPR.

Data subjects can exercise their rights through the form available at the "Privacy and data protection" page on the University's website. Fill inthe form and email it to the Data protection officer (see contact details above).

In case there is an infringement of the GDPR on the processing of personal data, data subjects have the right to lodge a complaint with a data protection authority or to engage in legal proceedings by virtue of article 77 of the GDPR.

Last updated on 15 February 2022.