This page describes the management procedures of the University website in relation to the processing of personal, sensitive and judicial data (hereinafter referred to as "personal") of its users. The disclosure is provided for the University website only and not for other websites that may be accessed by the user through links.
The processing related to this website's services take place at the head office of the University and is carried out by authorized persons. The personal data provided by users who request the sending of information material is used only to perform the service or assistance requested and communicated to third parties only if necessary for said purpose or required by applicable laws or regulations. Personal data may be communicated externally to other public or private entities exclusively for purposes related to the performance of the University's institutional activities. The personal data is also communicated to the bank treasurer of the University only for the affiliated functions. The personal data shall also be communicated by the University, both during the academic career of students and after graduation, to external individuals, entities and associations, for student orientation initiatives, entry into the working world, for post-graduate training, prior consent of the parties concerned.
The IT systems and software procedures for operation of this website acquire, during normal operation, some personal data the transmission of which is implicit in the use of Internet communication protocols. This is information that is not collected to be associated with identified parties concerned, but that by its very nature could, through processing and association with data held by third parties, allow identifying users. This category of data includes IP addresses or domain names of computers used by users that connect to the website, URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response from the server (successful, error, etc.) and other parameters regarding the operating system and the user's IT environment. This data is only used to obtain anonymous, statistical information regarding website use and to verify its correct operation. The data may be used to ascertain liability in the event of hypothetical computer crimes against the website.
The optional, explicit and voluntary sending of e-mail to the addresses indicated on this website involves the subsequent acquisition of the sender's address required to reply to information requests, and any other personal data included in the message. The personal data provided voluntarily by users, such as data of students, acquired with registration and enrolment or by means of any other specific method of collection, will be processed for the conduct of its institutional activities, within the limits established by law and by regulations, in compliance with the general principles of transparency, correctness and confidentiality as indicated in legislative decree 196/03.
In case of workstations managed by the University, TLS inspection is active, which allows firewalls to carry out an in-depth automated check to detect threats that can damage the University's assets. This control is carried out in compliance with the principle of minimization and limitation of the data collected: the contents (payload) of the traffic are not recorded and/or stored and automatic exclusion lists have been provided for certain categories of sites referring to the healthcare or banking sector.
The management of the University's institutional website uses a technology referred to as “cookies”. These are small data files that are stored in the user's computer when accessing the website or parts thereof. Cookies help us understand which part of the website is the most popular, the path of visitors to the website, and how long they remained on the website. Cookies are used to study traffic patterns in order to improve website performance and best meet the interests and preferences of visitors. Cookies are also used by websites that provide counters to our website. The registration and management of tracks/paths are performed in ways that make the data non-identifiable. Cookies may also be used to recognize the user's computer the next time the same user visits the website. This saves time, providing the user, for example, with the possibility of not having to register again, or helping the user customize Internet settings. Web beacons may be used on our website. This technology allows seeing which visitors clicked on key elements (such as links or graphics) of a web page or an e-mail. These Web beacons are usually used in conjunction with cookies. If the user does not wish to accept the cookies, they can be disabled by referring to the instructions of the browser producer used.
Personal data is processed by automated tools for the time strictly necessary to achieve the purposes for which it was collected. Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access.
Apart from as specified for browsing data, the user is free to provide personal data on the forms or in the forms on the University website or however indicated during contacts to request the sending of information material, other communications or to access specific services. The absence thereof may result in the impossibility of fulfilling the request.
The interested subject has the right:
- To ask the data controller, pursuant to Article 16, 17, 18, 19 and 21 of Regulation (EU) 2016/679, the access to their personal data and correction or their cancellation or limitation of the data processing that concern him/her or to object to their processing. Cancellation is not allowed for data included in documents that must be stored by the University;
- To submit a complaint to a supervisory authority.
Some pages of the University website may contain links to other websites that are not managed by Politecnico di Milano. The University does not share personal data with these sites. The University is not responsible for the content, security, or privacy measures used by other sites and expressly disclaims all liability.