Privacy

Privacy policy and cookies policy

This document details our privacy policy, in compliance with our obligations under national (Legislative Decree n. 196 of 30 June 2003, Code on the protection of personal data) and European Community law (EU General Data Protection Regulation n. 2016/679, GDPR) and subsequent amendments. The present website respects and protects the confidentiality of visitors and users, and makes all possible and proportionate efforts not to violate the rights of users.
 
This privacy policy applies exclusively to online activities on this website, and is valid for the website’s users and visitors. It does not apply to data collected through channels other than this website, which is available at the following address https://en.unimib.it.
 
The purpose of this privacy policy is to provide as much transparency as possible on the data collected by the website and the way it is used.
The present website processes data on the basis of consent. By using or consulting this website, visitors and users explicitly approve and consent to the processing of their personal data in the ways and for the purposes described below, including the sharing of said data with third parties if necessary to provide a service. 
The conferring of personal data and consent to their collection and processing is optional. Users can deny consent, and may at any time revoke consent they have previously given. Nevertheless, denying consent may make it impossible to provide certain services and may hinder the navigation of the website.

The personal data provided through the website shall be processed for the following purposes:

  • Gathering anonymous statistical information about website use and to monitor its function
  • Carrying out educational activities related to the courses offered by the university
  • Compilation of data collection forms for recieving newsletter or email communications 

The website uses log files which store data collected in an automated manner during user visits. The data collected can include the following: 

  • Internet Protocol address (IP)
  • Browser type and parameters of the device used to connect to the website
  • Date and time of the visit
  • The websites visited immediately prior (referral) and next to the visit

The above-mentioned data is processed in an automated, anonymous manner to ensure the proper functioning of the website and for security reasons. The same data may be processed, in compliance with existing regulations, to block attempts to damage the website itself or other users, or to prevent any other harmful or illegal activities. 

Should the website allow user comments, or in the case of specific services requested by the user, the website automatically detects and records some of the user’s identification data, including his or her email address. This data is understood to be voluntarily provided by the user upon their request for the service in question. By adding a comment or any other information, the user confirms having read the privacy policy, and specifically provides their consent for sharing the content inserted with third parties.
The data that website users shall accept to make public through the services and the tools made available by the latter are provided by the users willingly and knowingly, exempting the present website from any liability in case of violations of the law. The user is responsible for making sure they have the necessary permission for inserting the personal data of third parties or content protected under national and international law.
The data collected by the website during its functioning are used exclusively for the above-mentioned purposes, and stored for the period of time strictly necessary for carrying out the above-mentioned activities, which normally amounts to 180 days. 

Cookies are small text files that a website visited by a user sends to that user’s browser (e.g.  Internet Explorer, Mozilla Firefox, or Google Chrome), where they are stored in order to be re-sent to the same websites during browsing or upon the user’s next visit.
The University’s portal uses cookies. The cookies sent by the portal are used exclusively for technical reasons, such as allowing authenticated access to reserved areas (since cookies save session data for each user).
Session cookies are fundamental for the proper functioning of the various components present in the portal and they make the entire web ecosystem accessible, by activating basic functions such as page navigation. The website cannot function properly without cookies.
By using the website, visitors give their explicit consent to the use of cookies.

Third parties

The portal uses third-party content (through resource embedding techniques); it is thus possible that during a visit to the portal, other cookies – including both technical cookies and user profiling cookies – may be sent by these third parties to the user’s browser. The suppliers of said services are responsible for their own privacy and cookie policies. Below is a list of the services used and links to their privacy and cookie policies.

The data arising from the use of Google, Youtube, Twitter, Facebook, and Instagram profiling cookies is processed for the purposes and in the ways detailed in the policies above; some of the data may be processed outside of the borders of the European Union.
The technical cookies and log files are collected by the website and are processed in the offices of the external data processor, who processes the data on behalf of the data controller, and whose offices are located within the European Economic Space.
For detailed information on the cookies used by the portal, see below.

Disabling cookies

Disabling all cookies
It is possible to deny consent to the use of cookies by selecting the specific setting on one’s browser.
Below are the links that explain how to disable cookies on the most popular browsers (for any other browsers, we suggest you look for this option in your software’s help section).

Disabling third-party cookies
Disabling third-party cookies is also possible in the ways described in their respective privacy policies and/or made available directly by the third-party company serving as the data controller.

Cancelling cookies already stored on the terminal

Even if the authorization for using third-party cookies is revoked, such cookies may have been stored on the user’s terminal prior to the revocation. For technical reasons, it is not possible to erase these cookies, but the user’s browser makes it possible to eliminate them via the browser’s privacy settings. The browser’s options include “Clear browser history”, which can be used to eliminate cookies, website data, and plug-ins.

Necessary cookies

These cookies make it possible for the Portal’s various components to function, and make the entire web ecosystem accessible by enabling basic functions such as page navigation. The website cannot function properly without these cookies.

Data table of necessary cookies
Name of cookie Duration Purpose Domain Classification
SESS* 3 weeks Installed following authentication at the back-end of the site en.unimib.it Group B

Statistics

With these cookies due to the anonymous use of the web traffic analysis service "Web Analitycs Italia" (https://webanalytics.italia.it/), the University can understand how visitors interact with the institutional portal.

This site, for statistical purposes and / or related to the analysis of web traffic, also makes use of "Pirsch" (https://pirsch.io/). Please note that the implementation of this service does not involve the installation of any cookies on the user's terminal.

Data table of statistic cookies
Name of cookie Duration Purpose Source Classification
cookiesjsr 6 months Used to request permission to use various services
(including those of third parties) that require the saving of
data in the browser and to memorize decisions (allow, deny) 
Web Analytics Italia (Matomo) Group D

Marketing

These cookies are used to monitor website visitors in order to show pertinent, targeted advertising reflecting the user’s browsing preferences.

Data table of marketing cookies
Name of cookies Duration Purpose Source/Domain Classification
VISITOR_INFO1_LIVE 6 months Tries to estimate the user’s connection speed for websites with integrated YouTube videos. YouTube Group C
PREF 8 months Registers a unique ID used by Google to generate statistical data on how the visitor users Youtube videos on various websites YouTube Group C
YSC session Registers a unique ID used to generate statistical data on which YouTube videos have been viewed by the user YouTube Group C
IDE 13 months Used by Google DoubleClick to register and produce reports on the actions of the user on the website after he or she has clicked on one of the advertiser’s ads in order to evaluate the efficacy of a given ad and present targeted advertising to the user doubleclick.net Group E

 

Classification (coding criteria)

The cookies / tracking tools used can be classified according to the following features:

Strictly Necessary (Group A)

  • Hosting and backend infrastructure
  • Platform and hosting services (e.g. backup)
  • SPAM protection
  • Traffic optimization and distribution
  • Consent management

Simple interactions and functionality (Group B)

  • Contact the user
  • Registration and authentication
  • User database management

Experience improvement (Group C)

  • Interaction with data collection platforms and other third parties, including sharing content on social networks
  • Viewing content from external platforms

Measurement (Group D)

  • Statistics
  • Content and functionality performance tests
  • Heat mapping and session recording
  • Management of data collection
  • Infrastructure monitoring

Targeting and Advertising (Group E)

  • Advertising
  • Remarketing and behavioral targeting

 

This website processes user data in a proper and lawful manner, and adopts all necessary security measures to prevent the unauthorized access, publication, modification, or unauthorized destruction of said data. Processing takes place through digital and/or telematic tools, with organizational modalities and approaches that are strictly related to the stated purposes of data processing. In addition to the data controller, in some cases subjects authorized by the University and involved in the organization of the website may have access to the data. 

Pursuant to EU Regulation 2016/679 (GDPR) and national laws, users can exert the following rights within the limits and according to the modalities established under existing laws:

  1. The right to access his or her own personal data;
  2. The right to obtain rectification or erasure of said data and limits on their processing;
  3. The right to data portability (applicable only to data in electronic format), as disciplined by art. 20 of regulation UE 2016/679;
  4. The right to object to data processing;
  5. The right to file a claim with the Italian Data Protection Authority.

Requests must be addressed to the data controller.

To exert the above-mentioned rights, users may contact the data controller at the following email address: [email protected] or at the following certified email address: [email protected].
The data controller must reply within one month of receipt of the request, which deadline can be extended up to three months for particularly complex requests.

Pursuant to existing laws, the data controller is Università degli Studi di Milano-Bicocca, in the person of its legal representative Professor Giovanna Iannantuoni.

Contact information

mail: [email protected] 
pec: [email protected]
tel. +39 02 64 48 60 11

 

Contact info

mail: [email protected]
pec: [email protected]
 

The present privacy policy was last updated on 26/10/22.

by Redazione Centrale, Last update on 2023-02-06