Privacy policy
INFORMATION TO INTERESTED PERSONS PURSUANT TO ARTICLE 13 OF THE REGULATION (UE) N. 2016/679
Pursuant to and for the purposes of Article 13 of Regulation (EU) No. 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data, as well as the free movement of such data (General Data Protection Regulation, hereinafter also, “Regulation” or “GDPR”) we inform you that the use of services through the website www.cibec.unina.it implies the processing of personal data, already available on computer systems of the University, for institutional purposes.
Such data will be processed in compliance with the current legislation on the protection of personal data and, in any case, the principles of confidentiality that are the basis of the activities of the University and of the C.I.Be.C..
DATA TREATMENT
Owner of the treatment
The consultation and use of the services of the C.I.Be.C. website involves the processing of data relating to identified or identifiable persons.
The Data Controller is the University of Naples Federico II, in the persons of the Rector and the General Manager, with registered office in Corso Umberto I, 40 – 80138 Naples; cibec is the data controller of specific data, necessary for the operation of the C.I.Be.C..
The website of the C.I.Be.C. may contain links to websites and web services, also related to activities of the C.I.Be.C. itself, with its own specific privacy policy, for which the University of Naples Federico II declines all responsibility. For these sites you are invited to read the specific policies, directly on the linked websites.
Responsible of the treatment
The processing of data relating to the services of the C.I.Be.C. website takes place mainly at the University: these data are handled exclusively by personnel expressly responsible for their management, according to the specific purposes of the services provided. For their processing, the University, as well as the cyberec , can rely on the support of external companies, consultants, consortia, software and service providers operating, through staff identified and appointed, as part of the institutional purposes and in order to ensure maximum security and confidentiality of data.
DATA TYPES
Browsing data
The systems and procedures for the operation of this website acquire, in the course of their normal operation, personal data, transmitted through communication protocols on the Internet. This is information that is not collected to be associated with specific subjects, but that could, through processing and associations with data held by third parties, or by the University, allow you to identify users. This category of data includes the IP addresses or domain names of the computers used by users connecting to the site, the addresses in URI (Uniform Resource Identifier) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numeric code indicating the status of the response given by the server (good end, error, etc.) and other parameters related to the operating system and the computer environment of the user.
These data are typically used exclusively for anonymous statistics on the use of the site and for the control of its correct functioning; in any case, they are deleted periodically, regardless of the objective processing. They could also be used to ascertain liability in case of hypothetical computer crimes against the site: save this eventuality, the data will be kept for a period of time not exceeding that necessary for the purposes for which they were collected.
As “Data owner”, the C.I.Be.C. processes personal data relating to its teaching staff, technical-administrative staff, external collaborators, students; some of these data (name, classification, tax code, etc.) already resident in the University Information Systems, together with other data, which are provided voluntarily by the user, for the purpose of using services made available by the Departmental Web Systems.
University data and data provided voluntarily by the user
If you are a person who has an institutional profile related to the activity that is carried out in the C.I.Be.C. (Ex: Teacher, Student, PhD student, TA Staff, etc.) you will be asked to voluntarily provide additional personal data, compared to those already in the possession of the University. The optional, explicit and voluntary sending of information on this site, together with the information already available at the University (eg: e-mail address, tax code, career, etc.) will allow you to use the services available online and associated with your profile.
Cookies
A cookie is a digital token, that is a set of data contained in a small file, which is exchanged between programs communicating with each other, typically a client and a web server.
Session cookies
Session cookies are not stored persistently on the user’s computer, that is, the client, but vanish with the closing of the browser, the working session.
They are typically used only for the transmission of information to identify the session (these are random numbers generated by the server) and serve to allow the safe and efficient navigation of a site (e.g. maintaining the login)by avoiding the use of other IT techniques which could be detrimental to the confidentiality of users; do not provide for the acquisition of personal identification data.
Functional cookies
Functionality cookies allow the user to navigate the site, every time they access it, according to criteria selected once and for all (for example language, presentation mode, etc.).
Profiling cookies
This does not use cookies profiling the user, for advertising purposes. For more information on cookies please visit the Garante della Privacy webpage
PURPOSE OF THE PROCESSING OF PERSONAL DATA AND ITS LEGAL BASIS
The processing of personal data is aimed at allowing the provision of institutional services of C.I.Be.C. and is carried out in compliance with the principles of law.
The personal data you make available voluntarily may be used to comply with the provisions of laws and regulations (national or Community), or execute an order of judicial authorities.
METHODS OF TREATMENT
The processing of your personal data will be carried out through suitable paper, electronic and/or telematic tools, with logics strictly related to the purposes described above and, in any case, in such a way as to guarantee the security and confidentiality of the data.
Within the C.I.Be.C. may become aware of your personal data, subjects related to the C.I.Be.C. directly interested in the activity for which you have provided and you will give your consent, the IT technicians responsible for the management of the systems, the Data Protection Officer, the Data Processors and the persons in charge of the processing of personal data designated by the Director of C.I.Be.C..
They may also become aware of your personal data qualified subjects who provide the C.I.Be.C. services or services instrumental to institutional activities, subjects and companies that may be called to manage and/or participate in the management and/or maintenance of the websites, web applications, electronic and/or telematic tools that host and support them.
The data may be communicated to any other subject to whom the data must be transmitted according to an express provision of law.
Your personal data will not be disclosed in any other case.
RIGHTS OF THE INTERESTED PARTIES
Pursuant to art. 7 of d. lgs. n. 196/2003, the interested party may exercise:
the right to know:
- the origin of personal data,
- the purposes and methods of processing,
- the logic applied in the case of treatment carried out with the aid of electronic tools,
- the identification details of the owner, managers, subjects or categories of subjects to whom the personal data may be communicated or who may become aware of them.
the right to obtain without delay:
- update, correct or, where appropriate, supplement the data,
- the deletion, transformation into anonymous form or blocking of data processed in violation of the law, including those whose storage is not necessary in relation to the purposes for which the data were collected or subsequently processed,
- evidence that these operations have been brought to the attention, including as regards their content, of those to whom the data have been communicated or disseminated, unless such provision proves impossible or involves the use of means manifestly disproportionate to the protected right.
the right to object, in whole or in part:
- for legitimate reasons relating to the processing of personal data concerning him, even if relevant to the purpose of the collection,
- the processing of personal data concerning him for the purpose of sending advertising material or direct sales or for the performance of market research or commercial communication.
The rights can be exercised by an appropriate request to the Data Controller.
For the “Purposes of Processing” of this information, your personal data will be processed only for the time necessary, unless you revoke your consent.