Information on cookies and the processing of personal data in the University Portal system websites
1. Why this statement
This statement is written to give information to users who interact with the Portal System of the Alma Mater Studiorum – telematic University of Bolognausing the address: http://www.famt-l.eu, which corresponds to the front page of the University’s official Portal.
This information is given in accordance with art 13 of Legislative Decree no. 196/2003 – Code on personal data protection.
This statement is valid only for all the websites of the “University Portal System” and not for any other website users may access through the links found on the University websites. The presence of this statement, which is in the page footer, is a guarantee that the user is in the “Portal System” of the University of Bologna.
The statement is also in line with the Recommendation no. 2/2001, which the European authorities for personal data protection, part of the Group established under art. 29 of directive no. 95/46/EC, adopted on 17 May 2001 to identify some of the minimum requirements for the collection of personal data online and in particular as regards the methods, terms and nature of the information that the data controllers must supply to users when they connect to the web pages, whatever the reason for the connection.
2. Types of data processed
The Alma Mater Studiorum – University of Bologna, in its capacity as Data Controller, informs that, by entering personal information on the website or by authentication to the University’s web services, the data relating to identified or identifiable persons will be processed.
2.1.1 Purpose of using cookies
The Portal System websites use some cookies to make the services easy to navigate and to ensure the efficient use of the web pages of the Alma Mater Studiorum – University of Bologna. The cookies used also help to improve the services provided to users, making their use more effective and/or enabling specific functions.
2.1.2 Cookies used
The Portal System websites use two types of cookies: session cookies for authentication (on-line services and reserved areas) and to balance the load, and analytical cookies (Google Analytics).
- Session cookies
The websites in the Portal system use:
– session cookies, which are indispensable for managing the authentication of on-line services and reserved areas. The use of these cookies (which are not persistently saved on the user’s computer and are deleted when the browser is closed) is strictly limited to the transmission of session ID, required to explore the website safely and efficiently.
– Session cookies for balancing the loads optimise the website performance and reduce page loading times.If you disable these cookies you will not be able to use some of the on-line services.
2.1.3 Websites and external services
2.1.4 How to disable cookies
- To disable all cookies
You can deny consent to using cookies by selecting the appropriate setting in your browser: all the functions of the Portal System websites will in any case be available during non-authenticated navigation.
The links below explain how to disable the cookies for the most common browsers (for any other browsers used, we advise you to look for this option in the software help services).
Google Chrome: https://support.google.com/chrome/answer/95647?hl=it
Apple Safari: http://www.apple.com/it/privacy/use-of-cookies/
- To disable only Google Analytics cookies
Alternatively you can disable only the Google Analytics cookies, using the additional opt-out component provided by Google for the most common browsers. This way, you will be able to use all the on-line services of the Portal System websites.
- To delete memorised cookies on your device/PC
Even if you deny authorisation for using external cookies, before doing so the cookies may already have been memorised on your device/PC. For technical reasons it is not possible to delete these cookies, however your browser allows you to delete them using the privacy settings. In the browser options you will find a “Delete navigation data” option, which can be used to delete cookies, website data and plug-ins.
2.2 Remote traffic data
The computer systems and software procedures necessary for the Portal System to operate correctly collect some personal data that is implicitly transmitted by the use of the Internet communication protocols or is used to improve the quality of the service offered.
This information is not collected in order to be associated with identified interested parties, however in virtue of its nature it may lead to the identification of the user through data processing and association.
This category of data includes IP addresses or domain names of the computers used by the users to connect to the website, the URI (Uniform Resource Identifier) addresses of the resources required, the method used to send a request to the server, the size of the file obtained in reply, the numeric code that indicates the state of the reply given by the server (sent, error, etc.) and other parameters relating to the user’s operating system and data processing environment. The provision of the requested information is obligatory. This data is kept for six months, unless otherwise provided for by the laws in force.
This data is used to gather anonymous statistical information on the use of the website and to check that the computer systems are working correctly. The data could also be used to ascertain responsibility in the event of hypothetical computer crimes or in the case of damage caused to the University or other parties. This data is processed in compliance with the provisions of Rectoral Decree (D.R.) 271/2009 Annex B art. 14 and may be notified to the Judicial Authorities in the event of investigations, inspections, etc.
2.3 Data provided voluntarily by the user
The optional, explicit and voluntary sending of e-mails, messages and any other type of communications, addresses or contact details indicated on this portal implies the subsequent acquisition of the sender’s e-mail address and any other personal data used to respond to requests. All data will be processed in compliance with the principles of correctness, lawfulness and transparency, protecting confidentiality as required by Italian Legislative Decree no. 196/03.
Specific summary information will be progressively provided or displayed in the relative website pages for specific services available on request.
3. Data Controller
The Data Controller concerning this information note is the University of Bologna, via Zamboni, 33 – 40126 Bologna.
The “Data managers” are the directors of the administrative, technical, teaching and scientific offices which process your data (the list of structure managers is available on the website www.unibo.it).
Concerning the web services provided by the Portal System websites, as listed in points 2.1 and 2.2, the personal data is processed by the Data Managers: AAGG (via Acri, 12 – 40126 Bologna) and Ce.S.I.A. (viale Filopanti, 3 – 40126 Bologna). Consult the names of the responsible persons at these administrative divisions.
The list of administrators of the University’s central systems is available from CeSIA and may be supplied at the request of the person concerned by writing to firstname.lastname@example.org.
Users intending to object to the processing of data for legitimate reasons must notify Alma Mater Studiorum – University of Bologna in writing, to AAGG — University Portal Unit, via Acri, 12 – 40126 Bologna or to email@example.com.
4. Non-mandatory nature of the provision of data
Apart from what specified for cookies and navigation data, users are free to provide their personal data in the forms on the Portal websites, or in any case given in contacts with the university to request information materials, for other correspondence or to access specific services.
If they do not provide such information, however, it may be impossible to satisfy their requests.
5. How the data is treated
Data is treated exclusively for institutional purposes using computerised instruments and for the length of time strictly necessary to achieve the objective for which it is collected.
Specific security measures are followed to avoid the loss of data, unlawful or incorrect use of data and unauthorized access.
6. Rights of interested parties
In accordance with article 7 of legislative decree no. 196/2003, the person to whom the personal data refers has the right to:
- obtain confirmation of the existence or non-existence of data concerning him/her, and receive an intelligible communication of said data, even if it has not yet been registered.
- obtain information on:
a) the source of the personal data;
b) purpose and method of treatment;
c) logic applied in the event of treatment using electronic equipment;
d) details of the data handler, mangers and representative appointed in accordance with article 5 paragraph 2;
e) subjects or categories of subjects to which personal data may be sent or that may become acquainted with the data in virtue of their capacity as representative appointed for that territory by the State, or managers or persons responsible for said task.
- to obtain:
a) an update, modification or when interested, completion of the data;
b) the deletion, transformation into anonymous form, or to have the data blocked if handled unlawfully, including data that does not need to be stored for the purposes for which the data was collected or subsequently treated;
c) a declaration stating that the persons to which the data is communicated or divulged are aware of the operations referred to in (a) ad (b), including the content, except in the case in which it is not possible to fulfil said obligation or if this entails an involvement of means that is clearly disproportionate to the right protected.
- to be opposed, totally or partially:
a) for legitimate reasons, to the handling of his/her personal data, despite the fact it is relevant to the purpose of the collection;
b) to the treatment of his/her personal data for the purpose of sending advertising material or direct sales or to its use for market research or commercial purposes.