Privacy Policy

Personal data processing privacy policy for the University’s website.

​

Pursuant to Regulation (EU) 2016/679 (hereinafter the “Regulation”), this page describes the methods for processing the personal data of users consulting the website accessible electronically at the following address: https://www.maasive.eu/ , through which the MAASive Project is presented.

 

Data controller

Politecnico di Milano - General Director, delegated by the pro-tempore Rector – contact: dirgen@polimi.it 

 

Data Protection Officer

Mail: privacy@polimi.it

 

Internal Data Processor

Prof. Margherita Emma Paola Pero, Scientific Responsible, Department of Management, Economics and Industrial Engineering, via Lambruschini 4, Milan - contact: margherita.pero@polimi.it

 

Purpose of the processing

The personal data indicated in this privacy policy are processed by Politecnico di Milano – Department of Management, Economics and Industrial Engineering in the performance of its tasks carried out in the public interest, hereby including:

 

• enable navigation of the web portal;

 

• provide the user with the required information and services;

 

• promote and disseminate the results of Research activities under the MAASive project;

 

• control the proper functioning of the web portal, carry out monitoring activities in support of its security and identify actions aimed at its improvement (for navigation data);

 

• subscription to the MAASive newsletter, based on the consent of the data subject (art. 6, par. 1, lett. a GDPR)

 

 

Types of data processed:

​

BROWSING DATA

The IT systems and software procedures used for the operation of this website acquire certain personal data during their normal functioning whose transmission is implicit in the use of Internet communication protocols. These data are not collected for the purpose of association with identified data subjects, but by their very nature they could, through processing and association with data held by third parties, allow users to be identified. This category of data includes the IP addresses or domain names of the computers used by users accessing the site, the URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user's operating system and computer environment. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning. The data could be used to ascertain liability in the event of hypothetical computer crimes against the site.

 

DATA PROVIDED VOLUNTARILY BY THE USER

The optional, express and voluntary transmission of emails to the addresses given on this site entails the subsequent acquisition of the sender's address, which is necessary to reply to requests, as well as any other personal data included in the message. Personal data provided on a voluntary basis by users, such as those of students, acquired through registration and enrolment or any subsequent specific collection methods, will be processed for the purpose of carrying out its institutional activities, within the limits established by law and Regulations, in compliance with the general principles of transparency, fairness and confidentiality, as set forth in Legislative Decree 196/2003 as amended.

​

Processing methods

Personal data are processed using automated means for the time strictly necessary to achieve the purposes for which they were collected. Specific security measures are taken to prevent loss of data, illegal or incorrect use and unouthorised access.

​

Voluntary nature of the data provision

Besides the indications provided regarding browsing data, the user is free to provide the personal data indicated in the forms on the website or indicated on the occasion of contacts to request informative material, other communications or to access specific services. Failure to provide them may make it impossible to process the request.

 

Categories of recipients 

In relation to the purposes indicated, personal data may be disclosed to:

• companies or persons that provide services on behalf of the Controller;

• AAU - Aalborg University - Denmark. Data may be communicated to AAU, as project coordinator, in aggregate and anonymous form and only for project reporting purposes.

 

Data subjects’ rights

Data subjects have the right to:

• In accordance with articles 16, 17, 18, 19 and 21 of Regulation (EU) 2016/679, request from the controller access to their own data and their rectification or erasure or restriction of the processing, or to object to their data being processed. Erasure is not permitted for those data contained in documents that the University must necessarily keep;

• Lodge a complaint with a supervisory authority.