This policy is issued under art. 13 of Regulation EU no. 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and in respect of the laws on personal data processing and on the free movement of such data.
The Data Controller is the Politecnico di Milano - Director General delegated by the pro-tempore Rector - contact: dirgen(at)polimi.it.
Internal data processor
Dr. Andrea Papoff, Department Manager, Department of Energy, Via Lambruschini 4, Milan (MI), ph. 0223996571, e-mail: andrea.papoff(at)polimi.it
The personal data will be processed by other authorised parties who will receive instructions for that purpose under current legislation.
Data Protection Officer and contact details
Dr Vincenzo Del Core, contact: privacy(at)polimi.it - ph.: +39 0223999378.
Purposes and legal basis of processing, categories of data and storage period
In accordance with and for the purposes of the new EU General Regulation on the protection of personal data no. 679/2016, we inform you that your personal data will be used to send you communications regarding the institutional activities of the Department - PURPOSE 1 - (such as and among the others: Advertising of University services and events aimed at internal audiences; Advertising of post-graduate and specializing master courses; Communications relating to training activities; Orientation newsletters; Operational communications for open days; ...etc); if you are not interested in receiving such communications, you can check the "unsubscribe" box always present at the end of such communications.
The data may also be processed to send you non-institutional communications - PURPOSE 2 - (such as and among the others: Advertising of events not strictly connected to training activities, but of general interest; Advertising of agreements with external commercial entities; Organized events from third parties; pure marketing communications; ...etc) but only after having acquired the consent which, in this case, will be the legal basis of the data processing.
The purposes pursued as described above are summarized in the following table:
Personal data processing purposes
Legal basis of processing
Categories of personal data processed
Personal data retention period
| || || |
| || || |
Nature of the data
Providing data is optional. Any refusal to provide the data makes it impossible to carry out the intended purposes.
The processing for the purposes indicated above is carried out on digital media, using electronic tools.
Duly authorised persons are entitled to access the data acquired for the aforementioned purposes.
Categories of recipients
the data will not be disclosed to public or private entities for the listed purposes.
Transferring data to non-EU countries or international Organisations
The personal data will not be transferred in any way to countries outside the EU or any international Organisation.
Data subject rights
As the data subject, you may request from the Controller:
· confirmation of the existence or otherwise of personal data concerning you;
· access to your personal data and information relating to them; the rectification of inaccurate data or completion of incomplete data; the erasure of personal data relating to you (in the presence of one of the conditions indicated in Art. 17, paragraph 1 of the Regulation and in compliance with the exceptions provided for in paragraph 3 of the same article); limit the processing of your personal data (under one of the cases indicated in art. 18, paragraph 1 of the Regulation), the transformation into anonymous form or block on data processed in violation of the law, including data whose storage is no longer necessary for the purposes for which it was collected or processed.
As the data subject, you also have the right to object in full or in part:
· on legitimate grounds, to the processing of personal data relating to you, even if it is relevant for the purpose for which the data were collected;
· to the processing of personal data relating to you for the purpose of promoting initiatives.
These rights may be exercised by contacting privacy(at)polimi.it.
If you believe that your rights have been infringed by the Controller and/or by a third party, you are entitled to lodge a complaint with the Italian Data Protection Authority and/or other competent supervisory authority pursuant to the Regulation.