Dear user, in accordance with Article 13 of EU Regulation 2016/679, also known as GDPR, please find the following information on how we will process your personal data.
Your personal data will be processed in accordance with the principles of propriety, lawfulness, transparency and the protection of privacy and your rights. It may occur manually or electronically or with the the use of IT or automated devices. Data processing may consist of any operation carried out with or without the use of automated processes, including the collection, recording, organisation, structuring, storage, elaboration, selection, blocking, adaptation, modification, extraction, consultation, use, communication via transmission, diffusion or any other means of making available, comparison, interconnection, limitation, cancellation or destruction of said data.
Who is the Data Controller?
The Data Controller - i.e. the body that determines how and why your data is processed - is the University of Brescia, located in Piazza Mercato, 15 - 25121 Brescia, represented by the Rector, its legal representative (hereinafter the “Controller”). You can contact the Controller by writing to the certified email address firstname.lastname@example.org
Who is the Data Protection Officer?
The University of Brescia has appointed a Data Protection Officer who can be contacted with all queries relating to personal data processing and to exercise any rights deriving from GDPR. The Data Protection Officer is Società Frareg S.r.l., represented by Mr Luca Serra, who can be contacted at the email: email@example.com
Why do we process your data?
In accordance with Article 6, Paragraph 1 of GDPR, your personal data is processed so that the relevant university department/bodies can fulfil all duties allocated to them. More specifically, the university will process your data for:
1. Investigate the forecasts of change in the mobility habits of students and employees of the Italian University in the next academic year, in light of the Covid-19 health emergency.
2. Research activities in the field of mobility
Who can we communicate your data to?
Your data is processed by personnel who belong to the departments of the university and are authorised by the Data Controller, in accordance with their functions and skills.
Moreover, the Data Controller can communicate your personal data to the following external third-party subjects, because their activities are essential to the achievement of the aforementioned purposes, including as regards functions attributed to them by law:
Is it compulsory for you to provide us with your data?
Yes, because if you fail to do so, the university will be unable to complete required activities and deal with requests. However, formal declaration of consent for data processing is required only for process the e-mail address.
How long will we store your data for?
Your personal data will be stored in the database of the Data Controller, for 3 years.
Where present, authentication logs will be erased after 180 days.
What are your rights and how can you exercise them?
You have the right to:
- access your personal data;
- obtain the correction or cancellation of data or the limitation of data processing;
- request data portability if data is in digital form;
- oppose data processing;
- make a complaint to the supervisory authorities.
You can exercise your rights by contacting the Data Controller and/or the Data Protection Officer; the Data Controller must respond to your within 30 days of the date they receive your request (this period can be extended to 90 days if the request is particularly complex).
In the event that you believe that your data has been processed in a way that violates relevant regulations, or if the response to a request in which you have exercised one or more of the rights set out in Articles 15-22 of GDPR fails to arrive within the time limit indicated or is unsatisfactory, you can contact the supervisory authority or the authority of the protection of personal data.
Will you be subject to automated decision-making processes?
No, you will not be subject to any decisions based solely on automated processes (including profiling), unless you have explicitly provided your consent for this.
Is your data safe?
Your data is processed in a lawful, proper manner and we adopt appropriate security measures designed to prevent any unauthorised access, disclosure, modification or destruction of the data.
For any further question related to the survey contact firstname.lastname@example.org