Information on the processing of personal data of users of the site, pursuant to Article 13 of Regulation (EU) 2016/679

 

Data Protection Officer c/o Politecnico di Milano Tel: +39 02 23999378 email: privacy@mip.it

Data Protection Officer c/o MIP Politecnico di Milano – Graduate School of Business ScpA Tel: +39 02 23992820 email: dpo@mip.polimi.it

The optional, explicit and voluntary sending of messages to the contact addresses of the MIP, as well as the compilation and forwarding of the forms present on the site involve the acquisition of the contact data of the sender necessary to answer the requests, as well as of All personal information included in the communications.

Informative specifications are published in the pages prepared for the provision of certain services.

The computer systems and software procedures used to operate this site acquire, during their normal exercise, certain personal data whose transmission is implied in the use of Internet communication protocols.

This category of data includes the following:

•  IP addresses of devices used by users;
• Date and time when the request was received;
• Addresses in URI/URL (Uniform resource Identifier/Locator) notation of the requested resources;
• The numerical code indicating the status of the response given by the server (good end, error, etc.);
• The size in bytes of the response;
• URI/URL Address of the source page (referrer);
• Browser recognition string (user agent).

Such data do not persist for more than 15 days, past which, are automatically erased (prejudice to any need for criminal investigation by the judicial authority).

Moreover, they are treated, anonymously, data necessary for the enjoyment of Web services, in order to check the correct functioning of the services offered.

Cookies are text strings created by a server and stored on the computer’s hard disk or on any device used by the user to access the Internet (smartphones, tablets, etc.) and then be re-reviewed in the subsequent internet accesses by of the same device. Cookies allow you to collect information about the user’s browsing on a site, for example to remember your language preferences or the currency used for a purchase, and to re-propose them to the next visit in order to facilitate the enjoyment of the site and improve the user experience. Cookies can be stored permanently on the user’s computer and have a variable duration (i.e. persistent cookies) or may also fade with the browser close or have a limited duration (so-called session cookies). Cookies can be installed from the site that you are visiting (so-called first-party cookies) or can be installed from other websites (i.e. third party cookies).

The School of Management site uses first-party cookies, third-party cookies, and other similar technologies, as described below.

Technical navigation cookies and functionalities: (legal basis of treatment: consent) These are the first part cookies, both session and persistent, aimed at allowing a safe and efficient navigation and enjoyment of the pages of the site as well as Improve the services rendered. They are cookies which, for example, allow the recognition of the selected language and the country from which the connection is made. These cookies recognize you as a new login, preventing you from entering your data every time. For example, if you have selected items for purchase in the shopping bag but do not complete the purchase, you can resume and finalize the purchase the next time you return to visit the sites. Finally, the feature cookies improve the browsing experience.

Profiling cookies: (legal basis of treatment: consent) profiling cookies allow you to write down the preferences found during each visit and create profiles that allow you to send messages that are more adherent to your preferences and Interests of the user, for example by allowing you to view the products that the user is looking for faster or to offer them content in line with the preferences. The SOM site also makes use of third-party profiling cookies that are used to show the user the MIP’s proposals when you visit other sites (retargeting). The site is also a first-party cookie to allow the operation of a marketing automation platform aimed at “targettizzare” user users of the site in such a way as to create appropriate content with which the holder can Undertake marketing campaigns, monitor their development and create opportunities for their users.

Analytical cookies: (legal basis of treatment: consensus) The MIP makes use of Google Analytics service of the company Google, Inc. (hereinafter “Google”) to generate statistics on the use of the Web site (for example, on the use of the services, most visited pages, number of visitors per time or daily, geographical areas of provenance, etc.). Google Analytics, in order to carry out these tasks, does not collect personal data, because all the IP addresses of the users are anonycezed as soon as they are received by the network and before being stored or processed.

The user can disable Google Analytics cookies by downloading a specific plug-in of the browser available here: Https://tools.google.com/dlpage/gaoptout.

Social cookies: On sites are used third party cookies to allow users to interact with social networks (Facebook, Twitter,…) and in particular to share content of the sites through the aforementioned social networks.

 

At the time of access to any page of the site, there is a Banner that contains a brief information. By closing the Banner or navigating, accessing another area or selecting a page element (for example, an image or a link), you consent to the use of cookies. Consent to the use of cookies is recorded.

The technical navigation and functionality cookies and analytical cookies are retained for the duration of the browsing session on the site and, if persistent, even thereafter while profiling cookies are retained until the consent is withdrawn For this purpose that happens with deletion of profiling cookies from the browser cache.

By visiting a website you can receive cookies from sites managed by other organizations (“third parties”). As far as sites are concerned, third-party cookies are required by widgets to use services offered by third-party sites: Google calendars, Google Maps, embedding of videos uploaded to the YouTube platform, embedding of audio files uploaded to the platform Spreaker.

The management of personal data collected by third parties is governed by the relevant information available on the respective websites:

•  Youtube: https://support.google.com/youtube/answer/2801895?hl=it
• Google: https://policies.google.com/technologies/product-privacy?hl=it
• Linkedin: https://www.linkedin.com/legal/privacy-policy?_l=it_IT
• Facebook: https://www.facebook.com/about/privacy
• Instagram: https://help.instagram.com/196883487377501
• Twitter: https://twitter.com/it/privacy
• Click Dimension: https://clickdimensions.com/about/privacy-policy/

The optional, explicit and voluntary sending of messages to the contact addresses of the MIP or the Polytechnique, and the compilation and forwarding of the forms present on the site entail the acquisition of the contact data of the sender necessary to answer the Requests, as well as all personal data included in the communications.

Informative specifications are published in the pages prepared for the provision of certain services.

To present the degree courses of the Politecnico di Milano in Management engineering, the PhD (Ph.D.) and the specialization courses.	6.1.a Consent	Involved: site users
Present, promote and allow to participate in the selection pathways for the training activities provided by the MIP;	6.1.a Consent	Involved: site users
To present the research activities of the MIP and of the Politecnico di Milano and, in particular, of the Osservatori;	6.1.a Consent	Involved: site users
Promote the consulting activity of the MIP	6.1.a Consent	Involved: site users
To carry out dissemination activities on issues related to the Management of companies and entities in a broad sense, or on issues of general economics and Industrial Engineering.	6.1.a Consent	Involved: site users

For the pursuit of the above-mentioned purposes, common data (data, contact details,…) will generally be dealt with and the processing of personal data governed by art is not foreseen. 9 (Treatment of particular categories of personal data) of the regulation. The treatment responds to the principle of minimization of data and limitation of conservation: it will be the minimum set of data for the period strictly necessary.

Data collected through the site will not be disclosed to third parties or disseminated.

The data may be subject to treatment by qualified individuals as responsible under art. 4.8 and of Art 28 of the GDPR (professionals, consultancy and services companies, hardware and software assistance companies, companies with technical and organisational tasks of the site,…) Both by authorized persons for the treatment according to art. 29, which operate under the direct authority of the proprietor (employees and collaborators in various ways), who has instructed them to do so.

Holder can be obtained by writing to the Data protection officer.

The data will be exchanged between Politecnico di Milano, Department of Management Engineering and MIP for purposes related to the promotion of events and to the scientific-managerial dissemination.

The members use the Cloud services offered by some suitably qualified suppliers, who operate in Europe, in the United States or in any country for which adequacy decisions are made by the Commission and/or the guarantor.

As far as the United States is concerned, the transfer is permitted under the Privacy Shield, a self-certification mechanism, valid from 01/08/2016 for companies established in the USA wishing to receive personal data from the European Union. The participating companies undertake to respect the principles contained therein and to provide to the European stakeholders, appropriate protection tools, under penalty of elimination from the “Privacy Shield List” (available at the address www.privacyshield.gov) by the U.S. Department of Commerce, as well as possible sanctions from the Federal trade Commission.

In the absence of a decision of adequacy or adequate guarantees under art. 46 of the GDPR, the transfer will be only with the express consent of the person concerned in accordance with art. 49 GDPR.

The person concerned shall have the right to obtain from the holder of the treatment the confirmation that it is in course a processing of personal data concerning him and, if necessary, to request access to the personal data and the rectification or cancellation of the same or the Limitation of treatment concerning him or to oppose their treatment-if not mandatory by law-in addition to the right to data portability.

At any time, the person concerned has the right to withdraw the consent, without prejudice to the lawfulness of the treatment based on consent prior to revocation.

The person concerned also has the right to submit a complaint to a supervisory authority.

 

Politecnico di Milano and MIP have determined that the claims and requests for the exercise of the rights presented by the interested parties will be managed in the context of the treatment objectives laid down in the Contitularity agreement, in any case intended that the Interested parties may exercise their rights in respect of both members under art. 26, paragraph 3, of Regulation (EU) No 679/16, evoking each other, irrespective of the other, before the guarantor of personal data protection and/or national justice.

Stakeholders can also oppose the registration of cookies on their hard disk by configuring the navigation browser to disable them.

Here are the links to find information about the modes offered by the main browsers:

• Internet Explorer: http://windows.microsoft.com/it-it/windows7/how-to-manage-cookies-in-internet-explorer-9;
• Chrome: https://support.google.com/chrome/answer/95647?hl=it;
• Firefox: https://support.mozilla.org/it/kb/Gestione%20dei%20cookie;
• Safari: http://support.apple.com/kb/HT1677?viewlocale=it_IT;

However, after doing so, some Web page functions may not work correctly.

MIP Politecnico di Milano – Graduate School of Business SCPA and Politecnico di Milano are equipped with a CRM system to improve the proposal of user involvement of the site.

If the data controller intends to further treat the personal information for a purpose other than that for which they were collected, before such further treatment they undertake to provide the person concerned with information on that different purposes and any further relevant information.