Information on the processing of personal data of users of the site, pursuant to Article 13 of Regulation (EU) 2016/679

PREMISE

According to Regulation (EU) 2016/679 (hereinafter “regulation” or “GDPR”), this page describes the procedures for the processing of the personal data of users who consult the website of the “School of Management of the Politecnico di Milano” (hereinafter referred to as “SoM”). , consisting of two distinct realities operating both in the context of training, didactics, dissemination and scientific promotion: The Politecnico di Milano (hereinafter “Politecnico”) and the MIP Polytechnic of Milan-Graduate School of Business S.C.p.A. (of Followed, “MIP”).

The Politecnico, in fact, through the Department of Management Engineering (hereinafter “DIG”), organizes and manages, in addition to the degree courses in managerial engineering aimed at undergraduate, research and consultancy projects and doctoral programs while the MIP It plays – inter alia – post-graduate managerial training activities for graduates of all disciplines and professionals oriented towards the world of business and public administration.

Given that the treatment will be based on the principles of lawfulness, correctness and transparency, minimization and limitation of data retention, accuracy, integrity and confidentiality, in the light of the above, Politecnico di Milano and MIP, in some Provide the following information.

CO-OWNERS OF TREATMENT

Politecnico di Milano

Piazza Leonardo da Vinci 32
20156 Milano,
Tel: +39 02 23999378
privacy@polimi.it

MIP Politecnico di Milano Graduate School of Business ScpA
Via Lambruschini 4C, Building 26/A
20156  Milano
Tel: +39 02 2399282/ Fax: +39 02 23992844
pec: pecmip@legalmail.it

 

The SoM groups the MIP and the DIG and includes a wide range of research initiatives, training activities and high consultancy in the field of economics, management and industrial engineering, whose website, brand and domain www.som.polimi.it are the property Of the DIG while the management is entrusted to the MIP. Compared to the site, Politecnico di Milano and MIP Politecnico di Milano Graduate School of Business S.C.p.A. operate as joint members, jointly determining the purposes and modalities of the treatment.

The data holders of the treatment have an information, whose drafting is in the head of the MIP, and will be made available on the site of the SoM.

Following the site consultation, personal data (as defined in art. 4.2 of the GDPR) of the interested parties may be processed, i.e. data relating to identified or identifiable natural persons, and this entails the necessity for those who decide the purposes and Method of treatment (“Holder”), to respond to certain fulfilments, including informing the interested parties and acquiring consent, where the latter constitutes the legal basis of the treatment itself.

This information does not affect other sites, pages, or online services that can be accessed through hyperlinks that may be published to sites but refer to resources outside the SoM domain.

DPO, DATA PROTECTION OFFICERS

 

Data Protection Officer

c/o Politecnico di Milano

Tel: +39 02 23999378

email: privacy@mip.it

Data Protection Officer

c/o MIP Politecnico di Milano – Graduate School of Business ScpA

Tel: +39 02 23992820

email: dpo@mip.polimi.it

DATA VOLUNTARILY PROVIDED BY THE USER

The optional, explicit and voluntary sending of messages to the contact addresses of the MIP, as well as the compilation and forwarding of the forms present on the site involve the acquisition of the contact data of the sender necessary to answer the requests, as well as of All personal information included in the communications.

Informative specifications are published in the pages prepared for the provision of certain services.

NAVIGATION DATA

The computer systems and software procedures used to operate this site acquire, during their normal exercise, certain personal data whose transmission is implied in the use of Internet communication protocols.

This category of data includes the following:

  •  IP addresses of devices used by users;
  • Date and time when the request was received;
  • Addresses in URI/URL (Uniform resource Identifier/Locator) notation of the requested resources;
  • The numerical code indicating the status of the response given by the server (good end, error, etc.);
  • The size in bytes of the response;
  • URI/URL Address of the source page (referrer);
  • Browser recognition string (user agent).

Such data do not persist for more than 15 days, past which, are automatically erased (prejudice to any need for criminal investigation by the judicial authority).

Moreover, they are treated, anonymously, data necessary for the enjoyment of Web services, in order to check the correct functioning of the services offered.

COOKIES

Cookies are text strings created by a server and stored on the computer’s hard disk or on any device used by the user to access the Internet (smartphones, tablets, etc.) and then be re-reviewed in the subsequent internet accesses by of the same device. Cookies allow you to collect information about the user’s browsing on a site, for example to remember your language preferences or the currency used for a purchase, and to re-propose them to the next visit in order to facilitate the enjoyment of the site and improve the user experience. Cookies can be stored permanently on the user’s computer and have a variable duration (i.e. persistent cookies) or may also fade with the browser close or have a limited duration (so-called session cookies). Cookies can be installed from the site that you are visiting (so-called first-party cookies) or can be installed from other websites (i.e. third party cookies).

The School of Management site uses first-party cookies, third-party cookies, and other similar technologies, as described below.

Technical navigation cookies and functionalities: (legal basis of treatment: consent) These are the first part cookies, both session and persistent, aimed at allowing a safe and efficient navigation and enjoyment of the pages of the site as well as Improve the services rendered. They are cookies which, for example, allow the recognition of the selected language and the country from which the connection is made. These cookies recognize you as a new login, preventing you from entering your data every time. For example, if you have selected items for purchase in the shopping bag but do not complete the purchase, you can resume and finalize the purchase the next time you return to visit the sites. Finally, the feature cookies improve the browsing experience.

Profiling cookies: (legal basis of treatment: consent) profiling cookies allow you to write down the preferences found during each visit and create profiles that allow you to send messages that are more adherent to your preferences and Interests of the user, for example by allowing you to view the products that the user is looking for faster or to offer them content in line with the preferences. The SOM site also makes use of third-party profiling cookies that are used to show the user the MIP’s proposals when you visit other sites (retargeting). The site is also a first-party cookie to allow the operation of a marketing automation platform aimed at “targettizzare” user users of the site in such a way as to create appropriate content with which the holder can Undertake marketing campaigns, monitor their development and create opportunities for their users.

Analytical cookies: (legal basis of treatment: consensus) The MIP makes use of Google Analytics service of the company Google, Inc. (hereinafter “Google”) to generate statistics on the use of the Web site (for example, on the use of the services, most visited pages, number of visitors per time or daily, geographical areas of provenance, etc.). Google Analytics, in order to carry out these tasks, does not collect personal data, because all the IP addresses of the users are anonycezed as soon as they are received by the network and before being stored or processed.

The user can disable Google Analytics cookies by downloading a specific plug-in of the browser available here: Https://tools.google.com/dlpage/gaoptout.

Social cookies: On sites are used third party cookies to allow users to interact with social networks (Facebook, Twitter,…) and in particular to share content of the sites through the aforementioned social networks.

 

At the time of access to any page of the site, there is a Banner that contains a brief information. By closing the Banner or navigating, accessing another area or selecting a page element (for example, an image or a link), you consent to the use of cookies. Consent to the use of cookies is recorded.

The technical navigation and functionality cookies and analytical cookies are retained for the duration of the browsing session on the site and, if persistent, even thereafter while profiling cookies are retained until the consent is withdrawn For this purpose that happens with deletion of profiling cookies from the browser cache.

THIRD PART COOKIES

By visiting a website you can receive cookies from sites managed by other organizations (“third parties”). As far as sites are concerned, third-party cookies are required by widgets to use services offered by third-party sites: Google calendars, Google Maps, embedding of videos uploaded to the YouTube platform, embedding of audio files uploaded to the platform Spreaker.

The management of personal data collected by third parties is governed by the relevant information available on the respective websites:

PURPOSE & LEGAL BASIS

The optional, explicit and voluntary sending of messages to the contact addresses of the MIP or the Polytechnique, and the compilation and forwarding of the forms present on the site entail the acquisition of the contact data of the sender necessary to answer the Requests, as well as all personal data included in the communications.

Informative specifications are published in the pages prepared for the provision of certain services.

To present the degree courses of the Politecnico di Milano in Management engineering, the PhD (Ph.D.) and the specialization courses. 6.1.a Consent Involved: site users
Present, promote and allow to participate in the selection pathways for the training activities provided by the MIP; 6.1.a Consent Involved: site users
To present the research activities of the MIP and of the Politecnico di Milano and, in particular, of the Osservatori; 6.1.a Consent Involved: site users
Promote the consulting activity of the MIP 6.1.a Consent Involved: site users
To carry out dissemination activities on issues related to the Management of companies and entities in a broad sense, or on issues of general economics and Industrial Engineering. 6.1.a Consent Involved: site users

MANDATORY DATA CONFERRAL

For the pursuit of the above-mentioned purposes, common data (data, contact details,…) will generally be dealt with and the processing of personal data governed by art is not foreseen. 9 (Treatment of particular categories of personal data) of the regulation. The treatment responds to the principle of minimization of data and limitation of conservation: it will be the minimum set of data for the period strictly necessary.

RECIPIENTS AND PERSONS AUTHORISED FOR TREATMENT

Data collected through the site will not be disclosed to third parties or disseminated.

The data may be subject to treatment by qualified individuals as responsible under art. 4.8 and of Art 28 of the GDPR (professionals, consultancy and services companies, hardware and software assistance companies, companies with technical and organisational tasks of the site,…) Both by authorized persons for the treatment according to art. 29, which operate under the direct authority of the proprietor (employees and collaborators in various ways), who has instructed them to do so.

Holder can be obtained by writing to the Data protection officer.

The data will be exchanged between Politecnico di Milano, Department of Management Engineering and MIP for purposes related to the promotion of events and to the scientific-managerial dissemination.

TRANSFER OF PERSONAL DATA TO NON-EU COUNTRIES

The members use the Cloud services offered by some suitably qualified suppliers, who operate in Europe, in the United States or in any country for which adequacy decisions are made by the Commission and/or the guarantor.

As far as the United States is concerned, the transfer is permitted under the Privacy Shield, a self-certification mechanism, valid from 01/08/2016 for companies established in the USA wishing to receive personal data from the European Union. The participating companies undertake to respect the principles contained therein and to provide to the European stakeholders, appropriate protection tools, under penalty of elimination from the “Privacy Shield List” (available at the address www.privacyshield.gov) by the U.S. Department of Commerce, as well as possible sanctions from the Federal trade Commission.

In the absence of a decision of adequacy or adequate guarantees under art. 46 of the GDPR, the transfer will be only with the express consent of the person concerned in accordance with art. 49 GDPR.

RIGHTS OF THE PARTIES CONCERNED (ARTICLE 15-22 OF THE GDPR)

The person concerned shall have the right to obtain from the holder of the treatment the confirmation that it is in course a processing of personal data concerning him and, if necessary, to request access to the personal data and the rectification or cancellation of the same or the Limitation of treatment concerning him or to oppose their treatment-if not mandatory by law-in addition to the right to data portability.

At any time, the person concerned has the right to withdraw the consent, without prejudice to the lawfulness of the treatment based on consent prior to revocation.

The person concerned also has the right to submit a complaint to a supervisory authority.

 

Politecnico di Milano and MIP have determined that the claims and requests for the exercise of the rights presented by the interested parties will be managed in the context of the treatment objectives laid down in the Contitularity agreement, in any case intended that the Interested parties may exercise their rights in respect of both members under art. 26, paragraph 3, of Regulation (EU) No 679/16, evoking each other, irrespective of the other, before the guarantor of personal data protection and/or national justice.

Stakeholders can also oppose the registration of cookies on their hard disk by configuring the navigation browser to disable them.

Here are the links to find information about the modes offered by the main browsers:

However, after doing so, some Web page functions may not work correctly.

PROFILING

MIP Politecnico di Milano – Graduate School of Business SCPA and Politecnico di Milano are equipped with a CRM system to improve the proposal of user involvement of the site.

MORE PURPOSES

If the data controller intends to further treat the personal information for a purpose other than that for which they were collected, before such further treatment they undertake to provide the person concerned with information on that different purposes and any further relevant information.