Information on Cookies and the Processing of Personal Data on the University Portal System Websites

Website Management Regarding the Processing of Personal Data of Users Who Visit It

EU Regulation 2016/679, hereinafter referred to as “GDPR,” establishes rules concerning the protection of natural persons with regard to the processing of personal data, as well as rules concerning the free movement of such data.

Pursuant to Article 13 of the aforementioned Regulation, the University of Ferrara, as the Data Controller of your personal data, provides the following information.

Purpose of This Notice

This notice is provided, pursuant to Article 13 of EU Regulation 2016/679 (GDPR), to individuals who interact generally with the University of Ferrara’s Portal System starting from the address: http://www.unife.it, which corresponds to the homepage of the University’s official portal (hereinafter also referred to as the Portal System).

This notice applies to all websites within the “University Portal System” and not to any other websites that may be accessed by the user via links.

The notice also draws inspiration from Recommendation No. 2/2001, adopted on May 17, 2001, by the European data protection authorities, gathered in the Group established by Article 29 of Directive No. 95/46/EC. This recommendation identifies certain minimum requirements for the collection of personal data online, particularly regarding the methods, timing, and nature of the information that data controllers must provide to users when they access web pages, regardless of the purpose of the connection.

Data Controller and Contact Information

The Data Controller is the University of Ferrara
Address: Via Ariosto No. 35 - 44121 Ferrara (FE), Italy
Email: rettore@unife.it
Certified Email (PEC): ateneo@pec.unife.it
Phone: +39 0532 293242

Data Protection Officer and Contact Information

The Data Protection Officer is Lepida S.p.A.
Address: Via della Liberazione 15 – 40128 Bologna (BO), Italy
Email: dpo-team@lepida.it

Categories of Data Processed

The University of Ferrara, as the data controller, informs that by entering personal information on this website or by authenticating to the University’s web services, data relating to identified or identifiable individuals may be processed. This includes, for example, IP addresses and domain names of the computers used by users/visitors accessing unife.it. These personal data are typically collected for statistical purposes, managed anonymously, and used to facilitate navigation on the unife.it website.

Cookies

Purpose of Cookie Usage

The unife.it website uses tracking cookies, which are short text strings sent from the website’s server to the user’s/visitor’s browser and automatically saved on the user’s/visitor’s computer. These cookies help improve the service provided to users by making its use more efficient and/or enabling certain functionalities.

Cookies Used

The Portal System websites use one type of cookie: session cookies for authentication (online services and restricted areas) and for load balancing.

Session Cookies

The Portal System websites use:

• Session cookies, essential for managing authentication to online services and restricted areas. These cookies (which are not persistently stored on the user’s computer and are deleted when the browser is closed) are strictly limited to transmitting session identifiers necessary for secure and efficient site navigation.
• Session cookies for load balancing, used to optimize website performance by reducing page load times.

Disabling these cookies will prevent the use of some online services.

Analytical/Tracking Cookies

The University uses analytical cookies to collect aggregated information about the number of users and how they visit the University Portal.

The portal collects statistical data on visits through the Web Analytics Italia platform. More information is available in the Web Analytics Italia privacy policy.

Technical cookies are not used for user profiling activities.

Third-Party Websites and Services

The Facebook Pixel cookie is installed to monitor conversions occurring on the website as a result of ads run on Facebook. For example, if a user joins a specific campaign advertised on Facebook, the cookie informs Facebook each time a user joins that campaign on the University of Ferrara’s website. Facebook compares the conversion event with the group of people who saw or clicked on the ad, providing the University with information to help assess the return on investment of its advertising spend.

More information: Facebook Pixel Cookie Policy

The Portal System websites may contain links to other websites with their own privacy policies. The University is not responsible for data processing carried out by those sites.

How to Disable Cookies (Opt-Out)

To Disable All Cookies

You can refuse consent to the use of cookies by selecting the appropriate settings in your browser. Non-authenticated browsing on the Portal System websites will still be fully functional.

Below are links explaining how to disable cookies in the most commonly used browsers (for other browsers, refer to the software’s help section):

• Internet Explorer: http://windows.microsoft.com/it-IT/internet-explorer/delete-manage-cookies#ie=ie-10
• Google Chrome: https://support.google.com/chrome/answer/95647?hl=it
• Mozilla Firefox: http://support.mozilla.org/it/kb/Gestione%20dei%20cookie?redirectlocale=en-US&redirectslug=Cookies
• Opera: http://help.opera.com/Windows/10.00/it/cookies.html
• Apple Safari: https://support.apple.com/it-it/guide/safari/sfri11471/mac

To Delete Cookies Already Stored on Your Device

Even if third-party cookie usage is revoked, cookies may have already been stored on the user’s device. For technical reasons, these cookies cannot be deleted automatically, but the user’s browser allows manual deletion via privacy settings. Browser options include “Clear browsing data,” which can be used to delete cookies, site data, and plug-ins.

Telematic Traffic Data

The IT systems and software procedures used to operate the Portal System websites acquire, during normal operation, certain personal data whose transmission is implicit in the use of Internet communication protocols or is used to improve the quality of the service offered.

These are not collected to be associated with identified individuals, but by their nature could, through processing and association, allow users to be identified.

This category includes IP addresses or domain names of computers used by users connecting to the site, URI (Uniform Resource Identifier) addresses of requested resources, request time, method used to submit the request to the server, size of the file received in response, numerical code indicating the server response status (success, error, etc.), and other parameters related to the user’s operating system and IT environment. Providing this data is mandatory. These data are stored for six months, unless otherwise provided by applicable law.

These data are used to obtain anonymous statistical information on site usage and to check the proper functioning of IT systems. They may also be used to determine responsibility in case of hypothetical computer crimes or if damage occurs to the University or third parties. These data are processed in accordance with the GDPR and may be disclosed to judicial authorities as required by law.

Data Provision

The voluntary, explicit, and optional sending of emails, messages, or any type of communication to the contacts listed on this portal results in the acquisition of the sender’s address and any other personal data provided, which will be used to respond to requests.

Specific summary notices will be progressively displayed or made available on pages of the websites dedicated to particular on-demand services.

 

Legal Basis for Data Processing

Your personal data are processed in the performance of tasks carried out in the public interest or in connection with the exercise of official authority vested in the University.

Optional Nature of Data Provision

Apart from what is specified for cookies and browsing data, users are free to provide personal data indicated in forms or modules on the Portal System websites, or otherwise provided during contact with the University to request informational materials, other communications, or access to specific services.

Failure to provide such data may result in the inability to fulfill the requested services.

Data Processing Methods

Personal data are processed exclusively for institutional purposes, using automated tools for the time strictly necessary to achieve the purposes for which they were collected, and in compliance with the security measures established by the University. Processing is carried out by internal University personnel authorized to handle data, who receive appropriate operational instructions regarding measures and precautions to ensure the effective protection of your personal data.

Recipients or Categories of Recipients of Personal Data

The collected data will not be disclosed or communicated to third parties, except in cases provided for by this notice and/or by law, and in accordance with the permitted methods.

Data may be accessed by data processors or persons in charge of processing, within the scope of their respective functions and in accordance with the instructions received, solely for the achievement of the specific purposes outlined in this notice.

Transfer of Data to Third Countries or International Organizations

Your data are not transferred to recipients in third countries or to international organizations.

Data Retention Period

Your data are retained for no longer than necessary to achieve the purposes for which they are processed.

Data will be stored in accordance with current regulations on the retention of administrative documentation.

Data Subject Rights with Respect to the Data Controller and the Data Protection Authority

As a data subject, you may exercise the following rights with respect to the University, using the contact details of the data controller:

• Right to access your data
• Right to rectify or complete incomplete data
• Right to erase your data
• Right to restrict processing in the cases provided for by Article 18 of the GDPR
• Right to object to the processing of your data

As a data subject, you also have the right to lodge a complaint with the Data Protection Authority (Article 77 of the GDPR), or to seek judicial remedy (Article 79 of the GDPR).

Right to Withdraw Consent

As a data subject, you have the right to withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.

This Privacy Policy is subject to updates.