PRIVACY POLICY PURSUANT TO THE GENERAL DATA PROTECTION REGULATION (EU) 2016/679 (GDPR)

According to the indicated regulations, data processing will be based on the principles of fairness, lawfulness, transparency, and protection of your privacy and rights.

Therefore, in accordance with GDPR 2016/679, we are providing you with the following information.

Type of data processed

The data requested and processed relate mainly to:

• personal and identifying data: first name, last name, gender, date and place of birth, citizenship, residence/address, social security number and contact information (e-mail and telephone), ID document details and a copy thereof;
• data related to course of study;
• data related to profession;
• account data (user name, password);
• health, economic/tax and legal data.

Purpose of data processing

The personal information described above is processed for the purpose of:

• managing personal log-in details, which are necessary for access to the administrative area (through which users use services) and suitable for uniquely identifying users;
• providing a timely response – including via e-mail or telephone – to specific requests made by interested parties when enroling and throughout their course of study;
• providing information regarding course delivery;
• delivering distance-learning courses (including tracking access to the platform, managing the digital curriculum, planning and conducting examinations, and managing examination transcripts);
• managing administrative and economic relations;
• applying concessions if the person declares that he/she belongs to institutions that have an agreement with the university;
• sending, with the explicit and separate consent of the person concerned, promotional materials regarding educational events organised by the university and community development;
• fulfilling obligations arising from European and international laws and regulations;
• fulfilling specific requests from relevant authorities;
• providing educational guidance;
• conducting entrance tests, issuing equivalency certificates or verifying entry requirements;
• educational delivery and career management (from enrollment to graduation);
• educational delivery and career management during study abroad;
• internship, work experience, and job placement activities;
• statistical surveys and teaching evaluations;
• circulation of final papers or related items;
• tutoring, support, and social inclusion services;
• providing services and activities for the right to study;
• disciplinary proceedings;
• processing incoming international students - international student exchange;
• processing direct web-based access to the student and graduate database;
• publicising university activities;
• management activities concerning institutional bodies and offices;
• managing employment relationships;
• training and continuous development;
• research project management.

Data processing methods

Personal data will be processed in compliance with the relevant applicable legislation and in accordance with the principles of lawfulness and fairness dictated by the GDPR. Therefore, personal data will be collected and stored exclusively for the purposes stated in this policy, which will be adequately and routinely updated.

Personal data will be protected through the adoption of appropriate security measures by those responsible and appointed for this purpose.

Automated decision-making processes

No automated decision-making processes are used on the data provided.

Retention period

Data will be kept for a time period not exceeding the purposes pursued for their collection and the obligations under applicable regulations.

Compulsory data provision

Users have the option to provide their personal data. However, if the data subject refuses to do so, it will be impossible to conclude any contracts or provide any requested services.

Scope of data reporting

The data subject’s data, collected and processed exclusively for the purposes outlined above, are sent to entities involved in the execution of contracts and services related thereto, as well as to any external parties involved in the management of certain activities (e.g., CINECA as an inter-university consortium serving the national academic system).

The data subject's personal information may be disclosed to public entities in fulfillment of specific legal obligations or to private entities, including partners, in fulfillment of specific contractual obligations.

Rights of the data subject

At any time, you may exercise the right to:

• request confirmation of the existence or non-existence of your personal data;
• obtain information about the purposes of data processing, the categories of personal data, the recipients or categories of recipients to whom the personal data have been or will be disclosed, and, when possible, the retention period;
• request the rectification and deletion of data;
• request the restriction of data processing;
• request the portability of data, i.e., receive them in a structured, commonly used, machine-readable format and send them to another data controller without hindrance;
• object to data processing at any time, including for direct marketing purposes;
• request that the data controller grant access to, rectify, or delete personal data, limit data processing concerning them, object to its processing, and exercise the right to data portability;
• revoke consent at any time without affecting the lawfulness of data processing based on consent given prior to said revocation;
• lodge a complaint with a supervisory authority.

The data subject may exercise their rights by sending a written request to UNINT using the postal address of the registered office or via the e-mail address privacy@unint.eu.

Data controller

Università degli Studi Internazionali di Roma - UNINT, with registered office at Via Cristoforo Colombo 200, 00147 Rome, in the person of its legal representative pro tempore. 
 

Browsing data

The computer systems and software procedures used to operate this website may acquire some personal data whose transmission is implicit in the use of Internet communication protocols. This category of data (which includes, but is not limited to, IP addresses and domain names of the User's computer) is collected by the owner, for statistical purposes, in an anonymous format, but, if necessary, it could be processed and traced back to the user, for example, in order to ascertain their responsibility if a cyber crime is committed through or against the website.

Data Protection Officer (DPO): Francesca Gabrielli | e-mail: dpo.unint@pec.it

Documentation

Personal data processing privacy policy

Application for data subjects to exercise their rights