Privacy and cookies policy

This document details our privacy policy, in compliance with our obligations under national (Legislative Decree n. 196 of 30 June 2003, Code on the protection of personal data) and European Community law (EU General Data Protection Regulation n. 2016/679, GDPR) and subsequent amendments. The present website respects and protects the confidentiality of visitors and users, and makes all possible and proportionate efforts not to violate the rights of users. 

This privacy policy applies exclusively to online activities on this website, and is valid for the website’s users and visitors. It does not apply to data collected through channels other than this website, which is available at the following address: https://www.medicina.unimib.it. 

The purpose of this privacy policy is to provide as much transparency as possible on the data collected by the website and the way it is used.

The present website processes data on the basis of consent. By using or consulting this website, visitors and users explicitly approve and consent to the processing of their personal data in the ways and for the purposes described below, including the sharing of said data with third parties if necessary to provide a service. 
The conferring of personal data and consent to their collection and processing is optional. Users can deny consent, and may at any time revoke consent they have previously given. Nevertheless, denying consent may make it impossible to provide certain services and may hinder the navigation of the website.

The personal data provided through the website shall be processed for the following purposes:

  • Gathering anonymous statistical information about website use and to monitor its function
  • Carrying out educational activities related to the courses offered by the university
  • Compilation of data collection forms for recieving newsletter or email communications 

The website uses log files which store data collected in an automated manner during user visits. The data collected can include the following: 

  • Internet Protocol address (IP)
  • Browser type and parameters of the device used to connect to the website
  • Date and time of the visit
  • The websites visited immediately prior (referral) and next to the visit

The above-mentioned data is processed in an automated, anonymous manner to ensure the proper functioning of the website and for security reasons. The same data may be processed, in compliance with existing regulations, to block attempts to damage the website itself or other users, or to prevent any other harmful or illegal activities. 

Should the website allow user comments, or in the case of specific services requested by the user, the website automatically detects and records some of the user’s identification data, including his or her email address. This data is understood to be voluntarily provided by the user upon their request for the service in question. By adding a comment or any other information, the user confirms having read the privacy policy, and specifically provides their consent for sharing the content inserted with third parties.
The data that website users shall accept to make public through the services and the tools made available by the latter are provided by the users willingly and knowingly, exempting the present website from any liability in case of violations of the law. The user is responsible for making sure they have the necessary permission for inserting the personal data of third parties or content protected under national and international law.
The data collected by the website during its functioning are used exclusively for the above-mentioned purposes, and stored for the period of time strictly necessary for carrying out the above-mentioned activities, which normally amounts to 180 days. 

Cookies are small text files that a website visited by a user sends to that user’s browser (e.g.  Internet Explorer, Mozilla Firefox, or Google Chrome), where they are stored in order to be re-sent to the same websites during browsing or upon the user’s next visit.
The University’s portal uses cookies. The cookies sent by the portal are used exclusively for technical reasons, such as allowing authenticated access to reserved areas (since cookies save session data for each user).
Session cookies are fundamental for the proper functioning of the various components present in the portal and they make the entire web ecosystem accessible, by activating basic functions such as page navigation. The website cannot function properly without cookies.
By using the website, visitors give their explicit consent to the use of cookies.

Third parties

The portal uses third-party content (through resource embedding techniques); it is thus possible that during a visit to the portal, other cookies – including both technical cookies and user profiling cookies – may be sent by these third parties to the user’s browser. The suppliers of said services are responsible for their own privacy and cookie policies. Below is a list of the services used and links to their privacy and cookie policies.

The data arising from the use of Google, Youtube, Twitter, Facebook, and Instagram profiling cookies is processed for the purposes and in the ways detailed in the policies above; some of the data may be processed outside of the borders of the European Union.
The technical cookies and log files are collected by the website and are processed in the offices of the external data processor, who processes the data on behalf of the data controller, and whose offices are located within the European Economic Space.
For detailed information on the cookies used by the portal, see below.

Disabling cookies

Disabling all cookies
It is possible to deny consent to the use of cookies by selecting the specific setting on one’s browser.
Below are the links that explain how to disable cookies on the most popular browsers (for any other browsers, we suggest you look for this option in your software’s help section).

Disabling third-party cookies
Disabling third-party cookies is also possible in the ways described in their respective privacy policies and/or made available directly by the third-party company serving as the data controller.

 

Cancelling cookies already stored on the terminal

Even if the authorization for using third-party cookies is revoked, such cookies may have been stored on the user’s terminal prior to the revocation. For technical reasons, it is not possible to erase these cookies, but the user’s browser makes it possible to eliminate them via the browser’s privacy settings. The browser’s options include “Clear browser history”, which can be used to eliminate cookies, website data, and plug-ins.

Necessary cookies

These cookies make it possible for the Portal’s various components to function, and make the entire web ecosystem accessible by enabling basic functions such as page navigation. The website cannot function properly without these cookies.

 

Name of cookie Duration Purpose Domain CLASSIFICATION
has_js Session Memorizes the client’s consent status: whether their javascript is active or not. On the basis of this information, the site either activates or refrains from activating functions based javascript  www.medicina.unimib.it Group A
cookie-agreed 6 months + 2 weeks Memorises the user’s consent status for cookies for the current domain  www.medicina.unimib.it Group A
cookie-agreed-version 6 months + 2 weeks  

It refears to the eu_cookie_compliance.js script version

www.medicina.unimib.it Group A

 

Statistics

This website uses "Pirsch"(https://pirsch.io/) for statistical purposes and / or related to the analysis of web traffic. Please note that the implementation of the aforementioned service does not involve installation of any cookie on the user's terminal.

 

Marketing

These cookies are used to monitor website visitors in order to show pertinent, targeted advertising reflecting the user’s browsing preferences.

 

Name of cookies Duration Purpose Source/Domain classification
VISITOR_INFO1_LIVE 6 months Tries to estimate the user’s connection speed for websites with integrated YouTube videos. YouTube Group C
PREF 8 months Registers a unique ID used by Google to generate statistical data on how the visitor users Youtube videos on various websites YouTube Group C
YSC session Registers a unique ID used to generate statistical data on which YouTube videos have been viewed by the user YouTube Group C
IDE 13 months Used by Google DoubleClick to register and produce reports on the actions of the user on the website after he or she has clicked on one of the advertiser’s ads in order to evaluate the efficacy of a given ad and present targeted advertising to the user doubleclick.net Group E

 

Classification (coding criteria)

The cookies / tracking tools used can be classified according to the following features.

Strictly Necessary (Group A)

Hosting and backend infrastructure
Platform and hosting services (e.g. backup)
SPAM protection
Traffic optimization and distribution
Consent management throught cookie banner

Simple interactions and functionality (Group B)

Contact the user
Registration and authentication
User database management

Experience improvement (Group C)

Interaction with data collection platforms and other third parties, including sharing content on social networks
Viewing content from external platforms

Measurement (Group D)

Statistics
Content and functionality performance tests
Heat mapping and session recording
Management of data collection
Infrastructure monitoring

Targeting and Advertising (Group E)

Advertising
Remarketing and behavioral targeting

 

This website processes user data in a proper and lawful manner, and adopts all necessary security measures to prevent the unauthorized access, publication, modification, or unauthorized destruction of said data. Processing takes place through digital and/or telematic tools, with organizational modalities and approaches that are strictly related to the stated purposes of data processing. In addition to the data controller, in some cases subjects authorized by the University and involved in the organization of the website may have access to the data. 

Pursuant to EU Regulation 2016/679 (GDPR) and national laws, users can exert the following rights within the limits and according to the modalities established under existing laws:

  1. The right to access his or her own personal data;
  2. The right to obtain rectification or erasure of said data and limits on their processing;
  3. The right to data portability (applicable only to data in electronic format), as disciplined by art. 20 of regulation UE 2016/679;
  4. The right to object to data processing;
  5. The right to file a claim with the Italian Data Protection Authority.

Requests must be addressed to the data controller.

To exert the above-mentioned rights, users may contact the data controller at the following email address: rettorato@unimib.it or at the following certified email address: ateneo.bicocca@pec.unimib.it.
The data controller must reply within one month of receipt of the request, which deadline can be extended up to three months for particularly complex requests.

Pursuant to existing laws, the data controller is Università degli Studi di Milano-Bicocca, in the person of its legal representative Professor Giovanna Iannantuoni.

Contact information

mail: rettorato@unimib.it 
pec: ateneo.bicocca@pec.unimib.it
tel. +39 02 64 48 60 11  

Contact info

mail: rpd@unimib.it
pec: rpd@pec.unimib.it
 

The present privacy policy was last updated on 23/9/22.