INFORMATION PURSUANT TO EU REGULATION 2016/679 (hereafter ‘GDPR’)

In compliance with current regulations on personal data protection, the Fondazione Politecnico di Milano (hereafter, ‘Fondazione’) provides the following information regarding the processing of the personal data of parents or legal guardians and Students. The processing falls in line with the principles of correctness, lawfulness and transparency, and will be carried out protecting the subjects’ rights and basic liberties. More specifically, note the following:

1. DATA CONTROLLER

Pursuant to Art. 13 of the GDPR, the Fondazione Politecnico di Milano, in the person of its pro tempore legal representative, with offices in Piazza Leonardo Da Vinci no. 32, Milan, Telephone: 02 2399 9150, VAT code: 04080270962, acts as data controller for the processing of personal data (‘Data Controller’).
The Data Controller has appointed a Data Protection Officer-DPO, Avvera S.r.l, whom the interested party may contact at the following addresses: fpm-dpo@fondazione.polimi.it.

2. CATEGORIES OF PROCESSED DATA

The Fondazione Politecnico di Milano collects and processes the following categories of personal data:
• data that enables direct identification, such as name, surname, home address, nationality, province and town of residence, phone and/or mobile phone number, tax code, email address/es of parents and/or Students, and Student images.

3. PURPOSES OF DATA PROCESSING

The data collected by the Fondazione will be processed for the purposes of:
(i) performing all activities necessary for and related to the application phase, evaluating applications received for the TechCamp@POLIMI initiative;
(ii) application and subsequent enrolment in TechCamp@POLIMI;
(iii) with regard to the Student’s image, for the purposes of promoting the Fondazione, educational/teaching and institutional purposes and dissemination of the project.

4. LEGAL BASIS OF THE DATA PROCESSING

The legal basis for the processing in points (i) and (ii) consists of the need to implement the contractual relationship, which governs participation in TechCamp@POLIMI, and the need to fulfil legal obligations. Providing your data for the above-mentioned purposes is nonetheless necessary, and refusal to provide it would make participation in the initiative impossible.
The legal basis for the processing referred to in point (iii) is the consent granted by the date subject and/or parents prior to the processing itself.

5. NATURE OF THE PROVISION OF PERSONAL DATA

As regards the processing of personal data for the purposes referred to in points (i) and (ii), consent is mandatory in order for the Data Controller to fulfil the obligations deriving from the contractual relationship with the data subject. As regards point (iii), consent is optional. If the data subject or whoever has parental responsibility does not grant consent for the above-mentioned purposes, the image will not be circulated for the purposes of the potential consent, without this involving damaging consequences or effects for the data subject or the other services requested.
If the data subject has granted consent and at a later stage should withdraw it or oppose the processing of his/her image, his/her data will be deleted as quickly as possible.

6. PROCESSING METHODS

Processing will occur using paper, digital and/or electronic media, with logic and forms in compliance with current provisions that require the adoption of suitable measures to guarantee a proper level of security.
Within the Fondazione, data processing will be carried out by personnel authorised or responsible for the processing; such people are designated in writing and required to operate within the limits and in compliance with the instructions provided by the Fondazione.
As regards images of minors, these may be processed within the limits set forth in the release statement.

7. RETENTION PERIOD

Your data will be retained for the period of time necessary to achieve the purposes for which it was collected, to the extent required to fulfil legal and tax obligations and nevertheless no longer than 10 years from the end of the relationship/contract between you and the Fondazione. If an Event benefits from public funds, the data will be retained for the period (the ‘necessary retention period’) of 10 years from the date of the report required for the funding entity and/or the entity that established the tender or funding; or for the longer retention period possibly imposed by legal provisions or regulations (the starting date of the necessary retention period may therefore fall after the date of the end of the contractual relationship). Data regarding images will be retained for a period of 48 months after publication and will then be destroyed.

8. COMMUNICATION OF DATA

Personnel of the Fondazione may have access to and process your data as an authorised person to perform their duties. To fulfil the purposes envisaged and within the limits thereof, your personal data may also be communicated to third parties belonging, for example, to the following categories:

• TechCamp@POLIMI academic committee for the admissions phase in the pre-selection of collaborators and external consultants;
• subjects operating in education;
  other parent/subsidiary/associated bodies and structures such as the Politecnico di Milano, the subsidiary PoliHub Servizi S.r.l. (certified business incubator) and others, all within the European Union, for the purposes of exchanging services between the bodies themselves and for internal administrative purposes, as well as the company in which you are employed, subjects who will be granted licenses and sublicenses for images, including the Politecnico and sponsors of TechCamp@POLIMI which will process them together with identification data as independent data controllers. These entities will process your data as Data Supervisors or as distinct, independent Data Controllers.

9. DATA SUBJECT RIGHTS

As regards the processing of the above-mentioned data, you may exercise the rights referred to in Articles 15 et seq. of EU Regulation 2016/679. More specifically, you have the right to:
1) obtain confirmation of the existence or inexistence of personal data processing and its communication in intelligible form;
2) ask the Data Controller for access to your personal data, as well as the right to data portability;
3) update, correct inaccurate data or, when interested, integrate incomplete data;
4) wholly or partially oppose: a) the processing of your personal data for legitimate reasons, even if pertinent to the purposes of the collection; b) the processing of your personal data for the purposes of institutional communications.
5) require the Data Controller to delete your personal data without unjustified delay, if the grounds provided for by Art. 17 of the GDPR exist ;
6) withdraw your consent at any time without affecting the lawfulness of the processing based on the consent granted
before withdrawal, in the cases provided for by law;
7) lodge a complaint with a supervisory authority;
8) require the limitation of processing when one of the situations provided for by Art. 18 of the GDPR exists.
The data subject may exercise the above-mentioned rights by sending notification:
to the Fondazione Politecnico di Milano, Piazza Leonardo da Vinci no. 32, Milan, or by writing to the following email address: techcamp@polimi.it.

Contact form

If you would like to send a message to the directors of TechCamp@POLIMI using the contact form on the website, you will be asked for your name, surname, email address and telephone number.

This data will be used solely to answer your request.

Newsletter

If you decide to subscribe for the TechCamp@POLIMI Newsletter, only your email address will be used for this purpose.

You may unsubscribe from the service independently at any time by following the procedure illustrated in the footer of the Newsletter.

Cookies

Cookies are small text files sent to a user’s terminal (usually the web browser) when the user visits a website. These files are stored so that they can be sent back to the same website when the same user visits the website again. During navigation on a website, the user may even receive cookies from other sites or web servers (‘third party’ cookies) on his/her terminal. This occurs because there may be elements on the website being visited such as images, maps, sounds or specific links to web pages of other domains that are stored on servers other than the one on which the requested page is found. In other words, these cookies are created by a website other than the one you are actually visiting.

Cookies are used for authentication, session monitoring and to memorise specific information about the users accessing the server.

Some operations may not be possible without cookies, which are in some cases technically necessary. For example, access to home banking and the activities you perform on your online account (viewing bank statements, making bank transfers, paying bills, etc.) would be much more complex and less secure without the presence of cookies that allow the user to be identified and to maintain his/her identification throughout the session.

Cookies may remain on the system even for long periods of time and may contain a unique identification code. This enables the websites that use them to track the user’s navigation on the website, to fulfil statistical or publicity purposes or to create a personalised profile of the user, starting with the pages visited and showing the user targeted advertisements (behavioural advertising).

By using the TechCamp@POLIMI website, you consent to the use of cookies.

You can decide at any time not to accept cookies by modifying browser settings (if possible), no longer using the site or using the applicable opt-outs. Please remember that certain functions are available only by using cookies and by choosing to reject cookies, it may no longer be possible to use such functions.

Types of cookies used

Content incorporated from other websites

TechCamp@POLIMI pages and news may include incorporated content (for example videos, images, articles, etc.). Content incorporated from other websites behaves in exactly the same way as if the visitor had visited the other website.

These websites may collect user data, use cookies, integrate further tracking by third parties and monitor interaction with such incorporated content, including monitoring interaction with incorporated content if you have an account and are connected to that website.

Statistical data

This website uses partners such as Google Analytics to collect statistical and analytical data about your use of the website. For example, these partners collect and combine data about views of pages on the website, search engines and keywords used to find the site, links from which the site can be accessed and other similar data. This statistical data is anonymised and is not used to track your browsing on other websites.

Google Analytics Privacy policy

User choices regarding cookies

TechCamp@POLIMI recommends you do not block or limit cookies, the website functions website may therefore not be optimal. Nevertheless, if you decide to do so, bear the following in mind.

Browser cookies

The main menu present in the toolbar of most browsers indicates how you can reject cookies, receive a notification from the browser when you receive a new cookie or eliminate or completely deactivate cookies. Click below for instructions for the most well-known browsers.

• Mozilla Firefox
• Google Chrome
• Safari
• Microsoft Internet Explorer/Edge

Statistical data

To reject Google Analytics cookies you can visit the Analytics opt-out page.

More information

Detailed information about cookies is also available on the special Wikipedia page about cookies.

For information about cookies stored on your terminal and how to deactivate them individually, please refer to Your online choices

How to protect your data

TechCamp@POLIMI uses secure protocols to communicate and transfer data (such as HTTPS). We anonymise data where possible. We systematically monitor our systems for possible vulnerabilities and attacks. We constantly update our codes.

The TechCamp@POLIMI managers undertake to promptly notify the relevant authorities of any data breaches. Users will be promptly informed in the event of a threat to their rights or interests.

TechCamp@POLIMI will do everything reasonably possible to prevent security breaches and to assist the authorities in the event of a breach.

A printable version (PDF) of this Privacy policy can be downloaded here.