Privacy Policy

We provide this information by EU Regulation 2016/679 (GDPR) for those who consult the website https://www.unifg.it. We underline that this information concerns only this website and not also others traceable to different web addresses that the user can reach through links that may be present on our pages.

Data controller

The data controller, relating to identified or identifiable persons who access this website, is the University of Foggia, headquartered in Foggia, Via Gramsci No. 89/91, in the person of its legal representative pro tempore Rector Prof. Lorenzo Lo Muzio, domiciled for the purpose, at the mentioned registered office of the institution, Via Gramsci No. 89/91, 71122 Foggia, REM/ PEC: [email protected] – E-mail [email protected].

Data Protection Officer (DPO)

The Data Protection Officer is reachable at the headquarters of the University of Foggia, reachable at the following e-mail address: [email protected] – REM/PEC: [email protected].

Purpose and legal basis for processing

The purposes of the processing and the relevant legal bases are indicated below:

  • to allow navigation of the UNIFG web portal (www.unifg.it) and sites with a URL in the form *.unifg.it;
  • to check the correct functioning of the UNIFG portal and websites, carry out security monitoring activities, and identify any improvements;
  • to comply with legal obligations, comply with orders from public authorities, and ascertain any liability in the event of hypothetical computer crimes against the site or its users.
Legal basis for processing
  • Consent – under Article 6(1)(a) of EU Regulation 2016/679 – expressed by the user through voluntary navigation on this website and its consultation. Consent is optional and may be revoked by emailing [email protected]. Failure to consent may prevent access to certain content, services, or features of the website or UNIFG websites. That may sometimes compromise the overall browsing experience on websites linked to the unifg.it domain.
  • The performance of a contract to which the data subject is party or the implementation of pre-contractual measures taken at the data subject's request under Article 6(1)(b) of EU Regulation 2016/679.
  • To comply with a legal obligation to which the data controller is subject under Article 6(1) (c) of EU Regulation 2016/679.
  • The performance of a task carried out in the public interest or the exercise of official authority vested in the data controller under Article 6(1)(e) of EU Regulation 2016/679.
Data processed

Browsing data
Access to this site and its browsing takes place through a web browser. By their nature, some data required for internet browsing may allow users to be identified through processing and association with data held by third parties. In particular, we intend to refer to the IP addresses or domain names of the computers used by the users who connect to this site, the addresses in URI (Uniform Resource Identifier) notation of the requested resources, the time of the request, etc. These data are used to obtain anonymous statistical information on the use of the site and to check its correct functioning and are deleted immediately after processing. We might use those data for possible liability in the cases of computer crimes related to this site.

Data voluntarily provided by the user
The optional, explicit, and voluntary sending of electronic mail, including certified mail, to the e-mail addresses indicated on this site entails the acquisition of the sender's address, which is necessary for replies, as well as any other personal data contained in the message. These data are processed to respond to the messages sent and any related requests.

Cookies and other tracking systems
We do not use cookies for user profiling.
The processing of personal data carried out by operators of "social" platforms is governed by their respective privacy policies to which we refer.
Personal data conferred by interested parties through their relationship with the University of Foggia on "social" platforms are processed exclusively for institutional purposes and to ensure interaction with them (comments, public posts, etc.).

Methods of processing

The personal data collected are processed in compliance with the principles of lawfulness, fairness, and transparency, as provided for in Article 5 of EU Regulation 2016/679, including with the aid of IT and telematic tools designed to store and manage the data, and in any case in such a way as to guarantee their security and protect the maximum confidentiality of the data subject.
The processing carried out by the CINECA Consortium in its capacity as Data Processor is limited to the purposes described in point 3 and is carried out to ensure adequate security of personal data, including protection, through appropriate technical and organizational measures, against unauthorized or unlawful processing and accidental loss, destruction, or damage.

Categories of persons authorized to process the data and to whom the data may be disclosed

In compliance with current legislation, users' personal data will be known and processed b UNIFG employees and collaborators (identified as persons authorized to process the data) responsible for managing the portal and providing the associated services.

The data may be disclosed exclusively:

  1. to UNIFG structures that request it for institutional purposes or in compliance with legal obligations;
  2. to non-economic public entities or consortia in which UNIFG participates, when communication is necessary for the performance of institutional functions of the requesting entity.
  3. to any external entities identified as Data Processors under Article 28 of EU Regulation 2016/679;
  4. to Public Security Authorities or other public entities for defense, state security, and investigation of crimes, or to Judicial Authorities in compliance with legal obligations, where there is suspicion of a crime.

The data may be disclosed to natural persons (employees or collaborators) authorized by the CINECA Consortium, the Data Controller, to process it as necessary for performing their duties.
Except in the above cases, personal data will not be communicated or disclosed to third parties in any way or for any reason. Finally, personal data will not be transferred to third countries or international organizations unless this is strictly related to specific requests from the user, for which specific consent will be obtained.

Data retention period

About the various purposes and aims for which they were collected, the data will be kept for the time required by the relevant legislation or for the time strictly necessary to achieve the purposes.

Data Recipients

We do not disclose personal data collected from this site due to consultation with recipients or categories of recipients.

Transfer of data to countries outside the EU

This site does not share data with individuals, organizations, bodies, or services outside the European Economic Area (EEA).

Security measures

The data of visitors/users are processed lawfully and fairly, taking appropriate security measures to prevent unauthorized access, disclosure, modification, or destruction of data. The data subject's personal data security in the communication session with this site is protected by a Secure Sockets Layer (SSL) certificate that encrypts the information using a cryptographic presentation protocol. In addition to the Data Controller, in some cases, categories of employees involved in the organization of the site or external parties (such as third-party technical service providers and hosting providers) may have access to the data.

Data Subjects' Rights

Data subjects may exercise their rights under Articles 15 to 22 of EU Regulation 2016/679, namely:

  • To request confirmation of the existence or non-existence of their personal data (Art. 15).
  • Access the data concerning them (Art. 15).
  • Obtain information about the purposes of the processing, the categories of personal data, the recipients or categories of recipients to whom the personal data have been or will be disclosed, and, when possible, the retention period (Art. 15).
  • Obtain the rectification (Art. 16) of inaccurate personal data concerning them or, if the data are processed in violation of the law or incomplete or incorrect, erasure of data (Art. 17).
  • Obtain restriction of processing (Art. 18).
  • Obtain portability of data, i.e., receive them from a data controller in a structured, commonly used, machine-readable format and transmit them to another data controller without hindrance (Art. 20).
  • Object to processing their data at any time for legitimate reasons (Art. 21).
  • Object to automated decision-making related to natural persons, including profiling (Art. 22).

The request should be addressed by e-mail to: [email protected].

Right to lodge a complaint

Data subjects who consider that processing their personal data through this website infringes the EU Regulation 2016/679, according to Article 77, may lodge a complaint with the Garante per la protezione dei dati personali.

Version 2025.01