#WEUNITUS

Privacy

Data Processing Information at the University of Tuscia

The University of Tuscia is committed to consistently safeguarding the privacy and security of data concerning students, departments, and individuals collaborating with the institution for institutional purposes.

Following the entry into force of EU Regulation 2016/679 of the European Parliament and Council on April 27, 2016, known as the “General Data Protection Regulation” (GDPR), the University has taken technical and organizational actions to comply with the principles imposed by the regulation. It is committed to ensuring continuous improvement of the technical and organizational solutions adopted to meet privacy and security requirements as digital technologies evolve.

This page briefly summarizes the actions adopted by the University.

 

Data Controller

The data controller is the legal entity of the University of Tuscia, represented pro tempore by the Rector, Prof. Stefano Ubertini.

 

Data Protection Officer

The University of Tuscia has appointed a Data Protection Officer (DPO). By resolution of the Board of Directors, the Rector has appointed Prof. Andrea Genovese as the University’s DPO.

The DPO is available for information regarding data processing at the University of Tuscia and can be contacted at the email addresses dpo@unitus.it and dpo@pec.unitus.it.

 

Data processing

Data processing refers to any operation performed with or without automated means, applied to data or sets of data, including collection, recording, organization, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment, or combination, restriction, erasure, or destruction.

The University is committed to processing the data of students, employees, and other individuals it comes into contact with for institutional purposes in accordance with the principles of lawfulness, fairness, transparency, accuracy, integrity, and confidentiality. It also undertakes to limit the collection of data to those necessary for carrying out the necessary processing to meet regulatory obligations, fulfill the institutional functions of the University, and retain such data for the minimum time necessary or as required by regulatory compliance.

The processing of student data is exclusively aimed at:

  • Fulfillment of all regulatory obligations that the University must comply with concerning students
  • Management of student contact and career, from admission tests to graduation
  • Management of orientation services, internships, tutoring, study support, and social inclusion
  • Management of student representative elections
  • Statistical surveys, for research purposes, aimed at evaluating teaching, improving the educational offer, and the organizational capacity of the university in teaching, research, and third mission activities involving students
  • Provision of digital services such as email, collaboration and group productivity tools, and the university’s single sign-on authentication mechanism
  • Institutional information and communication activities
  • Organization and management of spaces

The processing of employee data is exclusively aimed at:

  • Fulfillment of all regulatory obligations that the University must comply with concerning employees
  • Management of the employment relationship including participation in selection procedures based on competition, hiring, dismissal, and retirement
  • Management of the university welfare system and benefits for employees
  • Management of health and safety in the workplace
  • Provision of digital services such as email, collaboration and group productivity tools, the university’s single sign-on authentication mechanism, and the Eduroam federation
  • Organization and management of spaces and infrastructures for teaching and research at the University and departments
  • Statistical surveys,  for research purposes, aimed at evaluating and improving the organizational capacity of the university in administrative, teaching, research, and third mission activities
  • Institutional information and communication activities
  • Management of institutional bodies and positions

The processing of data concerning third parties (service providers) is exclusively aimed at:

  • Fulfillment of all regulatory obligations that the University must comply with concerning third parties who act as suppliers of goods and services
  • Institutional information and communication activities

 


Version valid from 24.05.2018 and updated to 01.11.2019