Seleziona una pagina
Federica Web Learning

Privacy Policy Master

Student Feedback Collection

PRIVACY NOTICE UNDER ARTICLES 13 AND 14 OF REGULATION (EU) 2016/679

1. Definitions

I. Personal Data: any information relating to a natural person, identified or identifiable, directly and indirectly, by reference to a name, an identification number, location data, an online identifier, or to one or more factors specific to their physical, physiological, genetic, mental, economic, cultural, or social identity.

II. Form: the form sent individually by email.

III. GDPR: Regulation (EU) 2016/679 of April 27, 2016

IV. Notice: this document

V. Data Subject: the natural persons to whom the Personal Data refer, under Article 4 of the GDPR.

VI. Project: Publication of student feedback on the website

VII. Site: the website and/or platform for the promotion of the Master (for example federica.eu and nse-unina.it, unina.it or others.

VIII. Data Controller: the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for their nomination may be provided for by Union or Member State law.

IX. Processing: any operation or set of operations which is performed on Personal Data of the Data Subject, such as collection, organization, structuring, storage, alteration, extraction, consultation, use, disclosure, interconnection, restriction, erasure, and destruction.

2. Data Controller

The Data Controller for the processing of data referred to in point 3 of this Notice is the University of Naples Federico II, with its registered office at Corso Umberto I n. 40, 80138 – Naples, represented by the Rector and the pro tempore General Director, in accordance with specific legal and statutory provisions (“University”).
The University’s Data Protection Officer can be reached at the following (Contacts).
Any request from the Data Subject regarding the processing carried out by the University as Data Controller (including the exercise of the rights referred to in point 7 below) should be addressed to the University by mail at the registered office, or by email at support@federica.eu.

3. Purposes and legal basis of the Processing

The University collects and uses the Personal Data of Data Subjects for the following purposes:

a. Publication on the Site of the Personal Data of the Data Subjects (e.g., name, surname, nationality, image) for the promotion of the Master in Economics and Finance.

The processing for the purpose referred to in letter a) is optional. This processing is based on the explicit, free, specific, informed, and unambiguous consent of the Data Subject, expressed through a statement within the Form below. Consent may be revoked at any time by following the instructions in point 7 letter a) of this Notice.

4. Methods of collecting Personal Data

Personal Data are collected as follows:

  • Personal Data voluntarily provided by Data Subjects through the Form*:

These are Personal Data voluntarily provided by Data Subjects to the University via the Form, to allow for the publication of feedback on the Website.

5. Possible categories of recipients of Personal Data

Personal Data are processed by the University and/or third parties, selected for their reliability and competence, to whom they may be communicated as necessary or appropriate, provided they are within the European Union. In particular, the Personal Data of Data Subjects may be processed by and/or communicated to: 

– Employees and/or collaborators of the University; 

– Third parties contractually bound to the University, necessary for the implementation of the Project and designated as data processors, whose list is available upon request from the University; 

– Partners of the University; 

– Third parties providing automatic newsletter sending services.

6. Retention period of Personal Data

6.1 Personal Data are retained for the period strictly necessary to achieve the purposes for which they were collected, as indicated in point 3 above. Unless the right to withdraw consent is exercised under point 7 letter a), the University retains the Personal Data of Data Subjects for the following durations: 

  • Personal Data of the Data Subject for the publication on the Site of their Personal Data: for the purpose referred to in point 3 letter a), for a period of 5 years.

After these periods, the University will delete the collected Personal Data or convert them into anonymous form irreversibly.

7. Rights of the Data Subject

Pursuant to and for the purposes of the GDPR, for the period referred to in point 6 of this Notice, each Data Subject has the right to: 

  • With regard to the processing referred to in point 3 letter a), withdraw consent at any time without affecting the lawfulness of the processing, by sending an email to the University (see Article 7 of the GDPR); 
  • Request access to Personal Data and information on the related Processing and obtain a copy in electronic format unless otherwise requested by the University’s legal representative (see Article 15 of the GDPR); 
  • Request the rectification and/or integration of Personal Data, without undue delay (see Article 16 of the GDPR); 
  • For specific reasons (e.g., unlawful processing, withdrawal of consent, absence of the purpose of the Processing), request the deletion of Personal Data without undue delay (see Article 17 of the GDPR); 
  • In specific cases (e.g., inaccuracy of Personal Data, unlawful processing, exercise of a right in court), request the restriction of Processing (Article 18 of the GDPR); 
  • In the case of automated Processing, receive Personal Data in a readable format for transmission to a third party or, where technically feasible, request the transmission of Personal Data by the University directly to such third party (so-called right to data portability – see Article 20 of the GDPR); 
  • Be informed, where required by law, by the University without undue delay of any breaches or unauthorized access by third parties to their systems containing Personal Data (so-called data breach – see Article 34 of the GDPR); 
  • Lodge a complaint with the supervisory authority of the EU country where they reside or work (a list of authorities is available at the link https://www.garanteprivacy.it/web/guest/home/footer/link) where they believe the violation of their rights has occurred (see Article 77 of the GDPR). 

For more information on the terms and conditions for exercising the recognized rights, you can consult the text of the GDPR published at the following link: http://eur-lex.europa.eu/legal-content/IT/TXT/PDF/?uri=CELEX:32016R0679&from=IT, or contact the University in the forms provided in point 2 of this Notice.

Last update: August 06, 2024