Privacy

PRIVACY POLICY

INFORMATION IN COMPLIANCE WITH THE EU REGULATION 2016/679 

Dear Sir/Madam,
in compliance with articles 13 of Regulation EU nr. 2016/679 (hereinafter, “GDPR”), the company Egea S.p.A (hereinafter, "Egea") would like to give you the following information.
This document describes the management methods of the website https://bej.egeaonline.it/ (hereinafter, the "Site") with reference to the processing of personal data of users (hereinafter, the "User/Users") who consult it.

The Site may contain links to external pages managed by Università Bocconi, which may include registration forms for events or other initiatives. In such cases, the personal data provided through these forms will be processed exclusively by Università Bocconi, which acts as an autonomous data controller.

For more information on the processing of personal data by Università Bocconi, please consult their Privacy Policy available at the following link.

1. Data controller

The data controller is Egea S.p.A., in the person of its legal representative pro tempore, based in 20136, Milan, via Sarfatti 25, telephone: +39 02 58365751, fax: +39 02 58365753, reachable at the following email address egea.edizioni@unibocconi.it (hereinafter, the " Controller").
The Controller acknowledges that it has appointed a Data Protection Officer ("DPO"), who can be contacted at dpoegea@unibocconi.it.  

2. Information we collect about you

2.1 Navigation data

The computer systems and software procedures used to operate the Site acquire, in the course of their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This is information that is not collected in order to be associated with identified persons, but which by its very nature could, through processing and association with data held by third parties, allow users to be identified.
This is information that is not collected in order to be associated with identified persons, but which by its very nature could, allow Users to be identified.

This category of data includes:

(i) the IP addresses or domain names of the computers used by Users connecting to the Website;
(ii) URI (Uniform Resource Identifier) addresses of the requested resources;
(iii) the time of the request;
(iv) the method used to submit the request to the server;
(v) the size of the file obtained in response;
(vi) the numerical code indicating the status of the server's response (success, error);
(vii) other parameters relating to the User’s operating system and IT environment.

These data are used solely to obtain anonymous statistical information on the use of the Site and to ensure its proper functioning. They are deleted immediately after processing. The same could be used to allow the ascertainment of responsibility in case of hypothetical computer crimes to the detriment of the Site: except for this eventuality, the data are kept for the time defined by the reference legal regulations for the time strictly necessary to provide the User with the requested service to ensure the transmission of the communication.

2.2 Cookies

Cookies are short text files that are downloaded to your device when you visit a website. They are used by most websites, cannot harm your computer, and allow our websites to recognize your device to offer features such as saving your preferences on a site.
The cookies used on the Site include those strictly necessary for access and navigation.

For more information on the use of cookies on the Website, please refer to the cookie policy.

2.3 Data provided voluntarily by the User

Any optional, explicit and voluntary sending of electronic mail to the addresses indicated on the Site entails the subsequent acquisition of the sender's address, necessary to respond to requests, as well as any other personal data included in the message.

3. Purpose of the processing and legal basis

The navigation data collected through the Site are processed based on the legitimate interest of the Data Controller, pursuant to Article 6, paragraph 1, letter (f) of the GDPR, as necessary to:

  • ensure the proper functioning and security of the Site;
  • collect anonymous statistical information on the use of the Site to improve its content and structure;
  • protect the Site from unauthorized access or malicious activities.

To fulfil requests made by sending emails to the addresses provided on the Website, the legal basis for processing is the execution of contractual or pre-contractual obligations pursuant to Article 6, paragraph 1, letter (b) of the GDPR.

4. Consequences of any refusal to provide personal data

Apart from what is specified above for navigation data, the provision of data provided voluntarily by the User  is optional. However, any refusal would make it impossible for the Data Controller to proceed as indicated.

5. Methods of data processing

The processing is carried out with the support of electronic or otherwise automated instruments with logic strictly related to the purposes expressed above and, in any case, so as to ensure the security of the data. The personal information you choose to share with us is treated with the utmost confidentiality.

6. Recipients of data

The User's personal data may be accessed by individuals duly authorized by the Company pursuant to Article 29 of GDPR, as well as suppliers designated by the Company as data processors, pursuant to Article 28 of GDPR.
An updated list of these subjects is available on request to the Controller.

7. Data retention period

Personal data will be kept for a period of time not exceeding the achievement of the purposes indicated in paragraph 3) herein.
The data provided voluntarily by the User will be retained for the time necessary to provide a response and, in any case, no longer than 12 months.

8. Rights of the subject (article 15 - 22 GDPR)

The User has the right to obtain from the Company, access to personal data, a copy (portability), the rectification or cancellation of personal data, the limitation of the processing or to oppose to the processing.

A special request may be forwarded to: egea.privacy@unibocconi.it or dpoegea@unibocconi.it. After verification of the legitimacy of the request, the rights will be confirmed by the Egea, as a rule, within one month.

9. Right to submit a complaint

You have the right to submit a complaint to the supervisory authority for the protection of personal data (based in Piazza Venezia 11, 00187 ROMA) with the modalities indicated at the Internet address: https://www.garanteprivacy.it – mail: garante@gdpb.it.