The data that you provide when using this website and its services shall be processed pursuant to Legislative Decree No.196/2003 (the “Personal Data Protection Code”). Pursuant to Section 13 of Legislative Decree no.196/2003, this information is given to those who interact with the online services of the website Digital Diorama electronically accessible at the following internet address:
This information only refers to the Digital Diorama web page and shall not apply to any other websites possibly visited by the user through any other links.
This information describes the methods used to manage the Digital Diorama website with regard to processing of personal data of users who visit it, register on it, and subscribe to its online services.
Visiting the Digital Diorama website will entail a processing of personal data relating to identified or identifiable persons (see the “Categories of processed data” section below).
Registering on the website and subscribing to its online services shall result in a processing of personal data related to natural or legal persons.
- DATA CONTROLLER
The Data Controller for the processing of data collected by this website is the University of Milano-Bicocca, with registered office in Piazza dell’Ateneo Nuovo 1 – 20126 Milan, PEC (certified email address) email@example.com
- DATA PROCESSOR
Prof. Annastella Gambini (firstname.lastname@example.org) was designated as the Data Processor pursuant to Section 29 of the Personal Data Protection Code.
- PLACE OF DATA PROCESSING
Data processing related to the website services shall be mostly carried out at the Data Controller’s registered office.
Data processing shall be carried out by specifically assigned staff whose identity is verified, and based on specific goals of the requested and subscribed services.
With regard to the data processing in question, the University may avail itself of the support of external companies, consultants, consortia, software and service providers, through specifically assigned staff whose identity is verified, to the extent of the intended purposes and in such a way as to provide the maximum data security and confidentiality.
- CATEGORIES OF PROCESSED DATA
4.1 Website visits
During ordinary operations, the IT systems and software procedures used to operate the Digital Diorama website acquire some personal data for which transmission is implicitly prescribed in the internet communication protocols.
The information collected is not collected for the purpose of associating it to a person’s identity. However, due to its nature, if associated with data held by third parties, it may allow users to be identified.
This category of data includes, for instance, the IP addresses and domain names of systems used by users to connect to the website.
These data are used to gather anonymous statistical information about website use and to monitor its function. They may also be used to establish liability in cases of any computer-related crimes aimed at the website.
Data shall be released only upon request by the Judicial Authority pursuant to applicable law.
Cookies are small pieces of message sent from a website to the user’s browser (such as Internet Explorer, Mozilla Firefox, or Google Chrome), which are stored and re-transmitted to the same website at the user’s next visit.
Cookies sent from the website are not used in any way to profile users and do not permit the gathering of any personal information related to users.
This website makes use of third-party contents (by means of resource embedding), therefore, during the website visit, additional cookies, both technical cookies and cookies profiling the user, may be sent by third parties to the user’s device.
- Google and Youtube (Information)
- Twitter (Information)
- Facebook (Information)
- Linkedin (Information)
- Vimeo (Informativa)
Rejection of cookies through changes in the user’s device’s setup
You may reject all or part of the cookies sent both from the website and from third parties, by changing the available settings of your browser. You find specific information on your browser by referring to the “help” function provided with the software or by visiting the relevant producer’s website.
Disabling cookies may impair the functionality of some services or use of some content.
4.3 Website registration and service subscription
When registering on the website, you are requested to provide some personal data which are used to identify the registered user.
When subscribing to the online services you may be requested to provide additional data based on the specific service selected. The purposes for processing data are varied based on the services, and are described in detail on the relevant pages of the subscription.
- DATA PROVISION
Some data requested are obligatory, and failing to provide them will result in failure to register on the website.
Similarly, failing to provide certain data which may be requested for subscribing to the online services may result in failure to use the selected service.
Registration and subscription data are provided on a voluntary basis.
Users who register on the website give their consent to data processing on a voluntary basis, and know that, without providing this consent, registration and subscription cannot take place.
- PROCESSING METHODS
Personal data shall be shall be processed automatically in the shortest time needed to achieve the goals for which they have been collected.
Specific security measures shall be followed to prevent the loss of, illicit or improper use of, or unauthorised access to, the data.
- DATA SUBJECT’S RIGHTS
Data subjects may, at any time, exercise their rights pursuant to Section 7 of Legislative Decree no.196/2003, shown below.
“1. A data subject shall have the right to obtain confirmation as to whether or not personal data concerning him/her exist, regardless of their being already recorded, and communication of such data in intelligible form.
- A data subject shall have the right to be informed:
- a) of the source of the personal data;
- b) of the purposes and methods of the processing;
- c) of the logic applied to the processing, if the latter is carried out with the support of electronic means;
- d) of the identification data concerning data controller, data processors and the representative designated as per Section 5(2); and
- e) of the entities or categories of entity to whom or which the personal data may be communicated and who or which may get to know said data in their capacity as designated representative(s) in the State’s territory, data processor(s) or person(s) in charge of the processing.
- A data subject shall have the following rights:
- a) to obtain updating, rectification or, where interested therein, integration of the data;
- b) to obtain erasure, anonymization or blocking of data that have been processed unlawfully, including data whose retention is unnecessary for the purposes for which they have been collected or subsequently processed;
- c) to obtain certification to the effect that the operations as per letters a) and b) have been notified, as also related to their contents, to the entities to whom or which the data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected.
- A data subject shall have the right to object, in whole or in part, to the following:
- a) on legitimate grounds, to the processing of personal data concerning him/her, even though they are relevant to the purpose of the collection;
- b) to the processing of personal data concerning him/her, where it is carried out for the purpose of sending advertising materials or direct selling or else for the performance of market or commercial communication survey”.