Privacy policy for the colletion and procssing of personal data pursuant to Articles 13 of Regulation (EU) 679/2016 of 27 April 2016
This privacy policy is issued pursuant to Art. 13 of Regulation (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and compliance with the legislation on the processing of personal data, as well as the free movement of such data.
In particular, this privacy policy applies to recruitment process for NEXTSCREEN Doctoral Candidates jobs
Data Controller
Politecnico di Milano – Director General delegated by the pro-tempore Rector – contact: dirgen@polimi.it.
Data Processor
Politecnico di Milano has been appointed as “Data Controller” by the other institutions in the consortium limited to this collection purpose
Internal data processor
Prof. Andrea Bassi – email: andrea1.bassi@polimi.it
The data shall be processed by other persons authorised and instructed for this purpose in accordance with current legislation.
Data Protection Officer and contact details
E-mail: privacy@polimi.it – Tel. 02 23999378.
Purpose of the processing, legal basis, categories of data and retention period.
For the purposes of applying the relevant European and national legislation (Regulation EU 679/2016, henceforth “Regulation”), we hereby inform you that your personal data will be used for the following purposes:
| Intended purpose of the personal data processing | Legal basis of the processing | Categories of personal data subject to processing | Retention period of personal data |
| The data will be collected to allow future recruitment process for NEXTSCREEN Doctoral Candidates jobs and the preparation for an employment relationship with a legal entity of the NEXTSCREEN Partners. | 6.1 (a) the data subject has given consent to the processing of his or her personal data for one or more specific purposes; | Personal details, Contact details, Career details | The data are as long as it is necessary for recruitment purposes. After the conclusion of the application process (e.g. by rejection from our side or withdrawal from your side), we will delete the data. |
Nature of the data
The provision of the data requested for Purpose is optional. In the event of failure to provide the data requested, the planned services/activities cannot be guaranteed.
Processing methods
The processing carried out for the purposes described above may be carried out on paper or on digital media, manually and/or using electronic or in any case automated tools, external databases (Microsoft Sharepoint).
Data may also be stored in paper archives for the duration of the course/activity [specify]/processing and indefinitely in digital format in view of the obligations of transparency and the correct operation of public administration.
The data acquired for the aforementioned purposes shall only be accessed by duly authorised personnel.
Categories of recipients
In relation to the purposes indicated, the data may be disclosed to the following public and/or private entities or may be disclosed to companies and/or persons that provide services, including externally, on behalf of the Data Controller. In particular, the data collected may be transmitted to service providers that are necessary for the delivery of the initiative. These parties will be formally appointed as “External data processors” by the Politecnico di Milano. Furthermore, the data collected may be disclosed to third party recipients, in their capacity as sponsors of the initiative, for their own purposes within the context of the initiative or similar events. Finally, your personal data may also be disclosed to other public administrations, including in anonymous form in the event that the latter are obliged to process such data for any procedures within their institutional competence, as well as to any public entities to which, under the relevant conditions, disclosure is legally required by the provisions of European system, laws or regulations, in addition to insurance bodies for any accident reports.
Specifically, the consortium parties are recognised as the recipients of your personal data who will process data as autonomous data controllers.
Transfer to non-EU countries or international organizations
The personal data will be processed by the Data Controller within the European Union.
Should it become necessary, for reasons of a technical and/or operational nature, to make use of parties located outside of the European Union, or should it become necessary to transfer a part of the data collected to technical systems and services managed in the cloud and located outside of the European Union, the processing will be regulated in accordance with the provisions of Chapter V of the Regulation and authorised on the basis of specific decisions by the European Union.
All of the necessary precautions will therefore be implemented in order to ensure the utmost protection of the personal data, the transfer being based:
a) on adequacy decisions regarding third country recipients as expressed by the European Commission;
b) on appropriate safeguards provided by the third party recipient pursuant to Article 46 of the Regulation;
c) on the adoption of binding corporate rules.
Specifically, data could be transferred, upon specific consent, to the Swiss partner “Eidgenössische Technische Hochschule Zürich”
Rights of data subjects
As a data subject, you can ask the Data Controller for the following at any time:
- confirmation of any personal data held concerning you;
- access to your personal data and related information; the correction of inaccurate data or the completion of incomplete data; the cancellation of personal data concerning you (where any of the conditions indicated in Art. 17, paragraph 1 of the Regulation applies and in compliance with the exceptions provided for in paragraph 3 of the same article); the restriction of the processing of your personal data (where one of the conditions indicated in Art. 18, paragraph 1 of the Regulation applies), the transformation into anonymous form or the blocking of data processed in violation of the law, including those that do not need to be kept for the purposes for which the data were collected or subsequently processed;
As a data subject, you also have the right to object in whole or in part:
- for legitimate reasons, to the processing of personal data concerning you, even if pertinent to the purpose of the collection;
- to the processing of personal data concerning you for the purpose of sending advertisements on courses and cultural events at the Politecnico di Milano.
These rights can be exercised by contacting privacy@polimi.it.
If you believe that your rights have been violated by the data controller and/or a third party, you have the right to lodge a complaint with the Personal Data Protection Authority and/or other competent supervisory authority pursuant to the Regulation.
Milan, 07/11/2023