Privacy Policy

Privacy Policy

Privacy Policy in accordance with art. 13 EU Reg. n. 2016/679

Privacy Policy in accordance with art. 13 EU Reg. n. 2016/679

This privacy policy is provided pursuant to and in accordance with art. 13 of EU Regulation no. 2016/679 of 27 April 2016 (hereinafter “GDPR”) concerning the protection of natural people personal data.

In particular, UniSMART – Fondazione Università degli Studi di Padova as Data Controller, pursuant to the obligations deriving from the GDPR, provides you the following information regarding the methods and purposes of the processing of personal data collected while you browse the website (


The Data Controller for all personal data collected and processed in relation to the management of the website (the “Website”) is UniSMART – Fondazione Università degli Studi di Padova, with registered office in Padova, via VIII Febbraio, n. 2 and the place of business in Padova, via P. Beldomandi, n. 1.

Tel.: 049 807 8598


Certified e-mail:

    1.1 When the user voluntary sends communications or requests to the e-mail addresses indicated in the various sections of the Website, the personal data included in the e-mail text will be collected.1.2 The optional and voluntary filling in of the forms on the Website involves the collection of the personal data requested therein.1.3 Browsing data: the computer systems and software procedures used to operate the Website collect some personal data, whose transmission is an integral part of Internet communication protocols. This category of data includes the IP addresses or domain names of the computers used by users who connect to the Website, the URI (Uniform Resource Identifier) ​​addresses of the requested resources, the method used to submit the request to the server, the size of the file obtained in response, the numeric code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and device environment of the user. These data are used exclusively to obtain anonymous statistical information on the use and proper functioning of the Website. The data may be used to ascertain any liability, only at the request of the oversight bodies, in the event of alleged cybercrimes against the Website or the Data Controller.

    The data will be processed for the following purposes:

    As regards point 1.1, to respond to the user’s requests;
    As regards point 1.2, for the purposes indicated in the respective forms, to consent the hosting of the event, to send communications related to the selected areas of interest and to subscribe to the newsletter of UniSMART.
    As regards point 1.3, to allow the browsing of the Website.


The legal basis for the processing of the personal data indicated above is the need to response to the request of the data subject and to allow the browsing of the Website, and therefore the execution of a contract or of steps prior to entering into a contract. The legal basis for the processing of personal contact data to send communications connected to the selected areas of interest is represented by the legitimate interest of the Data Controller, which is connected to the implementation of activities in the interest of the University of Padova.

The subscription to the newsletter as well as the communication of data to the co-organizers of the events for purposes not related to the event are based on the specific and explicit consent of the Data subject.


Your personal data are processed with automated and non-automated tools, for the purposes for which they are collected. Specific security measures are observed to prevent the loss, unlawful or incorrect use or unauthorized access to the data. Your personal data may be used on behalf of the Data Controller by data processors in order to ensure the correct performance of the Website’s activities.

It should be noted that personal data may be processed through software for the sending of newsletters and for the managing of the data collected through the forms.


Data retention period:

  • data collected by requests sent by users to the e-mail addresses mentioned on the Website: they are kept for the time strictly necessary to respond to the request;
  • data collected through forms: they are kept until the purpose indicated in the form is achieved;
  • browsing data: they are kept for the technical time necessary to achieve the purposes which they are collected for and in any case for a maximum period of six months.

The Data Controller will retain your personal data for a longer period, if the retention is reasonably necessary to comply with legal obligations, or for the establishment, exercise or defence of legal claims.

The Data Controller will keep your personal data until the expiry of the retention period; after that, the personal data will be deleted or made permanently anonymous.


Your personal data will not be disclosed to indeterminate subjects. Nevertheless, the data may be communicated to well-defined subjects, only by the Data Controller and for the specified purposes, and in particular to:

  1. Software houses;
  2. Data processors and persons authorized to the processing.

In particular, the registration to events organized by UniSMART in collaboration with third parties involve the communication of data, filled in the form, to the co-organizer of the event who, as Data processor, is authorized to use such data only for organisational purposes, as laid down in the specific form. However, if consent is given, the data can be shared and processed by the co-organizer as an autonomous data controller also for purposes unrelated to the organization of the event.

The data entered in the forms will be processed through Google Forms; the contact data that are collected to send newsletters will be processed through MailUp.

You can receive the list of the external data processors by sending a request to the DPO e-mail address:


The data subject has the right:

  • to request information about the personal data processed by UniSMART and to receive in a structured, commonly used and machine-readable format the personal data;
  • not to be subject to a decision based solely on automated processing, without a previous explicit consent;
  • to ask UniSMART the rectification or the erasure of personal data or the restriction of their use only for certain purposes;
  • to change idea and ask UniSMART to stop processing the data.

In some limited cases, the Data controller may not be able to comply with the requests of the data subjects, as long as it is forbidden by law provisions or by the act of a public authority.

The requests to exercise these rights shall be sent to the Data Protection Officer of UniSMART:

In any case, the data subject has the right to lodge a complaint with the relevant supervisory authority (Data protection Authority) if he/she believes that the processing of personal data is against the applicable law.

H. DPO (Data Protection Officer)

The Data Controller has appointed a specific Data Protection Officer (DPO), who can be contacted at the following e-mail address: