What data is processed
Computer systems and software procedures in place on the portal regularly collect personal data in accordance with Internet communication protocol as well as being used to improve the service.
This data is not collected in order to associate it to specific interests, but it can result in users being identified once it has been processed and possible associations have been found.
This category comprises IP addresses or domain names of the users’ computers, URI (Uniform Resource Identifier) addresses, time of request, method used to retrieve the request from the server, file size obtained in reply, numeric code indicating the state of the reply from the server (success, error, etc) and other parametres concerning the user’s operative system and IT environment.
This data is only used to obtain anonymous statistics in aggregate form on how the site and its services are used as well as contributing to the site being used correctly. The data is periodically deleted, but judiciary or legal authorities can request it should they need to ascertain responsibility in the case of computer crime against the Portal or third parties.
Where individuals voluntarily send their email address of phone numbers to the portal, the University will be able to use this data to answer requests as well as providing other useful information.
The processing of the data acquired is regulated by Art. 5 of European Data Protection Regulation (EU/2016/679).
Users are advised to refrain from providing personal and/or legal data that is not necessary for use of the services. However, should any additional personal/legal data be provided, it will be processed in accordance with the relevant University Regulations (D.R. 1819 of 12/03/2007).
The statement on how cookies are used is in accordance with the 8 May 2014 measures on protecting personal data “Identifying simplified methods of disclosing and acquiring consent to use cookies” and art. 13 of European Data Protection Regulation (EU/2016/679).
Cookies are small text files that sites send to users’ devices when they visit them. They are memorised and re-sent to the same sites should the user visit that site again. So called “third party” cookies, however, are set up on other sites which the user does not visit. This is because elements like images, maps, sound, links to specific web pages on other domains, etc can reside on servers which are different from the site being visited.
Cookies are used for different reasons: determining user ID, monitoring sessions, memorising information of specific configurations concerning users who access the server and memorising preferences, etc.
All University of Turin portal and websites use session cookies that are necessary and indispensable for them to perform correctly. They are used to manage login and access to reserved areas and only last a session. Their expiry compromises access to the reserved areas, while public areas can be used at any time.
The site does not acquire any of the user’s personal data as cookies transmitting personal data are not used.
Third party cookies are installed on the user’s device by someone other than the site administrator.
The portal does not use third party cookies, but it process data anonymously via Google Analytics which analyses browsing data in order to compile anonymous statistics of how the site is being used. For more information, see Statement on Google Analytics.
The cookies used by the University of Turin portal will expire when the user logs out or after a certain period of inactivity set by the server. The university does not use any type of persistent cookie (i.e. one that tracks users).
Users can refuse cookies by selecting the appropriate settings in their browser.
Check out the instructions in the main browsers, but remember there could be variations about how to change the settings.
Data transfer is optional, although if the user does not provide certain information access cannot be guaranteed and services will not be forthcoming.
Many of the site’s features will only be available to registered users if session cookies have been disabled, although contents designed for the general public will still be available.
Data Processing Controller
Università degli Studi di Torino, Via Verdi, 8 – 10124 Torino
For more information concerning responsibilities for publication procedures see Legal notes.
The University of Turin provides its portal community users and others who use its apps with some simple rules for using common passwords.
- These users are aware that the ID they use to access the services must be kept secret like bank details and never shared with others.
- Users are advised to change their password regularly and to create different passwords to access different websites and social networks.
- Passwords must comprise at least eight characters or the maximum possible if the electronic device does not allow for eight.
- Passwords must not contain information that can easily lead to its owner identity eg one’s name and surname or family member names, Tax Code, student number, date of birth, phone number, etc. The body of the password should contain a mix of upper and lower case letters, numbers, punctuation and non-alphabetic characters like ! $ # o %.
- Users are responsible for any occurrence following the use of their password. They also accept sole responsibility and commit themselves to exonerating the Università degli Studi di Torino from any claim, expectation or threat regarding the use or abuse of their profile.
- Passwords must be changed every six months and the user must immediately notify the Università degli Studi di Torino of any unauthorised use of their username and password or any security breach they are aware of.
The University does not ask users via email to check their password. Users need to be especially careful to avoid phishing which is the fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card details by pretending to be a trustworthy entity.
Source: Wikipedia.
These users are aware that they are directly responsible for what takes place while they are logged in and are not allowed to divulge work practices, administrative issues or production methods or use them to damage or prejudice the University or make a copy of the database or any part of it except with specific written authorisation from the department head.