The European Academy of Fine Arts and Media in Novara guarantees that any data acquired in any way shall be processed in compliance with personal data protection legislation.
Advisory notice pursuant to Section 13 of Italian Legislative Decree no. 196 of 30 June 2003.
The following information is provided pursuant to Italian Legislative Decree no. 196 of 30 June 2003 - the Personal Data Protection Code, which covers the protection of persons and other entities with regard to the processing of personal data:
The European Academy of Fine Arts and Media in Novara, in its position as “Data Controller”, shall process the personal data of its teaching staff, technical and administrative staff, external partners, students and companies supplying goods and services. This data, as well as “generic” data, may also include data defined as “sensitive” in Section 4 (1) e) or “judicial” in Section 4 (1) d) of the aforementioned Legislative Decree (for example, disability data for tax exemption purposes, health data for the purpose of justifying absence from work, trade union membership data for processing salary deductions, and data regarding court cases for the purposes of adopting the resulting administrative measures).
1. DATA PROCESSING AIMS - the processing of personal data is in all cases directed at fulfilling the Academy’s institutional functions, and is carried out in accordance with the principles set out in Italian Legislative Decree no. 196/2003. The Code’s rules state that the Academy of Fine Arts in Novara may, when fulfilling its institutional functions, process personal data without having to ask the permission of the data subject. However, consent is required when the processing is not directed towards fulfilling the Academy’s institutional functions (for example, sending a list of graduates to a company planning to recruit new staff). Any refusal to supply personal data will make it impossible for the Data Controller, the Data Manager and the person in charge of the processing to provide the corresponding services.
2. PROCESSING METHODS - personal data is processed both manually and electronically by the Academy, and, when required by specific judicial relationships, also by third parties, who, equally, must fulfil the requirements of the privacy code. The data must be:
a. processed legally and following correct procedures;
b. collected and recorded solely for purposes related to the University’s institutional aims;
c. accurate and, if necessary, updated;
d. relevant, complete and not excessive in the context of the aims for which it is processed;
e. stored such that the data subject cannot be identified for a period of time longer than necessary for the aims for which the data is being processed. Any personal data processed in violation of personal data processing legislation cannot be used.
3. RECIPIENTS OF COMMUNICATED AND DISSEMINATED DATA - the communication of personal data to public bodies is only permitted when it is required for the fulfilment of institutional functions or when it is required by a law or regulation. The communication of personal data to private bodies or public bodies in the field of finance is only permitted if required by a law or regulation. The dissemination of personal data is only permitted if required by a law or regulation.
4. RIGHTS OF THE DATA SUBJECT - the data subject has the right:
a. to be aware whether or not his/her personal data is being held and its origin;
b. to be informed by the Data Controller about the processing aims and methods;
c. to obtain the updating, correction or supplementing of the processed data by the Data Controller;
d. to know the identification details of the Data Controller and Manager;
e. to object to the processing of his/her data on legitimate grounds, in full or in part;
f. to request that any data processed illegally is blocked.
To assert his/her rights, the data subject may contact the Data Controller, Data Manager or the persons responsible for processing the data directly to request that any rights violated are restored. In the event that the data subject is dissatisfied with the results of the request made to the aforementioned subjects, s/he may assert his/her rights by contacting the legal authorities or the Italian Data Protection Authority
5. DATA CONTROLLER AND MANAGER - The Data Controller is LEONARDO DA VINCI srl, with registered office at Via Cagnola 17, Milan.
6. RESPONSIBILITY - Links to external websites are provided as a service to users, and no responsibility shall be accepted for the completeness or accuracy of the information provided on these sites.