logo
logo

Privacy disclaimer

(pursuant to EU Regulation no. 679/2016 and Legislative Decree no. 196/2003 and following amendments)

DATA CONTROLLER

The data controller is the Scuola Superiore Sant’Anna, in the person of the Rector, legal representative pro tempore, with headquarters in Pisa – Piazza Martiri della Libertà 33, protocollo@sssup.legalmailpa.it, 050883111.

Internal data controller pursuant to DR 200/2019 is Dr. Mariagrazia Nardi – Administrative Manager of the Administrative Area of the Institutes of Management, Economics and Dirpolis, Scuola Superiore Sant’Anna – Via Santa Cecilia 3, Pisa (PI),- email mariagrazia.nardi@santannapisa.it 

The data will be processed by School staff trained and authorized for this purpose in compliance with legislation in force.

PROCESSING METHODS

For the purposes of the application of European and national legislation on the matter (EU Reg. 679/2016, hereinafter “Regulation”, and Legislative Decree no. 196/2003 and subsequent amendments), we inform you that the personal data provided, including photos and recorded videos, will be used for the following purposes:

  • Workshops, seminars, specific courses, conferences held as part of the GAMES  project. Any registration fulfils the purpose of proving participation in the meetings provided.
  • Submission of deliverables and Final Report within the GAMES project, required by the European Commission. 

RIGHTS OF THE INTERESTED PARTY

As an interested party, you can ask the Data Controller at any time: confirmation of the existence or otherwise of personal data concerning you; access to your personal data and information relating to them; the rectification of inaccurate data or the integration of incomplete data; the deletion of personal data concerning you (upon the occurrence of one of the conditions indicated in art. 17, paragraph 1 of the Regulation and in compliance with the exceptions provided in paragraph 3 of the same article); the receipt from another owner and transmission to another without impediments (where applicable), the limitation of the processing of your personal data (in the event of one of the hypotheses indicated in art. 18, paragraph 1 of the Regulation), the transformation into anonymous form or the blocking of data processed in violation of the law, including those whose retention is not necessary in relation to the purposes for which the data were collected or subsequently processed. As an interested party, you also have the right to object in whole or in part for legitimate reasons to the processing of personal data concerning you, even if pertinent to the purpose of the collection. If you believe that your rights have been violated, you have the right to lodge a complaint with the Guarantor Authority for the protection of personal data pursuant to art. 77 of the Regulation. These rights can be exercised by contacting the Data Controller or the Internal Manager, writing to mariagrazia.nardi@santannapisa.it  or to privacy@santannapisa.it ; you can also contact the Data Protection Officer for all matters relating to the processing and exercise of rights: dpo@santannapisa.it 

DATA PROCESSING ON THE EU FUNDING&TENDER PORTAL

To carry out the activities relating to the GAMES project (upload of deliverables, milestones, final report), the data collected will be processed according to the methods provided for in the project’s Grant Agreement (GA n. 101049869). In particular according to art. 15 of the same GA, reported below. The Portal Privacy Statement can be consulted at the following link: https://ec.europa.eu/info/funding-tenders/opportunities/docs/2021-2027/common/ftp/privacy-statement_en.pdf  

ARTICLE 15 — DATA PROTECTION

15.1 Data processing by the granting authority

Any personal data under the Agreement will be processed under the responsibility of the data controller of the granting authority in accordance with and for the purposes set out in the Portal Privacy Statement.

For grants where the granting authority is the European Commission, an EU regulatory or executive agency, joint undertaking or other EU body, the processing will be subject to Regulation 2018/1725

15.2 Data processing by the beneficiaries

The beneficiaries must process personal data under the Agreement in compliance with the applicable

EU, international and national law on data protection (in particular, Regulation 2016/679

19).  They must ensure that personal data is:

– processed lawfully, fairly and in a transparent manner in relation to the data subjects

– collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes

– adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed

– accurate and, where necessary, kept up to date

– kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the data is processed and

– processed in a manner that ensures appropriate security of the data.

The beneficiaries may grant their personnel access to personal data only if it is strictly necessary for implementing, managing and monitoring the Agreement. The beneficiaries must ensure that the personnel is under a confidentiality obligation. The beneficiaries must inform the persons whose data are transferred to the granting authority and provide them with the Portal Privacy Statement.