Information on the processing of personal data (Claims)

The Data Controller is the University of Padova, with legal campus in Via VIII Febbraio n. 2, 35122 - Padova (PEC address: amministrazione.centrale@pec.unipd.it).

The Data Protection Officer can be contacted at the following e-mail address: privacy@unipd.it.

The University provides for the processing of personal data provided by the data subject or by those who take legal assistance for the management of claims that directly or indirectly involve the University.

The personal data that may be processed exclusively for the purposes indicated in point 4 are:

1. personal and identification data (name, surname, date of birth), contact, residence, any images relating to accidents;
2. financial data (e.g. IBAN);
3. special data and, specifically, data relating to health, the processing of which is carried out exclusively in the event of contingent needs (such as, precisely, an accident).

The processing of data is aimed exclusively at the management of the claim by insurance companies.

The personal data of the interested party are processed with the support of computer and paper means.

The University shall take appropriate organisational and technical measures to protect and guarantee the confidentiality of the personal data in its possession, in particular against the loss, theft, as well as the unauthorised use, disclosure or modification of personal data.

The University does not resort to automated decision-making processes relating to the rights of the data subject on the basis of personal data, including profiling, in compliance with the guarantees provided for by art. 22 of the EU Regulation.

Any processing of special data is carried out in compliance with the "Regulations for the processing of sensitive and judicial data of the University", which can be consulted in Regulations of general interest.

The processing of personal data within the scope of the purposes indicated in point 4 is carried out by the University on the basis of at least one of the following legal bases.

Common personal data (point 3, letters a and b) are processed for the fulfilment of legal obligations to which the data controller is subject and for the performance of tasks of public interest as well as for the pursuit of the legitimate interest of the University or third parties (Article 6, paragraph 1, letters c), e) and f) of the EU Regulation).

Special personal data (point 3, letter c) are processed to fulfil the obligations and exercise the specific rights of the University or the data subject in the field of labour law and social security and social protection and, if requested, on the basis of the consent of the data subject (Article 9, paragraph 2, letters a) and b) of the EU Regulation).

The provision of personal data for the purposes indicated in point 4 is essential for the management of the documentation relating to the accident involving the data subject and for the fulfilment of the related legal obligations.

The recipients of the data are the natural persons appointed by the University for the processing of data, including employees and collaborators, including self-employed ones, of the University of Padova and affiliated bodies.

Data Processors

The data are also recipients of the Data Processors appointed by the University, including:

• CINECA, as the main provider of IT services, with campuses in via Magnanelli 6/3, 40033 Casalecchio di Reno (BO) - Privacy policy CINECA;
• Google Ireland Limited, as provider of email and cloud services, with campuses at Gordon House, Barrow Street, Dublin 4, Ireland  - Privacy policy GSUITE.

Third parties

Personal data, in any case, may be disclosed to third parties in relation to the fulfilment of legal and contractual obligations, specific requests by the data subject, the management of any complaints or disputes and for the prevention and repression of fraud and any illegal activity.

For the purposes indicated in point 4, personal data may be disclosed to third parties, including:

1. insurance companies and intermediaries, including insurance brokers;
2. subjects who provide legal assistance and representation on behalf of the interested parties;
3. Pro-tempore Treasurer Institute of the University of Padova and other credit institutions for the fulfillment of pecuniary obligations;
4. public bodies, including international ones, for the performance of the University's institutional functions;
5. affiliated institutions where interested parties carry out traineeship activities;
6. Ministry of Foreign Affairs, Police Headquarters, Embassies, Public Prosecutor's Office regarding residence permits, recognition of particular status;
7. health authorities and public safety authorities.

Personal data are stored for the entire period necessary to carry out the purposes set out in point 4, in accordance with the provisions of current legislation and the University Regulations on the Waste Ceiling.

The interested party may exercise the rights provided for in Articles 15 et seq. of the EU Regulation, such as the right of access, the right to rectification or integration of their data, the right to erasure (right to be forgotten) and restriction of processing and the right to data portability, under the conditions and within the limits indicated by the EU Regulation.

The request for erasure of personal data cannot be accepted to the extent that the processing is necessary for the fulfilment of a legal obligation, for the performance of institutional tasks, for the establishment, exercise or defence of a right in judicial campus and in any other case provided for by art. 17, paragraph 3 of the EU Regulation.

The interested party has the right to object at any time to the processing of his/her personal data, in accordance with the provisions of art. 21 EU Regulation.

The interested party may lodge  a complaint with the Guarantor for the protection of personal data.

To exercise their rights, the interested party may contact the University, by writing to the certified e-mail address amministrazione.centrale@pec.unipd.it or to the e-mail address urp@unipd.it. Alternatively, the interested party can write to: University of Padova, via VIII Febbraio n. 2, Padova.

The University is required to provide a response within one month of the request, extendable up to three months in case of particular complexity of the request.

Any changes and additions to this policy are published in the privacy section of the institutional website at www.unipd.it/privacy.

In any case, the University undertakes to communicate directly to the data subjects, through its institutional channels, any changes in the purposes of the processing, the identity of the data controller and any other changes that may significantly affect the rights of the data subjects or their exercise.