Information on document access procedures, simple civic access and generalized civic access

in accordance with Article 13 of Regulation (EU) 2016/679

Ca' Foscari University of Venice, as part of its institutional aims and in fulfilment of the obligations set forth in art. 13 of EU Regulation 2016/679 ("Regulation"), provides information on the processing of personal data provided - by completing the appropriate form or using the dedicated electronic procedure accessible with Digital Identity Public System (SPID) login details - at the time of application for documentary access (Article 22, Law No. 241/1990 and subsequent amendments), simple civic access (Article 5, paragraph 1, Legislative Decree No. 33/2013 and subsequent amendments) or generalized civic access (Article 5, paragraph 2, Legislative Decree No. 33/2013 and subsequent amendments) and, possibly - through further communications with the administration - in the subsequent phases of the access process.

1) Data controller

The Data Controller is Ca' Foscari University of Venice, registered office in Dorsoduro n. 3246, 30123 Venice (VE), in the person of the Rector Magnificent.

2) Data Protection Officer

The University has appointed a "Data Protection Officer", who can be contacted by writing to the email address  dpo@unive.it or to the following address: Ca' Foscari University, Venice, Data Protection Manager, Dorsoduro n. 3246, 30123 Venice (VE).

3) Purposes and legal basis of data processing

The processing of personal data is aimed at the management, by the University, of the administrative procedure for requests for access to documents (Article 22, Law No. 241/1990 and subsequent amendments), simple civic access (Article 5, c.1, Legislative Decree No. 33/2013 and subsequent amendments) or generalized civic access (Article 5, paragraph 2, Legislative Decree No. 33/2013 and subsequent amendments).

In particular, the presentation of a request for access, regardless of the type of request, involves the provision of personal data and contact details, as well as additional information related to the access procedure - possibly collected in subsequent stages - necessary to complete the request.

The legal basis for this data processing is represented by art. 6.1.e), of the Regulations ("completion of a task of public interest or that is connected to the exercise of public authority to which the Data Controller is held").

The processing of personal data is based on the principles of correctness, lawfulness and transparency and the protection of the privacy and rights of the data subject, as well as the additional principles established by art. 5 of the Regulations.

4) Data processing modalities and authorized subjects

The processing of personal data will be carried out by authorized parties (in compliance with the provisions of Article 29 of the Regulations), with the use of computerized procedures, adopting appropriate technical and organizational measures to protect them from unauthorized or illegal access, destruction, loss of integrity and confidentiality, even of an accidental nature.

5) Data storage duration

Personal data will be stored in accordance with the rules on the conservation of administrative documentation for a period of 5

6) Recipients and categories of recipients of personal data

For the purposes set out above, in addition to specifically authorized employees and collaborators of the University, personal data may also be processed by third parties carrying out outsourced activities on behalf of the Data Controller, and who have been appointed as Data Processors (for example, "CINECA, University Consortium")).

Personal data may also be disclosed to other public or private parties if, in the context of the access process, they are identified as data subjects who can present a reasoned opposition, communication of the data is necessary for the performance of the institutional functions of the University or of the recipients, or it is necessary to comply with a legal obligation.

The information concerning the access procedure – devoid of the data subject’s identification data – will be published – and circulated – in the Access Register that the University holds according to the provisions laid down by the National Anti-Corruption Authority (ANAC) and makes available on its institutional website.

7) Data provision

The provision of personal data is necessary for the identification of the applicant and for the correct management and conclusion of the access process.

The failure of the University to obtain the data may result in the termination of the proceedings or the refusal of the application.

8) The rights of data subjects and how to exercise them

The data subject has the right to obtain from the University, in the cases provided for by the Regulations, access to personal data, rectification, integration, cancellation of the data or limitation of data processing or to oppose the processing itself (Article 15 and following of the Regulations).

The request can be submitted, without any particular formalities, by contacting the Data Protection Manager directly at the email address dpo@unive.it, or by sending a letter to the following address: Ca' Foscari University of Venice - Data Protection Officer, Dorsoduro n. 3246, 30123 Venice.

Alternatively, you can contact the Data Controller by writing to the certified email address  protocollo@pec.unive.it

Data subjects who believe that the processing of their personal data has occurred in violation of the provisions of the Regulations also have the right to file a complaint to the Data Protection Guarantor, as required by art. 77 of the Regulations, or to take appropriate legal action (Article 79 of the Rules).

Last update: 04/12/2019