Privacy and Personal Data Protection
Università di Brescia protects the personal data of individuals with whom it comes into contact in the pursuit of its institutional purposes, in compliance with the General Data Protection Regulation (GDPR—EU Regulation 2016/679, hereinafter “GDPR”) and Legislative Decree 196/2003 (hereinafter “Privacy Code”).
The texts of the privacy notices intended for the various categories of data subjects are available on this page.
The Data Controller is Università di Brescia, represented by the Rector, who has designated (by Rector’s Decree No. 1241/2023 of December 21, 2023) Liguria Digitale S.p.A. as the Data Protection Officer (DPO), which can be contacted via email at: [email protected].
Università di Brescia is a public institution and a leading center for scientific research and higher education. In accordance with fundamental human rights, with particular regard to privacy and the protection of personal data, it takes all necessary measures and performs all appropriate actions to achieve its institutional objectives, as well as those that are instrumental—even indirectly—to those same purposes (Articles 1 and 2 of the Statute of the University of Brescia, issued by Rector’s Decree No. 107 of February 6, 2024, published in the Official Gazette of the University of Brescia No. 39 of February 16, 2024).
In particular, among the institution’s institutional purposes is the promotion and dissemination of the university’s research activities, including the presentation of the expertise of faculty members and researchers through the publication of information regarding their scientific résumés via a publicly accessible web portal.”
Personal data will be processed in accordance with Article 33 of the Constitution and Article 6 of Law No. 168/1989, as amended, pursuant to Article 6(1)(c) of the GDPR (processing required by law), (e) (processing for reasons of public interest), subparagraph (b) (processing necessary for the performance of a contract to which the data subject is a party or for the implementation of precontractual measures taken at the data subject’s request), and subparagraph (f) (legitimate interests of the controller, provided that the fundamental interests, rights, and freedoms of the data subject—especially if the data subject is a minor—do not override those interests).
The GDPR grants the natural person to whom the data relates (the data subject) the rights listed below:
- Right of access to personal data.
- Right to rectification.
In cases provided for by law, also:
- the right to erasure of data (the so-called “right to be forgotten”).
- the right to restriction of processing.
- the right to data portability.
- the right to object to processing activities.
In the case of processing based on consent, the ability to withdraw consent at any time, without prejudice to the lawfulness of processing based on consent that has been subsequently withdrawn.
If you are a minor, before providing your data to the University, please read the privacy notices carefully together with your parents or legal guardians.
To exercise these rights, please refer to the attached procedure.
For internal consultations, please open a ticket in “Servicedesk,” select the “Procedimenti amministrativi” category from the drop-down menu, then select “Consulenze Protezione Dati Personali e Privacy,” and enter your consultation request in the “Descrizione” field.
Below is the link to access the project summary for an assessment of data processing within the research project
Guidelines for the Processing of Personal Data in the Context of Communication Activities
Privacy Organization, Authorized Persons, and Contacts
Data Breach Procedure
Data Protection Officer (DPO)
Liguria Digitale spa - Ing. Maurizio Pastore
Genova, 16152, via Melen, 77
Phone: + 3901065451
Email: [email protected]
UniBs Data Protection Office
Dott. Stefano Filippini
Dott.ssa Veronica Villa
Brescia, 25121, p.zza Mercato, 15
Phone: + 39 0302988 317 - 429
Email: [email protected]

