In accordance with the provisions of current legislation on the protection of personal data, by means of this policy, the Università Cattolica del Sacro Cuore - Cetif, as the Data Controller (hereinafter, also the"Università" or the "Owner"), intends to provide users with any more useful information regarding the cookies installed on the portal https://www.cetif.it (hereinafter the "Site").

This document is an integral part of the privacy policy, which can be found at the following link https://www.cetif.it/privacy-policy

1. What are cookies

Cookies are small text strings that websites visited by the user send to the computer and any device used to access the Internet (such as smartphones and tablets), where they are stored and then transmitted back to the same sites the next time the same user visits.

Cookies can be stored permanently and have a variable duration (so-called persistent cookies), but they can also vanish when the browser is closed or have a limited duration (so-called session cookies). Similarly, cookies can be installed by the site you are visiting (so-called first-party cookies), but also by other websites (so-called third-party cookies) and are used to perform computer authentication, session tracking and storage of information regarding the activities of users accessing a given site. Based on the purpose of use, they are divided into:

• Navigation and functionality cookies: used for authentication and user experience enhancement purposes (e.g., storing language preferences), respectively;
• Analytical cookies: used by the site operator to collect information about users who visit the site;
• Profiling cookies: used for advertising purposes to send messages in line with user preferences collected while browsing the web;
• Social Cookies: used to enable interaction with social networks.

As per the general order of the Italian Data Protection Authority (the "Guarantor") of May 8, 2014, on "Identification of simplified procedures for information and acquisition of consent for the use of cookies," are considered technical cookies:

• Browsing and functionality cookies;
• Analytical cookies, only when used directly by the site operator to collect information, in aggregate and anonymous form, about the number of users and how they visit the site.

According to current regulations, it is not necessary to acquire the user's consent for the installation of technical cookies.

2. First-party technical cookies

The Site uses the following types of first-party technical cookies:

• Session cookies: essential to allow the user to move normally within the Site and properly enjoy the related services. Since they are not stored on the user's computer, they vanish when the browser is closed;
• Functionality cookies: aimed solely at improving and speeding up navigation on the Site by storing certain choices made by the user (such as language preferences).

Thus, they are tools used by the Owner to ensure, for example, efficient navigation, session stability, log-in permanence and pre-selection of the opted-in navigation country. They also serve to remember, in an anonymous form, the choices made by the user regarding the display of certain elements of the page, such as information and communication banners.

As already stated, the use of technical cookies and the performance of processing related to them does not require the user's prior consent.

It remains in any case without prejudice to the possibility for the latter to prevent the installation of such cookies at any time through the settings of its browser, as indicated later in this policy, in the knowledge that such a choice could nevertheless complicate, slow down and sometimes block navigation on the Site and, more generally, on the Internet.

3. Third-party technical cookies

The Site also uses cookies that are not managed and controlled by the Owner, as they belong to third parties. More specifically, these are:

Analytical cookies
Google Analytics cookies through which information on how users use the Site (number of visitors, pages visited, dwell time, conversions, etc.) is collected in an aggregate and anonymous manner. This information is used, generally, to improve the functionality of the Site, allowing, for example, to record any errors detected by users and ensure them, therefore, a smoother and more immediate navigation.

Moreover, it is not possible to exclude, since these are activities outside the control of the Owner, that Google may enrich or cross-reference the information obtained through these cookies - which the user's browser transmits to Google in the United States according to the relevant terms of service - with other data at its disposal, for purposes outside the scope of this policy.

To disable the installation of these cookies, please follow the procedures in the following links:

• Google Analytics Privacy Policy
• Disabling Google Analytics cookies

4. How to disable cookies

Without prejudice to the right to object to the installation of cookies in the manner indicated above, considering that most browsers are programmed to accept cookies automatically, the user may choose not to receive them, especially when the third party involved does not give the possibility to properly opt-out, also by accessing the browser settings and disabling their use, according to the procedures described at the following addresses:

• Internet Explorer
• Mozilla Firefox
• Google Chrome
• Apple Safari
• Opera

It should be kept in mind, however, that disabling cookies may complicate Internet navigation or prevent you from moving freely from one page to another, enjoying the full functionality of the Site.

For more information on cookies, you can log on to www.youronlinechoices.com (limited to services surveyed by that platform), to get information on how to delete or manage cookies based on the browser you use and to set preferences for using third-party cookies.

5. Communication and dissemination of data

The data collected through cookies may be processed by the employees and external companies cooperating with theUniversità-Cetif, respectively as data processors and data controllers. The list of designated data processors is constantly updated and available at the headquarters of Università.

This data will not be disseminated, but in the case of third-party cookies may also be transferred outside the European Union by and under the sole control of the companies that manage and install them.

6. Data controller and data protection officer

The data controller is Università Cattolica del Sacro Cuore, with registered office at Largo Agostino Gemelli 1, 20123 Milan, tel. (+39) 027234.1.

TheUniversità has appointed a Data Protection Officer (D.P.O.), e - mail dpo@unicatt.it, whose name can be easily found on the website at http://www.unicatt.it/privacy.

7. User rights

In your capacity as a data subject, you have the right to:

1. Ask the Data Controller for access to the Data, their deletion, rectification of inaccurate Data, integration of incomplete Data, as well as restriction of processing in the cases provided for by Article 18 of the GDPR;
2. Object, at any time, in whole or in part, to the processing of the Data necessary for the legitimate pursuit of the Data Controller's interest;
3. In the event that the conditions for the exercise of the right to portability under Article 20 of the GDPR are present, receive in a structured, commonly used and machine-readable format the Data provided to the Data Controller, as well as, if technically feasible, transmit it to another Data Controller without hindrance;
4. Withdraw consent given at any time;
5. Propose complaints to the relevant supervisory authority.

These rights may be exercised, by registered mail, addressed to Università Cattolica del Sacro Cuore , Administrative Direction - Privacy, Largo Agostino Gemelli 1, 20123, Milan, or by e-mail at dpo@unicatt.it, specifying in the subject line "Exercise of the rights of the interested party" and indicating the reference structure through which relations with the University have taken place (e.g., research center Cetif).