Info for
Prospective Students
Cattolica Students
International Students
Academic Staff
Alumni
Institutions, Companies and Professions
strumenti-icon
ARE YOU AN ENROLLED STUDENT?
YOU ARE A LECTURER OR STAFF MEMBER
IT

Information notice for the attendance recording mobile application

1. Introduction

Pursuant to Article 13 of the Regulation (EU) 2016/679 on the “protection of natural persons with regard to the processing of personal data” (hereinafter also “GDPR”), we are providing the information on the processing of your personal data (“Data”) performed by Università Cattolica del Sacro Cuore (hereinafter also the “University”).

2. Identity and contact details of the Data controller

The Controller of the processing of your Data is Università Cattolica del Sacro Cuore (hereinafter also “Controller”), with registered office in Largo Agostino Gemelli 1, 20123 Milan, tel. (+39) 027234.1.

3. Categories of personal data

The Data processed by the University include:

Identification number and degree course of enrolment, date (time) and place (building and classroom) of attendance confirmation and information on the mobile application’s frequency of use. This data can be traced back to you as individual user by association with a unique code.

Please note that attendance is recorded once for each lesson.

4. Purposes of processing and legal basis

Data provided by you will be processed for the following purpose: performing the obligations related to the student/user position, with reference to recordings via mobile application of courses, lectures and frontal teaching activities attendance.

The legal basis of processing is constituted by the execution of the contract to which you are a part of.

An eventual refusal to provide your Data will entail the impossibility to proceed with the detection of your presence through the mobile application.

5. Processing methods

Data are processed by manual, digital and electronic means with logics strictly related to the purposes and, nevertheless, in such a way to guarantee the security and confidentiality of the Data pursuant to current regulations.

More specifically, you will be asked to confirm your presence by logging in to the mobile application and activating Data transmission via Bluetooth from your personal device.

6. Data retention

The University will process the Data for the time strictly needed to achieve the abovementioned purposes; with no prejudice to any retention terms established by law or regulations, including internal ones.

7. Categories of recipients

Your Data can be communicated to external Companies/Entities to comply with legal or regulatory obligations as well as to allow the performance of the service and/or the provision of the service you requested  and in particular to public and private entities or competent Authorities.

Subjects belonging to the categories to which the Data may be communicated, will process the Data and use them, as the casemay be, as Data Processors specifically appointed by the Controller pursuant to the law, or as autonomous Data Controllers.

The list of appointed Data Processors is continuously updated and available at the University offices.

8. Transfer of personal data outside the EU

Data can be transferred to non-EU countries, in particular for services located outside the territory of the European Union (e.g. cloud storage). In that case, the Controller hereto assures that the transfer of Data will take place pursuant to the applicable legal provisions.

9. Data Protection Officer, D.P.O.

The University has appointed a Data Protection Officer (D.P.O.) who can be contacted by email at: dpo@unicatt.it

10. Data subject’s rights

As Data subject you have the right to:

  1. Ask the Controller to access the Data, their cancellation, the rectification of inaccurate Data, the integration of incomplete Data, as well as the restriction of processing in the cases set forth in Art. 18 of the GDPR;
  2. Object, at any time, in full or partially, to the processing of Data required on behalf of the legitimate interest of the Controller;
  3. If the conditions for exercising the right to portability pursuant Art. 20 of the GDPR are met, receive in a structures form, commonly used and machine-readable format the Data provided to the Controller and, if technically feasible, transmit it to another Data Controller without hindrance;
  4. Withdraw any consent given at any time;
  5. Lodge a complaint with a supervisory Authority (Garante per la protezione dei dati personali).

Those rights may be exercised by registered mail, addressed to Università Cattolica del Sacro Cuore, Direzione Generale (General Manager Office) – Privacy, Largo Agostino Gemelli 1, 20123, Milan, or by email at dpo@unicatt.it


Updated on: 31 July 2025

Filename
15 - Information notice for the attendance recording mobile application.pdf
Size
102 KB
Format
application/pdf
Download PDF
scroll-top-icon