Introduced by the European Union (EU), the GDPR is intended to help protect the personal information of EU individuals/data subjects (any individual who is physically located in an EU member state, which includes both EU citizens and non-EU citizens). The EU’s General Data Protection Regulation (GDPR) compliance date began May 25th, 2018.
This is a statement of the practices of the University of Notre Dame (USA) (“Notre Dame”) with regards to offices in Italy (located at Via Ostilia, 15, Rome, Italy, 00184). This statement is to be referenced in connection with the use and capture of personal data, and the steps taken by Notre Dame and its offices to respect your privacy.
This Privacy Notice explains how Notre Dame handles personal data to uphold its obligations relevant to the protection of personal privacy and to be in accord with current EU legislation. Notre Dame fully respects your right to privacy and actively seeks to preserve the privacy rights of those who share information with Notre Dame. Any personal information which is volunteered to Notre Dame will be treated with the highest standards of security and confidentiality, in accordance with European Data Protection legislation. Personal data shall be processed in accordance with the General Data Protection Regulation (EU) 2016/679 and the Data Protection Act of 2018.
This privacy notice explains the following:
- What personal data is collected
- How Notre Dame and its offices collects your personal data
- The purpose for (use of), and legal basis for collecting your personal data
- How Notre Dame and its offices stores and secures personal data
- When Notre Dame and its offices shares personal data, including details of third parties with whom UNDE shares personal data
- Your rights with regard to your personal data
You may also wish to download the Data Protection Procedural Guidelines For Personal Data Security Breaches.
Make a request
The GDPR provides a number of rights to EU individuals that include the following: the Right to be Informed, the Right to Rectification, and the Right to be Forgotten/Erasure. Any EU individuals who have/had a formal relationship with the University may leverage the online request form (linked below) for the following rights:
- Request for Information (obtain information about yourself) ;
- Right to Rectification (have your information corrected (where applicable by law)); OR
- Right to be Forgotten/Erasure (have your information removed / erased (where applicable by law))
Important Notice: By submitting your GDPR request, you have acknowledged that you are/were an EU resident at an EU member State at the time that you provided your information to Notre Dame.
If you have questions or comments around these three specific rights, or any other rights provided by the GDPR, please email the Office of Information Security and Compliance at firstname.lastname@example.org.
Note: Information on this page and the policies related to the GDPR will be updated on an ongoing basis, as needed.