INFORMATION ON THE PROCESSING OF PERSONAL DATA IN ACCORDANCE WITH ARTICLE 13 OF (EU) REGULATION 2016/679
Data subjects: users who consult the website www.riviera.rimini.it of “DESTINAZIONE TURISTICA ROMAGNA”
THE REASON FOR THIS INFORMATION
Pursuant to Regulation (EU) 2016/679 (hereinafter “Regulation” or “GDPR”), this page describes the methods of the processing of personal data of the users who consult the Internet website of “DESTINAZIONE TURISTICA ROMAGNA” accessible electronically at the following address: www.riviera.rimini.it. This information does not concern other websites, pages or online services that can be reached through any hyperlinks that may be published on this site, but referring to resources that are external to the riviera.rimini.it domain.
DATA CONTROLLER
Following consultation of the site, data relating to identified or identifiable natural persons may be processed.
Owner of the processing is “DESTINAZIONE TURISTICA ROMAGNA” with its registered office and operating headquarters in Piazzale Federico Fellini, 3 - 47921 Rimini (RN), VAT no.: 04382230409
DATA PROTECTION OFFICER
The Data Protection Officer (DPO) is the company Studio Paci & C. Srl - Contact person Dr. Gloriamaria Paci, who can be contacted at the following address: dpo@studiopaciecsrl.it and telephone: 0541 - 1795431.
TYPES OF DATA PROCESSED, PURPOSES OF THE PROCESSING AND LEGAL BASIS
1) Navigation data
Legal basis: “processing of data necessary for navigation of the website” - contract obligation - art. 6 para. 1 letter b) of the GDPR
The computer systems and software procedures used to operate this website acquire, in the course of their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
This data category includes the IP addresses or domain names of the computers and terminals utilised by users, the URI/URL (Uniform Resource Identifier/Locator) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (success, error, etc.) and other parameters related to the operating system and the computer environment of the user.
This data, necessary for navigating in the Website and for making use of the information contained therein, are also processed by the data controller for the purpose of:
- a) obtaining aggregated and anonymous statistical information concerning the use of the Website (most visited pages, number of visitors by time range, geographical areas of the visitors, etc.);
- b) checking the usability of the content offered by the Website;
- c) preventing or fighting any possible illegal computerised activity, the fraudulent use of the functions available on the website, also for the purposes of reconstruction of security breaches and their traceability.
Duration of the preservation:
Navigation data in compliance with the principles of lawfulness, limitations of the purposes, data minimisation, pursuant to art. 5 of the GDPR, will be kept for a period of time not exceeding the achievement of the strictly technical purposes described above for which they are collected and processed, except for any need to ascertain crimes by the Judicial Authorities.
2) Data communicated by the user
Legal basis: “processing of data necessary for responding to the users’ questions” - contract obligation - art. 6 para. 1 letter b) of the GDPR
The optional, explicit and voluntary sending of messages to the contact addresses of “DESTINAZIONE TURISTICA ROMAGNA”, private messages sent by users to institutional profiles/pages and on social media (where this possibility is provided), as well as the compilation and forwarding of forms on the sites of “DESTINAZIONE TURISTICA ROMAGNA”, involve the acquisition of the sender’s contact data, necessary to reply, as well as all personal data included in the same communications.
Specific information, where necessary, will be published from time to time on the pages of the site prepared for the provision of certain services, where necessary, the user’s consent is collected, informing from time to time on the purposes and optional nature of the provision of the data.
Duration of the preservation:
The data communicated by the user are kept for the time necessary to manage individual requests, where consent is required until its revocation, any subsequent storage for statistical purposes provides for the anonymisation of such data (except for any need to ascertain crimes by Judicial Authorities).
3) Cookies and other tracking systems
Use is made of:
- a) technical cookies necessary for user navigation, to facilitate the correct navigation of the site and the usability of the contents by the user. Legal basis: “contract in that they are functional and necessary”.
- b) analytical cookies used to process aggregated statistical analysis on the use and interaction with the website by the user. With consent of the user. Legal basis: “consent”
- c) Profiling cookies make it possible to collect information about the preferences expressed by the user in the context of navigation and process reports intended to be used for targeted advertising and marketing campaigns. Legal basis: “consent”
Information on data processing, the purpose, duration and complete management of cookies, including their consent and revocation, can be found in the “Cookie policy” document in the footer.
4) Social Media Policy:
Information about the processing of personal data carried out through the Social Media platforms used
For information on the processing of personal data carried out by the managers of Social Media platforms, please refer to the information provided by them through their respective privacy policies. The Data Controller processes the personal data provided by users through the pages of dedicated Social Media platforms, as part of its corporate promotion and advertising purposes, to manage interactions with users (comments, public posts, messages, shares, etc.) in compliance with current legislation on the protection of personal data and this information; where necessary, the user’s consent is collected, informing from time to time about the purposes and optional nature of the provision.
Personal or “sensitive” data entered in comments or public posts within social media channels may be removed.
The platforms used are:
Facebook www.facebook.com/RivieraDiRimini
Youtube www.youtube.com/c/RivieraRiminiIt/videos
Flickr https://www.flickr.com/photos/rivieradirimini/
DATA RECIPIENTS
The recipients of the data collected following consultation of some of the services listed above are some subjects designated by the Data Controller pursuant to article 28 of the Regulation, as data processors, and other service providers in the field of web-agency, digital communication, system assistance, and any other digital service providers for which it is possible to request the complete list by writing to info@destinazioneromagna.emr.it
Some data and information may be transmitted or acquired by subjects identified as independent data controllers, such data are related to cookies that are usually anonymised before sending, for statistical purposes. If the transfer to non-EU countries is envisaged, the guarantee measures taken will be indicated.
The personal data collected is furthermore processed by staff of “DESTINAZIONE TURISTICA ROMAGNA” on the basis of specific instructions related to purposes and methods of the processing in question.
SECURITY OF THE DATA
The personal data transmitted and stored for the time necessary for the stated purposes are protected by specific technical organisational security measures with reference to article 32 of the Regulation, able to guarantee on a permanent basis the confidentiality, integrity, availability, as well as the ability to promptly restore the availability and access of personal data in the event of a physical or technical incident, even in the face of the risks of destruction, loss, modification, unauthorised disclosure or access, accidentally or unlawfully, to personal data transmitted, stored or otherwise processed.
TRANSFER OF PERSONAL DATA TO NON-EU COUNTRIES
The data controller does not transfer personal data to non-EU countries. However, by consenting to analytical and/or profiling cookies, your data may be transmitted to the USA, a country that currently does not provide suitable guarantees for the processing of your data, but Google has declared the implementation of additional security measures that the Data Controller has assessed as sufficient.
RIGHTS OF THE DATA SUBJECTS
The data subjects have the right to obtain from “DESTINAZIONE TURISTICA ROMAGNA”, in the cases provided, access to their personal data, amendment and cancellation of the same, limitation of the processing that concerns them, portability, or to oppose the processing and to revoke consent (where used as a legal basis) with reference to articles from 15 to 22 of the Regulation).
The request is presented through the contact details of “DESTINAZIONE TURISTICA ROMAGNA”, with legal and operational headquarters in Piazzale Federico Fellini, 3 - 47921 Rimini (RN), or by contacting the Data Protection Officer: Studio Paci & C. Srl (Contact person Dr. Gloriamaria Paci) can be contacted at the following address: dpo@studiopaciecsrl.it and telephone: 0541 1795431.
To exercise the rights it is also possible to use the form prepared and available on the website of the Data Protection Authority at this link: https://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/9038275
RIGHT OF COMPLAINT
Data subjects who believe that the processing of personal data referred to them through this site is in violation of the provisions of the Regulation have the right to lodge a complaint with the Data Protection Authority, as provided by art. 77 of the Regulation itself, or to take appropriate legal action (article 79 of the Regulation). The form for lodging a complaint is available on the website of the Data Protection Authority at this link: https://www.garanteprivacy.it/home/docweb/-/docweb-display/docweb/4535524