PRIVACY INFORMATION ON THE PROCESSING OF PERSONAL DATA


Pursuant to art. 13 of Legislative Decree no. 196/2003 and of articles 13 and 14 of the GDPR 2016/679 we inform you that the personal data provided by the User interacting with the aforementioned website will be treated in compliance with the guarantees of confidentiality and safety measures provided for by current regulations, for the sole purposes of processing, using IT, telematic and manual tools.


This information concerns the processing of personal data, such as: personal data, tax code, residence or domicile, telephone numbers, e-mail, images, IP addresses, geolocation information, cookies, additional information that the User can freely decide to provide and other data that, if crossed with others, can trace the User's profile.


The information is provided only for the aforementioned website and not for any others that the User may consult via links contained therein.



Purpose of the processing

Personal data is processed for purposes strictly connected to the services offered by the activity, purposes related to the fulfillment of obligations provided for by law, regulations, by EU legislation and the protection of public order, the ascertainment and prosecution of crimes. In particular, the User's personal data may be used for the following purposes:

  1. Response to requests made by filling in forms present on the aforementioned website.
  2. Subscription to the aforementioned website and the related services offered.
  3. Processing of purchases, payments, estimates, analysis and / or invoicing.
  4. Sending technical communications.
  5. Provide targeted and personalized content based on the same data provided.

The purposes listed above are subject to the explicit consent of the user.

It is possible to refuse to provide all or part of the data necessary for the intended purposes, however in this circumstance it may not be possible to provide the complete and correct service.

The consent of the minors is valid from the age of 16, under that age it must be provided by the person acting for them.


Subjects to whom the data may be communicated or become aware of as data supervisors or persons in charge
Consorzio Turistico Città di Pistoia does not transfer personal data to third parties, however it may provide User data to third parties for certain processes, namely:

  • Professionals, studios, companies and / or other people in charge of assistance and consulting.
  • Subjects that carry out operations of control, revision and certification of activities, also in the interests of the users themselves.
  • Subjects that provide services for credit risk management and fraud control (such as data processing centers, banks, risk centers, debt collection companies and law firms).
  • Banking institutions, credit card issuers and / or digital payment and / or money transfer services.

The information and data that will be communicated to these subjects will be treated with equivalent levels of protection.

Unless otherwise specified by further information and / or specific regulations and contracts which must be signed by the User, the transfer of data outside the EU or to international organizations is not provided.


Data Controller and Data Protection Officer (DPO)
The Data Controller is Città di Pistoia Tourist Consortium, in the shape of the City of Pistoia Tourist Consortium, with headquarters in: Viale Adua, 128 - 51100 Pistoia, email: (info@obiettivopistoia.it).

Mode and storage of data

The data is stored for the time strictly necessary for the management of the purposes for which the data is collected, therefore in compliance with the current regulations and legal obligations. Specific and suitable security measures are observed to ensure their security, for example the protection of information with appropriate passwords they have never been saved in clear but encrypted with appropriate security measures, in addition to the use of protection and security technologies, all designed to prevent, in addition to the loss of data, even illicit or incorrect use and unauthorized access.

Personal data may be collected, stored and stored as well as physically at the Data Controller's headquarters, including to third parties to whom they may be notified as managers or appointees always and only for the purposes for which they were collected and in compliance with current regulations and legal obligations. Personal data can also be collected, stored and stored even at special servers located in states belonging to the European Union.


Data Breach (Data Breach)
The Data Controller will have a legal obligation to disclose data leaks to the national authority and communicate them within 72 hours of becoming aware of it. Data leaks reports are not subject to any "de minimis" standards and must be reported to the superintendent authority as soon as they become known and in any case within 72 hours. In some situations the people whose data was stolen must be warned.

Cookie

A specific and detailed information is available on all aspects related to cookies and related technology. Please read it by clicking on the following link: Cookie policy.

The User will be informed with a clearly visible banner of the possible use of cookies, requesting their explicit consent for its use.


User Rights
The User has at any time the full right to exercise the rights provided by current legislation, including:

  • Receive confirmation of the existence of your personal data, then request access or a copy.
  • Update, modify and / or correct your personal data.
  • Request the deletion, transformation into anonymous form or blocking of your data processed in violation of the law.
  • Oppose processing for legitimate reasons.
  • Request the deletion of your data also from subjects to whom they have been made public. (Right to oblivion)
  • Ask for treatment limitation. (Right of limitation)
  • Request that such data be transmitted to another Data Controller. (Right of portability)


To exercise one or more of the rights listed above, it is necessary to send a specific request to the City of Pistoia Tourist Consortium, in the shape of the City of Pistoia Tourist Consortium, at: Viale Adua, 128 - 51100 Pistoia or by email at: info@obiettivopistoia.com.

Last update

15 November 2019

This site uses cookies, browsing the site as they allow the use of our cookie policy Cookies policy. OK