Privacy Policy

Privacy & Cookie Policy

This page is about privacy and describes the procedures of website management regarding the processing of users’ personal data. (Last modified: May 9, 2018.)

This information on privacy policy is provided pursuant to section 13 of Legislative Decree n. 196/2003 – Code Regarding Personal Data Protection to those interacting with the web services of this website. Update: Directive 2016/679/EC (GDPR -GENERAL DATA PROTECTION REGULATION)

DATA CONTROLLER

Associazione Progetto Venezia – CF 94023010278 – Mail: info@venicesustainabletourism.it

The Data Controller is responsible for this privacy policy.

For any inquiries and/or to exercise your rights in compliance with section 7 of Legislative Decree n. 196/03, you can contact the Data Controller at the e-mail listed above.

The installation of cookies and other tracking systems operated by third partes, through the services used within this website, cannot be technically controlled by the Data Controller. Therefore, any specific reference to cookies and tracking systems installed by third partes is to be considered as indicative. For complete information, see the privacy policy of any third party services listed in this document.

Given the objective complexity related to the identification of cookies-based technologies and their integration with web functioning, the user is encouraged to contact the Data Controller in case he/she would like to receive in-depth information regarding the use of cookies and their possible usage, for example by third partes, through this website.

The information provided only applies to this website and does not concern any websites which may be accessed through links.

The information on privacy policy is also based on the Recommendation n. 22001, which was adopted on 17 May 2001 by the European authorities for personal data Protection, within the Working Group established under Article 29 of the European Directive n. 95/46/EC. These guidelines define minimum requirements for the collection of personal data online as well as arrangements, timing and nature of the information to be provided by Data Controllers to users connecting to web pages, regardless the purpose of the connection.

The following list describes the contents that will be explained below:

  • the types of data that can be collected
  • how and for what purposes personal data will be handled/li>
  • whether personal information provision is mandatory or optional
  • the consequences of refusing to provide personal details
  • who will be informed about personal data and if they will be disseminated
  • user rights

CATEGORIES OF DATA COLLECTED

Among the data collected from this website, either independently or through third partes, there may be:

Navigation data

As part of their standard functioning, computer systems and software procedures relied upon to operate this website acquire personal data, whose transmission is implicit in the usage of Internet communication protocols.

Such information is not collected with the purpose of being associated with specific individuals; however its very nature might allow user identification, after being processed and matched with data held by third partes.

This category of data includes IP addresses or domain names of computers used by users connecting to the website, URI (Uniform Resource Identifier) addresses of requested resources, time of request, method used for submitting the request to the server, return file size, the numerical code indicating the server response status (successfully performed, error, etc.) and other parameters related to the user’s operating system and computer environment.

These data are only used to collect anonymous statistical information on the website usage as well as to check its correct functioning; they are deleted immediately after processing. The data may be used to ascertain responsibility in case computer crimes are committed against the website. Except for this circumstance, any data on web contacts is retained for no longer than seven days.

Data provided voluntarily by users

Among the data provided voluntarily in this website there can be: E-mail, First Name, Surname, Username, Password, Image, Gender, Date of Birth, Phone Number, Province, State, Country, Zip Code, City, Profession, VAT Number, Fiscal Code, Company Name, Workplace, Address, Fax Number, Data regarding Usage, Cookies.

An optional, explicit and voluntary sending of e-mail to addresses associated with this website entails the acquisition of the sender’s address, which is necessary to respond to requests, as well as of any other data voluntarily included in the message.

In case of specific summary information notices, they will be reported or displayed on the web pages dedicated to particular services on demand.

User’s failure to report certain personal data may prevent this website to provide its services.

The user is responsible for third partes’ personal information published or shared through this website and warrants to have the right to communicate or disseminate them, freeing the Data Controller from any liability towards third partes.

PROCESSING ARRANGEMENTS AND PLACE OF COLLECTED DATA

Processing arrangements

The Data Controller processes users’ personal data with the help of security measures designed to prevent unauthorized access, disclosure, modification or destruction of personal data. Data processing is performed with computer and/or telematic tools, organizational methods and following a logic that is strictly related to the purposes indicated. In addition to the Data Controller, data may be accessed, in some cases, by officers involved in the website organization or external partes (such as third party technical service providers, mail carriers, hosting providers, IT companies, communications agencies), which may be appointed as responsible for data processing by the Data Controller. The Data Controller can request an updated list of who is in charge of data processing.

Mode and place of processing the Data

Methods of processing

The Owner takes appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of the Data.
The Data processing is carried out using computers and/or IT enabled tools, following organizational procedures and modes strictly related to the purposes indicated. In addition to the Owner, in some cases, the Data may be accessible to certain types of persons in charge, involved with the operation of this Application (administration, sales, marketing, legal, system administration) or external parties (such as third-party technical service providers, mail carriers, hosting providers, IT companies, communications agencies) appointed, if necessary, as Data Processors by the Owner. The updated list of these parties may be requested from the Owner at any time.

Legal basis of processing

The Owner may process Personal Data relating to Users if one of the following applies:

  • Users have given their consent for one or more specific purposes. Note: Under some legislations the Owner may be allowed to process Personal Data until the User objects to such processing (“opt-out”), without having to rely on consent or any other of the following legal bases. This, however, does not apply, whenever the processing of Personal Data is subject to European data protection law;
  • provision of Data is necessary for the performance of an agreement with the User and/or for any pre-contractual obligations thereof;
  • processing is necessary for compliance with a legal obligation to which the Owner is subject;
  • processing is related to a task that is carried out in the public interest or in the exercise of official authority vested in the Owner;
  • processing is necessary for the purposes of the legitimate interests pursued by the Owner or by a third party.

In any case, the Owner will gladly help to clarify the specific legal basis that applies to the processing, and in particular whether the provision of Personal Data is a statutory or contractual requirement, or a requirement necessary to enter into a contract.

Place

The Data is processed at the Owner’s operating offices and in any other places where the parties involved in the processing are located.

Depending on the User’s location, data transfers may involve transferring the User’s Data to a country other than their own. To find out more about the place of processing of such transferred Data, Users can check the section containing details about the processing of Personal Data.

Users are also entitled to learn about the legal basis of Data transfers to a country outside the European Union or to any international organization governed by public international law or set up by two or more countries, such as the UN, and about the security measures taken by the Owner to safeguard their Data.

If any such transfer takes place, Users can find out more by checking the relevant sections of this document or inquire with the Owner using the information provided in the contact section.

Retention time

Personal Data shall be processed and stored for as long as required by the purpose they have been collected for.

Therefore:

  • Personal Data collected for purposes related to the performance of a contract between the Owner and the User shall be retained until such contract has been fully performed.
  • Personal Data collected for the purposes of the Owner’s legitimate interests shall be retained as long as needed to fulfill such purposes. Users may find specific information regarding the legitimate interests pursued by the Owner within the relevant sections of this document or by contacting the Owner.

The Owner may be allowed to retain Personal Data for a longer period whenever the User has given consent to such processing, as long as such consent is not withdrawn. Furthermore, the Owner may be obliged to retain Personal Data for a longer period whenever required to do so for the performance of a legal obligation or upon order of an authority.

Once the retention period expires, Personal Data shall be deleted. Therefore, the right to access, the right to erasure, the right to rectification and the right to data portability cannot be enforced after expiration of the retention period.

PURPOSE OF COLLECTED DATA PROCESSING

User’s personal data are collected to allow the Data Controller to provide its services, as well as for some of the following purposes:

  • Protection against SPAM
  • Contents’ comment
  • Registration and authentication
  • Statistics
  • Interaction based on location
  • Content’s visualization from external platforms
  • Contact the user
  • Management of addresses and sending e-mail
  • Interaction with Social Networks and external platforms

For more information, see the section “In-depth information on the Processing of Personal Data”.

Providing personal data is not compulsory, except for using the contact form or registering on the website where it is required to access certain services.

In the two cases mentioned above, failure to provide the required personal data may block the functioning of the contact form and/or the Registration process. The data provided during the Registration process are not granted to third partes. Their collection is intended only for sending informative e-mail.

Defence in court

User’s personal data may be used by the Data Controller for defence in court or in the stages leading to possible legal acton, from user’s usage abuses or related services.

The user declares to be aware that the Data Controller may be required to disclose data on public authorities’ request.

The types of personal data used for each purpose are provided in the section “In-depth information on the Processing of Personal Data” of this document.

COOKIES

Cookies are pieces of code installed in the browser that assist the Data Controller in providing a service according to the described purposes. In some cases, the installation of cookies may also require the user’s consent.

Technical cookies

These cookies are used to fulfil the navigation or to provide a service requested by the user. They are not used for other purposes and are normally installed directly by the owner of the website. Certain operations might not be performed without such cookies.

To install these cookies users are not required to give their prior consent, while it is compulsory to provide the information pursuant to article 13 of the Code, which the website manager may provide in the ways considered as most appropriate – in case he/she uses only such devices.

Data profiling cookies

These cookies are used to track the users’ web navigation and to create profiles on their tastes, habits, choices, etc. Advertising messages can be transmitted with these cookies to users’ terminal according to the preferences they have already expressed when navigating online.

article 122 of the Code refers to these cookies, where it considers that “the storage of information in a contractor’s or user’s terminal, or the access to information already stored are only allowed under the condition that the contractor or the user has given the consent – after being informed with the simplified arrangements pursuant to article 13, paragraph 3″(art. 122, paragraph 1, of the Code).

The collected data do not identify the user of the website, but they are used only to obtain statistical information about navigation: visited pages, time spent on the website, browser used, geographic data.

In case the user wants to deny cookies installation performed by Google Analytics on his/her terminal, it is possible to install thefollowing additional browser.

USER RIGTHS

The rights of Users

Users may exercise certain rights regarding their Data processed by the Owner.

In particular, Users have the right to do the following:

  • Withdraw their consent at any time. Users have the right to withdraw consent where they have previously given their consent to the processing of their Personal Data.
  • Object to processing of their Data. Users have the right to object to the processing of their Data if the processing is carried out on a legal basis other than consent. Further details are provided in the dedicated section below.
  • Access their Data. Users have the right to learn if Data is being processed by the Owner, obtain disclosure regarding certain aspects of the processing and obtain a copy of the Data undergoing processing.
  • Verify and seek rectification. Users have the right to verify the accuracy of their Data and ask for it to be updated or corrected.
  • Restrict the processing of their Data. Users have the right, under certain circumstances, to restrict the processing of their Data. In this case, the Owner will not process their Data for any purpose other than storing it.
  • Have their Personal Data deleted or otherwise removed. Users have the right, under certain circumstances, to obtain the erasure of their Data from the Owner.
  • Receive their Data and have it transferred to another controller. Users have the right to receive their Data in a structured, commonly used and machine readable format and, if technically feasible, to have it transmitted to another controller without any hindrance. This provision is applicable provided that the Data is processed by automated means and that the processing is based on the User’s consent, on a contract which the User is part of or on pre-contractual obligations thereof.
  • Lodge a complaint. Users have the right to bring a claim before their competent data protection authority.

Details about the right to object to processing

Where Personal Data is processed for a public interest, in the exercise of an official authority vested in the Owner or for the purposes of the legitimate interests pursued by the Owner, Users may object to such processing by providing a ground related to their particular situation to justify the objection.

Users must know that, however, should their Personal Data be processed for direct marketing purposes, they can object to that processing at any time without providing any justification. To learn, whether the Owner is processing Personal Data for direct marketing purposes, Users may refer to the relevant sections of this document.

How to exercise these rights

Any requests to exercise User rights can be directed to the Owner through the contact details provided in this document. These requests can be exercised free of charge and will be addressed by the Owner as early as possible and always within one month.

Users’ Rights regarding Cookies

In addition to what is stated in this document, the user can manage cookies preferences directly within his/her own browser and prevent, for example, third partes from installing them.

Through browser preferences the user can also delete cookies that were installed in the past, including the ones in which the installation consent was saved by this website.

It is important to note that disabling all cookies may mean to compromise the functioning of this website.

It is possible to find information about how to manage cookies in one’s browser at the following addresses:

  • Chrome, type “chrome://settings/content” in the address bar (without quotation marks) and change cookies settings as preferred.
  • Safari, select “Preferences” and then “Privacy”. In the section Block Cookie, specify how Safari has to accept cookies from websites.
  • Internet Explorer: click on “Tools” in the menu bar and then on “Internet Options”. afterwards, access the “Privacy” tab settings to change preferences regarding cookies.
  • Firefox, click on “Tools” in the menu bar and then on “Options”. afterwards, access “Privacy” to change preferences regarding cookies.
  • Safari Mobile, go to “Settings” and then find “Safari” on the lef menu. From here, click on “Privacy and Security” to manage Options on cookies.

To disable cookies from external services it is necessary to operate on their settings.

The following list describes the major services used; for other ones please consult the list of services in the section “In-depth information on the Processing of Personal Data” and access each individual policy to disable cookies:

In-depth information on the Processing of Personal Data

What follows is a detailed explanation of the purposes for which personal data and the services used for their collection can be requested:

Contents’ Comment

This service allows users to formulate and publish their comments about the contents of this website.

Users can leave comments anonymously, depending on the settings chosen by the Data Controller. If there is an e-mail address among the personal data provided by the user, this data can be used to send notifications of comments concerning the same content. Users are responsible for the content of their comments.

In case a third party comment service is installed, it is possible that, even when the users do not use it to comment, the service collects traffic data relating to the pages where the service is installed.

Disqus – Disqus is a contents’ comment service provided by Big Heads Labs Inc. Personal data collected: Cookies and Data regarding Usage. Place of processing: USA – Privacy Policy — Cookie Policy

Facebook Comments– Facebook Comments is a service operated by Facebook Inc. that allows users to leave comments and share them within the Facebook platform. Personal data collected: Cookies and Data regarding Usage. Place of processing: USA – Privacy Policy — Cookie Policy

Commenting system run directly – This website has its own system of contents’ comment. Personal data collected: Surname, Cookies, Data regarding Usage, E-mail, Name and Username.

SPAM Protection

These services analyze this web-site’s traffic, which may contain personal data, and filter parts of the traffic, messages and contents recognized as SPAM.

Akismet – Akismet is a SPAM Protection service provided by Automatic Inc. Personal data collected: various types of data as specified by the privacy policy of the service. Place of processing: USA – Privacy Policy

Registration and authentication

By registering, users allow the website to identify them and give them access to special services.

Registration and authentication services may be provided by third partes. In case they are provided by third partes, this website can access certain data held by the third party service used for Registration or identification.

Facebook Authentication – Facebook authentication is a Registration and authentication service provided by Facebook Inc. and connected to the social network Facebook. Personal data collected: various types of data as specified by the privacy policy of the service. Place of processing: USA – Privacy Policy — Cookie Policy

Direct Registration – The user registers by filling out a Registration form, thus providing personal data directly to this website. Personal data collected: Zip Code, City, Fiscal Code, Surname, Date of Birth, E-mail, Image, Address, Country, Name, Fax Number, Phone number, VAT number, Password, Profession, Province, Company Name, Workplace, Gender, State, Username and various types of data as specified by the privacy policy of the service.

Statistics

These services allow the Data Controller to monitor and analyze traffic data and are used to track the user’s behaviour.

Google Analytics – Google Analytics is a web service of analysis provided by Google Inc. (“Google”). Google uses the personal data collected with the purpose of evaluating the use of this Application, of filling out reports and share them with other services developed by Google. On this website Google Analytics is set up to turn the user’s IP address anonymous. Personal data collected: Cookies and Data regarding Usage. Place of processing: USA – Privacy Policy — Cookie Policy

Interactions based on location

Non-continuous geolocation – The user’s geographical location occurs in a non-continuous way if requested by the user or when the user does not indicate the place where he/she is in the specific entry and does not allow the Application to Automatic detect the position. Personal data collected: Geographic location.

Displaying content from external platforms

These services allow to view contents hosted on external platforms directly from the pages of this website as well as to interact with them.
In case this type of service is installed, it is possible that, even if the users do not use it, the service collects traffic data relating to the pages in which it is installed.

Getty Images widget – Getty Images is a service of images distribution managed by Getty Images Inc. that allows this website to integrate such contents within its pages. Personal data collected: Cookies and Data regarding Usage. Place of processing: USA – Privacy e Cookie Policy

Google Fonts – Google Fonts is a service of font styles displaying run by Google Inc. that allows this website to integrate such contents within its pages. Personal data collected: Cookies and Data regarding Usage. Place of processing: USA – Privacy Policy – Cookie Policy

Video Vimeo – Vimeo is a service of video contents displaying managed by Vimeo, LLC that allows this website to integrate such contents within its pages. Personal data collected: Cookies and Data regarding Usage. Place of processing: USA – Privacy Policy – Cookie Policy

Widget Google Maps – Google Maps is a service of maps displaying run by Google Inc. that allows this website to integrate such contents within its pages. Personal data collected: Cookies and Data regarding Usage. Place of processing: USA – Privacy Policy

Widget Video Youtube – Youtube is a service of video content viewing managed by Google Inc. that allows this website to integrate such contents within its pages. Personal data collected: Cookies and Data regarding Usage. Place of processing: USA – Privacy Policy

Addresses and sending e-mail

These services enable the management of a database containing e-mail, phone or any other types of contacts used to communicate with the user.
They may collect data relating to the date and time the user displays messages, as well as user’s Interaction with them – such as information on the clicking of links included in the messages .

Mailing List or Newsletter

By registering to the mailing list or newsletter, the user’s e-mail address is Automatically added to a list of contacts, to which e-mail messages that contain information related to this website may be sent – including commercial and promotional messages.
The user’s email address may be added to the list as a result of Registration to this website or after having made a purchase.
Personal data collected: Zip Code, City, Surname, Cookies, Date of Birth, Data regarding Usage, E- mail, Country, Name, Phone Number, Profession, Province, Gender and State .

Contact form

By filling out the contact form with personal data, users give consent to their use in response to a request of information, budget estimation, or as stated in the form’s heading. Personal data collected: Zip Code, Surname, Date of Birth, E-mail, Address, Country, Name, Fax Number, Phone number, VAT number, Profession, Province, Company Name, Gender, State and various types of data as specified by the privacy policy of the service.

Mailchimp – Mailchimp is a service of addresses and e-mail sending management provided by Mailchimp Inc. Personal data collected: E-mail. Place of processing: USA – Privacy Policy

Interaction with social networks and external platforms

These services enable the pages of this website to directly interact with social networks or other external platforms.

Interactions and information acquired by this website are in any case subject to the user’s privacy settings related to each social network.

In case a service of Interaction with social networks is used, it is possible that, even if users do not use it, the service collects traffic data about the pages in which it is installed.

Button +1 and Google+ social widgets – Button +1 and Google+ social widgets are services of Interaction with the social network Google+ provided by Google Inc. Personal data collected: Cookies and Data regarding Usage. Place of processing: USA – Privacy Policy – Cookie Policy

Button and social widgets of Linkedin – The button and social widgets of Linkedin are services of Interaction with the social network Linkedin, provided by Linkedin Inc. Personal data collected: Cookies and Data regarding Usage. Place of processing USA – Privacy Policy – Cookie Policy

Like button and social widgets of Facebook – The “Like” button and social widgets of Facebook are services of Interaction with the social network Facebook, provided by Facebook Inc. Personal data collected: Cookies and Data regarding Usage. Place of processing: USA – Privacy Policy – Cookie Policy

Tweet button and social widgets of Twitter – The Tweet button and social widgets of Twitter are services of Interaction with the social network Twitter, provided by Twitter Inc. Personal data
collected: Cookies and Data regarding Usage. Place of processing: USA – Privacy Policy – Cookie Policy

“Pin it” button and social widgets of Pinterest – The “Pin it” button and social widgets of Pinterest are services of Interaction with the Pinterest platform, provided by Pinterest Inc. Personal data collected: Cookies and Data regarding Usage. Place of processing: USA – Privacy Policy

Additional information on data processing

System log and maintenance

Out of necessities related to functioning and maintenance, this website and any third party services it uses may collect system Log – these are files that record interactions, which may also contain personal data, such as the user’s IP address.

Information not included in this policy

In relation to the processing of personal data, further information can be requested to the Data Controller by using the contact information mentioned above.

Changes to the privacy policy

The Data Controller reserves the right to make changes to this privacy and cookie policy at any time by notifying users of this page. Therefore, please check this page often and use as reference the date of last modification indicated below. In case users do not accept the changes to privacy and cookie policy, they have to stop using this website and, if considered appropriate, require that the Data Controller removes their personal data. Unless otherwise specified, the previous privacy and cookie policy will continue to be applied to personal data collected until this moment.

Definitions and legal references

Personal Data (or Data)

Any information regarding a natural person, a legal person, an institution or an association, which is, or can be, identified, even indirectly, by reference to any other information, including a personal identification number.

Usage Data

Information collected automatically through this Application (or third-party services employed in this Application), which can include: the IP addresses or domain names of the computers utilized by the Users who use this Application, the URI addresses (Uniform Resource Identifier), the time of the request, the method utilized to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the server’s answer (successful outcome, error, etc.), the country of origin, the features of the browser and the operating system utilized by the User, the various time details per visit (e.g., the time spent on each page within the Application) and the details about the path followed within the Application with special reference to the sequence of pages visited, and other parameters about the device operating system and/or the User’s IT environment.

User

The individual using this Application, which must coincide with or be authorized by the Data Subject, to whom the Personal Data refers.

Data Subject

The legal or natural person to whom the Personal Data refers.

Data Processor (or Data Supervisor)

The natural person, legal person, public administration or any other body, association or organization authorized by the Data Controller to process the Personal Data in compliance with this privacy policy.

Data Controller (or Owner)

The natural person, legal person, public administration or any other body, association or organization with the right, also jointly with another Data Controller, to make decisions regarding the purposes, and the methods of processing of Personal Data and the means used, including the security measures concerning the operation and use of this Application. The Data Controller, unless otherwise specified, is the Owner of this Application.

This Application (web site)

The means by which the Personal Data of the User is collected and processed.

Cookies

Small sets of data stored in the User’s device.

How to manage the cookies and oppose to their use

Please follow the instructions provided by your browser’s producer to discover how to manage, disable or remove all the cookies (technical, analytics and profiling):

Explorerhttps://support.microsoft.com/en-us/kb/196955/it
Chromehttps://support.google.com/chrome/answer/95647?hl=it
Firefoxhttps://support.mozilla.org/it/kb/Attivare%20e%20disattivare%20i%20cookie
Safarihttps://support.apple.com/kb/PH17191?locale=it_IT
Operahttp://help.opera.com/Windows/10.00/it/cookies.html


Legal information

Notice to European Users: this privacy statement has been prepared in fulfillment of the obligations under Art. 10 of EC Directive n. 95/46/EC, and under the provisions of Directive 2002/58/EC, as revised by Directive 2009/136/EC, on the subject of Cookies and Directive 2016/679/EC (GDPR -GENERAL DATA PROTECTION REGULATION) .