This page describes how the website www.cinecittaevents.it. processes the personal data of its users. This advisory notice, pursuant to the Regulation (EU) 2016/679 of the European Parliament and Council concerning the protection of individuals with regard to the processing of personal data and also the free circulation of those data on the internet (see the Regulation below), regards the use of the services provided on our website. This notice is not applicable to other websites, that may potentially be consulted through clicking on the links provided on our website, for which Istituto Luce- Cinecittà s.r.l. cannot be considered responsible in any way.
The Controller of the personal data collected from the website is Istituto Luce – Cinecittà S.r.l., domiciled in Via Tuscolana, 1055 – 00173 Rome.
DATA PROTECTION OFFICER
The Data Protection Officer can be contacted at this email address: firstname.lastname@example.org.
LOCATION, PURPOSE AND TRANSFER OF DATA
The data processing deriving from the web services of this website is situated in the company headquarters and handled by the employees and consultants of Istituto Luce – Cinecittà S.r.l. charged with this task. Data collected from the website may be communicated to those responsible for site management, to technological and supply partners used by the Data Controller to provide user-requested services, and to those with the right to access that data as outlined in the law and secondary legislation. Personal data supplied by users when sending requests for material (e.g. information requests, answers to questions, etc.) or other communications are used solely to carry out the specific service or performance and are transferred to third parties only when strictly necessary.
DEFINITION AND TYPE OF PERSONAL DATA PROCESSED
During the normal functioning of the IT systems and software procedures that operate the website, some personal data is acquired, whose transmission is implicit when web communication protocols are used.
This information is not collected in order to be associated with the identified parties although, by its very nature, it could allow user identification through processing and the association with third-party data.
This data category includes the IP addresses and/or domain names of the computers used to visit the website, the addresses of requested resources (Uniform Resource Identifier (URI), the time of request, the submission method of the request to the server, the size of the file received in response, the numerical code identifying the answer given by the server (successful, error, etc.) and other parameters concerning the operative system and the user’s IT environment.
These data are used only to obtain anonymous statistical information about the use of the website and to monitor its correct function and are cancelled immediately after processing. The data might also be used to ascertain responsibility in case of theoretical IT crimes against the website.
Data provided intentionally by the user
The explicit and intentional sending of emails to the addresses provided on this website entails the subsequent acquisition of the sender’s address, which is required to respond to the requests, and any other personal data included in the message.
Specific summary information will be successively reported or visualized on the website pages dedicated to certain services on request.
OPTIONAL DATA TRANSFER
Separate to the specifications regarding data for navigation, the user is free to provide personal data to utilize services offered by the company. The non-transferral of data may impede the use of the requested service.
PROCESSING METHODS, DATA STORAGE AND LEGAL GROUNDS
Personal data processing will be carried out with manual and/or automated tools, in accordance with the guidelines of the Regulation. The personal data collected will be stored for the time necessary to carry out its purpose, except in the case of different requirements outlined by legislation. Following this, the personal data will be cancelled.
The personal data processed will be stored, using the appropriate and preventative security measures, with the intention of reducing to a minimum the risk, even accidental, of data loss or destruction, of unauthorised access to the data, or processing without consent or that does not comply with the purpose of its collection.
The legal grounds for the processing of personal data is to enable services or respond to requests by the user.
THE RIGHTS OF THE PARTY CONCERNED
You may exercise your rights regarding personal data processing as outlined in the Regulation, at any time, by contacting email@example.com.
In particular, you may request the following:
- To access your personal data, obtaining information about the purposes of the personal data processing by the Data Controller, the types of data being processed, who the data is shared with, the applicable storage length of the data, the existence of automated decision making processes, including profiling, and, in such cases at least, significant information about the logic applied, in addition to the importance and subsequent consequences for the interested party, where not already indicated in this advisory notice;
- To obtain the immediate correction of incorrect personal data connected to the interested party;
- To restrict or object to the processing of personal data, in accordance to legislation applicable in the specific case;
- You are also entitled to file complaints to the EU Data Protection Authority.
Requests to the Data Controller or the officer handling the specific processing may be communicated by email to the address above, certified email to the address above and also by registered letter to Via Tuscolana n. 1055, 00178 Rome, including documentation of the request and proof of the legitimate profiles of the user making the request.