Privacy policy for the processing of the users' personal data

Privacy Policy

Pursuant to the principles of fairness, lawfulness, transparency, protection of confidentiality and the rights of the data subject regarding the processing of their data, in accordance with art. 13 of EU Regulations No. 2016/679, the following information is provided.

DATA CONTROLLER

The data controller for the processing is AZIENDA PER IL TURISMO DELLA VALLE DI FIEMME SOC.CONS.R.L. with registered office inVIA FRATELLI BRONZETTI, 60 - 38033 CAVALESE (TN), phone +39 0462/241111, E-mail privacy@visitfiemme.it, PEC aptvaldifiemme@pec.it.

DATA PROTECTION OFFICER

The Data Protection Officer appointed, pursuant to art. 37 of Regulations No. 2016/679, may be contacted at the following e-mail address: dpo@studiogadler.it.

PURPOSE AND LEGAL BASIS OF THE PROCESSING

The personal data provided may be processed for the following purposes:

  • carrying out the activity of promoting tourism in the territory
  • tourist information and assistance services
  • brokerage and booking of services and tourist packages constituted by Trentino regional products
  • fulfilling a request made by the data subject
  • registration and participation in events organized and/or sponsored by the data controller
  • participation in competitions organized and promoted by APT Valle di Fiemme
  • provision of information and recommendations, travel planning, organization of custom-made trips
  • forwarding electronic communications with informative and/or promotional content
  • any obligations required by law and/or by the Public Safety Authority
  • any exercise of the rights of the data controller (e.g. right of defense before court).


The legal basis of the processing is based on the implementation of the services requested by the data subjects/users and related obligations, on art. 130, paragraph 4 of Legislative Decree No. 196/2003 and the legitimate interest of the data controller. Only with prior express and separate consent the data may be processed for forwarding electronic communications (newsletters) with commercial content in relation to services and promotional initiatives offered by the data controller. The legal basis of the processing is based on the explicit and free consent of the data subject.

METHODS OF DATA PROCESSING AND DECISION-MAKING OR PROFILING PROCESS

The processing will also be carried out by using electronic and/or automated tools, to which only authorized parties may have access, in full compliance with the provisions of current legislation. The data controller does not use in any way decision-making processes aimed at profiling personal data

DATA RECIPIENTS OR CATEGORIES OF RECIPIENTS

The data will be processed by employees and other parties authorized to process the data used by the Data Controller for performing its activities and by third parties performing outsourcing activities on behalf of the Data Controller as external Data Protection Officers.

DATA PROCESSING LOCATION

Personal data will generally be processed within the European Union. At times, however, the use of some services by the Data Controller may require the transfer of personal data to the United States. Said data processing is lawful pursuant to Article 46 and/or 49 of EU Regulation 2016/679 or, if necessary, the prior explicit consent of the interested parties.
Should it become necessary, the Data Controller will have the right to move the location of its IT archives to other countries outside Europe, immediately ensuring that the transfer of data from outside the EU will only be made in countries able to offer a level of protection adequate to the standards provided by the regulations in force.

PROVISION OF DATA

The provision of data is optional, however, failure to provide the data necessary to perform the requested service will make it impossible to implement the service.

STORAGE PERIOD

The data will be processed for the period deemed strictly necessary to fulfill the aforementioned purposes in compliance with the provisions of current legislation, unless expressly revoked by the data subject

RIGHTS OF THE DATA SUBJECTS WITH REFERENCE TO THE DATA PROCESSING

Pursuant to articles 15, 16, 17, 18, 19, 20, 21, and 77 of the EU Regulations, we inform the data subjects that:

  • they have the right to request access personal data, their rectification, deletion or limitation of the processing concerning them or to oppose their processing, and the transfer to another data controller in the cases specified
  • any rectification, deletion or restriction of processing carried out at the request of the data subject - unless this is impossible or involves a disproportionate effort - will be communicated by the underwriter to each of the Data Processing Officers to which the personal data were transferred
  • has the right to lodge a complaint with the Data Protection Authority for the protection of personal data, following the procedures and instructions published on the official website of the Authority on www.garanteprivacy.it. Exercising the rights is not subjected to any formal constraint and is free of charge.

Privacy policy updated on 03/12/2019.