Privacy policy
Introduction
This document sets out the rules governing the management of the Ferrara Provincial Tourism Portal, with specific reference to the processing of personal data belonging to users who visit the site. This privacy notice, provided in accordance with Articles 13 and 14 of Regulation (EU) 2016/679, is intended for users and visitors who interact with the following institutional website managed by the Municipality of Comacchio: www.ferrarainfo.com
This policy has been updated in accordance with the regulations on cookies and, in particular, with the Provision of the Italian Data Protection Authority of 8 May 2014, “Identification of simplified procedures for the provision of information and the acquisition of consent for the use of cookies”, as well as the subsequent “Clarifications regarding the implementation of the legislation on cookies” of 5 June 2015.
This policy concerns exclusively the management of the above-mentioned website, in relation to the processing of the personal data of users/visitors who consult it. It does not extend to external websites that may be accessed via links on the institutional website.
The Organisation undertakes to respect and protect your privacy by processing the personal data you provide in accordance with the provisions of the law designed to ensure the security, accuracy, up-to-date nature and relevance of the data in relation to the stated purposes.
We would also like to inform you, as detailed below, that the processing of users’ personal data serves two distinct purposes:
a) Processing necessary for the website to function
This processing takes place automatically, as it is necessary for the web pages to function correctly and to ensure the security of the service. The IT systems and applications dedicated to the operation of the website, in fact, acquire, during their normal operation, certain personal data whose transmission is implicit in the use of Internet communication protocols; this is information that is not collected to be associated with identified data subjects, but which by its very nature could, through processing and association with data held by third parties, allow users/visitors to be identified. This category includes, for example:
- the IP address,
- technical browsing logs,
- information about the device or browser used.
This data is collected without the user having to do anything, and is essential for viewing the website, preventing misuse, detecting anomalies and ensuring the proper functioning of the IT infrastructure.
b) Any processing initiated by the user
This processing takes place only if the user voluntarily decides to provide their data, for example:
- when filling in a contact form,
- when submitting a request,
- when using an online service that requires identification or contact details.
In these cases, the data is processed solely to respond to the request or to provide the selected service; it will be disclosed to third parties only where this is strictly necessary and functional to that purpose, in accordance with the specific information notices provided pursuant to Regulation (EU) 2016/679. The data is processed by staff specifically appointed to handle data processing, only where such processing is necessary for the performance of their assigned duties.
Parties involved in data processing
- Data controller
The data controller is the Municipality of Comacchio, with registered office at Piazza Folegatti 15, Comacchio (Fe).
- Data Protection Officer (DPO)
The DPO appointed by the Municipality of Comacchio is the company Boxxapps S.r.l., with registered office at Viale della Stazione, No. 2, 30020 – Marcon (VE). The contact details are as follows:
- telephone: 0413090915;
- e-mail:dpo@boxxapps.com
It should also be noted that certain personal data processing operations will also be carried out by third parties to whom the Organisation entrusts the management and maintenance of the website. In such cases, these third parties will be appointed as Data Processors in accordance with Articles 4(8) and 28 of Regulation (EU) 2016/679. At any time, the data subject may request from the Data Controller a complete list of the Data Processors appointed from time to time who are involved in the processing of data for the purposes set out in this policy.
Methods of processing
Personal data is processed using automated means (e.g. electronic procedures and media) and/or manually (e.g. on paper) for the time strictly necessary to achieve the purposes for which the data was collected and, in any event, in accordance with the relevant regulations in force.
Data processing will also be carried out using organisational and processing methods strictly related to the purposes themselves and, in any case, in such a way as to guarantee the security, integrity and confidentiality of the data in accordance with the organisational, physical and logical measures provided for by current regulations.
Voluntary provision of data
Apart from the browsing data required for the website to function, as specified above, you are free to provide the personal data necessary to fulfil your specific requests. Failure to provide such data may make it impossible to fulfil your request.
For the sake of completeness, it should be noted that in certain cases (not falling within the scope of the ordinary management of this website), judicial authorities may request certain types of data. In such cases, the Organisation is, of course, obliged to disclose such data to the aforementioned authorities.
Data provided voluntarily by the user
The optional, explicit and voluntary sending of emails to the addresses listed on this website entails the subsequent collection of the sender’s email address, which is necessary to respond to enquiries, as well as any other personal data included in the same enquiry. The optional, explicit and voluntary registration via specific web forms on our website entails the subsequent collection of all data entered in the fields completed by the user; processing, in accordance with the specific privacy notices provided for each individual form, is carried out exclusively for the purposes of the Organisation’s institutional activities.
Newsletter
Subscribing to the newsletter necessarily involves the processing of subscribers’ personal data, which will be carried out using both manual and automated procedures; in the former case, processing operations will be carried out exclusively by specifically designated employees. Please note that the specific privacy notice regarding the processing of personal data for the provision of the newsletter service can be accessed from this section of the institutional website and will also be made available in the form provided for subscribing to the service itself. If, after subscribing, you no longer wish to receive communications via the newsletter, simply click on the links provided to unsubscribe.
Cookie policy
What they are and why they are collected.
A ‘cookie’ is a small text file created by some websites to store information on the user’s computer when they access the site. Cookies are sent from a web server to the user’s browser and stored on the user’s computer; they are then sent back to the website during subsequent visits.
Cookies can be “installed” (more precisely, stored and accessed) not only by the operator of the website visited by the user (first-party cookies), but also by a different website that “installs” cookies via the first website (third-party cookies) and is able to recognise them. This happens because the website visited may contain elements (images, maps, sounds, links to web pages on other domains, etc.) that reside on servers other than that of the website visited.
Depending on their purpose, cookies are classified as technical cookies and profiling cookies.
Technical cookies are “installed” solely for the purpose of “carrying out the transmission of a communication over an electronic communications network, or to the extent strictly necessary for the provider of an information society service explicitly requested by the subscriber or user to provide that service” (see Article 122(1) of Legislative Decree 196/2003 – the so-called Privacy Code – as amended by Legislative Decree 69/2012).
They are usually used to enable efficient navigation between pages, store user preferences (e.g. font size, language, country, etc.), store information on specific user configurations, manage user authentication, etc. Some of these cookies (known as strictly necessary cookies), such as session cookies used to manage the shopping basket on e-commerce sites, enable functions without which certain operations would not be possible. Pursuant to the aforementioned Article 122(1) of the Privacy Code, the use of technical cookies does not require users’ consent. So-called ‘analytics’ cookies, which are used to monitor how users interact with the website for the purpose of optimising it, are treated in the same way as technical cookies (and, consequently, their installation does not require users’ consent or any further regulatory compliance) – provided they are used directly by the first-party website (and therefore without the involvement of third parties), as well as analytical cookies created and made available by third parties and used by the first-party website for purely statistical purposes, provided that appropriate measures are taken to reduce their identifying power (for example, by masking significant portions of the IP address) and the third party expressly undertakes not to “cross-reference” the information contained in such cookies with other data in its possession.
Profiling cookies are used to track the user’s browsing activity and analyse their behaviour in order to create personalised profiles. These cookies enable the sending of targeted advertising messages, in line with the preferences expressed by the user whilst browsing the internet.
The installation of profiling cookies on the user’s device is permitted only upon the provision of free, specific and informed consent, collected in accordance with the procedures set out in the Data Protection Authority’s Provision on cookies and subsequent guidelines.
Depending on their duration, cookies are classified as persistent or session cookies.
Persistent cookies remain stored on the user’s device until they expire, unless the user deletes them; session cookies are not stored permanently on the user’s device and are deleted when the browser is closed. Profiling cookies are usually persistent cookies.
Types of cookies used
The tourism portal for the province of Ferrara uses:
- technical cookies;
- analytics cookies;
- third-party cookies.
No profiling cookies are used: no personal data collected by this site whilst users are browsing is used to send advertising messages tailored to the preferences expressed by the user whilst browsing the internet.
Technical cookies
These are cookies that are necessary to enable navigation on the portal and to use various functions and services requested by users.
The use of these cookies allows the website operators, for example, to enhance the security of the service requested by the user by blocking access following repeated failed login attempts to a restricted area, or to remember preferences, such as language, regarding the web pages visited.
Third-party cookies
When visiting this site, you may also receive cookies from sites managed by other organisations, known as “third parties”. For example, third-party cookies may be transmitted when you interact with sharing plugins or social media authentication. Some of these features are described in more detail below.
Google Analytics cookies
The Organisation uses a web analytics service, Google Analytics, provided by Google Inc.
These cookies primarily collect information on how users interact with the institutional website. They may be either session cookies (e.g. they are deleted when the browser is closed) or persistent cookies.
The information is transmitted from users’ browsers to Google’s servers.
With regard to the protection of users’ personal data, it should be noted that Google Inc. has adhered to the protocol known as the Data Privacy Framework (EU-US Data Privacy Framework) agreed between the European Union and the United States, which establishes standards and parameters for the adequacy of the level of protection guaranteed by organisations based in the United States of America.
Further information on the Data Privacy Framework is available on the website of the Italian Data Protection Authority (https://www.garanteprivacy.it/temi/trasferimento-di-dati-all-estero).
With specific reference to the Analytics service, Google has also made available to users a dedicated guide, which provides detailed information on privacy and the protection of personal data (http://www.google.com/intl/en/analytics/privacyoverview.html).
Users can opt out of being tracked by this service by installing a browser add-on to disable Google Analytics (https://tools.google.com/dlpage/gaoptout?hl=it).
This data does not allow this website to personally identify the user: all data collected is anonymised and analysed in aggregate form.
Specifically, the cookies relating to the Google Analytics service described above are as follows:
_UTMA Records the number of unique visits, the time of the first visit and the time of the previous visit
_UTMC Records the duration of users’ browsing on the website
GA Cookie used to recognise the user
UTMX Used to determine whether a user is included in an experiment and to test which version of a landing page produces the best results in terms of conversions (e.g. completed actions measured as goals) or a specific metric
NID, PREF Records user preferences and information each time they visit web pages containing a Google service
_UTMZ Records where the visitor comes from, which search engine was used, which link was clicked, which keyword was used, and from which part of the world they are accessing the site
For further information on the collection, storage and use of users’ personal data by Google, acting as a third party in accordance with current legislation, please consult Google’s privacy policy at the following link: http://www.google.com/intl/it/policies/privacy/
Use of social media plug-ins
This website incorporates certain social media plug-ins, specifically Facebook, Twitter, Google, Flickr, Pinterest and Instagram, to allow users to publicly share content from the portal that they find interesting. When a user visits a page on this website, the plug-ins establish a direct connection between the user’s browser and the social media platforms. Through this connection, the social networks collect certain information about the user, such as their IP address, the date and time of the visit, the browser used, etc. Furthermore, if the user is logged in (and therefore authenticated) to one of these social networks, the information collected may be linked to their social media profile. This website, however, does not collect any of the information that is transmitted to the social network via the plug-in.
For further information on the plug-ins used, please refer to the following links:
- Facebook: http://www.facebook.com/help/social-plugins/
- Twitter: http://dev.twitter.com/
- Google: https://developers.google.com/+/web/buttons-policy?hl=en
- Pinterest: https://help.pinterest.com/it/articles/website-widgets
The Portal has no control over the cookies installed by the social networks listed above, which are defined as third-party cookies. Therefore, to enable users to understand the methods and purposes of the processing of user information by third parties, the following links to the privacy policies and consent forms provided by the third parties are provided:
- Facebook privacy policy: http://www.facebook.com/about/privacy/
- Twitter privacy policy: https://twitter.com/privacy
- Google privacy policy: http://www.google.com/intl/it/policies/privacy/
- Flickr: http://info.yahoo.com/privacy/us/yahoo/
- Instagram: http://instagram.com/about/legal/privacy/#
It is reiterated that, in accordance with Article 122 of the Personal Data Protection Code and the provision issued by the Italian Data Protection Authority regarding the “Identification of simplified procedures for providing information and obtaining consent for the use of cookies” dated 8 May 2014, published in the Official Gazette No. 126 of 3 June 2014, the Ferrara Provincial Tourism Portal may install in users’ browsers the technical cookies essential for the proper functioning of a website, as well as the analytics and functionality cookies described above, since these are treated by the legislation as equivalent to technical cookies, without the users’ prior consent, without prejudice to the obligation to provide information pursuant to Article 13 of Legislative Decree 196/2013.
How to disable cookies
You can disable cookies by changing your browser settings, for example:
- Firefox
- Internet Explorer
- Chrome
- Safari
- Safari (iOS)
Some browsers have specific features that allow you to block third-party cookies.
If the browser you are using is not listed above, select the ‘Help’ function in your browser to find information on how to proceed.
Enable ‘private browsing’ mode
Using this feature, now available in all browsers, you can browse the internet without saving any information about the websites and pages you visit.
However, even with this feature enabled, browsing data is still recorded and stored by website operators and internet service providers.
Delete cookies directly
Almost all browsers now allow you to delete all stored cookies.
For further instructions, please consult your browser’s help section or visit one of the following links:
- Internet Explorer: http://windows.microsoft.com/it-IT/internet-explorer/delete-manage-cookies#ie=ie-9
- Mozilla Firefox: https://support.mozilla.org/it/kb/Eliminare%20i%20cookie
- Google Chrome: https://support.google.com/chrome/answer/95647?hl=it&ref_topic=3421433
- Safari (iOS): http://support.apple.com/kb/HT1677
However, cookies will be reinstalled each time you browse the site; for this reason, we recommend that you perform this operation periodically or use automated functions to delete cookies regularly.
Links to external sites
This website contains hyperlinks (i.e. tools that allow users to access a web page on another site): the external sites accessible via links on this website are developed and managed by parties over which the Portal has no ownership or control, and the Portal is in no way responsible for their content, quality, accuracy or the services offered. Visiting and using the websites accessed by the user from this site via links is therefore entirely at the user’s own discretion and responsibility. As specified above, this policy therefore applies solely to the Ferrara Provincial Tourism Portal and not to any other websites that the user may access via links.
Rights of data subjects
The data subject has the right at any time to request from the Data Controller access to their personal data, the rectification of such data if it is inaccurate, and its erasure. The data subject may also request the restriction of processing concerning them and may object to such processing where it is carried out unlawfully. The relevant request regarding the exercise of the aforementioned rights may be submitted to the undersigned Data Controller or to the designated Data Protection Officer, at the contact details provided above (pursuant to Articles 15 et seq. of Regulation (EU) 2016/679). The data subject also has the right to lodge a complaint with the competent supervisory authority, the Italian Data Protection Authority.
In order to simplify the submission process and reduce response times, please submit the requests referred to in the previous paragraph to the Municipality of Comacchio in writing to the certified email address comune.comacchio@cert.comune.comacchio.fe.it
Requests referred to in Article 7, paragraphs 1 and 2 of the Code may also be made orally.
This Privacy Policy is subject to updates.
