Privacy policy
PRIVACY POLICY PURSUANT TO AND FOR THE PURPOSES OF ART. 13 REGULATION (EU) 2016/679
We provide below the information referred to in Art. 13 GDPR with regard to the processing of the personal data provided by the user (hereinafter ‘Data Subject’) in order to use the online services (hereinafter ‘Service’ or ‘Services’) made available by the Ministry of Culture through this Portal.
DATA CONTROLLER AND DATA PROTECTION OFFICER
The Data Controller is the Ministry of Culture and the relative functions are performed by the Director General of Museums, pursuant to Art. 2(2) of Ministerial Decree 147 of 2019.
All instances and requests relating to the processing of personal data concerning you may be addressed to the Data Controller or Data Processor indicated above, at the following addresses: Direzione Generale Musei, via di San Michele, 22 - 00153 Rome, dg-mu@cultura.gov.it
the Data Controller has appointed its own Data Protection Officer, who can be contacted for issues concerning the processing of personal data at the above address or by e-mail at rpd@cultura.gov.it
LEGAL BASIS FOR PROCESSING
For the purpose of finalising the purchase of museum admission tickets, personal data are processed for the execution of the contract, pursuant to Art. 6(1b) of the GDPR.
The administration undertakes to check periodically the lawfulness of its processing according to the provisions of current legislation and future amendments/additions by the competent authorities.
PURPOSES OF PROCESSING
Personal data are processed (including their registration in the records) exclusively for the following purposes:
- Registration and creation of accounts;
- Sale of admission tickets;
- Booking notices and reminders.
CATEGORIES OF DATA PROCESSED AND HOW THEY ARE PROVIDED
Data subjects provide their personal data directly when registering on the platform.
Specifically, the administration will process the following personal data:
- First and last name;
- E-mail address.
The only personal data processed will be the date you provide when purchasing a ticket.
Your personal data are processed by means of computerised media and by personnel formally appointed by the Data Controller for the operations deemed necessary to fulfil the aforementioned purposes.
Failure to provide these data will make it impossible for the Data Subject to complete the registration on the Portal for the use of the Services.
RECIPIENTS OF PERSONAL DATA
Personal data are only processed by:
- personnel authorised by the Data Controller designated by specific deed of appointment, previously trained and having received the relevant instructions;
- external entities appointed by the Data Controller as Data Processors pursuant to Article 28 of the GDPR;
- public or private entities only where required by law.
DATA RETENTION PERIOD
Personal data shall be processed in compliance with the principle of 'storage limitation' under Art. 5 (1e) of the GDPR.
Personal data are stored by the Data Processors for one year, starting on 31 December of the year following registration on the platform, after which they are deleted.
In the event of deletion, exclusion or disabling due to non-use of your account, the data shall be retained for administrative purposes for a period not exceeding one year, without prejudice to any specific legal obligations on the retention of accounting records or for the purposes of public security.
RIGHTS OF THE DATA SUBJECT
The data subject has the right to exercise the rights set out in Articles 15-22 GDPR, in particular:
- To obtain access to their personal data in the cases provided for;
- To obtain confirmation as to whether or not personal data concerning them are being processed and the communication of such data in intelligible form;
- To obtain from the Data Controller or Data Processor:
- information on the origin of the personal data, the purposes and methods of processing, and the logic applied in the case of processing by electronic means;
- indication of the identification details of the Data Controller and of the Data Processors, as well as, where applicable, of the representative designated by a foreign entity to process the data in Italy;
- To obtain:
- the updating, rectification or completion of incomplete data concerning them;
- the erasure, transformation into anonymous form or restriction of data processed in breach of the law, including data whose retention is necessary for the purposes for which the data were collected or subsequently processed;
- certification to the effect that the operations referred to in the preceding points have been brought to the attention, also as regards their content, of recipieants to whom the data have been disclosed, unless this proves impossible or involves disproportionate effort in relation to the protected right;
- To object, in whole or in part:
- for legitimate reasons, to the processing of data concerning them, even if they are relevant to the purpose of their collection;
- to the processing of their personal data for the purposes of commercial information or sending advertising or direct sales material or for market research or commercial communication.
These rights can be exercised by sending a request to the Data Controller or the Data Protection Officer at the above-mentioned contacts.
RIGHT TO LODGE A COMPLAINT
Data subjects who consider that personal data concerning them are being processed in breach of the provisions of the Regulation have the right to lodge a complaint with the Italian Data Protection Authority, as provided for in Art. 77, or to take appropriate legal action (Art. 79).
This privacy policy is effective as of 02/09/2024.
COOKIE POLICY
INTRODUCTION
Our website https://museiitaliani.it/ (hereinafter: the ‘Site') uses cookies and other related technologies (for convenience, all the technologies are referred to as 'cookies').
Whilst browsing the Site, you may also receive cookies on your terminal device that are sent from different sites or web servers (known as 'third parties'), including providers such as Google for analytical and advertising services.
In the document below we inform you about the use of cookies on our Site.
WHAT ARE COOKIES?
A cookie is a small amount of data that, in the form of an anonymous unique code, is sent to your browser from a web server and then stored on the hard drive of your computer, smartphone and/or tablet. Cookies can serve either to enable the correct use of a website (technical cookies), or to create browsing profiles of users in order, in general, to display advertising messages in line with their interests (‘profiling cookies). Cookies can be stored on the device permanently with a variable duration (persistent cookies) or disappear when the browser is closed or have a limited duration (session cookies).
WHAT COOKIES DOES THIS SITE USE AND FOR WHAT PURPOSES?
The Site uses the following cookies:
Navigation cookies
These cookies ensure the normal browsing and use of the Site and allow content to be displayed in the user’s language and for their market from the first visit. They are able to recognise which country you are connecting from and ensure that, each time you visit the Site, you are automatically directed to the version for your country. They also enable you to create an account, log in and manage orders. If you are a registered user, cookies enable the Site to recognise you when you log in to the services offered to registered users. These cookies will recognise if you make purchases on the Site via an affiliated or partner site, in order to allow the fulfilment of obligations towards the partner sites. In other words, these cookies are necessary for the Site to function properly.
Functional Cookies
These cookies enable the Site to recognise the user, upon request (expressed, for example, by clicking on 'Remember me next time'), every time they log in to the Site, so that they don’t have to re-enter their details each time. These cookies are not essential for the functioning of the Site, but they improve the quality and browser experience.
Analytical Cookies
The Site uses first-party analytical cookies that are only used by the Site operator to, for instance, estimate the number of unique visitors and for purely monitoring purposes, such as to identify the main search engine keywords leading to an institutional web page or to identify site navigation problems.
This data does not allow the user to be personally identified because it is automatically 'anonymised' before being processed by the web access statistical analysis software.
HOW TO CHANGE YOUR COOKIE SETTINGS
You can configure your browser to accept all cookies, reject all cookies or notify you when a cookie is imported. Each browser has specific instructions on how to manage cookies:
Please note that our Site may not function properly if all cookies are disabled. If you delete cookies in your browser, they will be placed on your device again if you give your permission the next time you visit our Site.
DATA CONTROLLER
In accordance with Art. 4 of the GDPR, the Data Controller is the Ministry of Culture, in the person of the Director General of Museums, in accordance with Art. 2 paragraph 2 of Min. Decree 147 of 2019.
Direzione Generale Musei, via di San Michele, 22 - 00153 Rome, dg-mu@cultura.gov.it
SCOPE OF TRACEABILITY, TRANSFER AND DISSEMINATION OF DATA
The data acquired using cookies are processed by employees and collaborators of the Data Controller, in their capacity as Data Processors or in any case persons authorised to process the data who provide technical and organisational services, in their capacity as data processors.
RIGHTS OF THE USER
At any time, users may:
- request and obtain the deletion, transformation into anonymous form, copy, updating, rectification or completion of their data.
- object to the processing of their personal data for commercial and marketing purposes;
- object, for legitimate reasons, to their processing for other purposes;
- request the restriction of processing of data concerning them,
- exercise— where possible—the right to data portability;
- file a complaint with the supervisory authority;
- withdraw the consent previously given.
In order to assert your rights, in addition to the use of the tools described above, you may send a request in writing to the Data Controller's address or via e-mail to the Data Protection Officer (rpd@cultura.gov.it).