Privacy Policy

Pursuant to Article 13 of Regulation (EU) 2016/679 on the protection of individuals with regard to the processing of personal data and Recommendation No. 2/2001 concerning minimum requirements for the collection of data online in the EU

1. Data controller
The data controller is the Azienda Musei Provinciali acting through (MUSEO)

Azienda “Musei provinciali”
Museo Provinciale di Castel Tirolo
Via del Castello 24
I-39019 Tirolo (BZ)
Tel. +39 0473 220 221
Email: info@casteltirolo.it
Visite guidate: guide@casteltirolo.it
Posta certificata: st.mct@pec.prov.bz.it
Part. IVA: 02 383 790 215

Data Protection Officer (DPO)
The contact details of the Data Protection Officer (DPO) are as follows:
Renorm Srl
Telephone number: 0471/1882777 (Renorm)
E-mail address: renorm@legalmail.it

This privacy policy is intended to provide information about the processing, purposes, methods and, in general, the management of the data collected through the website www.schlosstirol.it (hereinafter, for brevity, the Website). This privacy policy relates solely to this Website, excluding further pages that can be visited via links.

2. Purpose of processing and legal basis
The data controller guarantees within the framework of the statutory provisions that the processing of personal data through our Website is carried out with due regard to the fundamental rights and freedoms and the dignity of the data subject concerned, with particular reference to confidentiality, personal identity and the right to protection of personal data.
In compliance with the conditions of lawfulness set out in Article 6 of GDPR 2016/679, the personal data you provide through the Website may be processed exclusively for the following purposes:
a) Newsletter subscription
The data subject has given his or her explicit consent to the processing of such personal data for one or more specific purposes […] – Art. 6(1)(a) GDPR 2016/67).

3. Categories of the processed personal data
For the above-mentioned purposes, mainly the following may be processed:
a. personal data of a common nature (e.g. first name, surname, telephone number and e-mail address)

4. Treatment modalities
The processing will be carried out as follows_
a. only authorised personnel will carry out processing activities;
b. through the use of manual and electronic systems;
c. by authorised personnel to perform such tasks under the law;
d. with the use of appropriate organisational and technical measures to guarantee the confidentiality of the data and prevent access to them by unauthorised third parties.
Your data will not be included in automated decision-making processes

5. Period of retention of personal data
The data you provide will be kept for the period strictly necessary for the pursuit of the purpose or until you revoke your consent.

6. Dissemination and communication of personal data
Your personal data will not be disseminated. However, it may be disclosed to third parties
a. a. Public Administrations and Authorities, if required by law;
b. service providers and third parties in a contractual relationship with the Data Controller appointed as “Data Processors” pursuant to Article 28 of the GDPR and required to comply with data protection obligations, by virtue of a specific deed stipulated with the Data Controller;
a. legal entities entitled to access the data by virtue of legal, legislative and regulatory provisions

7. Rights of data subjects
You have the right to request from the data controller the rights set out in Articles 15 et seq. of GDPR 2016/679:
– Access to your data and information;
– the rectification and deletion (‘right to be forgotten’) of data;
– the restriction of processing and the possibility to object to processing;
– the portability of the data;
– revocation of consent to processing.

If you feel that your rights have been violated, you have the right and to lodge a complaint with the GPDP Data Protection Authority: www.garanteprivacy.it