Il trattamento dei dati personali degli utenti del Portale avverrà secondo la normativa applicabile in materia di protezione dei dati personali ed in particolare al Regolamento UE n. 2016/679 (Regolamento generale sulla protezione dei dati - GDPR 2016/679").

This privacy policy (hereinafter the “Policy”) relates exclusively to the processing of data communicated by the user (hereinafter the “Data”) in using the Portal.

1. Data controller and other figures involved in data processing. The data controller of the Data collected through the Portal is the Municipality of Ferrara (hereafter also termed the “Data Controller”), with headquarters in Ferrara, Piazza del Municipio 2, 44121. Users can always apply for any information concerning their personal data or request the complete list of data managers appointed by writing to the Servizio Gallerie d’Arte Moderna e Contemporanea, Comune di Ferrara, via G. Frescobaldi, 40, 44121, Ferrara or by writing to following email address:

2. Classes of data processed, purpose of processing, nature of data supplied and legal basis. Through the Portal the Data Controller collects and processes the following data:
(a) Navigation data: Data provided when browsing, processed in order to enable the Portal to function correctly. In this respect, we invite you to read the Cookie Policy at the end of this statement.
(b) Data provided voluntarily by the user: personal data provided voluntarily by the user (email address, personal information, contact details). The provision of data for this purpose is optional.
The legal basis for the processing of browsing data (point 2 a) is based on the legitimate interest of the Data Controller to create the Portal and of the user to access it. The processing of personal data for the purposes referred to in point 2 b) is based on consent.

3. Source of data, processing methods and retention period. Except as indicated in the Cookie Policy, the Data is provided voluntarily by the user. The data is processed by automated instruments (for example using electronic procedures and media) and/or manually (for example on paper) for the time strictly necessary to achieve the purposes for which the Data is collected and in any case by adopting security measures to avoid any breach of the data, unlawful, incorrect and unauthorized access.
However, due to the nature of the online transmission medium, these measures cannot limit or exclude absolutely any risk of unauthorised access or dispersion of the Data. In this regard, it is advisable to periodically check that the computer is equipped with software devices adequate for the protection of data transmission on the network, both incoming and outgoing (such as updated antivirus systems) and to ensure the Internet service provider has taken appropriate measures for the security of data transmission over the network (such as firewalls and spam filters).

4. Classes of data recipients. The Data collected through the Portal may become known (i) to employees and collaborators of the Data Controller due to the function they perform in operating as subjects authorised by the Data Controller to perform the data processing and duly instructed by the same; (ii) to any third parties whose services the Data Controller uses in the form of consultancy and/or instrumental to the operation/management/maintenance of the Portal and/or for the provision of web services, (iii) the Service of the Gallerie d’Arte Moderna e Contemporanea of the Municipality of Ferrara, as the operative body.

5. Data transfer abroad. The Data collected through the Portal will be processed in Italy and in any case in states that are members of the European Union.

6. Rights of interested parties. The subjects to whom the Data refers, the users of the Portal, have the right at any time to access their data, in particular to obtain confirmation of the existence or non-existence of the data and to be informed of its content and source. They also have the right to verify its accuracy or request its integration, updating, rectification, limitation of processing, deletion, transformation into anonymous form or blocking of data processed in violation of the law, as well as to oppose in any case its processing for legitimate purposes. Furthermore, they have the right to request the portability of their data, to present a complaint to the supervisory authority and at any time to revoke the consent previously given and to oppose at any time the use of the data and to revoke their consent, where given. Requests may be addressed to the attention of the Privacy Contact.