Privacy notice pursuant to art. 13 of the Reg. (EU) 2016/679 (“GDPR”)
Veronafiere S.p.A. (hereinafter referred to as “Veronafiere” or “Controller”) provides You with the information concerning the processing of personal data provided by those who request information and/or assistance from Veronafiere using the channels provided by the latter for customer care, i.e., the contact points via e-mail and telephone specified on its websites, as well as any special forms on the events’ websites.
1. Identity ad contact details of data controller
The data controller is Veronafiere S.p.A., VAT n. 00233750231, Viale del Lavoro, 8, 37135 – Verona, tel. 045 8298111, e-mail email@example.com, PEC firstname.lastname@example.org
Contact details of data protection officer (dpo)
You can contact the DPO at the email address email@example.com
2. Data processing purposes, legal basis and data retention
Data are processed in order to respond to requests for information or assistance in relation to the services and events of Veronafiere (e.g., requests for support relating to participation in a trade fair event). The legal basis for processing is the performance of the contract to which the data subject is party. Data will be stored for the time necessary to process the request and in any case no longer than 2 years, unless further terms are required by law. Once such data retention term have expired, data will be destroyed or anonymized, compatibly with the technical times required for erasure and backup.
3. The provision of the data
The provision of data highlighted with an asterisk in the registration form or requested via email / phone by operators is necessary for the proper management of the request; therefore, failure to provide data will not allow the sending and / or management of the such request.
4. Categories of recipients to whom the data may be disclosed
Data may be disclosed to parties acting as controllers, such as public authorities and professional firms. Data may be processed, on behalf of the Controller, by third parties, appointed as Processors pursuant to art. 28 of the GDPR, carrying out activities that are functional to the services provided (e.g., IT services, customer care services), Furthermore, data are processed by Veronafiere employees who have been expressly authorised to process data for the above-mentioned purpose and have received adequate operating instructions.
5. Data subjects’ rights
In relation to the processing carried out by the Controller, the data subject may exercise the rights referred to in articles 15 to 22 of the GDPR, where applicable, and, in particular, may:
– obtain the confirmation as to whether or not personal data concerning him/her are being processed, and, where that is the case, access personal data and the information referred to in article 15 of the GDPR,
– obtain the rectification of inaccurate data,
– have incomplete data completed,
– obtain the erasure of data in the cases provided for by article 17 of the GDPR,
– obtain restriction of processing in the cases provided for by article 18 of the GDPR,
– where the processing is based on consent or contract and is carried out by automated means, to receive the data in a structured, commonly used and machine-readable format and to transmit those data to another controller without hindrance from the controller to which the personal data have been provided (the right to data portability).
In order to exercise such rights, the data subject can contact the Controller by sending a communication to the contact points listed in paragraph 1 or an e-mail to firstname.lastname@example.org.
Data subjects shall have the right to lodge a complaint with the competent supervisory authority in the Member State of his or her habitual residence, place of work or place of the alleged infringement.