Lecco Laghi Valli

Culture, territory and events to experience

Facebook-f Instagram

Privacy Policy

INFORMATION ON THE PROCESSING OF PERSONAL DATA OF WEBSITE USERS

The owner of this site, Ltm - Lecchese Turismo Manifestazioni, in compliance with obligations under national law[1] and Community (hereinafter GDPR[2] or Regulation) as amended, respects and protects the confidentiality of users/visitors by implementing appropriate and proportionate security measures so as not to infringe their rights. This information applies exclusively to the activities online of this site in particular to the compilation of form, the request for information or any other form of interaction with the site that involves the communication of personal data by the user. With this, the Owner pursues the objective of providing maximum transparency regarding the information that the site collects and how it uses it. The processing will be based on the principles of lawfulness, correctness, transparency, purpose limitation, data minimisation, accuracy, storage limitation, integrity, confidentiality and accountability. Pursuant to Articles 13 and 14 of the GDPR and current legislation, the following information is provided regarding the processing that Ltm - Lecchese Turismo Manifestazioni executed with personal data:

  1. Subjects of treatment

The Data Controller is Ltm - Lecchese Turismo Manifestazioni, having its registered office in Via Tito Speri, 4 - 23900 Lecco (LC), who can be contacted using the e-mail address segreteria@ltmlecco.it

  1. Method of processing and type of data collected

The Data Controller adopts all the technical and organisational measures suitable for securing the personal data processed. In particular, these measures are aimed at preventing unauthorised access, disclosure, modification or destruction of the data, which will be collected, processed and stored in the archives, both hard copy and electronic, of the Data Controller and/or internal authorised parties and external Managers expressly authorised for this purpose. The processing will be carried out with the aid of both hard copy and computerised or electronic means, with personal data being organised and processed in such a way as to guarantee their security and confidentiality. The Data Controller may process certain personal data of users who interact with the site's web services, in particular: 

  • browsing data: IP addresses, URI notation addresses, etc. may be automatically acquired by computer systems when using the site[3], browser type and the parameters of the device used to connect to the site, the name of the’Internet Service Provider (ISP), the visitor's home page[4] and exit, as well as details of the date and time of the visit, the requests sent to the site's server and which make navigation possible. Browsing data may also be used to compile anonymous statistics in order to understand the use of the site and to improve its structure. Surfing data may possibly be used for the detection of illegal activities, such as computer crimes, to the detriment of the site;
  • contact details (name and surname, e-mail address, company name and telephone number), possibly of an economic and fiscal nature (in the event, for example, that an invoice is requested), necessary for the performance of existing or future contractual relationships with users.

No “special categories” of personal data, i.e. data that can be qualified as sensitive, are collected and processed in any way[5].

  1. Purpose of processing

The data provided by the user or communicated by third parties will be processed for the following purposes:

a. registration to the website, to the services developed or made available by the Controller, use of related information services, handling of contact or information requests;

b. establishment of contractual relations and consequent administrative, legal and tax obligations, as well as to enable effective management of financial and commercial relations;

c. fulfilment of obligations under EU and national regulations;

d. marketing direct, i.e. the sending of advertising material, promotional activities, commercial communication of products and/or services offered by the company; this activity may be carried out by sending advertising/information/promotional material and/or invitations to participate in initiatives, events and offers aimed at rewarding users/customers, carried out by means of “automated” contact systems[6];

e. verification of the proper functioning of the site and for security reasons, in order to block attempts to damage the site or cause damage to other users and in any case to ascertain and repress harmful or criminal activities. By accessing the “Contacts” section, the site allows the visitor/user to enter messages and other information.

The voluntary and explicit forwarding of such information does not require any request for consent and the possible filling in of form specifically prepared involve the subsequent acquisition of the address and data of the visitor/user, necessary to respond to requests made and/or to provide the service requested. The information that users of the site decide to make public by means of the services and tools made available to them is provided by the user knowingly and voluntarily, with the Data Controller exempt from any liability in the event of any violations that may be committed as a result. In fact, it is up to the user to obtain any permissions to enter personal data of third parties or content protected by national and international regulations.

  1. Legal basis of personal data processing

The provision of personal data for the purposes referred to in points 3-a) and 3-b) is compulsory, as the processing is connected to a pre-contractual and/or contractual phase or is functional to a request made by the Data Subject or required by a specific regulation. Failure on the part of the Data Subject to provide certain personal data in relation to the aforementioned purposes may prevent the Controller from providing its services. With regard to point 3-d) (marketing direct), personal data are entered voluntarily by the Data Subject. Consent must be expressed by means of an unequivocal positive act; moreover, it must be free, specific, optional and always revocable without any consequences on the usability of the services, except for the impossibility for the Controller to provide some of them. In any case, the user may exercise the right to object at any time (cf.. paragraph 9. “Rights of the Data Subject”). The data collected and processed for the purposes of site security and the prevention of abuse and illegal activities referred to in paragraph 3-e), as well as the data for the analysis of site traffic (statistics) in aggregate form, are processed on the basis of the legitimate interest of the Data Controller in order to protect the smooth operation of the site, as well as to protect the users themselves. In such cases, the user may at any time exercise the right to object (cf.. paragraph 9. “Rights of the Data Subject”).

  1. Use of Cookies

cookies are small text files that the site sends to users' terminals and are used to perform computer authentication, monitor sessions, store information on specific configurations, store preferences and more. This site uses cookies mainly to improve the browsing experience by measuring and analysing aggregated and anonymised browsing data. For information on cookies used, as well as on the management, setting and deactivation of cookies, users can consult the appropriate section of the site and follow the procedures provided for this purpose.

  1. Recipients of personal data

The data will not be disclosed by the Controller to unspecified parties in any way, not even by making them available or consulting them. The data will be stored at the Controller's premises and may instead be disclosed to specific persons so defined:

  • authorised persons involved in the organisation of the site[7];
  • external subjects[8] delegated for this purpose to specific processing activities and duly appointed as Data Processors pursuant to Article 28 of the Regulation, in accordance with the applicable legislation and limited to the purposes of the professional services required and necessary;
  • subjects whose right to access the data is recognised by law or by orders of the authorities;
  • any third countries or international organisations, should it become necessary for technical and/or operational reasons to transfer certain collected data to technical systems and services operated in cloud and located outside the European Union area[9]. In this case, processing will be regulated in accordance with the provisions of Chapter V of the GDPR and authorised on the basis of specific decisions of the European Union and the Data Protection Authority.

The complete list of all persons responsible for and authorised to process personal data can be requested by writing to the e-mail address segreteria@ltmlecco.it, or by ordinary mail to the address Via Tito Speri, 4 - 23900 Lecco (LC).

  1. Place of processing

Data collected from the site are processed at the Data Controller's premises and at the datacenter of Web Hosting. Web Hosting (Serverplan s.r.l.), as Data Processor, processes personal data on behalf of the Controller in accordance with European standards.

  1. Personal data retention period

The data collected will be processed exclusively for the purposes indicated above and stored for the time strictly necessary to provide the requested service. In any case, this period of time will not extend beyond 10 years, after which the Data Controller will automatically delete the personal data collected.

  1. Rights of the Data Subject

The Rules reserve specific rights to users/interested parties. In particular, the Interested Party may at any time exercise the right to:

  • access their personal data, obtain confirmation as to whether or not personal data relating to them are being processed and, if so, be informed as to the purposes pursued by the Controller, the categories of data involved, the recipients to whom the data may be disclosed, the applicable retention period, the existence of automated decision-making processes;
  • obtain the rectification of inaccurate personal data concerning him/her without undue delay;
  • obtain, where applicable, the deletion of personal data concerning him/her without undue delay;
  • obtain, in the cases provided for, the restriction of processing;
  • request the portability of the data he has provided to the Controller, i.e. to receive them in a structured, commonly used and machine-readable format, including for the purpose of transmitting such data to another Data Controller without hindrance from the Data Controller to whom he has provided them within the limits set by Article 20 of the Regulation;
  • object at any time, on grounds relating to his particular situation, to the processing of personal data concerning him, in the cases provided for in the Regulation;
  • withdraw consent at any time, as easily as if it had been given;
  • lodge a complaint with the Data Protection Authority;
  • obtain all available information on the origin of the personal data, if they have not been collected from the data subject himself;
  • receive notification without undue delay in the case of “data breach”, i.e. in cases where the breach of one's personal data presents a high risk to one's rights and freedoms;
  • be informed of the existence of appropriate safeguards if personal data are transferred to a third country or to international organisations.

 

All of the above rights may be exercised at the request of the data subject by writing directly to segreteria@ltmlecco.it. This notice may be subject to periodic updates.  

 

Personal data controller

Ltm - Lecchese Turismo Manifestazioni

 

[1] D. Legislative Decree No. 196/2003, Personal Data Protection Code, as amended by Legislative Decree 101/2018;
[2] European Data Protection Regulation No 2016/679;
[3] Uniform Resource Identifier;
[4] referral;
[5] pursuant to Art. 4 of the Code and Art. 9 of the GDPR;
[6] e.g. SMS and/or MMS, e-mail, interactive applications;
[7] e.g. employees of the Controller and possibly of the Processor, including administrative staff, sales staff, system administrators;
[8] e.g. third-party technical service providers, lawyers, hosting provider, IT companies, communication agencies;
[9] in particular with Google, Facebook, Twitter, Microsoft, LinkedIn, via social plugins and the Google Analytics service;

Close Popup

This site uses cookies to manage navigation, content customisation, traffic analysis. By closing the banner you consent to the use of technical cookies only. This choice can be changed at any time.

I accept Customise Refusal
Privacy Centre Cookie Policy
Close Popup
Privacy Settings saved!
Settings

When you visit a website, information may be stored or retrieved and saved in the cache of your browser, mainly in the form of cookies. Check your cookie services here.

Strictly necessary Integrity / functionality Targeting and advertising Privacy Centre Privacy Policy Cookie Policy
These tracking tools are strictly necessary to ensure the operation and provision of the service you have requested from us and, therefore, do not require your consent.
Technical cookies
These cookies are set by Google's recaptcha service to identify bots to protect the website from malicious spam attacks and to test whether the browser is able to receive cookies.
  • wordpress_test_cookie
  • wp_lang
Acceptance/Rejection Gdpr
These cookies store the choices and settings decided by the visitor in accordance with the GDPR.
  • wordpress_gdpr_cookies_declined
  • wordpress_gdpr_cookies_allowed
  • wordpress_gdpr_allowed_services
Reject all Services
Accept all Services
Open Privacy settings