Information on the processing of personal data

IN RELATION TO THE VISIT TORINO, VISIT VALSUSA, VISIT CANAVESE & LANZO, VISIT PINEROLESE PROJECT

With this information, the Joint Controllers intend to provide all the information required by art. 13 of Regulation (EU) 2016/679 (also called GDPR or General Regulation for the Protection of Personal Data), regarding the processing of personal data in the above-mentioned area.

1. Data controllers and DPO - Data Protection Officer

Joint controllers of personal data are: 

  • The Turin Chamber of Commerce, Industry, Crafts and Agriculture (hereinafter, the Turin Chamber of Commerce), based in Turin (TO), via Carlo Alberto n ° 16, tel. 011.57161, email protocol.generale@to.legalmail.camcom.it (address also able to receive emails); 
  • ASCOM Confcommercio of Turin and Province (hereinafter, ASCOM Turin), with registered office in Turin (TO), via Massena n ° 20, tel. 011.5516111, email info@ascomtorino.it; 
  • Confesercenti of Turin and Province (hereinafter, Confesercenti Turin), with registered office in Turin (TO), corso Principe Eugenio n ° 7 / D, tel. 011.52201, email segreteria@confesercenti-to.it. 

The Turin Chamber of Commerce has appointed, pursuant to art. 37 of the GDPR, its own DPO - Data Protection Officer (in the Italian translation RPD, Responsible for the protection of personal data), with whom it is possible to contact by writing to the email address rpd1@pie.camcom.it (address enabled to receive also PEC ).

2. Purpose and legal basis of the processing

Your personal data will be processed exclusively for the following purposes: 

a) in relation to ASCOM Turin and Confesercenti Turin, transmission of data to the hotels and tour operators chosen by the user to manage booking requests on their own; in relation to this purpose, the legal basis of data processing is represented by the need to manage pre-contractual requests of which the interested party is a party; 

b) sending information on activities, services, events, specific initiatives within the Project, and, in relation to the Turin Chamber of Commerce, also on activities, services, events, specific initiatives to promote tourism further or subsequent to the Project; in relation to this purpose, the legal basis for data processing is consent.

3. Authorized and Data Processors

Personal data will be processed by staff of the Joint Controllers previously authorized for processing and specially trained and trained. 

The data may also be processed by external subjects, formally appointed by the Joint Data Controller (s) as Data Processors and also belonging to the following categories: 

  • special companies of the Turin Chamber of Commerce; 
  • companies that provide information systems management and maintenance services; 
  • companies that provide electronic communications services and, in particular, e-mail.
4. Recipients of personal data 
As specified in point 2 lett. a) of this Notice, the data acquired through the contact / booking box are transmitted to the hotels / tour operators selected by the user, who process the data as independent data controllers.

 

5.Data retention period

ASCOM Torino and Confesercenti Torino will process the data for the entire duration of the Project and will delete it within the following year; the Turin Chamber of Commerce will process the data for 10 years and will cancel it upon expiry of the treatment in addition to the time necessary to proceed with the discard (maximum one year from the end of the treatment). 

The processing will in any case cease in case of revocation of the consent by the interested parties.

6. Nature of the provision of data and consequences of any failure to provide it

The data required for the purposes referred to in point 2 lett. a) of this Notice are necessary; should the interested party choose not to provide them, it will not be possible to proceed with the transmission of such data to the structures / tour operators chosen by the user. 

The data required for the purposes referred to in point 2 lett. b) of this Information are optional; should the interested party choose not to provide them, it will not be possible to send the information indicated above.

7.Transfer of data to non-EU countries 
 
As indicated above, the Joint Controllers may make use, also through their Data Processors, of IT service companies and telematic communications companies that could place or transit the data even in countries not belonging to the European Economic Area. These service companies are selected on the basis of their certifications and their declarations regarding reliability, security and compliance with national and European legislation on the processing of personal data. In particular, in order to guarantee an adequate level of protection of personal data, these companies can only carry out the transfer to countries (or sectors thereof) that have been the subject of specific adequacy decisions adopted by the European Commission, or on the basis of clauses. Standard Contractuals.
 
8.Your RIGHTS 
 

The Regulation (EU) 2016/679 recognizes you, as an interested party, various rights that you can exercise by contacting the Data Controller or the DPO at the addresses referred to in point 1 of this information. 

Among the rights that can be exercised, provided that the conditions provided for by the legislation are met from time to time (in particular, articles 15 and following of the Regulation) there are:

  • the right to know if the Joint Controllers are currently processing personal data concerning them and, in this case, to have access to the data being processed and to all information relating to it; 
  • the right to rectify inaccurate personal data concerning you and / or to integrate incomplete ones; 
  • the right to have your personal data deleted; 
  • the right to limitation of processing; 
  • the right to object to the processing; 
  • the right to the portability of personal data concerning you; 
  • the right to withdraw the consent at any time, without prejudice to the lawfulness of the processing, based on the consent, carried out before the revocation.
Pursuant to art. 26, par. 2, of the Regulations, you also have the right to be able to view the essential content of the joint ownership agreement that governs the relationships between the Joint Controllers. In any case, you also have the right to submit a formal Complaint to the Guarantor for the protection of personal data, according to the methods available on the site. https://www.gpdp.it/modulistica-e-servizi-online/reclamo. To receive more information on your rights, you can contact the Joint Controllers or the DPO of the Turin Chamber of Commerce directly, or consult the official pages of the Guarantor Authority. https://www.garanteprivacy.it/home/diritti e https://www.garanteprivacy.it/web/guest/regolamentoue/diritti-degli-interessati.
 
This information was updated on 8.7.2022

 

 / 

Log in

Send a message

My favorites