Information on the processing of data relating to website navigation (“Privacy Policy”)

This page describes the methods and logics for the processing of personal data of users (hereinafter, also the “Users”) who consult the website teatroverdi-trieste.com (hereinafter, also the “Website”) with reference to the processing of personal data of users who consult it.

This information is provided only for the site teatroverdi-trieste.com and not for other websites that may be consulted by the user via links.

Identity and contact details of the Data Controller
Data controller pursuant to articles 4 and 24 of the Regulation is the Giuseppe Verdi Opera Theater Foundation of Trieste, with headquarters in Riva Tre November n. 1, Trieste, telephone: 0406722331, e-mail: [email protected]; PEC: [email protected]. You can contact the Data Controller by writing to the aforementioned address or by sending an e-mail to the aforementioned e-mail address.

Identity and contact details of the data protection officer.
The data protection officer (“DPO”) pursuant to art. 37 of the Regulation can be contacted at the following PEC address: [email protected].

Purpose of the processing and legal basis
Personal data is processed exclusively for the purpose of providing the services accessible through the Website and to implement the obligations established by law. The legal basis of the processing for the aforementioned purposes is constituted by the art. 6, paragraph 1, letter b) of the GDPR (“the processing is necessary for the execution of a contract of which the interested party is a part or for the execution of pre-contractual measures adopted at the request of the same “) and by art. 6, paragraph 1, letter c), GDPR (“processing is necessary to fulfill a legal obligation to which the data controller is subject”).

Processing methods
The Data Controller adopts adequate technical and organisational measures to ensure that only the personal data relating to Users necessary for each specific purpose of the processing are processed and in order to minimise the risks of destruction or loss, even accidental, of the data itself, unauthorised access or processing that is not permitted or does not comply with the purposes indicated in this Policy. The processing of Users’ personal data may be carried out with the aid of electronic or automated means, with methods and procedures strictly necessary for the pursuit of the purposes described above.

Recipients or categories of recipients of personal data
The processing of personal data will be carried out by subjects expressly and specifically designated by the Data Controller who operate at the headquarters of the same. These related subjects with purely organisational functions will process the data in accordance with the instructions received from the Data Controller, as Data Processors (art. 28 GDPR) or as authorised (art. 29 GDPR) or as subjects expressly designated to process the data in the terms established by the Regulation and by the national legislation for adaptation to the provisions of the GDPR (Legislative Decree n. 101/2018); among these we indicate the employees or collaborators assigned to the structures of the undersigned Owner. The data provided may also be processed by the Data Controller or also communicated to third parties exclusively for the achievement of administrative and accounting purposes, IT services companies, management, archiving or other services of a technical / organisational nature.

Storage period
The data will be kept for a period of time not exceeding the achievement of the purposes indicated above (“principle of limitation of conservation” pursuant to article 5 of EU Regulation 2016/679) or on the basis of the deadlines set by law and according to the times indicated in detail for cookies in the cookie policy.

Data transfer abroad
The data is not transferred to a third country outside the European Union or to international organisations.

Whether the communication of personal data is a legal or contractual obligation or a necessary requirement for the conclusion of a contract, and whether the data subject is obliged to provide personal data as well as the possible consequences of not communicating such data

Apart from that specified for navigation data, the User is free to provide the personal data contained in the form present in the “Newsletter subscription” section. Failure to communicate will only make it impossible to subscribe to the newsletter edited by the Foundation.

Rights of the interested party
Pursuant to the articles 15 et seq. of the Regulation,  the interested party has the right to ask the Data Controller:

• access to his personal data;
• the rectification or cancellation of the same or the limitation of their processing;
• the opposition to the processing;
• the portability of data in the terms of art. 20 GDPR;
• if the treatment is based on article 6, paragraph 1, letter a), or on article 9, paragraph 2, letter a), cited the withdrawal of consent  at any time without prejudice to the lawfulness of the processing based on the consent given before the withdrawal.

Without prejudice to any other administrative or judicial appeal, the interested party who considers that the processing concerning him violates the GDPR has the right to lodge a complaint with a supervisory authority, especially in the Member State in which he habitually resides, works or of the place where the alleged violation has occurred pursuant to art. 77 quoted. (the Italian supervisory authority is the Guarantor for the protection of personal data).

To exercise the above rights, the interested party may contact the Data Controller of personal data at the addresses indicated above

Updates
The privacy policy of this website is subject to updates; users are therefore invited to periodically check its content.