Statement regarding the processing of personal data provided by the User of the site LE STANZE DEL VETRO
Pentagram Stiftung, with headquarters at Hartbertstrasse 1, Chur 7001 (Switzerland) Representative pursuant to Article 5.2, Legislative Decree. no. 196/2003 and Data Processor: Servizi Fondazione Pentagram s.r.l.
Privacy statement for the data subject pursuant to Article 13 of Legislative Decree no. 196 of 30 June 2003
Pursuant to Article 13 of Legislative Decree no. 196 of 30 June 2003 (hereinafter referred to as ‘Legislative Decree no. 196/2003’) – establishing provisions for the safety of persons and other parties with regard to the processing of personal
in the capacity of ‘Data Controller’ of the processing of the personal data of the users (hereinafter also referred to as ‘Site Users’ or ‘Site User’) of the site
http://www.lestanzedelvetro.org (hereinafter also referred to as ‘Site’) together with
Servizi Fondazione Pentagram s.r.l. Unipersonale [Single-member private limited liability company]
(hereinafter ‘Servizi Fondazione Pentagram’), in the capacity of ‘Representative pursuant to Article 5.2, Legislative Decree. no. 196/2003’ as well as ‘Data
Processor’ of the said data, advises its Users of the following.
0. Protection of personal data
The Data Processor, Servizi Fondazione Pentagram, will gather and process, also on behalf of Pentagram Stiftung, the personal data of all Users in compliance
with Legislative Decree no. 196 of 30 June 2003, which establishes provisions for the safety of persons and other parties with regard to the processing of personal data.
In particular, the personal data of all Users will be processed subject to
obtaining express consent, in writing if necessary, following the provision of the present ‘privacy statement’, supplied pursuant to Legislative Decree no. 196 of
30 June 2003, containing, in particular, an indication of the Rights of the data
1. Source of personal data obtained
1.1. Direct collection
The personal data (or certain data described as ‘personal’ pursuant to Legislative Decree no. 196/2003) are obtained by the Data Processor, Servizi Fondazione Pentagram, directly from the User:
(a) either at the act of registering on the Site and/or on navigating in the said Site;
(b) or at the User’s request for the sending of electronic and/or hard-copy free publishing products, including periodical newsletters, invitations to exhibitions and events, programmes of seminars, conferences, lessons, etc.;
At the act of registering on the Site and/or on navigating in the said Site, data may be collected regarding the technological equipment such as, for example,
the operating system used, the Host ID and the IP address, the pages visited (navigation data). Cookies, web beacons and similar technologies, of which this site makes use, also make it possible to recognise:
the type of browser used;
the operating system used;
the Website from which the User comes;
the date and time of the visit;
the URLs of the pages consulted;
other navigation data, as for example the downloads carried out.
1.3. Collection of data from third-party sources. Possible sharing of data with third parties
The Data Processor and the Data Controller (also through the intermediary of the former) may occasionally receive information concerning the Data Subject from other sources, such as for example counterparts in commercial contracts or from companies or foundations which may be affiliated, controlled or subject to a common control (outside Italy), or from acquired or simply accredited companies and/or from other organisations (such as for example: profit-making companies,
cooperatives, consortia, foundations and/or associations, also outside Italy; public bodies, etc.) and may add and cross-reference this information with the information already available.
If the User transmits the information of a third party (or if a third party transmits information to us in his/her name), we explicitly require that the party transmitting the information has received the consent of the party providing it.
Some parts of the content of the Site may furthermore be offered on a shared basis with third parties (the so-called ‘co-branded’). In these cases, when the User transmits, indicates or communicates in any way his/her personal information to the Pentagram Stiftung through the Servizi Fondazione Pentagram
he/she should bear in mind that this information will be made available to both the Data Processor and Data Controller and to the third parties that offer the said goods and/or services on a shared basis with the Data Controller.
In addition, it is possible that the Pentagram Stiftung and/or Servizi Fondazione Pentagram will share with third parties the personal data gathered through the channel of the Internet or at the Bookshop of LE STANZE DEL VETRO for
advertising purposes and for information concerning cultural activities and/or publishing initiatives (as for example: exhibitions, shows, conferences, concerts, seminars, lessons, video-installations, films, documentaries, presentations of artists and works of arts, books and/or catalogues, etc.) designed, created, produced, sponsored and/or curated by the Data Controller and/or Data Processor jointly or with the cooperation of these third parties.
2. Purposes of personal data processing
The personal data are collected with the objective of managing the services provided to the user through the Site and also of developing a targeted
communication with the User through:
- the opening and reporting of the Site User’s accounts (also in correlation with the account which might have been activated at the bookshop of LE STANZE DEL VETRO),
- the planning of the Site User’s accounts (also in correlation with the account which might have been activated at the bookshop of LE STANZE
- the personalisation of communications concerning cultural activities and content of interest for the User (also in correlation with the account which might have been activated at the bookshop of LE STANZE DEL VETRO),
- the sending to the User of information concerning new cultural and recreational services supplied by the Data Controller and by third parties
(also in correlation with the account which might have been activated at the bookshop of LE STANZE DEL VETRO),
- the sending to the User of information and advertising messages (in the form of electronic and/or hard-copy newsletters, invitations, brochures, posters and other such, distributed both in electronic and hard-copy form) concerning the cultural activities (events, exhibitions, seminars, congresses, lessons, concerts, consolidation workshops for children and adults and connected activities) produced and/or organised by the Data
- Controller and/or Data Processor with and/or by third parties, market research carried out on behalf of the Data Controller and/or Data
Processor and/or third parties (involving the possibility of communicating the personal data of the Data Subjects to third parties appointed to carry out such operations)
- analysis of the way the User uses the service (involving the possibility of communicating the personal data of the Data Subjects to third parties
appointed to carry out such analyses)
- monitoring of the service supplied to prevent unauthorised use of the contents and breaches of the service conditions (involving the possibility of communicating the personal data of the Data Subjects to third parties appointed to carry out such monitoring operations)
- prevention of fraud and illegal activities (involving the possibility of communicating the personal data of the Data Subjects to third parties
appointed to carry out such prevention operations)
3. Means of processing and scope of communication of the personal data
Processing will take place through the use of instruments and procedures suitable for ensuring the safety and confidentiality of the said data and will be carried out with
the help of electronic means and Authorised Persons in full compliance with the provisions of the Minimum Safety Measures, as set out in the technical Procedural Guidance concerning minimum safety measures – Annex B to Legislative Decree no. 196/2003. The data in question will be processed by Servizi Fondazione Pentagram s.r.l., in the capacity of Data Processor and established Representative, appointed in accordance with Article 5.2, Legislative Decree no. 196/2003, and in particular by the Persons Authorised to process.
4. Provision of personal data
4.1. The provision of the personal data is in any case optional and failure to provide them does not prejudice navigation on the Site in any way.
With regard to the personal data provided directly by the User, please be aware however failure to provide data indicated as ‘obligatory’ in the forms provided personally in the bookshop of LE STANZE DEL VETRO or for access to certain
sections of the Site or in any case for the use of certain services will make such access and use impossible and, consequently, it becomes impossible for the user to send requests (regarding information or contracts) and use the services supplied through the Site. On the other hand, failure to provide further data (not
‘obligatory’) has no consequence for the User regarding navigation on the Site and/or periodic information services (newsletters etc.) and/or other connected services.
5. Communication of the personal data
5.1. Without prejudice to the indications under Point 1.3 above, and subject to the communications and disseminations carried out in compliance with the obligations of national and EU regulations, the personal data, once collected by
the Data Controller (and/or Processor and/or third parties) may be disclosed to the following categories of parties:
- in the context of their duties and/or respective objectives and projects, employees and/or associates of Pentagram Stiftung and of Servizi Fondazione Pentagram s.r.l.
- in the context of their duties and/or respective objectives and projects, employees and/or associates of connected, controlling, controlled organisations or subject to the common control of Pentagram Stiftung and/or Servizi Fondazione Pentagram or bound to the aforesaid
organisations by particular contractual constraints
- suppliers, distributors and wholesalers
- Offices of the Public Administration
- credit institutions, insurance companies and agencies, insurance brokers and intermediaries, finance companies, leasing companies, etc.
- IT consultancy companies and similar
- Judicial offices, Post offices, dispatchers and couriers for the dispatch/receipt of documentation and/or other material
- persons, companies, associations and/or professional firms that provide
assistance and consultancy services or activities to the Data Controller and/or Data Processor, with particular, but not exclusive, reference to
questions regarding advertising, accounting, administrative, legal, labour,
tax and finance aspects.
5.2. Without prejudice to the provisions of Point 5.4 below, the data are not subject to dissemination.
5.3. Subject to the indications of Point 1.3 above, Pentagram Stiftung, also through the intermediary of Servizi Fondazione Pentagram, may
furthermore share or transmit the User’s data with/to third parties
(counterparts in commercial contracts, accredited counterparts, controlled or controlling businesses, foundations or associations subject to common control etc.), affiliated either to Pentagram Stiftung or to Servizi Fondazione Pentagram, in support of their respective institutional activities, of marketing and communication, as well as with/to the suppliers of goods and/or services that act and use the data on behalf of Pentagram Stiftung and/or Servizi Fondazione Pentagram.
5.4 In addition please note that in the wiki, forum, blog, chat and other social network areas, the information sent by the User is disseminated to all participants.
6. Transfer of the personal data
The personal data may be transferred, for the purposes described in Point 1, both
within the Member Countries of the European Union and to third-party Countries in compliance with Articles. 42 et seq. of Legislative Decree no. 196/2003.
7. Rights of the data subject
With regard to personal data, you are entitled to exercise the rights of access specified in Article 7 of Legislative Decree No. 196/2003:
“1. The data subject has the right to obtain confirmation as to whether or not personal data regarding him/her exist, even if not yet recorded, and to have such
data communicated to him/her in an intelligible form. 2. The data subject has the right to be informed regarding: a) the source of the personal data; b) the purposes and methods of processing; c) the logic followed in the event of processing carried out with the help of electronic instruments; d) identification details of the data controller, data processor and representative appointed
pursuant to Article 5, Subparagraph 2; e) the parties or categories of parties to which the personal data may be communicated or which may become aware of them in the capacity of appointed representative within the national jurisdiction, or of Processors or persons authorised to process. 3. The data subject has the right to: a) have the data updated, corrected or, if interested, supplemented; b)
the deletion, anonymization or blocking of data processed contrary to law, including data which it is not necessary to store for the purposes for which they were collected and subsequently processed; c) the certification that the operations under Sections a) and b) and the contents thereof, have been notified to those to whom the data have been communicated or disseminated, except where this proves to be impossible or requires the use of means manifestly
disproportionate to the right protected. 4. The data subject has the right to object, in whole or in part: a) for legitimate reasons, to the processing of personal data concerning him/her, even if relevant to the purpose for which the data were collected; b) to the processing of personal data concerning him/her for the purpose of sending advertising material or direct sales or carrying out
market research or commercial communications.”
The Personal Data Controller
is Pentagram Stiftung, with headquarters in Chur, at Hartbertstrasse 1, 7001
Switzerland, which for the purpose of the processing of personal data in Italy selects as Established Representative in accordance with Article 5.2 of Legislative Decree no. 196/2003 and appoints as Data Processor Servizi Fondazione Pentagram s.r.l. Unipersonale, Tax Code/VAT number 04128390277
with its registered office in Venice, at S. Croce no. 464, in the person of its Legal Representative.
Exercise of the rights in accordance with Article 7, Legislative Decree No. 196/2003:
In order to exercise the rights specified in Article 7 of Legislative Decree No. 196/2003, and indicated above under Section No. 7, the Data Subject must send a written request to: Servizi Fondazione Pentagram s.r.l., at its operational
headquarters in Venice, Isola di San Giorgio Maggiore 8 ‘Le Stanze del Vetro’; fax. (+39) 041 5229138/ e-mail: email@example.com
Having read and taken note of the contents of the ‘Statement’, I declare that I agree to the processing of my personal data by Servizi Fondazione Pentagram s.r.l. Unipersonale, in its capacity as Data Processor and established Representative appointed by Pentagram Stiftung, in accordance with Article 5.2 Legislative Decree No. 196/2003; and, in particular, declare my consent to the processing of these data in the forms, with the use of the methods and for the purposes indicated therein, being furthermore fully aware of the rights accorded to the undersigned by Article 7 Legislative Decree No. 196/2003 in the capacity
of ‘Data Subject’.