Doria Pamphilj Administration Ltd.
According to the obligations arising from the Italian national (Privacy Code) and community legislation (General European Regulation no. 679/2016) relating to the protection of personal data, the Doria Pamphilj Administration Ltd. respects and protects the privacy of visitors and users.
1 – Legal basis of the treatment
2 – Purpose of the treatment
Personal data processing means: registration, storage, organization, consultation, selection, extraction, comparison, processing, use, modification, interconnection, blocking, communication, cancellation and destruction, transfer or diffusion, or the combination of two or more such operations.
The processing of data collected on the website, in addition to any related, instrumental and necessary information required to provide the service has the following purposes:
2.1 – Statistics
Collection of data and information in an exclusively aggregated and anonymous form in order to verify the correct functioning of the website and improve online ticketing, the online shop and the platform.
None of this information is related to the physical person-website user and does not allow identification in any way.
2.2 – Security
Collection of data and information in order to protect the security of the website and users (anti-spam filters, firewalls, virus detection) and to prevent or unmask fraud or abuse to the detriment of the website.
The data is recorded automatically and may also include personal data (IP address) that can be used according to the laws in force on the subject, in order to block attempts to damage the website itself or to damage other users, or in any case, harmful or criminal activities. This data is never used for the identification or profiling of the User and is deleted on a regular basis.
2.3 – Marketing/Advertising
Collection of data and information in general and in particular on the orientations and preferences of the User; send information and advertising material, including from third parties; send commercial communications, including interactive ones; perform direct sales or placement of products or services; to develop studies and statistical research on sales, customers and other information, and possibly communicate the same to third parties; transfer the data collected and processed for commercial purposes to third parties also for the sale or attempted sale, or for all those legitimate commercial and / or statistical purposes, publish reviews of our services.
This data, including any IP and other identification data, is used in order to allow third parties to send advertisements relevant to the User’s interests through this website to the User’s browser and to assess the effectiveness of advertising messages. These advertisements can also be presented on other websites in the advertising circuit (remarketing or retargeting).
Data is used exclusively by the computer system that manages the reviews, for the sole purpose of publishing comments that can help other users choose products.
2.4 – Shopping/Providing services
Collection of data to manage orders, provide products and services, process payments, communicate with users regarding orders, products, services and promotional offers, update registers and, in general, manage users’ accounts, show content such as lists, customer wishes and reviews and recommending products and services that may be of interest to users.
2.5 – Accessory activities
Communicate data to third parties who perform functions that are necessary or instrumental to the services, and to allow third parties to carry out technical, logistical and other activities on our behalf.
This website uses suppliers to carry out certain activities, such as processing orders, delivering parcels, sending traditional mail, analyzing data, providing marketing assistance, making payments with credit cards and providing services to customers.
Suppliers only have access to personal data that is necessary to perform their duties, and undertake not to use the data for other purposes, and they are required to process personal data in accordance with current regulations.
This kind of data is only kept for the period of time necessary to provide the service.
3 – Data collected
This site collects user data in two ways.
3.1 – Data collected automatically
While users are browsing, the following information may be collected and is kept in the site’s log files:
Internet protocol (IP) address;
Device parameters used to connect to the website;
Name of the internet service provider (ISP);
Date and time of visit;
Visitor’s original web page (referral) and of time of exit;
This data is used to analyze user trends and collect data in an aggregate form, administer and guarantee the security of the website, and can in no way be linked to the identity of the User.
3.2 – Data provided voluntarily
The site can collect other data in the event of voluntary use of services by users, such as comments, communication (contact details and forms to send emails), and purchase services (shopping cart):
name and surname;
VAT number and/or Tax ID or Italian fiscal code;
bank account number and/or IBAN;
company and headquarters;
image (avatar); and
This data is provided voluntarily by the User when requesting the service, or when adding comments, and will only be used for the provision of the requested service and processed only for the time necessary to provide the service. Email addresses may be used to send newsletters as well as promotional material to users who have already requested this service at the time of purchase, therefore in the context of an already existing commercial relationship. A customer can always ask not to have these communications sent by writing an email to firstname.lastname@example.org.
For users who are not customers yet, sending promotional material is subject to receiving consent which can later be revoked.
Tax data is necessary in order to use the services provided for a fee and for billing purposes. Data collected by the site is not provided to third parties unless it is lawfully requested by the judicial authority and only in cases set forth by law. However, data may be provided to third parties if this is necessary to carry out a specific service requested by the User for tax purposes, to run security checks or for site optimization.
If a comment on an article or product review is made, the data remains stored in the e-mail archive, in the site database and in backups.
This data will not be transmitted to anyone else without authorisation.
When sending a comment/review it is explicitly requested to receive updates/newsletters, the user will be included in the mailing list associated with this service.
4 – Data retention period
The collected data is processed for the time necessary for the purposes for which they were collected, and in any case, not beyond the times prescribed by law.
Data necessary for tax purposes is kept until relevant assessments to the corresponding tax period are defined, therefore for at least 10 years and more if the relevant year is not time-barred for tax purposes.
Upon expiry, data will be deleted or anonymized unless there are other purposes that require this data to be stored (for example, guarantee supply obligations or tax obligations).
5 – Transferral of collected data to third parties and to non-EU countries
The personal data of users/customers is an essential part of our work and the transfer to third parties is not one of our activities. However, in carrying out activities and services requested by users, this site may have to transfer some data to third parties that perform specific instrumental and in connection to those of the site, including: processing orders (for example the purchase of domains), mail delivery, data analysis, marketing assistance, credit card payments, etc. Suppliers only have access to data necessary to perform their specific tasks and are required to process it in accordance with this Policy.
If a company or production unit is transferred, the personal data of the Clients falls within the corporate assets that are being transferred but remains subject to the commitments set forth in this policy except for requests for new consent.
In the event that data is transferred to companies located outside the European Union (for example Google, Facebook and Microsoft – for LinkedIn and Skype), we make sure it is transferred in compliance with the applicable regulations and in particular with the rules established by the General Regulations for the protection of personal data. Transfers are authorized on the basis of specific decisions of the European Union and of the Authority for the protection of personal data http://www.garanteprivacy.it/home/provvedimenti-normativa/normativa/normativa-comunitaria-e-internazionale/trasferimento– of-data-to-third-countries, in particular Decision 1250/2016 (Privacy Shield http://eur-lex.europa.eu/legal-content/IT/TXT/?uri=CELEX%3A32016D1250 – see policy page of the Italian Privacy Authority http://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/5306161), for which no further consent is required.
When opening a contract, the user expressly gives consent to transfer data in the aforementioned cases.
6 – Cookies
These cookies include both persistent and session cookies and allow you to distinguish between connected users preventing a service to be provided to a wrong User and are therefore the result of an explicit request from the user. They are also used for security of the site and of the users themselves. Without these cookies, the site or some parts of it may not function properly. These cookies are always sent from our domain and consent is not required for them.
These cookies are used to collect information on the correct use of the site and on user behaviour for statistical analysis purposes, to improve the site and simplify its use. These cookies collect anonymous information on the activity of users on the site and on how they found the website and the pages they visited. These cookies are sent from the site itself or from third-party domains.
This site also acts as an intermediary for third-party cookies used to provide additional services and features to visitors and to improve the use of the site itself such as buttons for social media. Some of these cookies are profiling, i.e. used by third parties to collect information on user behaviour and interests in order to provide personalized advertising.
Instructions for disabling cookies via browser, and for eliminating cookies already present on the User’s device, can be found on the following web pages:
Windows Internet Explorer
You can find more information about cookies and how to manage them by consulting the website www.aboutcookies.org.
6.3 –Third-party Cookies
Generally, tracking users does not involve identifying them unless the User is already registered with the service and is not already logged on, in which case it is understood that the User has already directly expressed his consent to the third party when he or she has signed into the relevant service (for example on Facebook).
Cookies from the following third parties are used by this website.
6.3.1 – Google Inc.-
Google Analytics: web analysis tool used in order to assess how the site is used by users, compile reports on site activities and user behaviour, check how often users visit the site, how this is done and which pages are visited most frequently. The information is combined by Google with information collected from other sites in order to create a comparative overview of how the site is used compared to other sites in the same category.
Collected data: browser identification, date and time of interaction with the site, page of origin, IP.
Place of data processing: USA.
The collected data does not allow personal identification of users and is not crossed with other information relating to the same person. It is processed in an aggregate and anonymized form (truncated at the last octet). According to a specific agreement, Google Inc. is prohibited from crossing this data with data obtained from other services.
– Google Maps: a Google service that offers road maps and location for urban businesses. It sets cookies on the pages of the maps.
Collected data: number and behaviour of the map users, information relating to the page displayed, display preferences (zoom level, etc.).
Place of data processing: USA.
– YouTube: platform owned by Google used for sharing videos. Cookies are set when accessing the page containing the embed and when the video is started, and do not allow identification of the User unless he or she is already logged on to the Google profile, in which case it is understood that the User has already directly expressed consent to Google.
For some videos on the site, the “advanced privacy option https://support.google.com/youtube/answer/171780?expand=PrivacyEnhancedMode#privacy (no cookie)” has been activated which does not entail storage of visitor information unless they voluntarily play the video.
Data collected: number and behaviour of users, IP address, information linking visits to the site to the Google account for already logged on users, and preferences for viewing videos.
Place of data processing: USA.
Disabling Google Inc. cookies
Data transmitted to Google is stored on Google’s servers in the United States. For more information on the use of data and their processing by Google, it is recommended that you consult Google’s information at the following internet address: https://www.google.com/intl/it/policies/privacy/. Further information on Google Analytics cookies can be found on the following page: https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage
Users can selectively disable Google Analytics action by installing the appropriate opt-out software provided by Google on its browser. To disable data collection by Google Analytics, please refer to the following link: https://tools.google.com/dlpage/gaoptout.
The User can selectively disable the DoubleClick DART Cookie by preventing its connection to the browser on the appropriate web page: https://adssettings.google.it/authenticated?hl=it#display_optout.
6.3.5 – Social Plugin
This site also incorporates social network plugins and/or buttons in order to allow easy content sharing on your favourite social networks. These plugins do not set cookies but if they are already present on the visitor’s PC, they can be read and used according to the settings. Collection and use of information by third parties are regulated by the respective privacy policies you may refer to.
Google + https://www.google.com/intl/it/policies/privacy// (cookie information link) https://www.google.it/intl/it/policies/technologies/cookies/
7 – Security measures
The Data Controller processes visitor/user data in a lawful and correct manner, adopting appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of data, as well as its illicit use. Data treatment is carried out using IT and/or telematic tools with organizational methods and logic strictly related to the aforementioned purposes, and data is stored in secure systems with access limitation and staff verification. Access to information is strictly limited to authorized personnel.
The website is constantly monitored to check for security breaches and to ensure that information is secure.
Apart from the Data Controller, in some cases, authorisation can be given to employees involved in the website administration (administrative, commercial, marketing and legal staff or system administrators) or external subjects (such as third-party technical service providers, couriers, hosting providers, IT companies, and communication agencies).
It is important to adopt appropriate protection against unauthorized access to passwords and computers. It is important to always make sure that you are signed out when using a computer that is shared with other users.
8 – User rights
Pursuant to art. 7 of Italian Legislative Decree of June 30, 2003, no. 196 http://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/1311248 and to the General Regulations for the Protection of Personal Data, according to the modalities and within the limits foreseen by current legislation, users can:
Object in whole or in part, for legitimate reasons, to the processing of their own personal data for the purpose of sending advertising material, direct selling, market research or commercial communication;
Request confirmation of the existence of personal data concerning themselves;
Be made aware of sources;
Receive intelligible communications;
Be made aware of information regarding logic, methods and purposes of treatment;
Request data to be updated, rectified, integrated, cancelled, transformed into anonymous form, blocked off from data processed in violation of the law, including those no longer necessary for the pursuit of the purposes for which the data was collected;
in cases of consent-based processing, receive at the cost of support only, the data on them provided to the Data Controller, in a comprehensive and readable format drafted by a data processor and in a format commonly used by electronic devices;
The right to file a complaint with the Supervisory Authority (Privacy Authority – at the following website page http://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/4535524);
Moreover, and more generically, users can exercise all the rights that are currently recognized by the law.
All requests should be addressed to the Data Controller.
9 – Subjects regarding data treatment
Pursuant to existing laws, the Data Controller is: Doria Pamphilj s.r.l., as sole shareholder located in Piazza Grazioli 5 – 00186 Rome, and can be contacted by email at email@example.com, or at the specified address.
Data Processor – VHosting Solution s.r.l., Unipersonale (Provider). Agreement document.
10 – Updates