This page describes how to manage the site with reference to the processing of personal data of users who consult it.
This information is given pursuant to EU Regulation 2016/679 of 27 April 2016 (GDPR) to those who interact with the web services of Museo della Carta Amalfi owned by Bambagina S.r.l., which can be accessed via internet at the following addresses:
corresponding to the initial pages of the Amalfi Paper Museum website. The information is provided only for the site indicated and not for other external websites, possibly consulted by the user through links on the pages.
THE HOLDER OF THE TREATMENT
The “owner” of the treatment is Bambagina S.r.l. owner of Museo della Carta Amalfi, located in Via delle Cartiere, 23 – 84011 – Amalfi (SA).
The complete and updated list of the persons designated as responsible is available on request at the holder’s office.
TYPES OF DATA PROCESSED
Information systems and software procedures used to operate this website acquire, during the normal course of operation, some personal data whose transmission is implicit in the use of communication protocols of the Internet . This information is not collected to be associated with identified data subjects, but by its own very nature could, through processing and association with data held by third parties, allow users to be identified.
This category of data includes IP addresses or names for computers domain used by users connecting to the wevsite, URI (Uniform Resource Identifier) addresses of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc..) and other parameters relating to the operating system and computer environment of the user. This data is used for the sole purpose of obtaining anonymous statistical information on the use of the site and of checking its correct functioning. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the site.
Data voluntarily provided by the user
Except what specified for navigation data and cookies used on the website www.museodellacarta.it you are free to provide your personal data.
Requests for information and / or quotes involves the acquisition of your contact details, necessary to respond, as well as all personal data included in communications.
For the purchase of tickets through our website, the provision of data is compulsory and indispensable for the conclusion of the order.
COMMUNICATION AND DISSEMINATION OF DATA
The personal data provided by you shall be used exclusively to provide the service requested and will not be communicated to third parties, except in the following possible cases:
– independent suppliers who may process the Personal data necessary to perform the entrustedfunctions, but may not use them for other purposes, while respecting the guarantees provided for by law;
– persons, companies or professional firms providing assistance and advice on accounting, administrative, legal, tax, financial and technical matters;
– subjects who have the right to access data is recognized either by law or by orders of the authorities.
Payment services are entrusted to third party suppliers, to whom you will communicate your data, including personal data and credit card data, who will act as independent data controllers in order to provide payment services in compliance with the rules applicable and international security standards.
The processing operations connected to web services are carried out only by technical personnel in charge of processing, or by persons in charge of occasional maintenance operations. No data deriving from the web service is communicated or disclosed to third parties.
STORAGE OF COLLECTED DATA
The processing of personal data will be carried out either by means of paper or computerized means for the time needed to achieve the purposes for which they were collected or in any case for the time necessary for the establishment, exercise and defence through legal action of our rights and users’ rights.
We are committed to protect the personal data of our users. For this reason we have taken appropriate technical and organisational measures to ensure the security of the personal data you provide.
– we monitor our practices for data acquisition, storage and processing activities, including physical security measures, in order to prevent unauthorised access to systems;
– we use encryption technologies, where appropriate;
– we use password protection measures, where appropriate;
– we limit access to Personal Data to employees and contractors who need access to such data in order to process it on our behalf and under strict contractual confidentiality obligations.
Please notice that the site does not use or will never use tracking or profiling cookies, but only those strictly necessary for the functioning and structured analysis of performance and traffic.
Cookies are short text strings (letters and/or numbers) that allow the web server to store information on the client (the browser) to be reused during the same visit to the site (session cookies) or afterwards, even after days (persistent cookies). Cookies are stored, according to the user’s preferences, by the individual browser on the specific device used (computer, tablet, smartphone).
Types of cookies
Strictly necessary cookies
These cookies are essential for the proper functioning of the site www.museodellacarta.it and are used to manage login and access to the reserved functions of the site. The duration of cookies is strictly limited to the working session (when you close your browser, they are deleted).
Analysis and performance cookies
These are cookies used to collect and analyze traffic and usage of the site in an anonymous form. These cookies, while not identifying the user, allow, for example, to detect if the same user logs in again at different times. They also make it possible to monitor the system and improve its performance and usability. The deactivation of these cookies can be performed without any loss of functionality.
Third party cookies
When you visit a website, you may receive cookies both from the website you are visiting (“proprietary cookies”) and from websites operated by other organisations (“third parties”).
The website www.museodellacarta.it also includes components transmitted by Google Analytics, a web traffic analysis service provided by Google, Inc. (“Google”). These are third-party cookies that are collected and managed anonymously to monitor and improve performance of the website (so-called performance cookies). On this website, the Google Analytics cookie are anonymised in order to be comparable to technical cookies. With the use of Google Analytics cookies with anonymized IP, all information is collected by Google Analytics in an aggregated form.
For further information, please refer to the link below:
Duration of cookies
Some cookies (session cookies) remain active only until the browser is closed or the logout command is executed. Other cookies “survive” when the browser is closed and are also available on subsequent visits by the user.
These cookies are called persistent and their duration is set by the server when they are created. In some cases an expiry date is set, in other cases the duration is unlimited.
However, by browsing the pages of the website www.museodellacarta.it , you can interact with sites managed by third parties that may create or modify permanent and profiling cookies.
You can decide whether or not to accept cookies using your browser settings.
Warning: disabling all or part of technical cookies may compromise the use of the site’s features that are reserved for registered users. On the contrary, the usability of public content is also possible by completely disabling cookies. Disabling “third party” cookies in no way affects navigability.
An updated list with instructions for the management of cookies in the most used browsers can be consulted on the page
MODALITIES OF TREATMENT
Personal data are processed with automated tools. Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access.
RIGHTS OF DATA SUBJECTS
You may contact the Owner or the Manager directly to assert your rights, as provided for by the Applicable Regulations.
The rights guaranteed by the Applicable Regulations may be exercised by contacting the Owner by registered letter at the registered office of Bambagina S.r.l. at the address indicated above or by sending an e-mail to the following address firstname.lastname@example.org.
According to the Applicable Regulations, we inform you that you have the right to obtain the indication of the origin of your personal data;
the purposes and methods of processing;
the logic applied in case of processing carried out with the aid of electronic instruments;
the identification details of the Data Controller and Data Processor;
subjects or categories of subjects to whom the personal data can be communicated or who may be aware of them as data processors or persons in charge.
Furthermore, you have the right to obtain:
a) access, updating, the rectification or, where interested therein, integration of data;
b) cancellation, transformation into anonymous form or blocking of data processed in violation of the law, including data whose retention is unnecessary for the purposes for which the data were collected or subsequently processed;
c) certification that the parties referred to in letters a) and b) have been notified, also as regards their contents, of those to whom the data were communicated or disseminated, except for the case where notification proves impossible or requires the use of means clearly disproportionate with respect to the protected right.
Moreover, you have:
a) the right at all time to withdraw your consent if you have consented to the processing of your personal data for commercial and marketing purposes;
b) if applicable, the right to data portability (right to receive all personal data concerning you in a structured, commonly used and machine-readable format), the right to limitation of the processing of personal data and the right to erasure (“right to be forgotten”);
c) the right to object in whole or in part, for reasons related to your personal situation, to the processing of personal data concerning you, even if pertinent to the purpose of collection, and to object, at any time, to the processing of data for marketing purposes or to object only with regard to certain methods;
d) if you consider that the processing of personal data carried out by the Data Controller is in breach of the
Regulation, you have the right to lodge a complaint with a Supervisory Authority (in the Member State in which you habitually reside, in the Member State in which you work or in the Member State in which the alleged breach has occurred). The Italian Control Authority is the Guarantor for the protection of personal data, based in Piazza di Monte Citorio n. 121, 00186 – Rome (http://www.garanteprivacy.it/).