Personal Data Protection

Note on privacy policy and personal data processing.

Users’ privacy is extremely important. By using this website, you agree to the information we have prepared regarding our privacy policy.

This page describes the site management procedures to process site users’ personal data.The note was drafted pursuant to Art. 13, Legislative Decree No. 196/2003 “Data Protection Code“ for those interacting with the dedicated to the Ministry of Cultural Heritage and Activities (MiBAC).
The legal note is only valid for this website and not for any other websites, which the user may visit via the links contained in the European Year 2018 website. The note is based on the Recommendation No. 2/2001, which the European authorities of on-line personal data protection of the Working Party set up by Art. 29, Directive No. 95/46/EC passed on 17 May 2011 to identify certain minimum requisites for the collection of on-line personal data, and specifically, the procedures, times and nature of the information, which the Data Processors must provide users when they connect to website pages, regardless of why they connect.

The Data Processor
When you visit this website, the data which identifies you or which is identifiable may be processed. The Data Processor is MiBAC, via del Collegio Romano 27 00186 Rome

Type of data processed

Browser data
The computer systems and software procedures used to operate this website acquire some personal data during normal operations, which can be implicitly transmitted by using the Internet communication protocols. This information is not gathered for the purposes of its association with the identified data subjects, but by its very nature, it could enable the users to be identified when processed and associated with data held by third parties. This category of data includes the IP addresses or domain names of the computers used by visitors to the website, the addresses of the requested resources in URI (Uniform Resource identifier) form, the time of the request, the method used to submit the request to the server, the size of the file received in response, the numerical code which indicates the status of the response provided by the server (successfully delivered, error, etc.) and other parameters relative to the user’s operating system and IT environment. This data is only used to process anonymous statistical information on the use of the website and monitor it is functioning smoothly and is erased immediately after processing. The data could be used to verify the liability of the user should cyber crimes be committed, which could damage the website.

Data provided voluntarily by the user
The optional, explicit and voluntary sending of e-mails to the addresses indicated on this site automatically involves the subsequent acquisition of the sender’s address, required to respond to the sender’s requests, and of any other personal data included in the message. Sensitive or legal data will not be processed under any circumstances and if this is provided by the user, it will be erased.

Location of data processing
Data processing related to the web services of this website takes place at the head office of MiBAC or in other locations named by MiBAC and is only performed by the technical staff of the office responsible for the processing, or by other responsible parties appointed by the Data Controller.
No data resulting from the website service will be published The personal data provided by users, who request information and send suggestions, is only used to provide the service or information requested and may be communicated to other areas within MiBAC, or other public or private organisations, only if required to provide the information they have requested.

None of the users’ personal data will be purposely acquired by this website.We do not use cookies to transmit personal information, nor do we use any type of the so-called “persistent cookies”, i.e. systems to trace the users.The use of what are known as session cookies (which are not stored permanently on the user’s computer and disappear when you close your browser) is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server), which are necessary to allow the user to browse the website safely and efficiently.The session cookies used on this website avoid using other computer techniques, which could be potentially prejudicial for your browsing privacy and do not allow your personal identification data to be acquired. The use of permanent cookies is strictly limited to collecting statistic data regarding website access. The portal uses an off-the-shelf product to record accesses to its website. It uses permanent cookies to collect statistical information regarding “unique visitors” (different people) to the site. These cookies, known as “Unique Visitor Cookies”, contain an alphanumerical code, which identifies the browser computer without collecting any personal data, however.Each website page contains a portion of code to collect statistical data on site use, without collecting personal data. Should you decide to disable the cookies on your computer, this will in no way affect your interaction with this website.

Optional nature of data conferral
Without prejudice to the terms specified for the browsing data, you are free to provide your personal data stated on the registration forms for the services on MiBAC’s official website to request information and send suggestions and reports to the site editors or to the telephone contact numbers of MiBAC’s central or peripheral offices indicated. Failure to provide such data could make it impossible to fulfil your requests.
MiBAC is not the Data Controller and is not responsible  for the data collected and services provided by third parties, for which the website acts merely as an exhibition space.

Processing methods
Your personal data is processed using automated tools, only for the time strictly necessary to fulfil the purposes for which they were collected.
Specific safety measures are in place to prevent the data from being lost, used unlawfully or incorrectly and accessed by unauthorised parties.

Rights of the data subjects
The parties to whom the data refers are entitled, at any time, to obtain confirmation of whether or not such data exists and to know its contents and origin, verify its accuracy or request that it be integrated, updated or corrected (Article 7, Italian Legislative Decree No. 196/2003).
Pursuant to same Article, they are also entitled to request their data be erased, anonymised or blocked, when processed unlawfully, and to object to its processing, for legitimate reasons. Requests should be made to MiBAC.