Policy
Privacy Policy
We carry out the processing of ordinary personal data of legitimate interest within the sphere of the fair and as organizers of the event and use technical cookies that do not require specific consent, we also process data through cookies and profiling instruments for which we ask, at the time of acquisition, for your consent in application of the guidelines for the use of cookies approved by the privacy Commissioner with decision no. 231 dated 10.6.2021.
Very few ordinary data do not require express consent and these are limited to personal details, company names, email addresses or telephone numbers, i.e. basically the data necessary in order to fulfill contractual obligations and any related legal obligations incumbent on our company, or that we handle based on our legitimate interest in carrying out entrepreneurial activities according to the procedures adopted by the sector of activity in which we operate and in a proportionate manner to what is normally expected in the professional sphere.
The use of cookies that require specific consent is detailed in the Cookie Policy. Consent is requested at the time of application for participation (e.g., by exhibitors, dance schools, choreographic organizations, event organizers), accreditation with the organizer (e.g., press, guests), or admission to the fair (e.g., performance participants, visitors).
In this regard, we should draw your attention to the importance of the data processing and cookies service. The fair is a service of general interest, expressly intended to enable contacts between economic operators participating in the event in various capacities; the circulation of information that participants provide the organizer or otherwise make public as part of the event is essential for it.
Knowledge of the purpose of the fair is implied by the request to participate in it; however, since the non-technical cookies are not directly identifiable, the protection of personal data requires that they be explicitly indicated and to allow the persons concerned to give specific consent. For this purpose, we would ask you to consider our Cookie policy and give your express consent using the methods indicated therein.
Where necessary within the sphere of the holding of the Event or of the initiatives connected to the same, additional information may be provided in relation to any further processing carried out, to be understood as an integration or even just a specification of this policy statement.
This policy establishes the rules of our processing of personal data that apply generally for all personal data of those who participate in the fair in any role and in any capacity. Based on the mode of admission to the fair, specific ways in which we obtain data and information regarding their processing or consent requests may be specified at the time of data collection.
We would ask you to carefully read the following policy statement and remain at your disposal in the event of any doubts or the need for clarification about how we process or protect your personal data.
Organizations with people participating in the fair and providing the fair organizer with personal data of their participants are required to inform them of this policy and the transfer of personal data necessary to participate in the fair to the fair organizer.
Personal data protection policy statement pursuant to art. 12 and fol. of EU regulation 679/2016
CONTROLLER – CONTACT DETAILS
Danzainfiera events are organized by Danza in fiera s.r.l., a unipersonal company with sole shareholder Pitti Immagine s.r.l., both based in Florence, Italy, at Via Faenza 111. The processing of personal data that are acquired for the fair is done directly by Pitti Immagine with its own means, within the group that it heads. Consequently, the owner of the processing of personal data is substantially and objectively PITTI IMMAGINE S.r.l., with offices in Via Faenza, 111 – Florence, Italy, in the person of the legal representative pro-tempore, is the Controller in terms of processing personal data pursuant to and for the effects of EU Regulation 2016/679.
For any communication regarding privacy or to exercise a right due to a Data Subject under current legislation, the Controller has made this email address available: [email protected]
Additionally, Danza in Fiera s.r.l. adheres to all the obligations of this policy and complies with the law regarding the processing of personal data acquired for the fair.
CATEGORIES OF DATA – PROCESSING SYSTEMS
The personal data we process are those specified in paper forms and/or computerized forms on the institutional website, with specific requests and information for the various roles of participation in Danzainfiera.
Danza in Fiera s.r.l. has acquired the personal data of those who have already participated in Danzainfiera in the past. After Exposervice s.r.l. transferred the Danzainfiera business unit to Pitti Immagine s.r.l., the event’s previous owner, the Pitti Immagine s.r.l. group acquired it. This policy applies to this data as well, with all legal rights.
PROCESSING METHODS AND CONFIDENTIALITY OBLIGATION
Data is processed by means of IT tools and/or manually on paper, by persons expressly authorised by the Controller or, in any case, by persons bound by confidentiality agreements, using logic appropriate to the purposes for which the data was collected and, in any case, in order to guarantee the security and confidentiality of the data.
Your data will not be disclosed or disseminated except for their use within the group of companies to which Danzainfiera s.r.l. belongs, as specified in this policy.
THE PURPOSE OF THE PROCESSING – LEGAL BASIS
The personal data collected will be used for purposes connected with pre-contractual, contractual, legal, tax and accounting requirements, for service communications, to manage complaints and to provide information on our future trade show initiatives and events.
The personal data processed does not require your consent.
Indeed, processing the personal data collected is connected to pre-contractual and/or contractual issues, or is done to fulfil a specific legal obligation incumbent on the Controller, or is done to send information about services which are identical or similar to those you purchased when attending an event. In this latter case, the information activity is done on the basis of our legitimate interests in making you aware of our business and in promoting it amongst operators in the sector; within the limits of this purpose, and bearing in mind the professional relationship already established with you, we will use the personal data provided to us, as part of the registration process in our system, to also send you our periodic Newsletter, without prejudice to your right to object to receiving the same, either from the outset or at any moment thereafter and without formality.
PROVIDING DATA
The data considered mandatory is that data needed to conclude a contract or to provide the requested services, or that data relating to the fulfilment of a specific legal obligation incumbent on the Controller (for example, the obligations related to keeping accounting and tax records). Failure to communicate this data will prevent a contract from being concluded or a service from being provided.
This data also meets one of the Controller’s legitimate interests which is to share this information with other companies in the “Centro di Firenze per la Moda Italiana” Group (of which Pitti Immagine S.r.l. is a part), due to organisational or coordination needs or to support the Controller’s activities, within the limits of necessity and proportionality regarding the purpose for which the data is sent, also taking into account the nature of the data processed and the relationship with the Data Subject.
TRANSFERRING DATA TO A THIRD COUNTRY
If data is transferred to a third country, the Controller will comply with the provisions of Chapter V of EU Regulation no. 679/2016. Every necessary precaution will be taken in order to ensure that the personal data is protected by basing this transfer on: a) adequacy decisions regarding third countries adopted by the European Commission; b) adequate guarantees given by the third party recipient pursuant to article 46 of the EU Regulation; c) adopting binding corporate rules.
The Controller will also transfer personal data, even in the absence of the aforementioned conditions, if one of the derogation situations exist as provided for by article 49 of the EU Regulation.
You may contact the Controller for more specific information on transfers made to a third country.
COMMUNICATION TO THIRD PARTIES
The data collected may be sent to third parties exclusively for the purposes specified above or to fulfil a connected, instrumental or supporting activity.
These third parties will process the data as independent Controllers or, depending on the case, as External Processors expressly appointed by the Controller. In this latter case, Processors will follow the Controller’s instructions and will be under the Controller’s supervision.
This essentially involves the following categories:
– the Controller’s employees, suppliers and collaborators;
– external companies and other professionals who carry out specific services on our behalf;
– a service provider, to send the newsletter, which has been appointed as an external processor;
– bodies and Public Administrations for compliance with legal requirements;
Furthermore, the data acquired by the various participants in the fair may be communicated by the Data Controller to other participants to the fair when this is necessary or appropriate for the purposes of the participation itself, which imply for the various participants the search or availability to establish contacts for the different activities of the fair. In this context and for these purposes, the communication will be made excluding massive communications of personal data, within the limits of the legitimate interest of the fair organizer and of the recipients of the communication according to what is proper and ordinarily foreseeable in participation in the fair.
The access badge which we deliver contains personal data that you provided us with in the registration form. Exhibitors are able to read this badge through an optical reader or PittiSmart mobile app, and this allows them access to the personal data contained in this form, in compliance with the purposes and the processing methods each one employs.
STORAGE TIMES
A Data Subject’s personal data will be kept for the time necessary to fulfil the existing relationships between the parties and to fulfil the relative obligations, without prejudice to storing data for a longer period as may be required by law. Once such a period ends, the data will be erased.
THE DATA SUBJECT’S RIGHTS
In accordance with the law in force, the Data Subject may assert his/her rights vis-à-vis the Controller, as stated by Regulation 679/2016, i.e.:
– Right of access (art. 15);
– Right to rectification (art. 16);
– Right to erasure (art. 17);
– Right to restriction of processing (art. 18);
– Right to data portability (art. 20);
– Right to object (21);
– Right to withdraw consent;
– Right to lodge a complaint with a Supervisory Authority in the cases provided for by the Regulation. For more details, consult the Italian Data Protection Authority’s site www.garanteprivacy.it.
To exercise any of the aforementioned rights, the Controller should be contacted at the address indicated above, specifying the subject of the request.
Upon receiving a specific request from a Data Subject, pursuant to articles 15-22 of the Regulation, the Controller will provide as a response the information relating to the action taken without unjustified delay and, in any case, at the latest within one month from the date on which the request was received.
This deadline may be extended to two months, if necessary, after taking into account the complexity and number of requests received. The Controller will inform the Data Subject of any extension and the reasons for the delay within one month from the date on which the request was received.
In the event that the request is not deemed to be admissible, the Data Subject will be informed, without delay, and, at the latest, within one month from the date on which the request was received, of the reasons for which the request cannot be fulfilled and of the option to lodge a complaint with a Supervisory Authority as well as the option of appealing to a judicial authority.
The Data Subject’s individual rights are detailed below:
RIGHT OF ACCESS – ART. 15
The Data Subject shall have the right to obtain from the Controller confirmation as to whether or not personal data concerning him/her is being processed, and, where that is the case, access to the personal data and the following information:
a) the purposes of the processing;
b) the categories of personal data concerned;
c) the recipients or categories of recipient to whom the personal data has been or will be disclosed, in particular recipients in third countries or international organisations;
d) where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
e) the existence of the right to request from the Controller rectification or erasure of personal data or restriction of processing of personal data concerning the Data Subject or to object to such processing;
f) the right to lodge a complaint with a Supervisory Authority;
g) where the personal data is not collected from the Data Subject, any available information as to its source;
h) the existence of automated decision-making processes, including profiling, referred to in article 22(1) and (4) and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the Data Subject.
1. Where personal data is transferred to a third country or to an international organisation, the Data Subject shall have the right to be informed of the appropriate safeguards pursuant to article 46 relating to the transfer.
2. The Controller shall provide a copy of the personal data undergoing processing. For any further copies requested by the Data Subject, the Controller may charge a reasonable fee based on administrative costs. Where the Data Subject makes the request by electronic means, and unless otherwise requested by the Data Subject, the information shall be provided in a commonly used electronic form.
The right to obtain a copy shall not adversely affect the rights and freedoms of others.
RIGHT TO RECTIFICATION – ART. 16
The Data Subject shall have the right to obtain from the Controller without undue delay the rectification of inaccurate personal data concerning him/her. Taking into account the purposes of the processing, the Data Subject shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
RIGHT TO ERASURE – ART. 17
The Data Subject shall have the right to obtain from the Controller confirmation as to whether or not personal data concerning him/her is being processed, and, where that is the case, access to the personal data and the following information:
a) the purposes of the processing;
b) the categories of personal data concerned;
c) the recipients or categories of recipient to whom the personal data has been or will be disclosed, in particular recipients in third countries or international organisations;
d) where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
e) the existence of the right to request from the Controller rectification or erasure of personal data or restriction of processing of personal data concerning the Data Subject or to object to such processing;
f) the right to lodge a complaint with a Supervisory Authority;
g) where the personal data is not collected from the Data Subject, any available information as to its source;
h) the existence of automated decision-making processes, including profiling, referred to in article 22(1) and (4) and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the Data Subject.
1. Where personal data is transferred to a third country or to an international organisation, the Data Subject shall have the right to be informed of the appropriate safeguards pursuant to article 46 relating to the transfer.
2. The Controller shall provide a copy of the personal data undergoing processing. For any further copies requested by the Data Subject, the Controller may charge a reasonable fee based on administrative costs. Where the Data Subject makes the request by electronic means, and unless otherwise requested by the Data Subject, the information shall be provided in a commonly used electronic form.
The right to obtain a copy shall not adversely affect the rights and freedoms of others.
RIGHT TO RESTRICTION OF PROCESSING – ART. 18
1. The Data Subject shall have the right to obtain from the Controller restriction of processing where one of the following applies:
a) the accuracy of the personal data is contested by the Data Subject, for a period enabling the Controller to verify the accuracy of the personal data;
b) the processing is unlawful and the Data Subject opposes the erasure of the personal data and requests the restriction of their use instead;
c) the Controller no longer needs the personal data for the purposes of the processing, but the data is required by the Data Subject to establish, exercise or defend a right in a court of law;
d) the Data Subject has objected to processing pursuant to article 21(1) pending the verification of whether the legitimate grounds of the Controller override those of the Data Subject.
2. Where processing has been restricted under paragraph 1, such personal data shall, with the exception of storage, only be processed with the Data Subject’s consent or to establish, exercise or defend a right in a court of law or to protect the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.
3. A Data Subject who has obtained restriction of processing pursuant to paragraph 1 shall be informed by the Controller before the restriction of processing is lifted.
RIGHT TO DATA PORTABILITY – ART. 20
1. The Data Subject shall have the right to receive the personal data concerning him/her, which he/she has provided to a Controller, in a structured, commonly used and machine-readable format and shall have the right to transmit that data to another controller without hindrance from the Controller to which the personal data has been provided, where:
a) the processing is based on consent pursuant to point (a) of article 6(1) or point (a) of article 9(2) or on a contract pursuant to point (b) of article 6(1); and
b) the processing is carried out by automated means.
2. In exercising his/her right to data portability pursuant to paragraph 1, the Data Subject shall have the right to have the personal data transmitted directly from one controller to another, where technically feasible.
3. The exercise of the right referred to in paragraph 1 of this article shall be without prejudice to article 17. That right shall not apply to processing necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Controller.
4. The right referred to in paragraph 1 shall not adversely affect the rights and freedoms of others.
RIGHT TO OBJECT TO PROCESSING – ART. 21
1. The Data Subject shall have the right to object, on grounds relating to his/her particular situation, at any time to processing of personal data concerning him/her which is based on point (e) or (f) of article 6(1), including profiling based on those provisions. The Controller shall no longer process the personal data unless the Controller demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the Data Subject or to establish, exercise or defend a right in a court of law.
2. Where personal data is processed for direct marketing purposes, the Data Subject shall have the right to object at any time to the processing of the personal data concerning him/her for such marketing, which includes profiling to the extent that it is related to such direct marketing.
3. Where the Data Subject objects to processing for direct marketing purposes, the personal data shall no longer be processed for such purposes.
4. At the latest at the time of the first communication with the Data Subject, the right referred to in paragraphs 1 and 2 shall be explicitly brought to the attention of the Data Subject and shall be presented clearly and separately from any other information.
5. In the context of the use of information society services, and notwithstanding Directive 2002/58/EC, the Data Subject may exercise his/her right to object by automated means using technical specifications.
6. Where personal data is processed for scientific or historical research purposes or statistical purposes pursuant to article 89(1), the Data Subject, on grounds relating to his/her particular situation, shall have the right to object to the processing of the personal data concerning him/her, unless the processing is necessary for the performance of a task carried out for reasons of public interest.
NEWSLETTER SERVICE
If you do not wish to receive our newsletter, you may unsubscribe at any moment by clicking the “Unsubscribe” link found in any of the emails received from us.
In the event of a technical problem, you may notify us by email at the address given above.
