Venice Boat Show

Information on the Protection of Personal Data pursuant to European Regulation 679/16

In accordance with European Regulation 679/16 This information is provided to Users who interact with the website of the Venice Boat Show

ABOUT US
The company Ve.La S.p.A. (henceforth Vela), under the direction and coordination of the Venetian Mobility Company s.p.a., , is therefore part of the AVM Group, together with the parent company and ACTV s.p.a. and carries out many activities including:

activities of distribution, commercial intermediation and sale of tickets in general, tickets and/or electronic cards that allow access to public and private services, such as museums, cultural institutions, shows and sporting events and the like

coordination, integration, commercial intermediation, development, marketing and distribution of multi-service packages and other services and products, aimed at improving the quality of the visit and the management of tourist flows in the Municipality of Venice

programming of artistic and spectacular events, including the great traditional festivals that take place in Venice, enhancing the marketing activities related to the Venice brand
promotion and management of the spaces owned by the City of Venice in the compendium of the Arsenale.

For the services referred to in points 1 and 2, Vela issues to the customer the Venezia Unica card and, in general to offer all its services, also makes use of the websites www.velaspa.com, www.veneziaunica.it , events.veneziaunica.it e www.carnevale.venezia.it , www.regatastoricavenezia.it, www.carnevale.venezia.it Vela is therefore the data controller of the personal data collected.

HOW WE COLLECT YOUR PERSONAL DATA Vela collects and processes your personal data in the following circumstances:

if you purchase one of the services provided, entering into a contract;
if you register to the website to use its features;
if you contact us in order to request information, make a complaint or report, request a refund regarding the services provided;
if you agree to be contacted for marketing purposes or for market research, surveys and statistical processing;
if other AVM Group companies or business partners legitimately communicate their personal data to Vela.

Please help us to keep your personal data up to date and inform us of any changes. Any changes related to the personal data must be promptly communicated to Vela in order to avoid incurring problems related to the use of the services provided.

WHAT PERSONAL DATA ABOUT YOU MAY BE COLLECTED The following categories of personal data about you may be collected:

Personal and contact details – information about your name, place and date of birth, tax number, address, phone number, place of work, email address and, if you link to our sites or app, via social login (ie the account of a social to which you are subscribed), also the data that are visible in that social based on the privacy settings you set

Using the site web – information about how you use the site, open or forward our communications, including information collected through cookies (can find our Cookie Policy [here])

WHAT PURPOSES YOUR PERSONAL DATA MAY BE USED/strong>
The processing of personal data in compliance with European data protection laws must be legitimised by one of the various legal conditions provided for and we are required to indicate these conditions for each processing described, as you can read below:

A) Establishment and execution of contractual relations and consequent obligations, including communication relating to services Vela may process your personal data for the purposes of the possible establishment and execution of contractual relations, the provision of the services requested and the response to reports and complaints. Vela may also use your contact details and in particular your email address to provide you with information about the services offered. Prerequisite for processing: fulfillment of contractual obligations. The provision of data is mandatory to manage the contractual relationship.
B) Operational management and purposes closely related to access to the Site Vela collects your personal data to allow you to access the site and provide you with the services available there, including by accessing your Personal Area in order to: (i) download from your Personal Area documents relating to the services you have purchased; (ii) process other requests made through the website. Prerequisite for processing: fulfillment of contractual obligations. The provision of data is mandatory to respond to your requests.
C) Customer Satisfaction Surveys Vela may use its contact details to conduct institutional surveys to measure satisfaction (so-called customer/span>) of the service provided. Prerequisite for processing: legitimate interest The owner with this activity complies with the contractual obligations assumed with the service contract in force with the Entrusted Entity and implements any useful activities in order to improve, implement and make the service more efficient.
D) Marketing to meet your needs and to provide you with promotional offers Vela collects your contact data for marketing and advertising communication purposes, aimed at informing you about promotional sales initiatives, made by automated means of contact (e-mail, sms and other mass messaging tools, etc.) and traditional methods of contact (for example, phone call with operator). Prerequisite for processing: your consent is required. Consent can be revoked at any time through the privacy form on the website. E) Compliance with legally binding requests to comply with legal obligations, regulations or measures of the judicial authority Vela collects your personal data to comply with legal provisions. Prerequisite for processing: legal obligations.

HOW WE KEEP YOUR PERSONAL DATA SAFE

Vela uses a wide range of security measures in order to improve the protection and maintenance of the security, integrity and accessibility of your personal data. Although at present, as we know, it is not possible for anyone to guarantee security from intrusions in the transmission of data that takes place on the internet and websites, we, our suppliers and business partners are committed to ensuring physical protections, electronic and procedural data to protect your personal data in accordance with the law and with maximum responsibility. All of your personal data is stored on secure servers (or secure hard copies) and is accessible and usable according to our security standards and policies (or equivalent standards for our suppliers or business partners). We take measures such as:

the strict restriction of access to your personal data, according to the need and only for the purposes communicated;

perimeter security systems to prevent unauthorized access from outside

permanent monitoring of access to information systems to detect and stop the abuse of personal data.

penetration tests with half-yearly frequency to highlight any flaws in perimeter security

tracking of access to your personal data by internal personnel and verification of the relative purpose

Transactions on our websites that require you to enter your personal data are encrypted using Secure Socket Layer (SSL)

Where we have provided you (or you have chosen) with a password that allows you to access certain parts of our website or other portals, applications or services we provide, You will be responsible for the secrecy of that password and for compliance with any other security procedures we notify you of. Please do not share your password with anyone.

span class=”bold”>HOW LONG WE KEEP YOUR INFORMATION
We store your personal data only for the time necessary to achieve the purposes for which they were collected or for any other legitimate related purpose. Therefore, if personal data are processed for two different purposes, we will retain such data until the purpose expires with the longest term, however we will no longer process personal data for that purpose for which the retention period has expired. We restrict access to your personal data only to those who need to use it to perform their duties. Your personal data that are no longer necessary, or for which there is no longer a legal requirement for its storage, are irreversibly anonymized (and thus can be stored) or securely destroyed. Here are the storage times in relation to the different purposes listed above: Fulfilment of contractual obligations: the data processed to fulfill any contractual obligation may be kept for the duration of the contract as well as for the next 10 years (in the case of the Venezia Unica card, for 1 year after the expiry of the card)in order to verify any claims or to comply with legal obligations (e.g., accounting documentation). Operational management and purposes strictly related to this for access to the website: the data processed for this purpose may be stored for 1 year following the duration of the underlying contract for which access was made. Purpose of customer satisfaction surveys: the data processed for this purpose may be stored for 3 years from the date of the survey. Marketing purposes: personal data processed for marketing purposes may be stored for 2 years from the date on which we obtained your last consent for this purpose (with the exception of opposition to receiving further communications). Disputes: In the event that we need to defend ourselves or take action or even make claims against you or third parties, we may retain personal data that we reasonably deem necessary to process for such purposes, for as long as such claim may be pursued.

WHO WE CAN SHARE YOUR PERSONAL DATA
Your personal data may be accessed by Vela employees, as well as suppliers and collaborators, duly appointed data controllers, who provide support for the provision of services, as well as companies of the AVM group (including the parent company Azienda Veneziana della Mobilità S.p.A. which is entrusted with the local public transport service and Actv S.p.A. which operates it).

span class=”bold”>CONTACTS If you have any questions about our processing of your personal data, please use the web form “privacy” presente alla sezione “contatti” del sito ww.avmspa.it ovvero di contattare il numero di telefono 0412722111, requesting the secretariat of the Legal and Corporate Affairs Directorate. We also inform you that the Company has appointed an external data protection officer (DPO) whose contact details are [email protected], to which you can address in general for matters relating to the protection of personal data and related rights.

span class=”bold”>YOUR DATA PROTECTION RIGHTS AND YOUR RIGHT TO COMPLAIN TO THE SUPERVISORY AUTHORITY

Under the terms of the law, you have the right to ask us: access to your personal data the portability of the personal data you have provided us with the rectification of the data in our possession the deletion of any data for which we no longer have any legal basis for processing the revocation of your consent, in the event that the processing is based on consent and is related to direct marketing activities limiting the way we process your personal data, in the cases provided for by law. In addition, you may exercise the right to object in the case of data processed for legitimate interest, in particular in the case of customer satisfaction. The exercise of all these rights is subject to certain exceptions aimed at safeguarding the public interest (for example, the prevention or identification of crimes) and our interests (understood as legitimate and compelling reasons). If you exercise any of the above rights, it will be our responsibility to verify that you are entitled to exercise them and we will give you feedback, as a rule, within one month. If you are not satisfied with the way in which we process your personal data, or with our feedback, you have the right to lodge a complaint with the supervisory authority whose contacts can be found on the website www.garanteprivacy.it /a>