Privacy Policy

Why this warning?

The privacy notice applies only to the website lizetalivigno.it/ (hereinafter also referred to simply as the “website”) and not to any other websites that may be visited by the user via links contained on the website.

This notice is also inspired by Recommendation No. 2/2001 of May 17, 2001, Opinion No. 04/2012 on Cookie Consent Exemption of June 7, 2012, and Working Document 02/2013 providing guidance on obtaining consent for cookies of October 2, 2013, adopted by the European data protection authorities assembled in the Group established under Article 29 of Directive 95/46/EC.

These documents set out certain minimum requirements for the online collection of personal data — in particular, the methods, timing, and nature of the information that data controllers must provide to users when they access web pages, regardless of the purpose of the connection

The data controller

Following consultation of this website, data relating to identified or identifiable natural persons (the so-called data subjects) may be processed.

The Data Controller is Azienda di Promozione e Sviluppo Turistico Srl, with its registered office at Plaza dal Comun, 93, I-23041 Livigno (SO) – Italy, VAT No. 92015260141, represented by its legal representative.

Methodes and purposes of data processing

The processing of data will be carried out in compliance with current regulations and in accordance with the principles of fairness, lawfulness, transparency, relevance, completeness, and proportionality of the information. Moreover, such data will be collected and recorded solely for the purposes described below and will be retained for a period strictly necessary to achieve those purposes.

Processing may consist of the collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, communication by transmission, dissemination, or any other form of disclosure, restriction, erasure, or destruction of data, and will be carried out using electronic tools suitable to ensure the integrity and confidentiality of the data.

The persons or categories of persons who, for the purposes described below, may become aware of the data or to whom the data may be communicated include, within the scope of the website’s operation, internal personnel as well as external parties (suppliers, firms, and other entities providing assistance and consultancy — for example, legal, accounting, financial, technical, organizational, or data processing services; entities providing banking, financial, insurance, or debt collection services; parent, subsidiary, or affiliated companies), who may also be appointed, where necessary, as Data Processors by the Data Controller.

The data may also be communicated to public bodies, law enforcement agencies, or other public or private entities, but solely for the purpose of fulfilling legal, regulatory, or EU obligations.

Unless otherwise specified on other pages of the website — for which specific privacy notices apply — the data collected through the website are processed for the following purposes:

to provide the services requested by users and to respond to user information requests;
ù

  1. to provide user support;
  2. to carry out statistical analyses (on an anonymous basis) aimed at improving the range of services offered;
  3. to enable the possible registration and management of website access;
  4. to comply with legal obligations arising from the aforementioned purposes;
  5. to measure user satisfaction levels in anonymous form.

Data may be disclosed, but only in aggregated and anonymous form, and solely for statistical purposes.

Should the processing also involve personal data falling within the category of “special categories of data” (i.e., data capable of revealing racial or ethnic origin, religious, philosophical, or other beliefs, political opinions, membership in political parties, trade unions, associations, or organizations of a religious, philosophical, political, or trade-union nature, as well as data concerning health, sexual life, or sexual orientation) or “judicial data” (data relating to criminal convictions and offences), such processing will be carried out within the limits established by the General Authorizations of the Italian Data Protection Authority and subsequent equivalent measures, in accordance with the provisions of EU Regulation 679/2016, and solely for purposes strictly necessary for the proper performance of activities, operations related to the provision of products/services, and compliance with contractual and/or legal or regulatory obligations.

Users are invited to avoid including unnecessary sensitive or judicial data, as this may result in the deletion of the message.

The processing operations connected to the website’s web service (“contacts”) take place at the aforementioned registered office and are handled exclusively by the Data Controller.

Except as specified below for browsing data, users are free to provide the personal data requested in any information/request/application/registration forms. Failure to provide such data may make it impossible to obtain the requested service.

Personal data are processed using automated tools for only as long as is strictly necessary to achieve the purposes for which they were collected. Specific security measures are observed to prevent data loss, unlawful or improper use, and unauthorized access.

Retention period

Data are processed and stored for as long as required to fulfill the purposes for which they were collected. Therefore:

Personal data collected for purposes related to the performance of a contract between the Data Controller and the User will be retained until the full execution of that contract, and thereafter as required by law or in order to protect, exercise, or defend the Data Controller’s rights in legal proceedings.

When processing is based on the User’s consent, the Data Controller may retain personal data for a longer period until such consent is withdrawn. Furthermore, the Data Controller may be obliged to retain personal data for a longer period in compliance with a legal obligation or upon order of an authority.

At the end of the retention period, personal data will be deleted. Consequently, upon expiry of that period, the rights of access, erasure, rectification, and data portability can no longer be exercised.

Rights of data subjects

Data subjects have the right, at any time, to obtain confirmation from the Controller as to whether processing concerning them is taking place, to request access to their personal data, to verify its accuracy or request its rectification, restriction, or portability, and to object to the processing (EU Regulation 679/2016).

Requests should be addressed to the operating office of Azienda di Promozione e Sviluppo Turistico srl (via Rasia, 999, I-23041 Livigno (SO) – Italy), or by writing to info@livigno.eu

Place of data processing

The processing operations connected with the web services of this website mainly take place at the Data Controller’s headquarters, as well as in any other location where the parties involved in the processing are situated.

Types of processed data

Information collected automatically

The computer systems and software procedures used to operate this website acquire, during their normal operation, certain personal data whose transmission is implicit in the use of Internet communication protocols.

This information is not collected in order to be associated with identified individuals; however, by its very nature, it could, through processing and association with data held by third parties, make it possible to identify users. Such data include the computers and devices used by users connecting to the site, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the server’s response (successful, error, etc.), and other parameters related to the user’s operating system and IT environment.

When visiting the website, the following information is automatically collected:

  1. User’s hostname. The hostname or Internet Protocol (IP) address of the user requesting access to the site.
  2. HTTP header and “user agent” string, which include the type and version of the browser used and the operating system on which the browser is running.
  3. System date. The date and time of the user’s visit.
  4. Full request. The exact request made by the user.
  5. Content length. The size, in bytes, of each document sent to the user.
  6. Method. The request method used.
  7. Universal Resource Identifier (URI). The location of the resources on the server.
  8. URI query string. Everything that appears after the question mark in the URI.
  9. Type of device used to access the website.
  10. Protocol. The transmission protocol and version used.

The information automatically collected by Azienda di Promozione e Sviluppo Turistico srl through access to the website is used to improve the quality of the service offered to website users.

Such information is gathered for the purpose of carrying out anonymous statistical analyses, in order to determine which data or content are more or less useful or interesting to users, and thus to enhance the effectiveness of the material available on the website.

Data volutarily provided by the user 

The voluntary, explicit, and optional sending of email messages to the addresses indicated on this website entails the subsequent acquisition of the sender’s address — which is necessary in order to respond to requests — as well as any other personal data included in the message.

Apart from what has been specified for information collected automatically, users are free to provide the personal data requested in information/request/application/registration forms. Certain information is marked as mandatory, as it is required to fulfill the user’s requests. Failure to provide such data may make it impossible to obtain the requested service.

For the direct collection of such data, visitors themselves provide their personal data and the related consent to processing in connection with the individual services and/or requests made to Azienda di Promozione e Sviluppo Turistico srl, such as: website registration, submission of applications, registration for restricted areas, information requests, enrollment in courses or events, newsletters, or mailing lists. The consent given may be withdrawn at any time.

Specific privacy notices will be progressively provided or displayed on the pages of the website set up for particular on-demand services.

Cookies

The Data Controller uses so-called cookies to enable secure and efficient navigation of the website, for profiling and marketing purposes, and to allow interaction with social networks. For more information about cookies and their use on the website, users may consult the Cookie Policy page, which forms an integral part of this privacy notice.

Social buttons and widgets.

The website may also include social buttons/widgets — in particular, icons of social networks such as Facebook, Twitter, Instagram, Pinterest, and Google+ — which allow users to access these social networks by clicking on the corresponding icons. With the support of these tools, users can, for example, log into their social accounts, share content, or recommend website products on their social media profiles.

By clicking on social buttons/widgets, the social network may collect data relating to the user’s visit to the website. As mentioned earlier, this privacy notice does not cover the processing of user data by social networks, for which users should refer exclusively to the privacy notice provided by the respective social network.

Except in cases where the user voluntarily shares their browsing data with the selected social networks by clicking on social buttons/widgets, the Data Controller does not disclose or share any personal data of users with social networks.