PRIVACY​ POLICY



Privacy policy of www.parconaturaviva.it/en
This is to inform you that this website collects personal data of its users. The data is processed pursuant to the criteria laid down by the European regulation on personal data protection, Regulation (EU) 2016/679, in force since 25 May 2018 (hereinafter, G.D.P.R). According to the aforementioned regulation, the processing must be guided by principles of correctness, lawfulness and transparency, and protection of your confidentiality and your rights. 

Data controller
Parco Natura Viva – Garda Zoological Park S.r.l. in the person of its Legal Representative Mr Cesare Avesani Zaborra, with registered office situated in Località Figara 40, 37012 Bussolengo (VR).

E-mail Address of the Data Controller
privacy@parconaturaviva.it

Categories of data collected
The personal data processed by this Application include: Name, Surname, Telephone number, Postal Code, Province and Email address.
The Personal Data may be freely provided by the User to make use of the services offered by this website or, in the event of Usage Data, automatically collected during use of this Website. Unless otherwise specified, all the Data requested by this Website is mandatory. If the User refuses to communicate the same, it might prove impossible for this Website to provide the Services requested. In those instances where this Website indicates some Data as optional, Users are free to refrain from communicating it, without affecting in any way the availability of the Service or its operation.
If Users entertain any doubts on which Data is mandatory, they are encouraged to contact the Data Controller.
Any use of Cookies – or other tracking tools – by this Website or by the owners of third party services used by this Website, unless otherwise specified, aims to provide the Service requested by the User, as well as to fulfil the other purposes described in this document and in the Cookie Policy, wherever available.
The User is liable for the Personal Data of third parties obtained, published or shared through this Website and warrants that he/she has the right to communicate or disseminate it, thereby releasing the Data Controller from any liability vis-à-vis third parties.

METHOD AND PLACE OF PROCESSING THE DATA COLLECTED

Processing method

The Data Controller adopts the safety measures suitable for preventing the unauthorised access to, dissemination, amendment or destruction of the Personal Data. The processing is carried out by means of IT and/or electronic tools, pursuant to organisational methods and a logic closely associated with the aforementioned purposes. Besides the Data Controller, the Data might in some instances be accessed by other persons involved in the organisation of this Website (administrative, commercial and marketing staff, lawyers, system administrators) or by external persons (such as third party technical service providers, mail carriers, hosting providers, IT companies, communication agencies) appointed, if need be, even as Data Supervisors by the Data Controller. The updated list of Data Supervisors may always be requested from the Data Controller.

Place of processing
The Data is processed at the operational headquarters of the Data Controller/Supervisor and in any other place where the parties involved in the data processing are situated. For more information, please contact the Data Controller. The User’s Personal Data may be transferred to a country other than the one in which the User is located. To obtain further information on the processing place, the User may refer to the section concerning the details about Personal Data processing.
If one of the aforementioned transfers has taken place, the User may request information from the Data Controller by contacting it through the contact details set out at the beginning.

Legal ground of the processing
The Owner will process the Personal Data relating to the user where one of the following conditions is met:
• the User has granted consent for one or more specific purposes;
• the processing is necessary to perform a contract with the User and/or implement pre-contractual measures;
• the processing is necessary to comply with a legal obligation the Data Controller is subject to;
• the processing is necessary to pursue the legitimate interest of the Data Controller or that of third parties.

It is in any event always possible to ask the Data Controller to clarify the concrete legal ground of each processing and specify, in particular, whether the processing is founded on the law, stipulated by contract, or necessary to conclude a contract.

Data storage period
The Data is processed and stored for the time required by the purposes for which the same has been collected.
Accordingly:
• The Personal Data collected for purposes associated with performance of a contract between the Data Controller and the User will be retained until performance of such contract has been completed.
• The Personal Data collected for purposes traceable to the Data Controller’s legitimate interest will be retained until such interest has been fulfilled. The User may obtain additional information on the legitimate interest pursued by the Data Controller under the relevant sections of this document or by contacting the Data Controller.

When the processing is founded on the User’s consent, the Data Controller may store the Personal Data longer until such consent is revoked. Moreover, the Data Controller might be obliged to store the Personal Data for a longer period to comply with a legal obligation or by order of an authority. At the end of the storage period, the Personal Data will be erased. Accordingly, once such term has expired, the rights of access, erasure and rectification and the right to Data portability may no longer be exercised.

Purposes
User Data is collected:
• to enable the Data Controller to provide its services;
• to contact the User for promotional purposes;
• for statistical purposes.

To obtain further detailed information on the purposes behind the processing and on the Personal Data concretely relevant to each purpose, the User may refer to the relevant sections of this document.

Details on the Personal Data processing
More specifically, the personal data is collected in order to:
• contact the User by filling in the “contract forms” of this Website;
• send newsletters in the event that the User has granted his/her consent.

User Rights
Users may exercise specific rights in respect of the Data processed by the Data Controller.
In particular, the User is entitled to:
revoke consent at any time. The User may revoke consent to the processing of his/her Personal Data previously expressed by him/her.
object to the processing of his/her own Data whenever that occurs on a legal ground other than consent. Further details on the right of objection are set out in the section below.
access his/her own Data. The User is entitled to obtain information on the Data processed by the Data Controller on specific aspects of the processing, and to receive a copy of the Data processed.
check and request rectification. The User may check the correctness of his/her own Data and request its update or rectification.
obtain the restriction of the processing. When certain conditions are met the User may request the restriction of the processing of his/her own Data. In that case, the Data Controller will not process the Data for any purpose other than its storage.
obtain the erasure or removal of his/her Personal Data. When certain conditions are met the User may request the erasure by the Data Controller of his/her own Data.
receive his/her own Data or have them transferred to another Data Controller. The User is entitled to receive his/her own Data in a structured format, commonly in use and readable by an automatic device, and, wherever technically feasible, to obtain its unhindered transfer to another data controller. This provision is applicable when the Data is processed with automated tools and the processing is founded on the User’s consent, upon a contract the User is a party to or upon contractual measures associated therewith.
lodge a complaint. The User may lodge a complaint with the competent personal data protection authority or institute judicial proceedings.

How to exercise the rights
To exercise the User rights, Users may address a request to the Data Controller’s contact details set out in this document. The requests are filed free of charge and attended to by the Data Controller as quickly as possible, at the latest within a month.

Further information on the processing

Defence of proceedings

The User’s Personal Data may be used by the Data Controller in judicial proceedings or during the phases preparatory to instituting the same to defend itself against abuses by the User in the use of this Website or the Services associated therewith.
The User represents that he/she is aware of the fact that the Data Controller might be obliged to disclose the Data by order of the public authorities. 

Specific information notices
At the User’s request, in addition to the information set out in this privacy policy, this Website might provide the User with additional and contextual information notices relating to specific Services or to the Personal Data collection and processing.

System Log-in and maintenance
Due to needs related to its operation and maintenance, this Website and any third party services used by it might collect system Log-in, i.e. files that record interactions and could contain Personal Data as well, such as the User’s IP address. 

Use of Cookies​
The Parco Natura Viva website makes use of “cookies” to enable the user to customise his/her own visit to the website. The full Cookie policy of this website is available at: https://www.parconaturaviva.it/eucookielaw/en

Information not included in this policy

Additional information about the processing of Personal Data may be requested at any time from the Data Controller by using its contact details.

Amendments to this Privacy Policy
The Data Controller reserves the right to introduce amendments to this privacy policy at any time by informing Users on this web page and, if possible, on this Website, as well as, wherever technically and legally feasible, by sending a notification to Users through one of the contact details the Data Controller is in possession of. You are thus kindly invited to regularly consult this page, paying regard to the date of the latest amendment set out at the bottom.

If the amendments relate to any processing whose legal ground is consent, the Data Controller will gather the User’s consent afresh, if need be.

Definitions and legal references

Personal data (or data)

A personal data consists in any information that, directly or indirectly, including by connection with any other information, personal identification number included, identifies a natural person or renders him/her identifiable.

Usage data
It consists in the information automatically collected through this Website (including by third party applications integrated into this Website), such as: the IP addresses or the domain names of the computers utilised by the User connecting to this Website, the URI (Uniform Resource Identifier) addresses, the time of the request, the method used to forward the request to the server, the size of the file obtained in reply, the numerical code setting out the status of the server’s response (successful, error, etc.), the country of origin, the characteristics of the browser and operating system used by the visitor, the various temporal connotations of the visit (e.g. the time spent on each page), and the details relating to the itinerary followed inside the Application, especially as regards the sequence of the pages consulted, the parameters relating to the operating system, and the User’s IT environment.

User
The individual who uses this Website who, unless otherwise specified, coincides with the data subject.

Data subject
The natural person to whom the Personal Data relate.

Data Supervisor
The natural or legal person, the public administration, and any other institution that processes personal data on behalf of the Data Controller, as per the provisions of this privacy policy.

Data Controller 
The natural or legal person, the public authority, the service or other body that, separately or jointly with others, determines the purposes and means of processing the personal data and the tools adopted, including the safety measures relating to the operation and utilisation of this Website. The Data Controller, unless otherwise specified, is the owner of this Website. 

This website
The hardware or software tool by which the Users’ Personal Data is collected.

Service
The Service provided by this Website as defined in the relevant terms (if any) on this website/application.

European Union (or EU)​
Unless otherwise specified, any reference to the European Union in this document is meant to extend to all the current member states of the European Union and the European Economic Area.

Cookie
Small portion of data stored inside the User’s device.

Legal References​
This privacy policy is drawn up pursuant to multiple legislative enactments, including Articles 13 and 14 of Regulation (EU) 2016/679.
Unless otherwise specified, this privacy policy concerns this Website exclusively. Last revised: 24 May 2018.