Services
Events
Tickets

SERVICES

EVENTS

TICKETS



Privacy

Information to Website Users regarding the processing of personal data, provided pursuant to Article 13 of Regulation (EU) 2016/679 – General Data Protection Regulation.

This page describes how we process personal data of users who consult this website. This information does not pertain to other websites, pages, or online services that can be reached through hypertext links that may be posted on the site but refer to resources outside the domain in question.

Following consultation of this website, as well as during any registration to it and/or use of the services therein, including the newsletter service, data relating to identified or identifiable individuals may be processed.

Data Controller
The Data Controller is the Italian Ministry of Culture (MIC), with registered office in Via del Collegio Romano 27, 00186 – Rome (ITALY), whose functions as Controller, in accordance with the provisions of Article 2 of Ministerial Decree 147 of 14 March 2019, are exercised, each within their respective remit and in accordance with the organisational structure of the MIC, through the Head of Cabinet, the Secretariat General, the Directors of Directorates General and the Directors of Institutes with special autonomy of general and non-general executive level.

In the case of the Museo Storico e il Parco del Castello di Miramare, the functions of Data Controller are exercised by the Director of the Museum, Ms Andreina Contessa, who can be contacted at the following addresses: e-mail mu-mira@cultura.gov.it, telephone 040224143, address: viale Miramare SNC Postal Code 34151 – Trieste (Registry of Decrees no. 252 of 24/05/2018).

Data Processor
The Data Controller has also designated a Data Protection Officer (DPO) in the person of Dr Antonio Francesco Artuso who can be contacted at the following addresses: e-mail rpd@cultura.gov.it | via del Collegio Romano 27, 00186 – Rome (ITALY).

Purpose and legal basis for processing
The collection and any other processing activities of the data of data subjects acquired through this website are carried out by the Data Controller at the premises of the Museo Storico e il Parco del Castello di Miramare, in the discharge of its duties of public interest or otherwise related to the exercise of its public powers, in compliance with the security measures and requirements imposed by the Applicable Regulations, or by subjects delegated by it (specifically selected and possessing the necessary professionalism), with manual and computerised procedures, to give users a simple and gratifying browsing experience, to collect useful elements to improve the offer of products and services through the web, to execute specific requests of the data subject (e.g., a contact request, subscription to a newsletter service, etc.), for pre-contractual and contractual obligations, for ordinary institutional and administrative, financial and accounting activities, and to ensure the proper handling of requests, for compliance with legal obligations. Processing is also for the purpose of processing statistics in anonymised or pseudo-anonymised form.

The legal bases for processing are the legitimate interest of the Data Controller to manage users’ browsing data in order to improve the offer of products and services through the website, the consent expressed by data subjects and the obligations related to the pre-contractual and contractual stages of the relationship, as well as to respond to any requests made by users. However, it is always possible to ask the Data Controller to clarify the legal basis of each processing and in particular to specify whether processing is based on law, required by a contract, necessary to conclude a contract or to execute the data subject’s request.

Pursuant to Article 13, paragraph 3, of Italian Legislative Decree 101/2018, if the Data Controller intends to further process personal data for a purpose other than the one for which it was collected, it shall provide the data subject with information regarding that different purpose and any additional relevant information prior to such further processing.

Data from Minors
The Museo Storico e il Parco del Castello di Miramare does not process the data of minors under the age of 18 in any way whatsoever.
The Data Controller shall not be responsible in any way whatsoever for any false statements that may be provided by minors and, should it ascertain that the statement is false, any personal data and any information acquired shall be erased immediately.
However, minors under the age of 18 may not approve and subscribe to terms and conditions of service or have any kind of relationship with the Museo Storico e il Parco del Castello di Miramare, which will therefore decline any and all requests and data acquisition of minors under the age of 18.

Source and Nature of Data
Data may be collected through the website of the Museo Storico e il Parco del Castello di Miramare, by analysis of navigation or spontaneous input by the data subject also using the appropriate tools that may be available.

Navigation data: the computer systems and software procedures used to operate this website acquire, in the course of their normal operation, some personal data whose transmission is inherent in the use of Internet communication protocols. This is information that is not collected in order to be associated with identified data subjects, but by its very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes IP addresses or domain names of the computers used by users connecting to the website, the URI (Uniform Resource Identifier) notation addresses of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters related to the user’s operating system and computer environment. This data are used for the sole purpose of obtaining anonymous statistical information about use of the website and to check its correct operation and is deleted immediately after processing. The same data could be used to ascertain liability in case of hypothetical cyber crimes against the website.

Data provided optionally: The optional, explicit and voluntary sending of messages to the email addresses in the contact section, private messages sent by users to institutional profiles/pages on social media (where this possibility is provided), as well as the completion and submission of any forms on the Museum’s website, imply the acquisition of the sender’s contact data, necessary to respond, as well as all personal data included in the communications. The completion of any forms on the pages of the website involves the acquisition of data in the memory of the system. The information is protected by an authentication system and can be used only by those with credentials. They are also properly updated and protected according to the best available practices. E-mail inquiries involve the storage of the user’s e-mail address, which is necessary to respond to the sender’s requests. Data stored in the message are included. The Data Controller suggests to users, during their requests for services and information, not to transmit the data or personal information of third parties unless absolutely necessary.

Cookie: No personal data of users are acquired by the website in this regard. No use is made of cookies for the transmission of information of a personal nature, nor are so-called persistent cookies of any kind, or systems for tracking users, used. The use of so-called session cookies (which are not stored in a persistent manner on a user’s computer and disappear when the browser is closed) is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to enable the safe and efficient exploration of the website. The so-called session cookies used by this website avoid the use of other computer techniques potentially prejudicial to the privacy of users’ browsing and do not allow the acquisition of personal data identifying the user. The use of permanent cookies is strictly limited to the acquisition of statistical data related to access to the website. The website uses a market product to track access. It resorts to the use of persistent cookies in order to collect statistical information about “unique visitors” (different people) to the website. These cookies, referred to as “Unique Visitor Cookies,” contain an alphanumeric code that identifies browsing computers, but without any collection of personal data. There is also a portion of code on each page of the website, aimed at collecting statistical data on site usage, again without any collection of personal data. Disabling cookies on your device will not affect your interaction with the website in any way.

Non-mandatory nature of data provision
In addition to what is specified for navigation data, users are free to provide the personal data reported in any registration forms for website services, information requests and sending suggestions and reports to the website’s editorial staff or otherwise indicated in telephone contacts.
Failure to provide them may result in the inability to obtain what you have requested.
As regards any services provided by third parties, for which the website is only an exhibition space, the Museum is not the data controller or processor of the data collected.

Place, methods and recipients of processing
Personal data are processed at the registered office of the Data Controller or the Data Processors with automated tools for the time strictly necessary to achieve the purposes for which they were collected, in compliance with the rules of confidentiality and security required by current legislation. Specific technical and organisational security measures are taken to protect information from alteration, destruction, loss, theft, or improper or illegitimate use. Processing related to the web services of this website is carried out only by technical personnel authorised and instructed to perform processing, or by the Processors designated by the Data Controller pursuant to Article 28 of Italian Legislative Decree 101/2018. No data from the web service are disseminated. Personal data provided by users who submit requests for information and suggestions are used only for the purpose of providing the service requested and are possibly communicated to other personnel authorised to process them within the Museum or to other public or private entities in the only case in which this is imposed by legal obligations or strictly necessary to provide the information you requested.

Communication and dissemination
Data processed through the website are only of a common nature and are not intended for dissemination. The Data Controller does not require and has no interest in collecting and processing data classified by specific legislation as “special” (health, genetic, biometric, etc.) or “criminal”, subject to legal obligations. Any forms present for the various user requests that involve the provision of special data may be processed only with the specific and separate consent of the data subject for this purpose in each request/form. Data may be disclosed to third parties only in the discharge of obligations arising from laws or regulations (institutions, law enforcement, judicial authorities, etc.) or for activities directly or indirectly related to the established relationship.

Transfer of data to third countries or international organisations
Where the transfer of data to non-EU countries or to International Organisations is provided for, the Data Controller undertakes to clarify to the data subject:

  • whether or not there is an adequacy decision by the EU Commission or whether or not the Commission has decided that the third country, a territory or specific sector(s) within the third country, or the International Organisation in question provide an adequate level of protection. In this case, transfer does not require specific permissions;
  • in the absence of the above, it must refer to appropriate or suitable safeguards and an indication of the means of obtaining a copy of such data or of the place where they have been made available.

Data retention period
Without prejudice to legal obligations, data processed by the Data Controller are kept for the time necessary to carry out the requested service and until an express request for erasure is made by the data subject and in any case periodically checked, including by automatic procedures, in order to ensure that they are up-to-date and actually meet the purposes of processing. If the purpose for which the data was acquired has ceased to exist, the data shall be erased, unless it must be processed to protect rights in court, for regulatory obligations, or at the express request of the data subject. After processing ends and following erasure, the data subject’s rights can no longer be exercised.

Rights of the Data Subject
Data subjects are granted the rights set forth in Articles 15 to 22 of the Regulation (EU) 2016/679 and in the applicable regulations. In particular, the data subject has the right at any time to withdraw consent to data processing, request the rectification, updating, transformation of data into anonymous form, limit even partially its use, request its portability and possible deletion (right to oblivion). Rights are exercisable to the extent that processing is not compulsory by law or regulation. Requests concerning the exercise of the rights of the data subject may be addressed to the Data Controller at the addresses listed above. If the data subject is not satisfied with the response provided to his or her requests by the Data Controller, he or she may lodge a complaint with the Supervisory Authority for the Protection of Personal Data, based in Rome, Piazza di Monte Citorio no. 121, www.garanteprivacy.it, as provided for in Article 77 of the Regulation, or take legal action pursuant to Article 79.

Right to lodge complaint
Data subjects who believe that the processing of personal data relating to them carried out through this website is in violation of the provisions of the Regulation have the right to lodge a complaint with the Personal Data Supervisory Authority, as provided for in Article 77 of the Regulation, or to take appropriate legal action (Article 79 of the Regulation). Further information regarding your data protection rights can be found on the Supervisory Authority’s website at  www.garanteprivacy.it.