Privacy Policy
Privacy Policy
PRIVACY POLICY ON THE PROCESSING OF PERSONAL DATA OF WEBSITE USERS
Pursuant to and for the purposes of article 13 of Regulation (EU) 2016/679 ("GDPR"), Fiera Milano Congressi S.p.A. (“FMC” or the “Data Controller”) in its capacity
as data controller, hereby informs you that it will process the data communicated by you or otherwise obtained as a result of the use of the website
https://www.micomilano.it/ (the "Website") in the manner and for the purposes described below in this privacy policy (the "Policy").
The terms of this Policy apply only and exclusively to the Website and not to other websites owned by the Data Controller or owned by third parties that the user may access through any links contained in the Website.
By browsing the Website, the user acknowledges having read and understood the contents of this Policy.
The terms of this Policy apply only and exclusively to the Website and not to other websites owned by the Data Controller or owned by third parties that the user may access through any links contained in the Website.
By browsing the Website, the user acknowledges having read and understood the contents of this Policy.
1. Contact details of the Data Controller
The Data Controller is Fiera Milano Congressi S.p.A., with registered office in Milano, Piazzale Carlo Magno n. 1, 20149. You may contact the
Data Controller by e-mail at gdpr@fieramilanocongressi.it, or by regular mail at the above address.
2. Type of personal data processed through the Website
The Data Controller processes the following types of personal data of users who navigate and interact with the web services of the Website, in particular:
Navigation data
The computer systems and software procedures used to operate the Website acquire, during their normal operation, certain personal data whose transmission is implicit in the use of Internet communication protocols or is used to improve the quality of the service offered. This information is not collected in order to be associated with identified interested parties, but by its very nature could, through processing and association, allow users to be identified. This category of data includes the IP addresses or domain names of the computers used by users connecting to the Website, the URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user's operating system and computer environment. This data is used for the purposes of checking the correct operation of the Site and for the anonymous processing of statistical information on the use of the Website, including tag management. The latter type of service is functional to the centralized management of tags or scripts used on this Website. Moreover, the data could be used for the possible judicial defense of rights, as well as for the fulfilment of legal obligations to respond to requests from judicial authorities and judicial police.
With regard to the use of cookies installed via the Website and other online tracking devices, the user is invited to consult the Cookie Policy.
Data provided voluntarily by the user
Users are not required to provide personal data in order to visit the Website. However, contact between users and FMC, by filling in the contact forms in the “Contacts” section, the optional, explicit and voluntary sending of e-mails to the addresses indicated on the Website involves the subsequent acquisition of common personal data, such as, for example, name, surname, telephone number and e-mail address of the sender, necessary for replying to requests, as well as any other personal data included in the communication. Therefore, if users wish to avoid having their data processed by FMC, they are requested not to forward any request or, at least, to provide as little personal data as possible.
Specific privacy notices are, however, set out or displayed in the sections of the Website set up for particular services at the request of the user.
Navigation data
The computer systems and software procedures used to operate the Website acquire, during their normal operation, certain personal data whose transmission is implicit in the use of Internet communication protocols or is used to improve the quality of the service offered. This information is not collected in order to be associated with identified interested parties, but by its very nature could, through processing and association, allow users to be identified. This category of data includes the IP addresses or domain names of the computers used by users connecting to the Website, the URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user's operating system and computer environment. This data is used for the purposes of checking the correct operation of the Site and for the anonymous processing of statistical information on the use of the Website, including tag management. The latter type of service is functional to the centralized management of tags or scripts used on this Website. Moreover, the data could be used for the possible judicial defense of rights, as well as for the fulfilment of legal obligations to respond to requests from judicial authorities and judicial police.
With regard to the use of cookies installed via the Website and other online tracking devices, the user is invited to consult the Cookie Policy.
Data provided voluntarily by the user
Users are not required to provide personal data in order to visit the Website. However, contact between users and FMC, by filling in the contact forms in the “Contacts” section, the optional, explicit and voluntary sending of e-mails to the addresses indicated on the Website involves the subsequent acquisition of common personal data, such as, for example, name, surname, telephone number and e-mail address of the sender, necessary for replying to requests, as well as any other personal data included in the communication. Therefore, if users wish to avoid having their data processed by FMC, they are requested not to forward any request or, at least, to provide as little personal data as possible.
Specific privacy notices are, however, set out or displayed in the sections of the Website set up for particular services at the request of the user.
3. Purpose and legal basis of processing
Personal data may be collected and processed for the following purposes:
For the purposes set out in points c) and d), FMC processes such data in pursuit of a legitimate interest of the Data Controller within the meaning of Article 6(1)(f) of the GDPR.
For the purpose referred to in point e), FMC processes such data for the fulfilment of legal obligations to which the Data Controller is subject. within the meaning of Article 6(1)(c) of the GDPR.
If the Data Controller intends to use the collected personal data for any other purpose that is incompatible with the purposes for which it was originally collected or authorized, the Data Controller shall inform the user in advance, and the latter may also withhold or withdraw his/her consent.
a) enable users to use the web services of the Website;
b) handle user requests for information;
c) prevent the commission of unlawful acts through the Website;
d) protect the rights of FMC in the event of any legal dispute;
e) comply with legal obligations to which FMC is subject.
For the purposes set out in points a) and b), FMC processes such data for the performance of a contract to which the data subject is party or of pre-contractual measures taken at the request of the same pursuant to Article 6(1)(b) of the GDPR.b) handle user requests for information;
c) prevent the commission of unlawful acts through the Website;
d) protect the rights of FMC in the event of any legal dispute;
e) comply with legal obligations to which FMC is subject.
For the purposes set out in points c) and d), FMC processes such data in pursuit of a legitimate interest of the Data Controller within the meaning of Article 6(1)(f) of the GDPR.
For the purpose referred to in point e), FMC processes such data for the fulfilment of legal obligations to which the Data Controller is subject. within the meaning of Article 6(1)(c) of the GDPR.
If the Data Controller intends to use the collected personal data for any other purpose that is incompatible with the purposes for which it was originally collected or authorized, the Data Controller shall inform the user in advance, and the latter may also withhold or withdraw his/her consent.
4. Nature of data provision and consequences in the event of refusal
The provision of the user's navigation data is necessary for purposes connected with the operation of the Website and the routing of connections related
to access to the Website itself, which may be precluded in the absence of such data. In other cases, the processing of the user's data is necessary
to provide the services requested via the forms specifically provided on the Website, which would not be usable without them, and to allow FMC to
comply with legal obligations. In any case, the user is free to decide whether or not to request the particular services available within the sections
of the Website dedicated to this purpose and the provision of data remains optional for these purposes. Failure to provide the data will not make
it possible for the user to activate these services.
5. Modalities of processing personal data
Within the organizational structure of the Company, personal data will be processed by authorized persons acting under the authority of the
Data Controller, adequately instructed by the Data Controller, mainly with electronic systems in accordance with the principles applicable to
the processing of personal data pursuant to Article 5 of the GDPR.
6. Criteria used to determine data retention periods
Your data will be kept for the period necessary to fulfil legal obligations. The data retention period depends on the purposes for which the data are processed
and may therefore vary. The criteria used to determine the applicable retention period are as follows: the retention of personal data covered by this Policy will
be for as long as necessary (i) to manage the contractual relationship with you, (ii) to handle complaints or specific requests from you, (iii) to enforce legal
claims as well as (iv) for as long as required by applicable laws.
Please refer to the Cookie Policy for the retention periods of personal data processed via cookies.
Please refer to the Cookie Policy for the retention periods of personal data processed via cookies.
7. Communication of data and data recipients
Exclusively for the purposes specified above, the data collected, recorded and processed may be handled by external parties who carry out certain organisational,
technical and security activities on behalf of FMC in connection with management of the Website and provision of the related services (e.g. computer and telematic
service companies), acting as data processors by virtue of the specific contracts in place with FMC. In addition, where necessary, data may be communicated to the
competent authorities and other public bodies which may do so on the basis of current legislation and in relation to investigations and proceedings relating to the
prevention, detection and repression of offences, and to the requirements of judicial defence of rights.
The full list of such recipients or categories of recipients is available at the Data Controller's registered office and may be requested by sending a communication to the contact data indicated in paragraph 1 of this Policy.
Personal data will not be disseminated.
The full list of such recipients or categories of recipients is available at the Data Controller's registered office and may be requested by sending a communication to the contact data indicated in paragraph 1 of this Policy.
Personal data will not be disseminated.
8. Transfer of personal data
Your personal data will not be transferred outside the European Union and/or the European Economic Area ("EEA").
9. Rights of the data subject
Within the limits of Article 2-undecies of the Privacy Code, you have the right to exercise at any time the rights recognised by Articles 15 to 22 and 77 of the GDPR, as briefly summarised below:
This Policy may be subject to change. You are therefore advised to check this webpage regularly and to take note of the most up-to-date version of the information contained herein.
Updated at February 19, 2025
- Right of access: you may request information about the processing we perform on your data or confirmation that the Data Controller is processing your personal data. In this case, you may ask us to provide you with a copy of your data and to check what data we hold on you.
- Right of rectification: you have the right to ask us to rectify your personal data if they are incorrect, including the right to request the integration of incomplete personal data.
- Right to erasure: you have the right to request us to erase the data (or part of the data) you have provided to us, including data whose retention is not necessary in relation to the purposes for which the data were collected or otherwise processed.
- Right of restriction of processing: you may request us to restrict the processing of your personal data in the event that the law requires it.
- Right to object: you may object to the processing of your personal data, subject to the existence of an overriding legitimate reason for the continuation of such processing.
- Right to portability: you may obtain from the Company, in a structured, commonly used and machine-readable format, the personal data that you have communicated to us, in order to transmit them to another party. This right is applicable in the event that the Company processes such data by automated means, on the basis of consent or for the purpose of providing services.
- Revocation of consent: if the processing is based on consent, you may revoke it at any time, without prejudice to the lawfulness of the processing carried out before such revocation.
- Right not to be subject to automated decision-making: you may request not to be subject to processing based solely on automated decision-making, including profiling, which produces legal effects concerning you or significantly affects you in a similar way. This right may not be exercised if: i) the processing is necessary for the conclusion of a contract between you and the Data Controller; ii) the processing is authorised by law; iii) the processing is based on your consent.
- Right to lodge a complaint with the Supervisory Authority: without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with the competent Data Protection Authority if you consider that the processing operations carried out violate current legislation on the protection of personal data.
This Policy may be subject to change. You are therefore advised to check this webpage regularly and to take note of the most up-to-date version of the information contained herein.
Updated at February 19, 2025