Synthetic Data Protection Policy
International Journalism Festival (IJF):
– does not publish advertising banners, does not use personal data for advertising purposes or in any case to profile the users;
– uses third-party services for specific features of the site, which third parties might collect personal data and use it for advertising purposes, such as: social buttons to allow users to share posts on favorite social media, and YouTube videos to enrich the news, on which the no-cookie option (that does not use tracking cookies) is generally activated;
– consent to the use of personal data is conferred through the banner at the bottom of the page, and in some cases through the contact forms or request services, and is revocable at any time.
Below is more detailed information on the processing of your personal data, including the processing related to the organization and participation in the Festival.
Detailed Data Protection Policy
Subjects of the processing
The Data Controller is “Il Filo di Arianna S.r.l.”, which can be contacted at the email email@example.com or firstname.lastname@example.org or at the address via Assisi 93 (06089) Torgiano (PG), Italy.
Data we collect
Data collected automatically
Some data are collected automatically by the software, such as the IP address, the type of browser, the Internet service provider, date and time of visit, time spent on the site, page of origin and exit. Other data are collected using cookies or similar technologies (read the paragraph “Cookies and third-party services”).
Additional data are collected during use of the Mobile App:
– type of device used to install the App;
– name of the Internet service provider (ISP);
– date and time of visit;
– app cards consulted;
– possibly the number of events with actions in the App.
These data are used for statistical purposes and do not allow the physical identification of the User. The IP address is used exclusively for security purposes and is not crossed with any other data.
Data provided voluntarily by the User
Other data are collected in case of voluntary use of services by users, and are provided voluntarily by the User at the time of requesting the contact and communication service, at the time when it is proposed as a speaker, staff, volunteer or member of the press for the annual festival, or directly during the stay at the Festival:
– general information, such as name and surname, date and place of birth, biography;
– tax code and copy of identity documents;
– contact details, such as telephone number and email address (used in particular for communication related to events);
– address of physical residence;
– image, photograph or avatar (used for the publication of the participation in events on the site);
– social profiles;
– reproductions of the image, such as photographs and videos, in particular during the Festival events;
– dates and times of arrival and departure (communicated to hotels and possibly to taxis);
– personal data contained in the green certification Covid-19 (Green Pass) (the provision of this data is mandatory to access the facilities for events).
These data are used solely to provide the service requested and processed only for the time needed to deliver the service.
Data collected from public sources
Some data, such as information about the biography of the Festival participants, are also collected from public sources, such as the Internet or various publications.
How we use the collected data
IJF deals with the realization of the annual cultural event dedicated to journalism, and all related initiatives. To best perform this task we need to have a website optimized and functional, to allow you to get quick and easy news about events, meetings, debates and interviews. Therefore the data we collect are also used for the following purposes:
– Statistics (analysis)
We collect data in an exclusively aggregated and anonymous form in order to verify the correct functioning of the site, and the use by users to make it easier and faster to consult. None of this information is related to the physical person-user of the site, and does not in any way allow identification.
We collect data in order to protect the security of the site (spam filters, firewalls, virus detection) and Users. The data are recorded automatically and may also include personal data (IP address) that could be used, in accordance with applicable laws, in order to block attempts to damage the site itself or to harm other Users. These data are never used for the identification or profiling of the User and are periodically deleted.
– Festival organization and management
We collect data to organize the movements and accommodation of the participants in the Festival, to organize the Festival itself and to ensure its proper performance, to ensure the physical and IT security of both people and telematic infrastructures, to promote the Festival before during and after the events. In addition, the data are used for the management of employment and voluntary relations, with reference to staff and volunteers, for the fulfillment of the obligations imposed by the law on health and safety, as well as for the administration of the company Data Controller, for the constitution and maintenance of the historical archive of the festival editions, including database of images and videos, statistical and market analysis related to the event. Please click here to read the full policy applicable to staff, speakers and volunteers.
On request, we will use your personal data to send further communications about the Festival, like press releases.
Finally, the data are collected in order to verify the green certification (green pass) or equivalent with the aim of complying with the measures to contain the contagion from Covid-19 and the protection of public and private health of the people present in the structures pertaining to the Data Controller. These data are not stored.
– Accessory activities
We communicate data to third parties (consultants, lawyers, shippers) who perform functions necessary or instrumental to the operation of the service, and to allow third parties to perform technical, logistical and other activities on our behalf (eg mailing, analysis data etc …). Suppliers have access only to personal data that are necessary to perform their duties, they undertake not to use the data for other purposes, and are required to process personal data in accordance with the regulations in force.
On what basis we process the data
IJF processes the data according to the following legal bases.
Legitimate interests of the Controller
– the data of the participants in the Festival events (speakers and other subjects), consisting of audiovisual images and images, in all situations relating to the organization and dissemination of events, and the promotion of the Festival. The events of the Festival are notoriously public and open not only to the participation of anyone, but also widespread and promoted as much as possible to allow everyone, even those who are not present at the event, to follow them. In this sense it is undisputed that events must also be disseminated via the Internet.
– data relating to the transport and accommodation of Festival participants (identification data, document data and arrival and departure dates), as well as the reference data for the organization (email, name and surname), and those necessary for the reference taxi company (identification data, arrival and departure data).
– data for site security and for the prevention of abuse and SPAM, as well as data for the analysis of site traffic (statistics), in aggregate form, are processed on the basis of the legitimate interest of the Owner to protect the site and of users.
– data collected via email or directly from you at the press accreditation desk to receive more communications about the Festival (like press releases).
The consent is collected through the banner at the bottom of the page, or via the appropriate buttons set up with the activation modules of the various services (eg contact form), or through the installation of the Mobile App.
The provision of data and therefore the consent to the collection and processing of data is optional, the User can refuse consent, and may revoke at any time a consent already provided, through the browser settings for cookies, through the appropriate link prepared in the e-mails of the newsletter, or by sending a request to the Owner through the contact link at the bottom of the page. However, denying consent may make it impossible to provide certain services.
– data on work and / or collaboration services performed by staff and volunteers.
– the data necessary to fulfill specific obligations regarding the security of events and public order;
– the data necessary for the verification of the green certification (Green pass) or equivalent to allow public access to the facilities in safe conditions (need to fulfill a legal obligation to which the data controller is subject, as well as necessary for reasons of significant public interest (Article 9, paragraph 2 letter g) GDPR)).
To whom the data can be communicated
In carrying out our activities we may have to transfer some data to third parties who perform specific tasks instrumental to those of the site, for security reasons both with reference to the Festival events and to the website, or for the provision of a specific service requested by Users (eg hotel booking or means of transport, shipments), or for a legitimate request by the judicial authority only in the cases provided by law.
The third parties to whom the data can be communicated are:
– each hotel hosting accommodation for the annual event (hotels are independent data controller);
– taxi company (logistics);
– Mango Mobile Solution srl (Mobile App);
– Google Inc. (Docs platforms, YouTube);
– Facebook Inc., Twitter Inc., LinkedIn, Instagram, Soundcloud, Flickr (social sharing);
– Aruba Spa (web hosting).
The data relating to green certifications (green pass) are not communicated or disseminated in any way.
Extra EU / EEA transfers
We may have to share some of the data collected with services located outside the EEA (European Economic Area) area. In particular to Google, Facebook and Microsoft (LinkedIn) through social plugins, to the service of Google Analytics.
The transfer is authorized on the basis of specific decisions of the European Union and of the Guarantor for the protection of personal data. In the absence of adequacy decisions by the European Commission, the Data Controller shall endeavor to ensure the adoption of adequate guarantees, by signing standard contractual clauses approved by the EU Commission with the foreign company receiving the data. These clauses guarantee a level of data protection corresponding to that established by European legislation.
Where the data are processed
The data collected by the site are processed at the headquarters of the Data Controller, and at the web hosting datacenters (in Italy). The web hosting Aruba S.p.A., which is responsible for processing data on behalf of the Controller, is located in the European Economic Area and acts in accordance with European standards.
For how long data are processed
The data are stored for the time necessary for the purposes for which they were collected, and in any case not later than the time prescribed by law. Upon expiry, the data will be deleted or anonymised, unless there are additional purposes for the conservation of the same, as a legal protection purpose.
To determine the correct retention period, IJF takes into consideration the quantity, nature and sensitivity of personal data, the risk deriving from unauthorized use or sharing, the purposes for which they are processed, if it is possible to reach them without processing personal data and possible needs dictated by law.
The collected data are processed for the following periods:
– purposes of statistics and analysis: the data are processed in aggregate form and therefore substantially anonymous;
– security purposes: 30 days;
– online publication: the data (image and name) are published online (subject to consent or based on the legitimate interests of the owner) for the promotion time of the event, and then for about 1 year until the occurrence of the next event;
– health protection purposes (green pass): the data are processed for the time strictly necessary to verify the green pass. No data is transcribed or stored in any way.
IJF process personal data in a lawful and correct manner, adopting the appropriate security measures to prevent access, disclosure, modification or unauthorized destruction of data. Processing is carried out using IT and / or telematic tools, with organizational methods and with logic strictly related to the purposes indicated. Third parties that process your personal data do so only according to our instructions and only after having guaranteed their confidentiality and security.
Cookies and third-party services
IJF uses the following cookie categories:
– analysis cookies, used to collect information, in aggregate form, on the number of users and how they visit the site. They are assimilated to technical cookies being the relative anonymized service.
– profiling and remarketing cookies, used exclusively by third parties other than us to collect information on user behavior during navigation, and on consumer interests and habits. Possibly third parties can use them to provide personalized advertising on their partner sites (IJF does not host advertising), but these functions can be disabled directly by users (see details of individual services).
How you can refuse or revoke consent to cookies
The disabling of cookies could prevent the correct use of some functions of the website, in particular the services provided by third parties may not be viewable:
– YouTube videos or other video sharing services;
– social button social networks;
– Google maps.
The instructions for disabling cookies, and for the possible elimination of cookies already present on the User’s device, can be found on the following web pages: Google Chrome – Mozilla Firefox – Microsoft Edge – Opera – Apple Safari
This site acts as an intermediary for third-party cookies, used to provide additional services and features to visitors and to improve the use of the site, such as buttons for social networks or Youtube videos. This site has no control over the cookies of third parties, and how to use the information collected, as a result of this information on the use of these cookies and their purposes, as well as on how to disable them, are provided directly by the third parties to the pages indicated below.
It is recalled that generally the tracking of users does not involve identification of the same, unless the User is already registered for the service and is not already logged in, in which case it means that the User has already expressed his consent directly to the third party when registering for the relevant service (eg Facebook).
In particular, IJF uses services of the following third parties:
– Google Ireland Ltd.
– Google Analytics: used to analyze the use of the site by users and their behavior on the site. The collected data do not allow personal identification of users. They are treated in an aggregate and anonymised form (truncated to the last octet). Under the appropriate agreement, Google Inc. is prohibited from crossing this data with data obtained from other Google services.
Data collected: browser identification, date and time of interaction with the site, page of origin, IP address.
Place of data processing: European Union being active the anonymization of the service. e
You can selectively disable the action of Google Analytics by installing the appropriate component provided by Google on the browser (opt out): https://tools.google.com/dlpage/gaoptout
– Youtube: platform, owned by Google, for video sharing. Cookies are set when accessing the embed page, and when the video starts, and do not allow the identification of the User unless it is already logged into the Google profile. For some videos on the site has been activated the “advanced privacy (no cookie)” option that does not provide for storing visitor information unless they voluntarily reproduce the video.
Data collected: number and behavior of service users, IP address, information linking site visits to the Google Account for users already logged in, preferences on displaying videos.
Place of data processing: USA.
– Google Maps: Google service that offers road maps and localization for urban businesses. Set cookies on map pages.
Data collected: number and behavior of the users of the maps, information on the page displayed, preferences on the display (zoom level, etc …).
Place of data processing: USA.
– Google Firebase e Fabric by Google: development, analysis and tracking service platforms for Mobile App.
Social network plugins
IJF also incorporates plugins to allow easy sharing of content on your favorite social networks.
When you visit a page of our website that contains a social plugin, your browser connects directly to the servers of the social network from where the plugin is loaded, which server can track your visit to our website and, if necessary, associate it with your social account, particularly if you are connected at the time of the visit or if you have recently navigated one of the websites containing social plugins. If you do not want the social network to store the data relating to your visit to our website, you must exit your social account and, probably, delete the cookies that the social network has installed in your browser.
The collection and use of data by these third parties are governed by the respective privacy policies to which reference is made.
– Meta Platforms Ireland Limited
Fanpage on Facebook through which the Data Controller allows Meta Platforms Ireland Limited to place cookies on the devices of the users of the fanpage (therefore not users of the website only), at the same time obtaining demographic data from Facebook (Page Insights) relating to the Fanpage audience, for which we are joint controllers of the processing, together with Meta Platforms Ireland Limited. The data accessed by the Data Controller are in aggregate form, while Meta Platforms Ireland Limited also has access to identification data which will also be used for the purpose of sending personalized advertising. Meta Platforms Ireland Limited is the Data Controller of its own processing. Any request for information on processing by Meta Platforms Ireland Limited must be sent to the latter.
Other third-party services
Rights do you have regarding your data
According to the European Regulation 679/2016 (GDPR), as Data Subject you can exercise the following rights:
– withdraw consent at any time;
– object in whole or in part, for legitimate reasons, to the processing of personal data concerning you;
– request confirmation of the existence of personal data concerning you (right of access), know its origin and receive intelligible communication;
– have information about the logic, the methods and the purposes of the processing;
– request the updating, correction and integration of data; – request cancellation, transformation into anonymous form, blocking or limitation of data processed in violation of the law, including those no longer necessary for the pursuit of the purposes for which they were collected;
– in cases of treatment based on consent, receive only the cost of any support, a copy of your data provided to the holder, in a structured and readable form by a data processor and in a format commonly used by an electronic device, or get them transfer directly to another Holder if technically feasible;
– file a complaint with the Supervisory Authority (more info);
– as well as, more generally, exercise all the rights that are recognized by the current provisions of the law.
Requests should be addressed to the Data Controller.