Privacy Policy

PERSONAL DATA PROCESSING INFORMATION

In compliance with Article 13 of the European Regulation EU 2016/679, effective from May 25, 2018, the Municipality of Rho, as the Data Controller, outlines the processing methods of personal data for users visiting the tourism promotion website of the Municipality of Rho, accessible via the following web addresses:

– www.visitrho.it
– www.visitrho.com

This information does not cover other sites, pages, or online services accessible through hyperlinks published on these websites but refers exclusively to resources outside the domain of the Municipality of Rho.

DATA CONTROLLER

The Data Controller is the Municipality of Rho, with its registered office at Piazza Visconti 23 – 20017 Rho (MI), Tax Code and VAT number 00893240150.

DATA PROTECTION OFFICER (DPO)

The Data Protection Officer can be reached at the following contacts:
– Institutional email: rdp.privacy@comune.rho.mi.it
– Postal address: Piazza Visconti 23 – 20017 Rho (MI)

SUBJECT OF THE PROCESSING

Browsing Data

The IT systems and software procedures responsible for the operation of this website acquire, during their normal activity, certain personal data whose transmission is implicit in the use of Internet communication protocols.

This category of data includes IP addresses or domain names of the computers and terminals used by users, URI/URL (Uniform Resource Identifier/Locator) addresses of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numeric code indicating the status of the server’s response (successful, error, etc.), and other parameters related to the user’s operating system and computing environment.

These data, necessary for the use of web services, are also processed to:
– Obtain statistical information on service usage (most visited pages, number of visitors per time slot or day, geographic areas of origin, etc.);
– Verify the correct functionality of the offered services.

Personal Data Provided by the User

The Data Controller processes personal data voluntarily provided by users to use the services offered by the Municipality of Rho, such as requesting information, making suggestions, and submitting reports to the Municipality’s Tourist Infopoint.

In case users provide special categories of personal data as defined in Articles 9 and 10 of the GDPR, specific information will be provided on the relevant web pages.

Subscribing to the newsletter implies acceptance of the European Regulation on personal data protection (Regulation 679/2016/CE) and consent for processing personal data within the limits established by the law. Data processing for the newsletter is automated and conducted solely by authorized personnel. Subscribers may always exercise their rights under Article 15 of Regulation 679/2016/CE, including modifying data or unsubscribing using the provided links.

Cookies and Tracking Systems

Details about the use of cookies on this site are provided in the site’s Cookie Policy.

LEGAL BASIS FOR PROCESSING

The personal data mentioned in this document are processed by the Municipality of Rho while performing its public interest tasks or exercising its official authority.

PURPOSES OF PROCESSING

Personal data are processed exclusively for purposes that fall within the institutional duties of the Administration or for compliance with legal or regulatory obligations.

These purposes include:
– Statistical analysis,
– Contact management,
– Email correspondence,
– Protection against spam,
– User communication,
– Displaying content from external platforms,
– Address management and email delivery.

DATA PROVISION AND CONSEQUENCES OF REFUSAL

Apart from browsing data, users are free to provide personal data requested in forms for registering services on the official website of the Municipality of Rho. Failure to provide this data may result in the inability to fulfill requests.

DATA PROCESSING METHODS

Data processing involves collecting, recording, organizing, storing, consulting, elaborating, modifying, selecting, extracting, comparing, using, interconnecting, blocking, communicating, erasing, and destroying data. Processing occurs both electronically and manually, following strict security measures.

DATA COMMUNICATION

Processed data may be shared with:
– Employees and collaborators of the Controller,
– External entities performing tasks on behalf of the Controller,
– Entities required by law.

DATA TRANSFER

Data is stored on servers located in Italy or within the EU. If data must be transferred outside the EU, it will be done in compliance with legal provisions, including the use of European Commission standard contractual clauses.

DATA RETENTION

Data will be retained until users request deletion, subject to any legal obligations requiring longer retention.

DATA SUBJECT RIGHTS

Data subjects have the right to access, rectify, delete, or restrict processing of their data, or to object to processing. Requests can be addressed to:
– Data Protection Officer: rdp.privacy@comune.rho.mi.it
– Data Controller: segreteria.sindaco@comune.rho.mi.it

COMPLAINT RIGHTS

Data subjects who believe their data has been processed in violation of the GDPR have the right to file a complaint with the Italian Data Protection Authority or seek judicial remedies.