Privacy Policy
Pursuant to the articles 13 and 14 of the EU Privacy Regulation 679/2016 ("GDPR") we inform you that
the personal data provided by the interested party ("you"), for yourself or for the organization to which
you belong, to Fieravicola Srl "we"), on the occasion of or in connection with events, exhibitions, events,
conferences / congresses, championships / competitions and / or workshops (the "Events"), organized by
us, hosted or participated also in collaboration with third-party partners, they are treated in compliance
with the principles of lawfulness, fairness, correctness, proportionality, necessity, accuracy, completeness
and security and other legal obligations in force.
Categories of interested parties. Processing operations and collection methods
The processed data concerns customers (ie exhibitors, visitors, buyers, conference / congress participants,
event speakers, participants in championships / races and / or workshops, exhibition and / or advertising
space dealers, organizers third parties and the sponsors who have played their respective roles over the
last 10 years) and prospects (individuals who have expressed an interest in the Events over the last 10
years, including through the delivery of their own business card or request for information or quotes or
by subscribing to newsletters, journalists, institutional guests / VIPs who have already taken part in the
Events over the last 10 years), intended as natural persons over the age of 14 who act on their own and /
or as internal contacts of legal entities, institutions or other organizations. The individual categories of
data collected are indicated in our collection forms which supplements this information.
Data is processed electronically or on paper and in a manner that is compatible with the purposes specified
below.
We collect data i) through online forms or paper forms or via pre-registration or participation app you
filled in and / or acquired by third parties authorized by us or ii) via mobile devices such as tablets,
smartphones present in the place of the Events or iii) by visiting card delivered by you.
The collected data will be recorded and retained on the servers managed by Fieravicola SRL and on those
managed by Italian Exhibition Group S.p.A.
The data collected may be processed by the staff expressly authorized by us, within the limits strictly
necessary for the performance of the respective activities assigned to it (eg legal, commercial, marketing,
administrative, logistic, IT, management control, etc.).
Purpose of the processing
The processing has the following purposes:
1. Fulfillment of contractual and legal obligations deriving from participation or connected to the already
contractual or potential participation of the interested party in the Events.
2. Planning and organizational management of events, eg issue and payment of securities, credits and
entry passes (including check of payment termination by third-party services), management of personal
identification tags (with photo ID) for security, planning and management of specific services requested
by you (. set-up services, hotel booking and hospitality services, ticketing, translations, hostesses, catering,
escorting), management of the contracts we stipulate with third-party suppliers of goods and / or services
used by you during or during Events; publication of name and surname or company name and name,
telephone number, fax, e-mail, website, in the public online and paper catalog of the Event in which you
participate; communication, upon your request for pre-contractual information (eg programs, proposals,
etc.) connected to the Events, drafting of invitation letters for consular visa applications.
3. Sending (via email, ordinary mail, SMS, MMS, push-up messages, instant messaging functions such as
whatsapp, telefax, telephone calls with operator, social networks and other automated tools) of
commercial communications, advertising and sales offers products / services related to those of your
interest or relating to exhibition / congress and / or related products / services (eg sector publishing,
championships / competitions, etc.) (overall activities defined as "soft spam").
4. Profiling. The profiling detects for privacy purposes only if it concerns natural persons, that is individual
companies or partnerships and relative partners / directors, or internal referents of corporations,
institutions or organizations.
The profiling uses some data supplied by you and sometimes associates them with company data taken
from public databases (eg the Business Register of the Chamber of Commerce). For example, we treat the
following data:
i) in the case of exhibitors: name and surname, business name of the organization to which they belong,
contact details, residence or location, country of origin, website, sector of activity, types of product or
service offered, annual promotional / advertising budget, type of distribution - store, department store,
concept store, markets of interest, brand;
ii) in the case of buyers/visitors: name and surname, business name of the organization to which they
belong, job attachment, level of professional responsability, contact details, residence or location, country
of origin, website, year of foundation of the company, turnover, employees number, sector of activity,
percentage of business connected to Italy and to the foreign, Italian and foreign regions of interest, main
categories of products or services of interest to the buyer and / or marketed by the same also as a
percentage of sales by geographical area, categories of customers of the company, purpose of the visit;
iii) in the case of journalists: name and surname, contact details, sector and title, country of origin,
language,
iv) in the case of event / conference presenters / conference presenters: name and surname, contact
details, sector to which they belong, professionalism / topics covered.
In some cases, if you are a customer or a prospect, we associate the data you provide to us with your
personal data acquired during your browsing on our websites or during the use of the services provided
by these sites (eg cookies relating to pages of our website that you have visited, to the country from which
you connect) or through other communication channels (eg social media) or through mass mailing of
commercial e-mail (eg which messages have arrived, such as e-mails you has opened, what proposals you
have accepted through specific actions such as opening an attachment or adhering to our request to link
to landing pages or attachments to the email message, etc.).
The profiling allows us, in particular, to limit the sending to you of promotional communications not
pertinent to your probable expectations and needs or through unwanted channels.
The limited nature of profiling does not exclude you from specific advantages or from the possibility to
freely exercise your privacy rights, nor has any particular legal effects; in particular it does not in any way
prejudice your ability to participate in the Events and / or take advantage of our services (eg online preregistration,
purchase of services).
5. Only with your separate consent: communication of data to our third-party partners (eg Italian
Exhibition Group SPA, Cesena Fiera SPA, Fiera di Forlì, Event organizers, exhibitors or other operators
active in the Events), for autonomous direct marketing actions related to goods / services concerning
such third-party partners.
Legal basis of the processing. Mandatory or optional nature of providing data and consequences of
failure to provide data
The processing for the purposes of sub 1 has its legal basis in our need to fulfill the obligations assumed
through the stipulated contract or to stipulate with you (and to carry out all the actions necessary for the
correct and complete execution of the commitments therein) and / or to the legal obligations connected
to it. Therefore this treatment does not require your prior consent and you are also free not to give your
data, however, in this case, we will not be able to stipulate the requested contract and / or regularly
provide the service requested by you or by the organization to which you belong (eg make you participate
in the Event of interest and provide you with related services) and / or we will not be able to fulfill the
legal obligations connected with the contract.
The processing for the purposes of sub 2 has its legal basis in our legitimate interest to organize Events,
plan and manage all organizational activities useful to allow you to participate efficiently and effectively
in Events and to manage relations with third party suppliers of functional and event-related goods and
services.
In particular, the request for personal data and documents, especially for foreign guests, will make the
correct understanding of the data more reliable, but above all, the reliability of the company that requires
an entry visa is safer.
You are free not to provide the data, but in this case you will not be able to participate in the Event.
During the Events we are made by us and / or by photographers and / or videomakers authorized by us,
video footage (including voice) and / or photographs. These generic images concern trade fairs that can
be qualified as public events and are therefore treated, without your consent, for publication on our
websites / landing pages and social profiles (eg Twitter, Facebook, Whatsapp, Youtube, Vimeo, etc.) and
on brochures, catalogs, flyers and other printed material that promotes the Events.
In the event that, however, the aforementioned images portray you in a recognizable way, Fieravicola
Srl may publish them for the same promotional purposes, on the aforementioned our printed materials
or electronic / digital channels intended for the public (eg catalogs, brochures, flyers, websites / landing
pages, blogs, social networks), only with the necessary prior consent (which is the legal basis of the
processing), issued on the spot to our official photographer and / or videomaker.
In the latter case, you can deny consent thus inhibiting the aforementioned treatment; on the other hand,
by giving us your consent, you expressly waive any financial compensation for using your image. You can
request at any time the obscuring of the face portrayed in the images published online, without prejudice
to the lawfulness of the processing operated up to the date of obscuration. Fieravicola Srl does not
guarantee the obscuration of third-party autonomous data controllers on online channels.
The treatment for the purposes of sub 3 (soft spam) has its legal basis in our legitimate interest in
contacting our customers freely, as well as the prospects, in order to be able to offer them new
opportunities relating to services through electronic / telephone / paper channels. products similar to
those previously purchased / contracted (in the case of customers) or to those for which interest has been
expressed (in the case of prospects), or relating to products / services for exhibitions / conferences and
/ or related to them (eg publishing of sector, championships / races, etc.). Therefore the cd. Soft spam,
as described above, can lawfully take place even without your prior consent, which is therefore not
necessary.
The treatment for the purposes of sub 4 (profiling) has a legal basis in our legitimate interest to maintain
and analyze a limited set of information concerning you, in order to be able to more effectively recontact
you if you are our client or prospect. Given the limited data perimeter used in profiling, it also occurs
without his prior consent, which is therefore not necessary.
The processing for the purposes of sub 5 (transfer of data to third parties) takes place only upon your
specific express consent (constituting, therefore, the legal basis of the lawfulness of the processing).
The consent requested may be freely denied by you, without prejudice to your right to participate in the
events and / or to obtain the services requested by you.
Communication and dissemination of data
For the purposes under sub 1 and 2 the data are communicated by us to: suppliers of the management
and maintenance service of our IT systems, websites and databases, photographers and / or videomakers
who make the video-audio materials or the related post production, journalists and newspapers,
companies entrusted with services necessary for the organization and management of events (eg
installation of fittings and equipment, publishers of paper and online catalogs, logistics, security, private
security, first aid, hostesses, etc.), diplomatic representatives, consultants, banks (for the execution or
receipt of payments connected to the Events), to Fieravicola Srl personnel authorized to process data
(Communication, Travel, Sales, Marketing, etc.).
For the purposes under sub 3 and 4 the data are communicated to: companies charged with marketing
analysis, advertising, communication and / or public relations agencies, digital and paper publishing
companies that produce our advertising or promotional materials, production companies of websites or
blogs, web marketing companies, subjects in charge of the design and / or maintenance of promotional
materials, IT management and maintenance companies, websites and databases used to organize and
manage events, image agencies.
These third parties will process the data in the capacity of External Managers in accordance with our
written guidelines and under our supervision.
For all the aforementioned purposes, we also communicate the data to third-party commercial partners
(eg. Italian Exhibition Group Spa, Cesena Fiera Spa, Fiera di Forli Spa) who participate in the creation and
/ or promotion of the Events, which will treat the data as autonomous or co-titular or responsible owners.
You can ask us for a list of co-owners, autonomous and responsible owners (see the "rights of the
interested party" section of this information).
Transferring data abroad
In case of communication of data to third party recipients based outside the EU, the data transfer will take
place against adequate guarantees, consisting of the prior stipulation by the third importer of a
contractual agreement with us through which he, for the processing of its competence, undertakes to
comply with privacy obligations substantially equivalent to those provided for by EU legislation at our
charge (through the use of standard contractual clauses - or "CCS" - compliant at least with the text
adopted by the EU Commission, except for any additions and / or changes more favorable to the
interested party).
In some cases of data transfer to cloud suppliers based outside the EU, these suppliers are subject to the
regulatory powers of local public authorities and in some situations, based on foreign legislation, (in the
USA: the Federal Trade Commission, 'Article 702 of the FISA and the Executive Order EO 12333) the
importer may be obliged to communicate the personal data transferred, in response to requests received
from public authorities, to meet the national security requirements (e.g. anti-terrorism) or application of
local law (with consequent possible access to data, of which the importer, based on local legislation, may
not have to give notice to the exporter and the interested party, who will therefore not be able to exercise
the relative rights normally recognized by the GDPR).
Therefore, in the abstract, the risk cannot be excluded that in certain and exceptional situations linked to
the aforementioned specific requirements, the foreign public authority may process such data without
applying substantially equivalent safeguards to those provided for by the GDPR to the data subject.
However, the risk that the American public authority actually has an interest in applying local legislation
to the data transferred appears to be reasonably negligible on the basis of the following circumstances:
i) the performance of the exporter (Fieravicola SRL) in favor of the interested parties whose
data the importer processes and the consequent data processing, have a limited object (the
provision of exhibition services) and a limited purpose (the management of processes
technical-organizational functional to the aforementioned services and the fulfillment of legal
obligations); the performance does not involve the publication of personal opinions,
comments or similar information, nor the making available of services or products that can be
used in activities against national security;
ii) the types of personal data transferred are limited (eg personal, contact, contractual,
administrative data); no particular categories of data are transferred (e.g. on political and
religious opinions, biometrics); the categories of interested parties to which the data refer are
limited (exhibitors, visitors, participants in Events, buyers, journalists, speakers) and they
concern operators belonging to product or economic categories that are not reasonably
relevant with regard to national security purposes ( eg tourism, wellness, machine handling,
sporting activities, and so on).
Therefore, Fieravicola SRL believes that the CCS applied in the relationship with importers (in particular
the USA) effectively guarantee a protection of the rights of the interested parties substantially similar to
that provided for by the GDPR, regardless of the application of any additional measures to the treatment
in question.
The adoption of additional contractual measures by Fieravicola SRL towards importers (e.g. obligations to
communicate public access, the right to suspend or cease the transfer and to terminate the contract with
the importer, and the like), may be introduced at any time by the exporter upon the outcome of any
information provided to operators by the EDPB - European Data Protection Board following the judgment
of the Court of Justice of the European Communities (ECJ of 17 July 2020 which declared invalid in EU
relations the bilateral agreement called "Privacy Shield") .
The transfer of data to the non-EU country takes place in any case also because it is necessary for the
execution of i) a contract concluded between the interested party and Fieravicola SRL and / or precontractual
measures adopted at the request of the interested party, or ii) a contract stipulated between
Fieravicola SRL and another natural or legal person (e.g. our subsidiary, supplier, based outside the EU,
etc.) in favor of the interested party.
Duration of treatment
In the case of the purposes sub 1 e/o 2 we treat the data for 10 years from date of the contract (in the
case of customers) from the collection of the data of the interested party (in the case of prospects).
In the case of the purposes sub 3 and 4 we treat the data for 10 years from the collection of the data of
the interested party (in the case of customers and prospects).
We process the data for a period of 5 years from the publication of the product in the case of promotion
of editorial products.
We process the data for a period of 60 days, after the end of each Event, in the case of data made available
at collection points for requests for assistance, communicate to us by visitors and exhibitors (including
insurance desk, Info point and Emergency Room).
We treat the data contained in the promotional catalog (paper and / or digital) of the individual Events
for a maximum of 2 editions of the catalog.
We treat certification data of the Events / Events up to the end of the certification and therefore until
certification has taken place.
We treat the data necessary for the purposes of computer security (eg log-in registrations, failed logs and
log-outs, when accessing restricted areas on the Fieravicola Srl websites related to the Events) for 1 year
from collection. The recordings of the logs related to the reading of Fieravicola Srl online privacy
information and the on-line actions (eg clicks, flags and the like) through which Fieravicola Srl is informed
of the data subject's consent are kept for 10 years from collection
In the event of a dispute between you and us or our third party suppliers process the data for the time
necessary to exercise the protection of our rights or those of the third party suppliers, that is up to the
issue and full execution of a provision having the value of a res judicata between the parties or of a
transaction.
The data connected to the "Business Matching" service provided during the Events are treated for 3
months from the end of the single Event to which they refer.
The data related to the drafting of invitation letters for the request of consular visas (eg. Copy of the
passport, etc.) are processed for 3 months from the end of the single Event to which they refer.
Once the aforementioned maximum duration has ceased, the personal data are definitively destroyed or
made totally anonymous.
Rights of Data Subject
You have the right to:
- ask us to confirm whether or not a processing of personal data concerning you is in progress and, in this
case, to obtain access to personal data and the following information: a) the purposes of the processing;
b) the categories of personal data in question; c) the recipients or categories of recipients to whom the
personal data have been or will be communicated, in particular if they are recipients of third countries or
international organizations; d) when possible, the period of storage of personal data provided or, if this is
not possible, the criteria used to determine this period; e) the existence of the data subject's right to
request the data controller to rectify or delete personal data or limit the processing of personal data
concerning him or to oppose their processing; f) the right to lodge a complaint with a supervisory
authority; g) if the data is not collected from the interested party, all available information on their origin;
h) the existence of an automated decision-making process, including profiling and, at least in such cases,
significant information on the logic used, as well as the expected importance and consequences of such
treatment for the data subject.
- if personal data is transferred to a third country or an international organization, the data subject has
the right to be informed of the existence of adequate guarantees relating to the transfer;
- request, and obtain without undue delay, the correction of inaccurate data; taking into account the
purposes of the processing, the integration of incomplete personal data, also providing a supplementary
declaration;
- request deletion of data if: a) personal data are no longer necessary with respect to the purposes for
which they were collected or otherwise processed; b) the data subject revokes the consent on which the
processing is based and there is no other legal basis for the processing; c) the data subject opposes the
processing, and there is no prevailing legitimate reason to proceed with the processing, or he opposes the
processing carried out for direct marketing purposes (including the functional profiling of such direct
marketing); d) personal data have been unlawfully processed; e) personal data must be deleted in order
to fulfill a legal obligation established by Union law or the Member State to which the data controller is
subject; f) personal data has been collected regarding the offer of information society services.
- request the limitation of the processing that concerns you, when one of the following hypotheses occurs:
a) the data subject disputes the accuracy of the personal data, for the period necessary for the data
controller to verify the accuracy of such personal data; b) the processing is unlawful and the data subject
opposes the deletion of personal data and requests instead that its use be limited; c) although the data
controller no longer needs it for the purposes of processing, personal data is necessary for the data subject
to ascertain, exercise or defend a right in court; d) the person concerned has opposed the processing
carried out for direct marketing purposes, pending verification regarding the possible prevalence of the
legitimate reasons of the data controller with respect to those of the interested party;
- to obtain from the data controller, upon request, the communication of the third-party recipients to
whom the personal data have been transmitted;
- revoke at any time the consent to the processing where previously communicated for one or more
specific purposes of one's personal data, it being understood that this will not prejudice the lawfulness of
the processing based on the consent given before the revocation.
- receive in a structured format, commonly used and readable by automatic device, the personal data
concerning you provided by you and, if technically feasible, to have these data transmitted directly to
another data controller without hindrance on our part, if necessary the following (cumulative) condition:
a) the processing is based on the consent of the interested party for one or more specific purposes, or on
a contract to which the interested party is a party and to whose execution the treatment is necessary; and
b) the processing is carried out by automated means (software) - overall right to the c.d. "Portability." The
exercise of the right c.d. portability is without prejudice to the right to cancellation provided above;
- not be subjected to a decision based solely on automated processing, including profiling, which
produces legal effects that concern him or that significantly affects his person.
- lodge a complaint with the competent control authority based on the GDPR (that of its place of residence
or domicile); in Italy it is the Data Protection Authority.
You can exercise your rights by writing to the Data Controller Fieravicola Srl with registered office in Via
Emilia, 155 - 47921 Rimini (Italy), e-mail address: privacy@fieravicola.com
The Legal Representative of the company or the Representative of the organization undertakes to
communicate this Information to the other subjects belonging to the company or to the organization itself
and of which it declares to legitimately supply the relative data. Likewise, the consent given for the
purposes sub 5 by the Legal Representative of a company or by the Representative of an organization is
also extended to other subjects belonging to the company or to the organization itself.
Fieravicola Customer-Prospect privacy policy – Rev. 2 – 23.08.22