Privacy disclosure

Information note on the protection of personal data / request for consent to treatment

Purpose of the treatment. In accordance with the art. 13 of Legislative Decree No. 196/2003 (hereinafter the Code), Tourist Point s.r.l. (hereinafter TOURIST POINT) will collect and process, as Data Controller, some personal information relating to users of the website www.criptasansepolcromilano.it

Personal Data – as defined below – are processed by TOURIST POINT for purposes related to the provision of services available on www.criptasansepolcromilano.it and on other websites that address the site criptasansepolcromilano.it, and in particular:

  1. provide the portal service that provides information on initiatives and things to do in Milan
  2. sell tickets to the Crypt of San Sepolcro and to events organized there
  3. analysis and studies

(below the Services).

Your Personal Data (as defined below) may also be used by TOURIST POINT to send you newsletters and other promotional material related to Services similar to those previously purchased on the site criptasansepolcromilano.it, unless you withdraw consent to receive this kind of information / newsletter. You can also withdraw your consent to receive these communications at any time by sending an e-mail to cripta@milanocard.it.

Moreover, at the time of registration or when purchasing a Service, you will give your express consent to receive commercial communications and / or allow TOURIST POINT to perform market analysis through your Personal Data, in order to send you personalized promotional information . It will be considered express consent if you pass 48h from the registration, you will not inform the data controller of your desire not to allow the use of your data except for the simple provision of the Service. Instead, you will have 1 month time, from the date of delivery of your data, to request cancellation or information regarding the treatment. The deletion of data could make it impossible to provide the Services, in these cases there is no refund.

Personal Data and method and place of treatment. Personal Data may be provided directly by users of the Services (ie personal data such as name, surname, e-mail address, credit card number, and – if required by applicable tax law – home address, country, telephone number, date of birth, tax code) and may include data collected during the provision of the Service to the user (ie type and quantity of product purchased and information provided by Cookies – see below) (hereinafter the Personal Data).

Personal Data will be stored on the TOURIST POINT servers and will be processed (electronically or otherwise) for the purpose of management of the Services, for the purpose of conducting market statistics (through anonymous data) and to comply with any obligation under applicable law. Personal Data will be processed only by persons appointed by TOURIST POINT, and in particular by its employees or collaborators (also employed in the branches of TOURIST POINT and in the companies of its group).

Communication of Personal Data to Partners (who will act as data controllers). In order to provide the Service, TOURIST POINT can communicate to Third Party Partners – identified in the related “product information” and in the purchase order – the Personal Data strictly necessary to ensure the supply of Supplier Services in Italy and abroad. (ie your username, your email address if necessary to complete the Supplier’s Service, and any other relevant booking information). The Partner will act as independent Owner in relation to the Personal Data provided.

The Partner may have and can send you his privacy policy, which we invite you to read carefully. The Partner may contact you to obtain more information about you, so as to facilitate your use of the Partner’s Service, make the Partner’s Service available or respond to a request sent by you.

Communication of Personal Data to affiliated companies of TOURIST POINT or to other suppliers (who will act as controllers). In order to provide the Service, TOURIST POINT will be able to communicate the Personal Data to third parties that perform consultancy activities for it, its affiliated companies and its suppliers, both in Italy and abroad, within the EU, to carry out in its name functions related to the Services (such as executing orders, delivering tickets, sending mail and e-mails, providing commercial assistance, processing credit card payments and providing services to customers). These subjects will have access to the Personal Data necessary to perform these functions (and can not use them for different purposes), will be required to process the data in accordance with applicable law, will be responsible for processing by TOURIST POINT and will be included in an updated list , available at the TOURIST POINT headquarters. Personal Data will not be disclosed to other third parties or otherwise disseminated.

Duration of the Treatment. Personal Data will be kept for the time necessary to provide the Services requested by the User, or for the time required by the purposes described in this document. The user can always request the Data Controller to interrupt the processing and / or delete data in the cases provided for by law.

Cookies. Some pages of the Website for the provision of the Services may use a widespread industry technology called “cookies”. “Cookies” are fragments of data that are placed on your hard drive when you access certain parts of a website. Cookies allow you to more easily provide information to TOURIST POINT, allow TOURIST POINT to know which pages of your site are most popular, where visitors to TOURIST POINT are direct, and how long they stay there, this in order to facilitate you , through the personalization of your internet settings. Cookies are also used to show advertisements (including third parties) that are relevant to your tastes and preferences.

If you do not wish to accept cookies, these can be deactivated.

Security measures. TOURIST POINT has adopted security measures in order to minimize the risks related to the loss or damage – even accidental – of personal data, or unauthorized access to data or their unlawful processing.

Exercise of the right granted by the Data Protection Act. At any time you can exercise the rights granted by law, ie the right to be informed about the existence, content, source, purposes and methods of processing Personal Data, and the right to request updates, corrections, additions and (when permitted by law) the cancellation of Personal Data. These rights may be exercised by contacting the Data Controller at the e-mail address cripta@milantourismpoint.com. Please note that failure to provide your Personal Information may prevent TOURIST POINT from providing the Services.

Last updated: 10 October 2017.