(Articles 13 and 14 of EU Regulation 2016/679 and Legislative Decree 196/2003 and subsequent amendments)
Dear User,
Below we provide you with some information that is necessary for your attention, not only to comply with legal obligations, but also because transparency and fairness towards data subjects are fundamental to our business.
This policy describes how we process the personal data of users who visit this website, which is accessible online at the following address:
museonazionaledabruzzo.cultura.gov.it.
This information does not apply to other sites, pages, or online services accessible via hyperlinks published on the site but referring to resources outside this domain.
Data Controller
The Data Controller (the entity that decides the purposes and methods of processing your personal data) is the Museo Nazionale d’Abruzzo.
VAT No.: IT93106940666
Headquarters: Via Tancredi da Pentima (formerly Mattatoio) – 67100 L’Aquila (AQ)
Telephone: 0862-085900
Certified Email: mn-abr@pec.cultura.gov.it
Email: mn-abr@cultura.gov.it
For processing operations that include posting content on social networks, the Data Controller has entered into standard joint controllership agreements with the owners of the social media platforms.
DPO
The Data Protection Officer (DPO) can be contacted at the following addresses:
Email: rpd@cultura.gov.it
Certified Email: rpd@pec.cultura.gov.it
Data categories
Data relating to the provision of an electronic communications service: traffic data, Internet browsing data, IP addresses or domain names of computers used by users connecting to the site; time of the request; method used to submit the request to the server; numerical code indicating the status of the server’s response (successful, error, etc.); other parameters relating to the operating system and browser used by the user.
Personal and contact details;
Any other data voluntarily provided by the user to the Data Controller.
Data source
Personal data is collected from the data subject during browsing (see also the cookie table) or through communications sent by the data subject and/or from publicly accessible sources, such as social networks.
Provision of data
Where indicated, the provision of your data is a necessary requirement to pursue the purposes indicated below. Therefore, if you fail to provide it, we will not be able to carry out the related processing.
Processing
Your personal data is collected and processed using automated, semi-automated, and non-automated methods, as specified below:
| Purpose | Legal basis | Conservation* |
| Allow full use of the website’s features | Art. 6 par. 1 lett. e) EU Regulation 2016/679 the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the data controller. | The duration is related to the individual cookie and can be consulted in the relevant information. |
| Allow the analysis of the website and its traffic as well as its optimization in order to ensure its usability | Art. 6 par. 1 lett. e) EU Regulation 2016/679 the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the data controller. | The duration is related to the individual cookie and can be consulted in the relevant information. |
| Dare seguito alle richieste dell’interessato | Misure precontrattuali o contrattuali (eseguire il servizio o la prestazione richiesta) | 10 anni dall’anno della richiesta |
| Sending informational and/or advertising material (e.g. newsletters) | Consent of the interested user** | Until consent is revoked. Processing will then be limited to mere storage for 10 years from the year in which consent was revoked. |
| Manage personal data protection obligations | Fulfillment of a legal obligation | For the time strictly necessary to implement the purpose |
| Management and maintenance of the network and IT systems | Fulfilment of a legal obligation and Art. 6 par. 1 lett. e) EU Regulation 2016/679 the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the data controller | In compliance with security implementations and with the provisions for the main processing of reference; 18 months with regards to the obligations regarding system administrators |
* In addition to the time required for the statute of limitations to accrue in relation to mutual rights and the retention period for backups,
** If you do not provide consent, your personal data will not be processed for the specific purposes. Consent may be revoked at any time by contacting the data controller using the contact details above or via the cookie banner.
Automated Processes and Profiling
We inform you that to achieve some of the above-mentioned purposes, we use automated processes (decision-making processes carried out using technological tools, without human intervention). These include profiling, which involves collecting information about you to analyze your characteristics and categorize you, groups you, or to perform evaluations, such as sending you personalized advertising based on your previous consumer choices or forecasts.
Data Disclosure
Your data may be disclosed exclusively for technical and operational purposes strictly related to the aforementioned purposes, to parties who process the data under the authority of the data controller, appointed as data processors pursuant to Art. 29 of EU Regulation 2016/679, to parties who process the data on behalf of the data controller, appointed as data processors pursuant to Art. 28 of EU Regulation 2016/679, as well as to public bodies required by law to disclose the data.
Data Transfer Outside the EU
Although we are committed to choosing services that minimize the processing of our users’ personal data, the processing of personal data for the aforementioned purposes, which involves the use of cookies and other tracking tools, may involve the transfer of some data, which only indirectly identifies you, to countries outside the EU or the European Economic Area (EEA), particularly to the United States.
For the purposes just described and the others mentioned above, personal data may be transferred only if one of the circumstances set out in Articles 44 et seq. of EU Regulation 2016/679 applies.
Data Subject Rights
The data subject has the right, pursuant to Articles 15 et seq. of EU Regulation 2016/679, to request from the Data Controller access to their personal data, as well as their rectification, erasure, or oblivion. The data subject also has the right to request data portability, restriction of processing, or to object to processing. Furthermore, the data subject has the right to review the essential content of the joint controllership agreements.
For consent-based processing, the data subject has the right to withdraw their consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal. To exercise their rights or to request additional information, the data subject may contact the Data Controller using the contact information above.
Complaint to the Guarantor
The interested party may also lodge a complaint with the Italian Data Protection Authority, located at Piazza Venezia 11, 00187 Rome, Italy – protocollo@pec.gdpd.it
Website Use by Minors
The website and related services are not directed at minors; therefore, no personal information will be collected from them. If it becomes known that information from or about minors has been unintentionally collected, the Website Owner will take reasonable measures to delete it as soon as possible, unless there is a legal obligation to retain it. The Website will investigate any reports of unintentionally collected information from or about a minor; users agree not to enter data regarding minors and to report any accidental collection of such information resulting from the use of our services.
Update of Policy
The Owner reserves the right to make changes to this privacy policy at any time, notifying Users on this page. Visitors are therefore encouraged to check this page frequently, referring to the date of the last modification indicated at the bottom.
Third-Party Services
| Service | Description |
| Font Awesome | Used to include graphic icons on websites, this service may collect anonymous usage data to improve the service and provide statistics. |
| Cloudflare JS | Questo servizio migliora la sicurezza e le prestazioni dei siti web e può raccogliere dati sull’uso del sito, incluso l’indirizzo IP, per proteggere contro minacce online e ottimizzare la consegna dei contenuti. |
| CDN JS | Un servizio utilizzato per includere librerie JavaScript e CSS nei siti web. Questo servizio può raccogliere informazioni sull’utilizzo, incluso l’indirizzo IP, per ottimizzare la distribuzione delle librerie e migliorare le prestazioni. |
Last updated on June 25, 2024
Cookies
Web cookies can be defined as small text strings that websites visited by a user send to their terminal (typically the browser), where they are stored before being re-sent to the same websites the next time the same user visits them. You can accept, reject, or change your cookie preferences via the appropriate banner/icon that appears on the homepage or through your browser’s preferences. Changing cookie settings may limit the display or functionality of this website. For a complete list and description of their characteristics, please refer to the specific information contained in the cookie banner.
Last updated on May 11, 2025
