Privacy Policy

INFORMATION ON THE PROCESSING OF PERSONAL DATA

This information is provided pursuant to art. 13 of EU Regulation 2016/679 of the European Parliament and of the Council of 27.04.2016 on the protection of individuals with regard to the processing of personal data, as well as on the free circulation of such data (known as “General Regulation on the processing of personal data” or “GDPR”) and Legislative Decree 30.06.2003, n. 196, as amended and integrated by Legislative Decree 10.08.2018, n. 101 (“Personal Data Code” or “Privacy Code”) by:

Pordenone Fiere S.p.A., with registered office in 33170 Pordenone (PN), Viale Treviso, 1, tax code and VAT number 00076940931, in the person of its pro tempore legal representative;
in the capacity of Data Controller (hereinafter “Controller”).

The Controller, aware of the importance of ensuring the security of private information, in compliance with the applicable European and Italian legislation, in compliance with the principle of transparency pursuant to art. 12, GDPR, provides the following information below in order to make the user aware of the characteristics and methods of processing personal data.

1. Object of the data processing
The Data Controller processes personal identification data (for example, personal data such as name, surname, tax code, contact details such as residential address, email, telephone number), as well as other information (for example, direct debit and bank account details) – hereinafter, “personal data” or also “data”, communicated by you, or otherwise acquired within the limits of what is provided for by art. 14, paragraph 5, GDPR, in the context of the commercial relationships in force with the Data Controller itself.

2. Legal basis and purpose of data processing
Your personal data are processed:
a) without your express consent (see art. 6, letter b, GDPR) for the following purposes:
i. to execute contract demands (contractual purposes). In this case, in fact, the execution of a contract of which you are a party or the execution of pre-contractual measures adopted upon your request, constitutes the legal basis of the processing;
ii. to execute the planning and organizational management of events (planning and management of events and shows purposes), such as issuing and payment of tickets, accreditations and access passes, management of personal identification cards for security purposes, planning and management of specific services requested by you (e.g. translation services, hostesses, catering), management of contracts stipulated by us with third-party suppliers of goods and/or services used by you during or on the occasion of events; publication of your name and surname or company name and name, telephone number, fax, e-mail, website in the public catalogue and/or online or paper visitor guide of the event in which you are participating;
iii. furthermore, we inform you that your personal data may be processed without your express consent (see art. 6, letters b, c, d, e, f), also for the purpose of: fulfilling administrative, accounting and tax obligations arising from the existing contractual relationship; fulfilling obligations established by law, by a regulation, by community legislation or by an order of the Authority; safeguarding the vital interests of the interested party or of another natural person, performing tasks of public interest or connected to the exercise of public powers vested in the Data Controller; pursuing a legitimate interest of the Data Controller or of third parties, within the limits and under the conditions set out in art. 6, letter f), GDPR; exercising the rights of the Data Controller (by way of example, the right to defence in court).
b) only with your specific and unequivocal consent (see articles 6, letter a, 7, GDPR), for the following additional purposes:
sending newsletters, discount coupons and freebies, commercial communications and/or advertising material on products and/or services offered by Pordenone Fiere Spa relating to events taking place in the exhibition centre, carrying out statistical studies and/or market research, also through specially appointed companies [Growens Spa (MailUp), Goodnet, Eventbrite or similar companies] – via e-mail, push-up messages, messaging functions with mobile devices, telephone calls with an operator, social networks and/or other communication tools (marketing purposes);
analysis of your preferences, habits, behaviours and/or interests for the definition of personalized commercial profiles – individual or group – also for the purpose of sending targeted commercial communications using the traditional and/or automated methods referred to in point i. above, also through specially appointed companies (profiling purposes);
iii. communication of data to third-party partners of Pordenone Fiere Spa (event organizers, exhibitors or other operators active in events) for independent direct marketing actions relating to goods and services inherent to such third-party partners.
In such cases, in fact, consent constitutes the legal basis of the processing.

3. Nature of the provision of personal data
The provision of data for the purposes referred to in art. 2, letter a) – contractual purposes and purposes of planning and management of events – is necessary, as your refusal to provide the requested personal data could make it impossible for the Data Controller to fulfil legal obligations and/or those deriving from the management of the contractual relationship, thus preventing its formalization and/or execution. The provision of data for the purposes referred to in art. 2, letter b), point i. – marketing purposes – is optional and failure to provide it may imply the impossibility of receiving newsletters, commercial communications and/or advertising material on products and/or services offered by the Data Controller, of being the subject of statistical studies and/or market research, as well as of being subject to publication in catalogues and/or guides in paper and/or electronic format. The provision of data for the purposes referred to in art. 2, letter b), point ii. – profiling purposes – is optional and failure to provide it may imply the impossibility for the Data Controller to use such data to perform analyses of your preferences, habits, behaviours and/or interests for the definition of personalised commercial profiles – individual or group – also for the purpose of sending targeted commercial communications using traditional and/or automated methods.

4. Processing methods
The processing of your personal data is carried out by means of the operations indicated in art. 4, paragraph 1, no. 2), GDPR, or any operation or set of operations, performed with or without the aid of automated processes and applied to personal data or sets of personal data, such as collection, registration, organization, structuring, storage, adaptation or modification, extraction, consultation, use, communication by transmission, dissemination or any other form of availability, comparison or interconnection, limitation, cancellation or destruction. The processing of your data will be based on the principles of correctness, lawfulness and transparency and may also be carried out through automated methods designed to store, manage and transmit them and will take place using suitable tools, as far as is reasonable and in the state of the art, to guarantee security and confidentiality through the use of suitable procedures that avoid the risk of loss, unauthorized access, illicit use and dissemination. Personal data may be stored on both computer and paper media, as well as on any other type of media deemed most suitable for their processing.

5. Data retention period
The Data Controller will process the data for the time necessary to pursue the relevant purposes as stated above, in particular:
– 10 years from the date of data collection or acquisition of consent in the case of the purpose of selling exhibition spaces and complementary event services, as well as the sale of advertising spaces not connected to the Events;
– 10 years from the date of data collection or acquisition of consent in the case of direct marketing purposes towards exhibitors and other third parties who organize Events, as well as towards visitors, buyers, conference attendees and journalists;
– The longest period between the 10-year term and the termination of the position in relation to the direct marketing purposes towards the so-called VIPs;
– 12 months from the end of the Event in the case of the purpose of pre-sale and sale of online and on site tickets to visitors and free invitations, the purpose of controlling and recording access by visitors and VIPs as well as the purpose of registering the Event security personnel.
– 10 days from the date of registration in the case of management of the video surveillance system;
– The online and paper catalogue of exhibitors created for promotional purposes is retained for the last two editions of the same Event;
– Until obtaining the administrative certification of the Event in the case of certification purposes of the same;
After this retention period, the data will be destroyed or made anonymous and, in any case, will be rendered unusable for the purposes whose retention periods have expired.

6. Data communication
The personal data processed by the Data Controller will not be disseminated, or will not be made known to unspecified parties, in any possible form, including that of making them available or simply consulting them. They may, however, be made accessible to workers and/or collaborators who work for and under the Data Controller and/or to some external parties who present sufficient guarantees of having adopted adequate legal, organizational and technical measures so that the processing meets the requirements of the GDPR and guarantees the protection of the rights of the interested party. In particular, your data may be made accessible to: i. employees and collaborators of the Data Controller, in their capacity as internal managers, delegates, designated and/or authorized to process personal data and/or System Administrators; ii. third-party companies or other parties (for example: credit institutions, professional firms, consultants, insurance companies, etc.) who carry out outsourcing activities on behalf of the Data Controller, in their capacity as external managers of the processing of personal data; third-party companies or other subjects (for example: subjects who send informative and/or promotional communications, marketing services, telemarketing services, statistical studies and/or market research, etc.), so that they can carry out the activities referred to in art. 2, letter b), points i. and ii. iii.

7. Data transfer
The management and storage of personal data will take place on the servers of the Data Controller and/or third-party companies appointed and duly charged as Data Processors, located within the European Union, or in compliance with the provisions of Articles 45 et seq., GDPR. The servers are currently located in Italy. The data will not be transferred outside the European Union. In any case, it is understood that, if it becomes necessary to transfer the location of the servers, in Italy and/or the European Union and/or non-EU countries, such transfer will always take place in compliance with Articles 45 et seq., GDPR. In this case, however, the Data Controller hereby ensures that the transfer of data outside the EU will take place in compliance with the applicable legal provisions by stipulating, if necessary, agreements that guarantee an adequate level of protection and/or by adopting the standard contractual clauses provided by the European Commission.

8. Rights of the interested party
Pursuant to Articles from 15 to 21, GDPR, you have the right to: i. obtain from the Data Controller confirmation as to whether or not personal data concerning you are being processed and, where that is the case, access to the personal data, including receiving a copy (so-called right of access); ii. obtain from the Data Controller the rectification of inaccurate personal data and/or the integration of incomplete personal data concerning you (so-called right of rectification); iii. obtain from the Data Controller the erasure of personal data if one of the reasons provided for by the GDPR exists (so-called right to erasure); iv. Obtain from the Data Controller the restriction of processing only to some personal data if one of the reasons provided for by the GDPR exists (so-called right to restriction of processing); v. request and receive from the Data Controller, in a structured, commonly used and machine-readable format, the personal data concerning you, or request and obtain the transmission to another Data Controller without impediments (so-called right to portability); vi. revoke, at any time, any consent given regarding the processing of your personal data (so-called right to revoke consent); vii. object, in whole or in part, to the processing of personal data (so-called right to object); viii. not be subjected to a decision based solely on automated processing in the cases provided for by the GDPR; ix. to lodge a complaint with the Data Protection Authority, as well as to exercise the other rights recognized to you by applicable European and Italian legislation.

9. How to exercise your rights
You may exercise your rights at any time by contacting the Data Controller:
► by registered mail with return receipt: Pordenone Fiere S.p.A., with registered office in 33170 Pordenone (PN), Viale Treviso, 1, for the attention of Dr. Ing. Luca Sardelli;
► by e-mail: privacy@fierapordenone.it

10. Minors
In cases where consent is required, where the person providing it is a minor, the processing is lawful only if and to the extent that the aforementioned consent is given by the person exercising parental responsibility. With specific reference to the processing of personal data relating to the direct offer of information society services, pursuant to art. 8, GDPR, as well as art. 2 quinquies, Privacy Code, where the subject who provides is under the age of 14 (fourteen), the processing is lawful only if and to the extent that the aforementioned consent is given or authorized by the holder of parental responsibility.

11. Owner, managers, delegates, designated and authorized
The Data Controller is:
Pordenone Fiere S.p.A., with registered office in 33170 Pordenone (PN), Viale Treviso, 1, tax code and VAT number 00076940931, in the person of the legal representative pro tempore. Further information regarding the managers, delegates, designated and authorized to process personal data can be requested by contacting the Owner at the addresses indicated in this information notice.

12. Data Protection Officer (so-called Data Protection Officer — DPO)
In light of the processing activities carried out, the Data Controller has deemed it necessary to designate, as the Data Protection Officer – so-called Data Protection Officer or “DPO” – pursuant to art. 37, GDPR, Eng. Fabrizio Bottacin, who may be contacted for any information and/or request by writing to: DPO Dr. Bottacin Fabrizio, viale Treviso 1, 33170 Pordenone, or by sending an e-mail to: dpo@fierapordenone.it.

Pordenone (PN), 27 February 2023
The Data Controller
Pordenone Fiere S.p.A.

It may be of interest

12th Garden Show

As part of Ortogiardino, Pordenone Fiere Spa continues to host the Garden Festival, an event that puts the best garden ideas and creations into competition, linked to a theme that varies with each edition.

The call for tender of the 12th edition, which will be held in 2025, is online.

Discover More Download the announcement of the Festival of Gardens 2025 Open a new window in the browser
Cucinare

Ortogiardino hosts Cucinare, Quality Food and Wine Exhibition.

Discover More Become an exhibitor

Need help?

Need information on how to visit or exhibit at Ortogiardino and Cucinare? Click the buttons below to access the relevant sections or to contact us.

To Exhibit To Visit Cucinare Contacts