Terms of use

The use of the website www.villagrimani.it implies that the user is aware of the following conditions.
The material contained on the website is protected by copyright.
Unless expressly provided otherwise, it is not permitted to copy, modify, upload, download, transmit, republish, or reproduce the screen content for redistribution to third parties for commercial purposes without prior written consent from Villa Grimani srl Unipersonale.
The use of content or trademarks of the site is not allowed for any purpose other than those expressly mentioned.
No responsibility is assumed for the content published on this website or for the use that third parties may make of it, nor for any contamination resulting from access, interconnection, or downloading of material and software programs from this site.
Therefore, Villa Grimani srl Unipersonale shall not be held liable in any way for any damages, losses, or harm of any kind that third parties may suffer as a result of contact with this website or the use of its published content or software.
 
Form: IS – Last Updated: 10/2024

Privacy Policy for the Processing of Personal Data

Articles 13 and 14 of EU REGULATION No. 679/2016
Legislative Decree 196/2003 as amended by Legislative Decree 101/2018

Dear User,
This privacy notice describes the methods of managing the website in regard to the processing of personal data of users who consult it, as well as data processing practices through this website. Pursuant to Articles 13 (for data collected from the data subject) and 14 (for data not collected from the data subject) of Regulation (EU) 2016/679 (hereinafter GDPR), the following information is provided to the Users of this Website. This information applies exclusively to data processing carried out via this Website and not through other websites that may be accessed via links from this one, for which we advise reviewing the privacy notices of those respective controllers. This Website and the services offered through it are reserved for individuals who are at least 18 years old. Therefore, the Controller does not process personal data of persons under the age of 18. Upon request by such users, the Controller will promptly delete all personal data collected inadvertently.

1. Data Controller
The data controller is Villa Grimani srl Unipersonale, headquartered at Via L. da Vinci, 4 – 35027 Noventa Padovana (PD), Tax Code and VAT number: 04237730280 (hereinafter “Controller”). The Controller may appoint a data processor (e.g., web agency or consultant) for technical assistance, maintenance, and similar purposes related to the Website. Contact details for the Processor may be provided upon request at the addresses above. The Controller and Processor may also process user data through authorized internal staff.
The Data Protection Officer (DPO) can be contacted at: Phone +39 348 3165267, e-mail: nicola.ghinello@dpo-rpd.com

2. Categories of Data Processed and Source

• Browsing data: Information systems and software procedures used for the operation of this site acquire, during normal operation, certain personal data whose transmission is implicit in the use of Internet communication protocols. This data includes IP addresses, browser type, operating system, domain names, pages visited, access time, page duration, and other parameters related to the user’s device. This technical/computer data is collected and used only in an aggregated and anonymous form for the purpose of ensuring proper website functionality and gathering anonymous statistical information. The data is deleted immediately after processing.

• Cookies: Please see our Cookie Policy

• Data voluntarily provided by the user, including:

  • Common data (e.g., identification, contact, billing info)

  • Occasionally, special categories of data (Art. 9 GDPR)

  • Occasionally, judicial data (Art. 10 GDPR)

Sources may include navigation, other websites, cookies, the user, or public sources.
We primarily process browsing data and cookies, as well as any voluntarily submitted data (e.g., via contact forms or emails). Public sources might include directories, registries, or databases.

3. Purpose of Data Processing
User personal data will be processed for purposes connected with the functionality of the Website, particularly but not exclusively for:

• Responding to specific requests from the User through contact forms or other communication tools

• Sending informational communications related to the Controller’s services

• Managing event registrations and related notifications

• Other purposes related to the above and within the Website’s scope

Browsing data is also processed to verify access and ensure technical functionality (including session cookies, functional cookies, and analytical cookies that meet regulatory standards). Analytical cookies are anonymized and used to monitor and improve the Website. See the Cookie Policy for details.

4. Legal Basis for Processing
Data processing is based on the fulfillment of contractual or pre-contractual obligations (e.g., service or quote requests). Where necessary, it is also based on the user’s informed consent (e.g., checking boxes on forms). Required data fields are essential for processing requests; consent may be required for additional data processing.
A separate privacy notice will be provided when necessary.
Processing is also based on the legitimate interest of the Controller, as outlined below.

5. Legitimate Interest of the Controller
Data processing may be based on the Controller’s legitimate interests, such as exercising legal rights, performing contracts, or conducting direct marketing within regulatory limits.

6. Mandatory Nature of Providing Data
Providing browsing data depends on the privacy settings enabled by the user via their browser. Disabling certain settings may affect website functionality. Technical cookies and some user data are required for the website to function properly.
Other data is optional and preceded by appropriate consent checkboxes. For example, an email address is necessary to reply to contact form submissions; failure to provide required data may prevent the Controller from fulfilling the request.

GENERAL PROVISIONS FOR ALL DATA PROCESSING

Even if the user has consented to the data processing for the purposes listed above, they may withdraw their consent at any time.
As specifically required by Article 21 of the GDPR, the data subject has the right to object at any time to the processing of their personal data for the stated purposes. If the user objects, such data may no longer be processed for those purposes.

7. Possible Recipients of Personal Data
Data may be shared with affiliated companies, consultants, or third parties acting on behalf of the Controller, both within and outside the EU (only with compliant entities in the latter case).
Browsing data and profiling cookies (including third-party cookies) may be disclosed to relevant third parties. See the Cookie Policy for further details.
In all cases, data may be shared with data processors or authorized personnel, all trained and operating under the scope of the purposes described herein. A detailed list is available at our headquarters.

8. Data Retention Period
The data voluntarily provided by the Data Subject will be retained until express revocation by the Data Subject, which can also occur through browser action, cookie clearing, express request, or otherwise. Browsing data will be retained, in accordance with the principle of proportionality, in a form that allows the identification of the Data Subject for a period not exceeding that necessary for the purposes for which the data was collected or subsequently processed.
Excluded from the above time limits are cases where it is necessary to retain the data for a longer period to defend or assert a right or to comply with legal obligations or orders from Authorities.

9. Rights of the Data Subject
Each Data Subject has the right to access, rectify, erase (right to be forgotten), restrict processing, receive notification in case of rectification, erasure or restriction, data portability, object to processing, and not be subject to automated individual decision-making, including profiling, pursuant to Articles 15 to 22 of the GDPR. These rights can be exercised in the manner and within the terms set out in Article 12 GDPR, by sending a written communication to the Data Controller (see point 10).
The Data Controller will provide an appropriate response as soon as possible and in any case within 1 month of receiving the request.

10. Right to Withdraw Consent (How to Exercise Your Rights)
Consent, where required, can be withdrawn at any time and/or rights can be exercised by sending:

• a registered letter with acknowledgment of receipt to the Data Controller (address shown in the letterhead);

• an email to: privacy@villagrimani.it
   

11. Complaints
Each Data Subject has the right to lodge a complaint pursuant to Articles 77 and following of the GDPR with a supervisory authority, which for Italy is the Garante per la protezione dei dati personali (Data Protection Authority). The forms, methods, and deadlines for filing complaints are governed by national law. Lodging a complaint does not affect other administrative or judicial actions, which in Italy can be alternatively filed with the Garante or the competent court.

12. Profiling
Personal data provided through navigation of this website and through any form submissions may be subject to profiling by third-party providers through third-party cookies.
Profiling allows such third-party providers—autonomous controllers of personal data processing for profiling purposes, distinct from the controller of this website—to evaluate certain personal aspects of the Data Subject, particularly preferences, interests, and tastes, based on visited pages and performed activities, in order to offer a more tailored service.
For more information, users are encouraged to read the Cookie Policy.

13. Data Controller, DPO, Authorized Personnel, Data Processors
We provide the following information not only to fulfill legal obligations but also because transparency and fairness towards data subjects are fundamental to our business.
Data Controller. The Data Controller of your personal data is Villa Grimani s.r.l. Unipersonale, responsible for the lawful and correct use of your data. You may contact them for any information or request: phone +39 049 8933833, email: privacy@villagrimani.it.
DPO (Data Protection Officer):. You may also contact the Data Protection Officer for information or to report issues. The DPO appointed by the Data Controller is Mr. Nicola Ghinello, reachable at: e-mail: nicola.ghinello@dpo-rpd.com.
Authorized Personnel:. An up-to-date list of authorized data processors is held at the Data Controller’s office.
Data Processors:
For brevity, the detailed list of such parties is available at our headquarters.

14. Social Media Plug-ins
This website may contain plug-ins from social media platforms (e.g., Facebook). These plug-ins allow features of social networks to be embedded directly into the website (e.g., Facebook’s “like” button) and are marked with the social platform’s logo. When visiting a page on this site and interacting with a plug-in (e.g., clicking “like”) or posting a comment, the corresponding information is sent from the browser directly to the social network (e.g., Facebook) and stored there.
For more information on purposes, types, methods of data collection, processing, usage, and storage by the social network platform—as well as how to exercise your rights—please refer to the social network’s privacy policy.

15. Links to Third-Party Sites
This website may contain links to third-party websites. The Data Controller assumes no responsibility for how personal data is managed by those third-party websites or for how authentication credentials provided by third parties are handled.

16. Cookie
Cookies are small pieces of data sent by a web server (e.g., the site) to the user’s Internet browser, which are automatically stored on the device and sent back to the server during subsequent visits to the site.
For more information on types, characteristics, use, and how to delete or disable cookies on this website, refer to the Cookie Policy.
 
Cookie Policy
This document is prepared by the Data Controller as the controller of personal data resulting from browsing this website (hereinafter “the Site”).
The Controller informs users that the Site uses technical cookies to ensure an optimal browsing experience. This Cookie Policy supplements the Privacy Policy and describes the types of cookies and other technologies used on the Site, including their purposes and use conditions.
Some cookies are necessary for proper site navigation.
Users can prevent cookie installation by configuring their browser settings or by disabling site use directly via the browser, as outlined below.
Use of Cookies on This Site
The Site uses cookies to provide a simple and efficient user experience. Minimal information is stored in small text files (“cookies”) on users’ devices (e.g., computers or mobile devices) via their browser.
Cookies help to:

• Store user preferences;

• Prevent repeated data entry (e.g., username, password);

• Analyze site usage to optimize the services and content offered.

Types of Cookies
Technical Cookies
These ensure proper operation of certain site sections and are classified as:

• Persistent: Remain even after the browser is closed, until a set expiration date.

• Session: Deleted when the browser is closed.

These are always used and sent unless the user changes browser settings (which may impair site functionality).
Statistics Cookies
Used to collect anonymous data on site usage for statistical analysis to improve content and services. These may be sent by the site or third parties.
Marketing Cookies
Enable features from third parties (e.g., social sharing tools, embedded maps, etc.). Also used to create user profiles for targeted advertising based on site behavior. These are sent by third-party domains or partners.
The site does not require user consent for technical cookies.
For other cookie types, user consent is managed via the site’s consent tool. Without consent, some site features may not be visible.