Information Management Policies (Article 13 del RGPD (General Regulation for the Protection of Information) 2016/679)

Purposes for Which Information May Be Used

By accessing and consulting this site, as well as by using the services are offered to users through the site, information pertaining to users as natural persons may be gathered and used. If personal information is acquired in this way, it will be gathered solely in compliance with current legislation regarding the protection of personal information and will be used solely for the following purposes:
a) purposes directly linked to access to and use of the site and its features and which are fundamental to their functioning;
b) for operational, administrative, and management requirements inherent to the services offered through the site;
c) in a completely anonymous and aggregated form, for statistical purposes;
d) to fulfill any legal obligations pursuant to European law and legislation.

Providing Personal Information
Providing personal information is voluntary, but failure to do so may make it impossible to use some of the sites’ services. To the extent possible, users will still be able to consult the site without providing personal information, though certain features of the site may not function.
Depending upon on the service offered, personal information of different types may be gathered and used, as specified below.

Navigation Information

The computer systems and software procedures used to operate this site may gather, during their normal functioning, some personal information whose transmission is implicit in the navigation of any website. This information is not collected for the purposes of associating it with specific interested parties. At the same time, however, by their very nature they could, through association with information held by third parties, allow users to be identified. The information gathered may include the IP addresses or domain names of users who connect to the site, the URLs of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server, and other parameters relating to the user’s operating system and platform.
The information provided herein is used for the sole purpose of obtaining anonymous statistical data regarding the use of the site and to monitor the site’s proper functioning, and such information is deleted immediately after processing. The information gathered could be used to determine responsibility in the event of computer crimes against the site.
With regard to cookies, please refer to the relevant information-management policy.

Information provided voluntarily by the user (communications)

The optional, intentional, and voluntary sending of communications by means of contact forms on the site, or by email to the addresses indicated on this site, implies that the information communicated by the user, including email address as well as the user’s consent to receive messages in response to requests, will subsequently be acquired. Personal information provided by users is employed solely for the purposes of satisfying or responding to requests sent by the user and are communicated to third parties solely if this is necessary to achieve that purpose.


The newsletter is delivered by email to those who request it and who have, by such request, authorized the City to make use of personal information for the herein-described purposes. The personal information provided by users is employed solely for the purposes of sending the newsletter and will not be disclosed to third parties. The aforementioned personal information will be kept exclusively for the period in which the newsletter service is active or until the user unsubscribes. To stop receiving the newsletter, the user may simply send an email request to the address indicated in the email in which the newsletter is sent.

Methods for Gathering and Making Use of Information

The data manager is the City of Modena. By order of the Mayor, and in accordance with the regulations of local authorities and the City’s fundamental choices regarding organizational matters, Dr. Luca Chiantore, director of the Demographic and Participation Services Sector of Smart City, based in Modena, Via Santi 40 (email:; telephone: +39 059-203-2000), was placed in charge of the city’s databases, as well as of the gathering and processing of information in his sector.
The Data Protection Officer (DPO) can be contacted at or by calling (+39) 059-209-367.
Personal information is gathered and used lawfully and properly and is intended solely for the purposes described herein. Processing is carried out through the use of appropriate tools designed to guarantee the confidentiality of personal information, including automated methods for storing, managing, and transmitting data. Specific security measures have been adopted to prevent data loss and reduce the risks of illicit or incorrect use of and unauthorized access to private information.
Personal information will be kept for the time prescribed by law and, in any case, for the amount of time strictly necessary to follow up on the activities for which they were collected. After that point, they may be stored in compliance with relevant regulatory provisions, or with eventual further obligations regarding the conservation or archiving of personal information as provided by law, for purposes of serving the public interest, conducting scientific or historical research, or undertaking statistical analyses.

Communication of Collected Personal Information

Employees of the data manager, as well as consultants or other individuals who provide services instrumental to the aforementioned purposes (such as, for example, technical services), may become aware of users’ personal information. These subjects act in their capacity as authorized data managers and system administrators.
Information acquired on the internet, or derived in any way from internet-based services, may be communicated to the technological and instrumental partners of the data manager in order to provide services requested by users in compliance with the purposes indicated herein. To that end, individuals who will have access to users’ personal information will be specifically authorized to process that information by the data manager and, if necessary, appointed as data managers, pursuant to Articles 28 and 29 of the General Regulation for the Protection of Information 2016/679.
In particular, users are informed that management of the mailing list and of information acquired in the context of functions, and other services of specific sections of the site has been entrusted to Modenatur S.c.a.r.l., based in Modena, designated external data manager and processor and that the technical support service was entrusted to Red Turtle Technology based in Ferrara, as external data manager and processor. Both have been designated data manager and processor.
Information gathered for the purposes described herein may also be disclosed to subjects authorized by law or regulation to carry out those purposes.
Responsibility for the processing of personal information will not be transferred to third countries or international organizations.

Rights of Interested Parties

Each interested party has the right to access, at any time, personal information relevant to him or her that has been gathered and processed by the data manager (right of access) in order to verify its correctness and to verify the lawfulness of the manner in which that information is used. The interested party may also exercise all the rights recognized by current legislation regarding the protection of personal information (Chapter III of European Union Reg. No. 2016/679). In particular, she or he may request, at any time, that incorrect or inaccurate information be corrected or updated, that the use of that information be limited, and that such information be cancelled (right to be forgotten). In addition, the user may withdraw any consent given as well as file a complaint with the Italian Guarantor of Data Protection.
An interested party may contact the data manager, at the addresses indicated above, to exercise her or his rights and to obtain more information regarding the use and processing of personal information.