Privacy Policy

• Browsing data: IP addresses, technical logs, and anonymized technical/analytics cookies.
• Contact data: first and last name, email, phone number, and any information voluntarily submitted through forms.
• Submitted content: editorial materials, descriptions of cultural projects, and attachments uploaded by users.

Processing is carried out for the following purposes, linked to the stated legal bases:

1. Fulfilling requests and sending personalized replies (Art. 6.1.b GDPR).
2. Managing events, residencies, and cultural activities, including publishing excerpts with prior consent (Art. 6.1.a GDPR).
3. Complying with legal obligations related to accounting, cybersecurity, and protection of rights (Art. 6.1.c and f GDPR).
4. Informative activities and editorial newsletters with explicit opt-in and opt-out at any time (Art. 6.1.a GDPR).

Data is processed using digital and paper tools with security measures proportionate to the risk (encryption, redundant backups, role-based access). Retention is limited to what is strictly necessary: up to 24 months for general inquiries and up to 60 months for project documentation; beyond these terms data is deleted or anonymized unless different legal obligations apply.

Data may be shared with technical providers, legal/accounting advisors, cloud platforms with servers in the EU, and authorized personnel properly instructed by the Controller. No blanket disclosure is foreseen. Any extra-EU transfers occur only toward countries with adequacy decisions or via EU Commission Standard Contractual Clauses.

Under Articles 15-22 GDPR, data subjects may exercise the following rights: access, rectification, erasure, restriction, objection, data portability, withdrawal of consent, and lodging a complaint with the Data Protection Authority (www.garanteprivacy.it).

Requests must be sent to [email protected] with the subject "Privacy rights request" and a valid ID attached to enable proper verification.

The site uses only technical cookies that are necessary for operation and, optionally, anonymized third-party analytics cookies. Details are available in the consent banner and the dedicated Cookie Policy. Disabling optional cookies does not affect navigation.

The website is not specifically directed to children under 14 years of age. If personal data of a child under 14 is received through contact forms or other channels on the website, processing may only take place with the consent of the person exercising parental responsibility. In the absence of such consent, the data will be deleted where technically possible.

The Controller may amend this notice to reflect regulatory developments or service changes. Updates are announced on this page and, when substantially impacting users, through direct communications or dedicated banners.