Find More...


Privacy Policy and Cookies Policy


This section contains information about the management of the website of ‘ENTE PALIO DELLA CITTA’ DI
FERRARA A.P.S.’, with reference to the processing of the data of users who consult it. The Policy only
concerns ‘ENTE PALIO DELLA CITTA’ DI FERRARA A.P.S’ and does not apply to other websites possibly
consulted by link.
This website does not expressly address underage users. However, if the user is under the age of 14,
pursuant to paragraph 1 of Article 2-quinquies of the amended Legislative Decree 30 June 2003, n. 196,
must legitimize the consent, where required, through the authorization of the parents or legal guardian.
This Policy is pursuant to Article 13 of the European General Data Protection Regulation 2016/679
(hereinafter ‘GDPR’), on the protection of natural persons with regard to the processing of personal data
and on the free movement of such data (and repealing Directive 95/46/EC), for those who interact with
The purpose of this document is to provide information about the nature and the management of the
information relating to users / data subjects that the Data Controller collects and manages from the time of
connection to the website, regardless of the purpose of the connection itself, according to Italian and
European legislation. This Policy may be updated periodically and without prior notice to you to reflect
changes in data practices and legislation, so the user is therefore invited to periodically check this page.


Data Controller means the natural or legal person, public authority, agency or other body which, alone or
jointly with others, determines the purposes and means of the processing of personal data; where the
purposes and means of such processing are determined by Union or Member State law, the controller or
the specific criteria for its nomination may be provided for by Union or Member State law.
‘ENTE PALIO DELLA CITTA’ DI FERRARA A.P.S.’ is the Data Controller: Corso Porta Reno n. 11 (Clock Tower)
– 44121 Ferrara (FE) Italy – Tax Code 93005440388 and VAT Number 00891910382. For any request of
clarification or exercise of rights of the user / data subject, it will be possible to contact the Data Controller
at the following email address:


The Data Controller processes the following categories of personal data while browsing the website and
using the related functions:
a) information and data relating to browsing the website (e.g. information about the pages and sections of
the website visited, the user’s activities on the website, the time spent on individual pages and sections of
the website, etc.);
b) information and data relating to the devices used by the user to browse the website and use its functions
(e.g. IP address, browser used, type of device used, data relating to the geographical position, information
from cookies or similar tools);
c) personal data and information required to manage communications, if the user intends to interact with
the Data Controller through the contact forms (Contact Us and Press Material Request) on the website or
by writing to the e-mail contacts specified by the Data Controller;
d) in case of use by the user to the possibilities of interaction between the contents of the website and the
user’s profiles on social networks (eg. through Facebook, Instagram, YouTube buttons), data and
information will also be processed relating to these profiles.
The personal data referred to in categories a) and b) are automatically collected by the Data Controller
while the user is browsing the website; personal data belonging to other categories are provided directly
and voluntarily by the user himself.


The processing of personal data referred to in categories a) and b) of the previous section is necessary for
the Data Controller in order to guarantee the user the best possible browsing experience and to provide all
the functions of the website. However, it is possible to limit the processing of such personal data by using
functions made available by the website or by the device or browser or application. In this case, browsing
the website may be limited and some functions may be inaccessible.
The processing of personal data referred to in categories c) and d) of the previous section is necessary to
allow user interactions with the Data Controller: the user therefore has no obligation to provide such data;
failure to provide them will only result in the inability to receive feedback from the Data Controller or to
access a specific function.


The voluntary and explicit interaction with this website, in particular through the contact forms, involves
the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other
personal data included in the message.


The processing of personal data, where necessary as it is functional to allow consultation of the ‘ENTE
PALIO FERRARA’ website, does not require the user’s consent. The personal data provided by users who
submit information requests are used for the only purpose of responding to the request or performing a
requested service. Where necessary with respect to the specific purposes, in compliance with current
legislation, the specific consent of the user to the processing of data would be requested and collected.


Personal data will be processed in computerized and telematic mode for purposes strictly necessary for
browsing the ‘ENTE PALIO FERRARA’ website, as well as for purposes connected or instrumental to the
consultation itself. In addition, the data collected by the website may be used for any further purpose of
managing the contact and the request for information on the activities of the Data Controller. However, the
data transmitted will not in any way be alienated or transferred, for any reason, to third parties, except
with the prior and express consent of the data subject.
Processed data will be kept for the period strictly necessary to achieve the purposes expressed or up to any
request for cancellation or withdraw of consent, where applicable, by the user (always without prejudice to
the regulatory obligations imposed on the Data Controller). Specific security measures are adopted and
observed to prevent data breach, illicit or incorrect use and unauthorized access.
Computer systems and software procedures used to operate this website acquire, during their normal
operation, some personal data; the transmission of these data is implicit in the use of internet
communication protocols.
This category of data includes the IP addresses or domain names of the computers used by users who
connect to the website, the addresses in the Uniform Resource Identifier (URI) notation of the requested
resources, the time of the request, the method used to submit the request to the server, the size of the file
obtained in response, the numerical code indicating the status of the response given by the server
(successful, error, etc.) and other parameters relating to the operating system and the user’s IT
environment. These informations are not collected to be associated with identified data subjects, but,
through processing and association with data held by third parties, they could allow the user to be
These data are processed in order to obtain anonymous statistical information on the use of the website, as
well as to check its correct functioning, and are deleted immediately after processing. The data could be
used for security purposes (for example, blocking attempts to damage the site, or ascertaining
responsibility in case of computer crimes against the website) and will therefore be kept for the time
strictly necessary to achieve this purpose.


Data processing connected to the web services of this website takes place at the aforementioned
registered office of Data Controller, as well as by any external subjects authorized to carry out
management, maintenance and assistance operations or in any case involved in the organization of the
Data Controller (such as third party technical service providers, hosting providers, IT companies,
communication agencies). No data deriving from the web service is normally disclosed to third parties.


This website may share some of the data collected with services located outside the European Union area
(for example WordPress – Google – YouTube – Facebook – Instagram etc. through social plugins and the
Google Analytics service). The transfer is authorized and strictly regulated by CHAPTER V of the GDPR, so no
further consent is required. The Data Controller undertakes not to transfer data to third countries that do
not comply with the conditions set out in the GDPR.


Pursuant to Article 77 of the GDPR, the user / data subject has the right to lodge a complaint with the
Guarantor for the Protection of Personal Data, as the Supervisory Authority in Italy
( Pursuant to the purposes of the GDPR, the data subject is recognized the
following rights, if applicable.
Article 7 – Right to withdraw the consent
The data subject shall have the right to withdraw his or her consent at any time. The withdrawal of consent
shall not affect the lawfulness of processing based on consent before its withdrawal.
Article 15 – Right of access by the data subject
The data subject shall have the right to obtain from the Controller confirmation as to whether or not
personal data concerning him or her are being processed, and, where that is the case, access to the
personal data and the information about processing.
Article 16 – Right to rectification
The data subject shall have the right to obtain from the Controller without undue delay the rectification of
inaccurate personal data concerning him or her.
Article 17 – Right to erasure (‘right to be forgotten’)
The data subject shall have the right to obtain from the Controller the erasure of personal data concerning
him or her without undue delay and the Controller shall have the obligation to erase personal data without
undue delay where one of the GDPR grounds applies.
Art. 18 – Right to restriction of processing
The data subject shall have the right to obtain from the Controller restriction of processing in specific
Article 20 – Right to data portability
The data subject shall have the right to receive the personal data concerning him or her, which he or she
has provided to a Controller, in a structured, commonly used and machine-readable format and have the
right to transmit those data to another Controller.
Article 21 – Right to object
The data subject shall have the right to object, on grounds relating to his or her particular situation, at any
time to processing of personal data concerning him or her which is based on point (e) or (f) of Article 6,
paragraph 1), including profiling based on those provisions.
Article 22 – Automated individual decision-making, including profiling
The data subject shall have the right not to be subject to a decision based solely on automated processing,
including profiling, which produces legal effects concerning him or her or similarly significantly affects him
or her.
Requests can be addressed to the Data Controller without formalities or, alternatively, using the model
provided by the Supervisory Authority (available on the website, by sending a
registered letter with return receipt to the registered office or an email at the following address:
Any actions taken under Articles 15 to 22 shall be provided free of charge. Where requests from a data
subject are manifestly unfounded or excessive, in particular because of their repetitive character, the
Controller may either charge a reasonable fee taking into account the administrative costs of providing the
information or communication or taking the action requested, or refuse to act on the request.


This Policy may be updated periodically and without prior notice to you to reflect changes in data practices
and legislation, so the user is therefore invited to periodically check this page. This document was
controlled on September 01, 2021 to be compliant with current regulatory provisions, in particular with EU
Regulation 2016/679 – GDPR.



The website of ‘ENTE PALIO CITA’ DI FERRARA A.P.S.’ (hereinafter ‘ENTE PALIO FERRARA’) uses cookies to
make the user’s browsing experience easier and more intuitive.
Cookies consist of text strings that are recorded on the user’s terminal or that allow access to information
on the terminal itself. Cookies allow you to store information on the use of the website, on visitor
preferences, and are used in order to verify the correct functioning of the website itself and to improve its
functionality by customizing the content of the pages based on the type of browser used, or to simplify
navigation by automating the procedures (eg. login or website language).

Technical Cookies

They are used for the purpose of transmitting an electronic communication, to ensure the correct display of
the website and to browse it. They can store the user’s account identifier, site customization; they can also
be used for technical purposes such as saving entered information. They also allow to monitor the website
and distinguish between the various connected users for website security reasons. Some of these cookies
are deleted when the browser is closed (session cookies), others have a longer duration (persistent cookies
with pre-set expiration – for example the cookie necessary for storing the user’s consent in relation to the
use of the cookies themselves, which lasts at least 6 months). Consent is not required for these cookies.

Analytics Cookies

They are used directly by the website manager (or by third parties) to collect information, in aggregate
form, on the number of users and on how they proceed to browse the website. If the service is
anonymized, they are assimilated to technical cookies and the acquisition of the user’s consent is not
By clicking ‘OK’ on the banner present at the first access to the website, the user expressly consents to the
use of the aforementioned cookies and similar technologies and, in particular, to the registration of these
cookies on their terminal for the purposes indicated above, or to access through cookies to information on
the terminal.
The user can refuse the use of cookies and, at any time, can withdraw a consent already provided. Since
cookies are connected to the browser used, they can be disabled directly from the browser, thus
withdrawing consent to the use of the cookies themselves. Disabling cookies may prevent the correct use
of some functions of the website, in particular the services provided by third parties may not be accessible.


The user can manage cookies through the settings of the browser used. However, deleting the cookies from
the browser, the preferences set for the website could be removed. For further information and support,
the user can also visit the specific help page of the web browser used:
Internet Explorer:
Microsoft Edge:

Third Party Cookies

Third-party cookies are used to detect information on user behaviour on the website and to be able to
provide additional services and features to visitors, to simplify the use of the website or to provide
personalized advertising. These types of cookies are entirely managed by third parties and information on
their use and purposes, as well as on how to disable them, are provided directly by the third parties on the
relevant pages. Generally, the tracking of users does not involve identification of the same, unless the user
is already registered for the service and is not already logged in, in which case the user has already
expressed his consent directly to the third party at the time of subscription to the relevant service (eg.
This website uses cookies from the following third parties:
Google Inc .: for information on the use of data and their processing by Google, it is recommended to read
the privacy policy of Google and YouTube and the methods of use of data by Google when using sites or
apps of the partner.
Google Apis / Gstatic / Analytics: used to analyze the use of the website by users, make reports on website
activity and user behavior, check how often users visit the website, how the website is tracked and which
pages are visited more frequently. The information is combined with information collected from other
websites in order to create a comparative picture of the use of the website compared to other websites of
the same category. Collected data: browser ID, date and time of interaction with the website, page of
origin, IP address. Place of data processing: European Union, the anonymization of the service being active.
The data collected do not allow the personal identification of users and are not crossed with other
information relating to the same persons. They are treated in an aggregate and anonymous form.

Social network plugin

This site also incorporates plugins and buttons for social networks, in order to allow easy sharing of content
on user’s favourite social networks (eg. Facebook and Instagram). When the user visits a page of this
website that contains a plugin, the browser connects directly to the servers of the social network from
which the plugin is loaded, which server can track the visit to the website and, if necessary, associate it with
the social user account, in particular if the user is logged in at the time of the visit or if he or she recently
browsed one of the websites containing social plugins.
If the user does not want the social network to record the data relating to the visit to this website, must log
out of the social account and, probably, delete the cookies that the social network has installed in user’s
browser. With regard to the collection and use of information by third parties (cookie policy), please refer
to the respective Policy documents.

Profiling Cookies

Profiling cookies, with non-technical function, create profiles relating to the user and are used in order to
send advertising messages in line with the preferences expressed by the user while browsing. This website
does not provide profiling cookies; if the Data Controller decides to use these types of cookies, the user will
be asked for explicit consent. Article 22 of the GDPR and Article 122 of the Privacy Code will be applied.


This Policy may be updated periodically and without prior notice to you to reflect changes in data practices
and legislation, so the user is therefore invited to periodically check this page. This document was
controlled on September 01, 2021 to be compliant with current regulatory provisions, in particular with EU
Regulation 2016/679 – GDPR.