Information regarding personal data in accordance with  Art. 13 GDPR 679/2016

In accordance with Art. 13 of the GDPR (EU regulation 2016/679) and in the interests of transparency, the following information is provided so that the data subject may be notified of the characteristics and methods of processing:

Identity and contact details
The Data Controller is the Consorzio Turistico Piana Rotaliana Königsberg ETS, with registered offices in Corso del Popolo, 35 - 38017 Mezzolombardo (TN), Italy, Tel. +39 0461 1752525, – mail: – Pec:

How the Controller collects and processes your data
The Controller obtains and/or receives information freely provided by you, i.e. your name, surname, tax code, postal and email addresses, landline and/or mobile phone number, company name, VAT number and bank details. They are used by the Controller to carry out the contract and/or service, and to fulfil the  legal and regulatory obligations with which the Controller must comply in accordance with his/her activity. Your personal data are transferred mainly to third parties and/or recipients whose activity is necessary for the proper execution of the Controller’s activities or to improve the products/services offered, and also to meet certain legal obligations. Any transfer that is not for these purposes will be submitted for your consent. Your data (i.e.  first name, surname, address, mobile and/or landline phone number) may also be processed for commercial promotional purposes and for market surveys and research with regard to the products and services offered by the Controller only if you authorise and/or do not object to such processing.

Aims of the processing
Data will be processed in accordance with the conditions of lawfulness set out in Art. 6 of EU Reg. 2016/679 for the following purposes:

1) to manage the pre-contractual and contractual relationship and consequent fulfilment of the contract and regulatory obligations
Your personal data are processed in order to carry out activities prior and consequent to the signing of the contract or the request for a service and any obligations arising from them, for managing invoicing and payment, and for handling complaints and/or advisory notices. Your personal data and contact details will also be used to respond to your requests and questions. Please note that if you are already our customer, we will be able to send you commercial communications relating to services and products similar to those you have already obtained from the Controller, unless you express dissent. You may object to this use of your data by contacting the Controller and withdrawing your consent to this type of processing in accordance with your rights as a data subject as per Art. 15 and 16-21 of the GDPR. Full details of the rights of the data subject are given under specific points in the notice.
2) to transfer the data to third parties and recipients
Your personal data may be shared, for the purposes indicated in this notice, with:

  • associates and/or partners of the Consortium acting as independent Data Controllers.
  • persons authorised by the Controller to process the personal data required to carry out activities strictly related to the provision of services, provided that they have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality, and that they guarantee that the data will be processed in accordance with the GDPR.
  • persons typically acting as data processors, namely: i) persons, companies or professional bodies that assist and advise the Controller in accounting, administrative, legal, tax and financial matters or provide other types of consultancy; ii) persons delegated to carry out technical or computer maintenance; iii) credit institutions, insurance companies; iv) companies and institutions controlling, controlled by and connected to the Controller, provided this is only for administrative-accounting purposes connected with the performance of organisational, administrative, financial and accounting activities; v) Public or private clients; vi) Public Authorities, Administrations and Public Bodies.
  • persons and organisations to whom there is a legal obligation to transfer your personal data.

A complete, up-to-date list of Data Processors is held at the Controller's head office and may be obtained upon written request to the Controller at the address given in the section of this notice “Contact details”.

Data will be processed in accordance with the conditions of lawfulness as per Art. 7 of EU Reg. 2016/679 for the following purposes:
3) commercial communication activities
Your personal data are processed in order to offer you products and services additional to or better or more suited to your needs than those requested and purchased, and to send you commercial and promotional communications relating to the products supplied by the Controller and  invitations to events and fairs. Your data may be processed in this way only if you give your consent and until such time as you withdraw it.

Legal basis and legitimate interest
The legal basis of processing regarding the first two points is your freely-given consent to enter into the contract; in the third point, it is your optional consent. With regard to points 1 and 2, if the data requested are not provided it will not be possible to meet fulfil the aforementioned purposes. Personal data are processed lawfully where processing is necessary to fulfil a contract to which you are a party or to carry out any requested pre-contractual measures; processing is necessary to fulfil a legal obligation; consent is freely given.

Methods of data processing
Processing consists in the operations of collection, registration, organisation, storage, consultation, elaboration, modification, selection, extraction, comparison, use, communication, erasure and destruction of your data. These operations are carried out electronically and in paper format. Processing is carried out by the Controller and/or by persons authorised to carry out processing.

Recipients and categories of recipients of personal data
The data are processed within the company by parties authorised to process data for the purposes set out above under the responsibility of the Controller. The data in question will not be disseminated, but they will or can be communicated to public or private subjects in accordance with the terms reported above.

Data transfer to a third country
The Data Controller will not transfer the data to a third country or to an international organisation unless the Commission decides it is appropriate.

How and for how long your data are stored
Your data are processed by the electronic and manual means and tools used by authorised trained persons acting under the authority of the Controller for such purpose. The archives where your data are stored in paper and, in particular, electronic format are protected by effective and adequate security measures to counter any breach considered a risk by the Controller. The Controller will periodically and constantly verify the measures taken, particularly using electronic and telematic tools, to guarantee the confidentiality of the personal data they are responsible for processing, archiving and storing, especially where these fall into special categories. The personal data processed by the Controller are kept for the time needed to fulfil the activities relating to the management of the contract with the Controller and for up to ten years after its conclusion (Article 2946 of the Civil Code) or from when the rights dependent on it may be asserted (in accordance with Art. 2935 of the Civil Code), and also to fulfil any obligations (e.g. tax and accounting) remaining after the conclusion of the contract (Article 2220 of the civil code), in which case the Controller must retain only the data necessary to carry these out. Exceptions to this are those cases where the rights deriving from the contract are to be asserted in court, in which case the data (only those necessary for such purposes) will be processed for the time necessary to pursue these. With respect to activities not giving rise to contractual obligations, the Controller has the right to keep your personal data for a period of up to 48 months from the last activity in which you have expressed interest (for example: request for an estimate, request for information and registration). Where they are for recruitment purposes, your data will be kept for a maximum period of 24 months.

Rights of the data subject
Art. 15-22 of the GDPR provide you with the following rights in relation to the Personal Data you provide:

  • to access and request a copy (right of access);
  • to request rectification and/or erasure (right of rectification and/or erasure);
  • to obtain restriction of processing (mandatory provision of Art. 18 of the GDPR);
  • to object to the processing (right to object); you may exercise your right to object to the processing of your Personal Data - for direct marketing purposes - at any time, with the consequence that your Personal Data will no longer be processed for such purposes;
  • to receive your personal data in a commonly-used structured format and to have the data transferred without hindrance to another Data Controller, where technically feasible (right to data portability).

If you wish to exercise your rights and/or withdraw your consent you may contact us at We remind you that you have the right to lodge a complaint with the supervisory authority in the Member State in which you currently reside (Italian Data Protection Authority - 

Purposes other than processing
If the Controller intends to process your personal data for purposes additional to those for which they were collected, before doing so the Controller will provide you with information concerning this purpose and any further relevant information.

The holder does not use automated profiling processes.


Information regarding navigating the website

This information is provided in accordance with the Personal Data Protection Code (Legislative Decree No. 101/2018) and the GDPR (Regulation (EU) 2016/679) and describes how the site is managed with reference to the processing of users’ personal data. Processing is always based on principles of lawfulness and fairness in compliance with all current regulations, and appropriate security measures are taken to protect the data.
The information relates only to the website and no other website, not even those that may be accessed from this site via links. As this information is subject to changes and updates, we advise that you regularly check it.

Data Controller
The Data Controller is the Consorzio Turistico Piana Rotaliana Königsberg ETS, with registered offices in Corso del Popolo, 35 - 38017 Mezzolombardo (TN), Italy, Tel. +39 0461 1752525, – mail: – Pec:

Data processed and purposes of the processing
Navigation data. During normal operation, the computer systems and software procedures used to operate this website acquire certain personal data, the transmission of which is implicit in the use of Internet communication protocols. This information is not collected with the intention of being associated with specific individuals, but by its very nature it could, through elaboration and association with data held by third parties, allow the user to be identified. These data are used for the sole purpose of obtaining anonymous statistical information regarding the use of the site and to check it is functioning correctly. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the site. The legal basis is the user's choice to navigate the site.

Data provided by the user. Other personal data, such as email address or name and surname, may be entered directly and freely by the user/navigator. These data are used for the following purposes:

  • to respond to your requests or questions;
  • to send via email other information and communications that may be of interest to you;
  • to create, publish and improve those contents that are most relevant to the user;

When you subscribe to the newsletter, these data are acquired and processed with the aim of sending you informational and promotional material. The said data may be processed in both electronic and paper format. The legal basis is the user’s consent (by filling in the appropriate form) or (in the case of emails or phone calls the user may make without filling in the form) the need to respond to the user’s requests.

Email. Voluntarily sending emails to the addresses displayed on this site entails the subsequent acquisition of the sender's address, which is required to respond to requests, and any other personal data included in the message. In accordance with EU Regulation 206/679, the data provided are strictly confidential and will be used solely and exclusively by the Controller or persons authorised by the Controller.

Cookies. The website does not use cookies to acquire personal data.
The website does not use cookies to transmit information of a personal nature, nor does it use persistent third-party cookies of any kind, nor user-tracking systems. The use of third-party session cookies (which are not permanently stored on the user's computer and are deleted when the browser is closed) is strictly limited to the transmission of session identifiers (consisting of numbers randomly generated by the server) required for safe, efficient browsing of the site.
The third-party session cookies used on this site do not make use of other technologies that could compromise the user's browsing privacy and do not allow personal identification data to be acquired.

Categories of recipient
The data collected will not be disclosed to third parties nor disseminated.

Obligatory nature of certain data and consequences of not providing them
It should be noted that if the user chooses not to provide certain data or to disable cookies, some of the site’s functions may not be usable.

Transfer to a third country or an international organisation
The data provided may be transferred to a third country only if the European Commission decides it is appropriate.

Duration of the processing
Personal navigation data processed for the above-mentioned purposes will be kept for the time needed to carry out the service. The data provided by the user to subscribe to the newsletter will be processed until consent is revoked through the appropriate link in each email.

Users’ rights. How to access, correct and erase your personal information
Under the law on the protection of personal data, you, the user, are entitled to:

  • access and obtain a copy of your personal data: you have the right to request confirmation that any type of personal data are processed. In this case, you will have access to your personal data and some information on how they are processed. In some cases, you may request an electronic copy of your data;
  • right to rectification of personal data: where you are able to demonstrate that your personal data are incorrect, you may request that these be updated or rectified;
  • right to data portability (applicable only to data in electronic format), as per Art. 20 of the GDPR;
  • right to be forgotten/deleted: under certain circumstances, you have the right to have your personal data deleted. The request may be presented at any time and the Controller will assess whether this may be granted. However, this right is subject to any legal rights or obligations that may provide for the retention of the data.

To exercise your rights, you, the user, can write to the following email address: Given that the processing of your personal data is based on your consent, you also have the right to withdraw your consent at any time. Withdrawal of consent does not affect the legality of any processing based on consent given before such retraction. You may also lodge a complaint with the Privacy Guarantor regarding the processing of personal data.

Send a request

for information to