Skip to content


In accordance with Art. 13 of EU Regulation no. 2016/679 dated 27 April 2016 (hereinafter referred to as GDPR), Roma Congressi S.r.l. (hereinafter referred to as “Data Controller”) provides the Data Subject – an identified or identifiable natural person – with the following information concerning the way personal data are protected.
This information notice aims to describe the personal data processing details and the measures adopted to protect the rights of data subjects.

The Data Controller

The Data controller is Roma Congressi S.r.l., domiciled and headquartered in Roma, Corso Trieste n. 165 – 00198 – VAT 01654761004 – Tax Number 06955000580.
Email address:

Categories of Data

The Data Controller processes the following personal data:

  • Data identifying the user, such as IP addresses and domain names
  • Data on the use of this website
  • Data that the user voluntarily provides (identifiers) to access specific services provided by the website. For more details, users are kindly requested to refer to the information provided in the specific sections of the Site, e.g. “Contacts”.
  • As regards the use of cookies, they are little text files that are automatically generated in the user’s computer when browsing the Site. Some of them – for example session cookies – are automatically cancelled upon closing the browser session. Other cookies instead are recorded and stored in the user’s computer, for instance with a view to automating access to the website’s restricted area. Users have the faculty of allowing their identifiers – user ID and password – to be stored in one of these files.

Purposes for the Processing of Personal Data and Time of Retention

The Data Controller processes the user’s personal data for the following purposes:

  1. Managing the proper browsing of the website;
  2. Conducting an assessment in an anonymous and statistical form on the way the website is used by users;
  3. Investigating possible offenses by users against third parties or the Data Controller.
  4. Complying with European and national legislations and the provisions issued by the Italian Data Protection Authority.

The user’s personal data is processed with a view to fulfilling the above-said Purposes and will be stored as stipulated in the specific notes (e.g. cookie policy)

Legal grounds for the lawful processing of personal data
The legal grounds relied on to process personal data are the following:

  • Consent given us by the Data Subject.
  • The legitimate interest of the Data Controller

Processing methods
The user’s personal data is processed with a view to fulfilling the Purposes specified in this policy statement in digital format.

Mandatory or optional provision of personal data

Please refer to the specific information contained on the Site.
To stop tracking cookies, you are requested to configure your Internet browser accordingly. However, it may prove to be necessary to store cookies on the user’s computer in order to access some parts of the Site.

Recipients of your Personal Data
The user’s personal data will be processed by the following parties according to the principle of strict indispensability:

  • The Data Controller’s staff, who act and process data under the authority and instructions of the Data Controller, pursuant to Art. 29 of the GDPR, or the employees designated by the Data Controller in accordance with Art. 2 quaterdecies of Legislative Decree 101/2018.
  • Individuals or legal entities resorted to by the Data Controller to perform activities that are instrumental to achieving its Aims (for example, software vendors, cloud partners, data centres, IT consultants). Third parties who access the information will do so in compliance with the current legislation on the protection of personal data and the instructions given by the Data Controller and will in any case be appointed Data Processors by the Data Controller.

Dissemination of Data

Data will in no way be disseminated.

Rights of the Data Subject

The GDPR awards the Data Subject specific rights. The Data subject can exercise the following rights for each data processing operation:

  • The right of access – You have the right to obtain a copy of your personal data in our possession subjected to processing.
  • The right to rectification – You have the right to ask for the rectification of your personal data stored by the Data Controller if it is not correct or updated.
  • The right to object – You have the right to object to the processing of your personal data for commercial purposes. You can ask the Data Controller to stop sending you ads at any time.
  • The right to object – You have the right to object to any decision based on totally automated processes: you can ask not to be the recipient of decisions exclusively made on the basis of totally automated processes, including profiling activities.
  • The right to withdraw consent – You have the right to withdraw the consent given to the processing of any information at any time.
  • The right to lodge a complaint with the Data Protection Authority – You have the right to lodge a complaint with the Data Protection Authority to protect your personal data in case you have concerns about the way the Data Controller is handling your personal data.

In certain conditions, the Data Subject can also exercise the following rights:

  • The right to erasure – You have the right to obtain the erasure of your personal data stored with the Data Controller if the purposes of data processing no longer exist, there is no legitimate interest on the Data Controller’s part and it is no longer necessary to comply with a legal obligation.
  • The right to object – You have the right to object to the processing of your personal data and ask the Data Controller to discontinue a certain type of processing.
  • The right to restrict processing – You have the right to restrict the scope of the Data Controller’s processing of your personal data.
  • The right to data portability – You have the right to receive a copy of the Data in a structured, commonly-used and machine- readable format which can be accessed by another controller.

To exercise the aforesaid rights, the Data Subject can send an email or write to the following address, specifying his/her requests and providing the Data Controller with the information needed to correctly identify the sender (by also attaching thereto a copy of his/her ID document) to the following addresses:

  • by e-mail:
  • by ordinary mail: Roma Congressi S.r.l. – Corso Trieste n. 165 – 00198 – Rome, Italy

Roma Congressi S.r.l. will reply within a month. In the event that the Data Controller is unable to respond, it shall provide a detailed explanation as to why the Data Subject’s request cannot be met.

Back To Top