Privacy and Cookies Policy
1. Introduction to the website of Raffaella Cortese SRL
Introduction to the website of Raffaella Cortese SRL (hereinafter, “GRC”).
The privacy notice is provided exclusively for the Website and is not applicable to any different sites to which the User may be redirected by links inside the Website, which redirect to portals and computer systems managed by third parties whose ownership, methods and purposes GRC is not party to.
2. Data Controller, External Data Processors and Data Processors
The Data Controller is Raffaella Cortese SRL, registered office in 20129 Milan, Via Alessandro Stradella 7, Tax Code and VAT No. 04036340968.
GRC independently determines the purposes and methods of the data processing operations, and also the data security procedures to be applied in order to guarantee the confidentiality, integrity and availability of Data.
The complete and updated list of Data Processors may be consulted by contacting GRC.
The following email address is available for any further information: firstname.lastname@example.org.
3. Persons/entities that can process the User’s Data
To process the User’s Data, GRC avails of third parties who are carefully selected, are trustworthy and reliable and have adequate experience and expertise for the assignment, and they are able to guarantee full compliance with applicable regulatory provisions on the processing of personal data, including provisions on personal data security. These third parties have been carefully selected and appointed based on the nature of the tasks that GRC assigns to them, and they act under the control of GRC and in accordance with the latter’s instructions.
4. Purposes of the data processing
Navigation inside the Website is free and requires no special access or authentication credentials.
GRC may request the User to insert his/her Data (for example: name, surname, and e-mail address) in the special registration field, to facilitate the provision of specific services (hereinafter, the “Services”), such as:
– the periodic transmission of newsletters containing news about GRC’s activities, such as e.g. exhibitions and events at GRC spaces, cultural and artistic events, GRC’s participation at art fairs, special initiatives, informations about GRC (hereinafter, “Newsletter”).
GRC provides a full privacy notice at the registration stage, which the User must accept in order to be able to access the aforementioned Services.
5. Data processing methods and duration of the Data Processing
Data will not be communicated to third parties unless such communication is required by law, or is necessary in order to achieve legally sanctioned purposes for which the Data Subject’s consent is not required.
The duration of the data processing is indicated in the privacy notice for the processing of Data, in each individual section thereof.
6. Data security
GRC puts in place adequate data security measures pursuant to EU Regulation 2016/679 in order to prevent the loss or unlawful or incorrect use of Data, as well as unauthorised access thereto.
GRC reserves the right to delete any accounts and all associated Data if they are found to contain material that is unlawful, detrimental to the image of GRC and/or of its products/services or of third parties, or that is considered offensive or promotes illegal or defamatory activities, or that has pornographic content, incites violence or promotes discrimination on grounds of race, gender, religion and sexual orientation.
7. The User’s rights
The User will, at any time and without charge, be entitled to access his/her own Data, to receive his/her own electronic Data and transmit such Data to another data controller (“data portability”), and also to have Data corrected, updated, modified or erased (subject to any legally applicable exemptions). The User will be entitled to update data which he/she supplies to GRC by contacting the latter at the address provided below. Requests for the erasure of data are regulated by applicable legal obligations including data/document retention obligations to which GRC is subject.
The User will be entitled to contact the Italian Data Protection Authority if he/she considers that the procedures for managing his/her Data are problematic or questionable.
In order to exercise these rights, the User may send a request to GRC by email to email@example.com or send a letter by post to the following address: Galleria Raffaella Cortese, Via Alessandro Stradella 7, 20129 Milan. When contacting GRC, the User should include his/her name, e-mail address, postal address and/or telephone number(s) in order to facilitate GRC in properly managing your request.
The User is invited to regularly verify and update his/her Data in order to assist GRC in offering the Services to the User. The User may access and amend his/her Data by contacting GRC at the addresses indicated above, in order to receive support in such updating operations.
If a User, who has previously authorised the processing of his/her Data in order to make purchases in the Shop section of the Website and/or to facilitate the transmission of Newsletters, wishes to revoke his/her consent or to manage his/her preferences, he/she can transmit a simple request to GRC to this effect, as indicated above.
GRC does not use marketing or profiling cookies on the Website. However, GRC may receive “technical” cookies while the User is browsing the website, such as:
- “Navigation or session” cookies i.e. text files of a technical nature which facilitate correct site functionality and enable User recognition (if the User so desires, by activating the relative functionality) when he/she next accesses the website;
- “Analytical” cookies, used to collect information in anonymous and aggregate form for statistical purposes;
- “Functionality” cookies, which can facilitate e.g. the use of the Services (such as access to the Viewing Room).
GRC uses the following cookies in particular:
vroom[ID]: first-party, technical cookies used to access the website’s Viewing Room.
cookielawinfo-checkbox-necessary: third-party, tecnical cookies to register consent to GRC’s cookie poliycy.
_ga: third-party, analytical cookies used by Google Analytics for analysis of visits. Duration: 2 years.
_gat: third-party, analytical cookies used by Google Tag Manager for analysis of visits. Duration: 10 minutes.
_gid: third-party, analytical cookies used by Google Analytics for analysis of visits. Duration: 1 day.
Cookies may also be installed inside the Website by third parties or social networks: the parties understand that GRC, by law, has no control over these cookies and has no privacy notice obligations or consent obligations; the updated links to the privacy notices and the consent forms of said third parties are provided below:
Cookies may be enabled and disabled using one’s own browser settings. However, disabling functional cookies could cause malfunctions or Website and/or services restrictions. The procedures offered by the main browsers can be accessed below: