Privacy Policy

In compliance with the new GDPR - EU Privacy Regulation 679/2016, we provide you with the following information on how Italian Exhibition Group SPA ("IEG") processes your personal data.

The processing includes the following:

• collection (on paper/hard copy, by computer and telematic means, by telephone - also through apps made available to the data subject by the Data Controller - and/or by e-mail, or from public registers, lists of deeds and documents and/or public and/or private databases (commercial information companies);
• recording, organisation, storage and processing on paper/ hard copy, magnetic, automated or telematic supports, processing of data collected from third parties, amendment, selection, extraction, comparison, use, interconnection also with data of other entities on the basis of qualitative, quantitative and temporal criteria, recurring or definable from time to time, temporary processing aimed at a rapid aggregation or transformation of the same data;
• profiling ("basic");
• soft spam;
• communication, dissemination, erasure and destruction of data, or combinations of two or more of the above operations.

Processing shall in no case include the adoption of fully automated decisions by the IEG.

Any information relating to an identified or identifiable natural person ('data subject') shall be considered personal data; an identifiable natural person is one who can be identified, directly or indirectly, by reference in particular to his or her name, identification number, location data, online identifier or to one or more factors specific to his or her physical, physiological, genetic, mental, economic, cultural or social identity.

In the event that the user or organization to which the personal data relate, is a natural person or a sole proprietorship company, the same are defined as "data subjects" for privacy purposes. In any other case (e.g. corporations) the information relating to natural persons of the company is considered personal data with limited effects regarding the application of the substantial rules on disclosure obligations and obtaining prior consent to processing, only if processed for profiling and direct marketing purposes of:

1. users of the web services accessible from the web site under the domain www.iegexpo.it and/or any other subdomain of IEG;
2. clients (e.g. exhibitors, buyers, other visitors), suppliers, journalists and media representatives, third party partners;
3. other general users of the website (who are the data subject and/or another person who is presumed to have given the relevant authorization).

The rules set out here apply when you access our sites, browsing inside the web pages even without registering and without filling in or entering data in web forms. These rules do not apply to any websites operated by third parties that may be accessible by the user through links contained in our sites.

Index of topics (you can navigate between them by placing the mouse on the list and clicking on the text)

• Types of data
• Logics and forms of processing. Security measures.
• Purpose of processing
• Legal basis of processing
• Mandatory or optional consent
• Does the consent of the data subject to the processing for profiling and direct marketing purposes also apply to the communication of data to third parties?
• Legal exceptions to the need for your consent for marketing purposes
• Disclosure of data to third parties
  
• Dissemination of data
• Mergers and other events involving automatic transfer
• Data transfer abroad
  
• Period of data retention
• Data controller
• Rights of the data subject
• Changing the policy

types OF data

Through the web forms available on the sites, we never ask you for "particular" personal data (personal data disclosing racial or ethnic origin, religious, philosophical or other beliefs, political opinions, membership of parties, trade unions, associations or organizations of a religious, philosophical, political or trade union nature, as well as personal data disclosing health and sexual orientation) or "criminal" (data on criminal records, or relating to the status of defendant or suspect, etc.). The data we process can be of three general categories: navigation data, data provided in an active form by the person concerned and data collected from third parties.

Navigation data

When you access this website or use our services (including in mobile mode, via smartphone or tablet), the computer systems and software procedures used to operate the website acquire, during their normal operation, some information about you, qualifying as "personal data" the transmission of which is implicit in the use of the Internet communication protocols.

These include the hardware model, operating system and version, information on the mobile network and the country of access, the time of the request, the method used to submit the request to the server, the access time, the size of the file obtained in response, the numeric code indicating the status of the response given by the server (successful, error, etc.), details of the itinerary followed within the web pages with particular reference to the pages visited and other parameters relating to the operating system and computer environment of the user (browser used, version, geographical location, last page visited before accessing the services of the IEG Site) and unique device identifiers (e.g. IP address or domain names of computers used by users, address in notation URI - Uniform Resource Identifier, MAC address - Media Access Control).

This information is not collected to be directly associated with identified data subjects, but by its very nature could, in theory, through processing and association with data held by third parties (in particular, third-party providers of Internet connectivity services), allow users to be identified.

However, these data are only used by us to obtain aggregate and anonymous statistical information on the use of the site, to better understand the user's browsing behaviour in order to provide the user with a better browsing experience, to make the technical functions of the site possible, to monitor and optimize its operation, to improve the quality of services offered by the site and ensure the maintenance of its database and IT infrastructure support.

After such anonymous processing, these navigation data will be deleted within 12 months of the date of collection.

Navigation data may also be used to ascertain responsibility in the event of crimes against the Site or committed through the Site (attempts at malware, spamming, unauthorized access to computer systems, etc..) and in this case the retention lasts for as long as necessary to protect the rights of IEG and/or third parties.

IEG complies with the provision of the Supervisory Authority dated 8 May, 2014, which implemented the European Directive 2009/136/EC by requiring operators of web pages to publish a privacy notice regarding the cookie policy of the Site browsed by users. IEG invites you to view and read the following link; here you will find useful information to understand, identify, use or delete the cookies used on our website and the legal requirements relating to privacy and to them.

Data actively provided by the user

Defined as such is:

• information sent by users on an optional and voluntary basis to the email addresses indicated on the Site or by filling out web forms for data collection and/or other features on the site to access or register for, or to use services or content or to purchase services and products accessible on the Site (e.g. participation in events or campaigns; purchase of the magazine VIORO, purchase of TrendBook, etc. ...) or to participate in initiatives promoted through the Site (e.g. business matching between exhibitors and buyers).
  This information may include, for example, your name and  surname, date of birth, name or company name, physical address of residence, domicile or place of business, nationality, business organisation or trade association to which you belong, email, certified mail account, mobile phone number, fax, product sector, VAT or social security number, shipping or billing address, credit or debit card number, information on the means of payment used, and other personal data such as attachments to messages sent by you to IEG.
• personal data provided by users who request the sending of news and/or information material ("newsletters");
• personal data provided by users who submit on-line job application proposals ("curriculum vitae", etc.).

The email boxes corresponding to the addresses indicated on our sites and any other email box of IEG, are not personal even when they show the name and/or surname of a natural person (always followed by the suffix @iegexpo.it). They belong to the company organisation and have the primary purpose of enabling the effective performance of work activities within the companies of the IEG Group. This means that the messages forwarded to the IEG Group's email accounts may be known not only by the recipient, but also by other people in the organisation.

Providing data for specific purposes (e.g. newsletter subscription, information requests, registration to restricted areas, purchase of services/products, customer care, direct marketing, profiling) involves entering the data into our Customer Relationship Management (CRM) computer system dedicated to the management of customers, suppliers and other contacts, which is accessed only by staff authorized by IEG. The CRM is based on cloud services subscribed to by IEG and provided by third party providers (SALESFORCE, SUGAR, HUBSPOT), whose servers are located in the EU and/or in non-EU countries.

Data collected from third parties

IEG also uses the websites of third-party partners that work with IEG to collect and record customer/client data (exhibitors and visitors).

Logics and forms of processing. Security measures.

The logics and forms of processing organization will be strictly related to the purposes respectively indicated above. The processing will take place using electronic, telematic and/or paper media. Processing will be in compliance with the principles of fairness, lawfulness, transparency and proportionality and any legislation on the subject.

The processing of personal data and information of the data subject is subject to appropriate security measures to ensure the integrity, security and availability of the same.

In the case of manual processing, the data are processed at IEG's operational offices and in any other place where the offices of any Joint Data Controllers or external data processors authorised by the Data Controller are located.

We store all the personal information we receive in databases protected by an encrypted password that is within our secure network, located behind the active advanced firewall software. The data managed at computerized level, can be consulted only by having access to the various processing programs or data entry, by the entering of personal passwords only by staff members authorized by IEG who need to be aware of such data for the performance of their usual duties (e.g. legal, commercial and marketing, administrative, logistics, IT, management control, etc.). In any case, staff must comply with predetermined written restrictions on use imposed by IEG (e.g. confidentiality obligations). Data are subject to daily back-up procedure and safe custody mode, with off-site replication.

Our Web Services support secure HTTP protocol (HTTPS) connections with 2048-bit encryption and TLS v1.x protocol (PCI DSS Compliance).

We reserve the right to conduct security checks at any time (e.g. log analysis) to validate your identity, age, registration data provided by you and to verify your use of the services and your financial transactions as well as to verify possible breach of the Terms of Use of the IEG Website and applicable law.

To facilitate these security checks, you agree to provide such information or documents at our request.

Our staff, agents and suppliers may use your personal information and disclose your personal data to third parties for the purposes of validating the information you provide to us when using the services.

Our software package - to access and use the services - contains certain features designed to detect the use of automated programs that allow the use of artificial intelligence (non-human) to register on our Site. The use of such software programs of the 'bot' type breaches our Terms of Use, and IEG therefore reserves all rights to compensation for damages resulting from such conduct.Our software package - to access and use the services - contains certain features designed to detect the use of automated programs that allow the use of artificial intelligence (non-human) to register on our Site. The use of such software programs of the 'bot' type breaches our Terms of Use, and IEG therefore reserves all rights to compensation for damages resulting from such conduct.

Purpose of processing

The navigation data relating to users are processed by IEG to manage access to the portal and the services it provides, manage technical practices, carry out all activities necessary or useful for the constant improvement of the service provided, and to ascertain responsibility in the event of crimes against the Site and/or crimes committed through the Site. Specific additional purposes relating to individual processing may be identified in detail, through additional information, within the various services included in the Site.

Data other than navigation data are processed by IEG for primary and secondary purposes.

Primary purposes are:

1. to satisfy pre-contractual requirements (e.g. solvency checks and customer risk control, e.g. fraud also by means of data from public registers, lists, deeds or documents, to instruct and process the specific requests received from the data subject to send information material such as bulletins, newsletters, answers to questions, notices, sending of offers, specifications or price lists, etc.), and to allow users to register on the site and access services and/or purchase products/services;
2. to manage contracts with the data subject (supply or purchase of products and/or services such as the allocation of exhibition space and the sale of additional optional services, the sale of advertising space not linked to events, the after-sales management of warranty claims, the protection of IEG during litigation and to assert or defend a right in court) and/or obligations provided for by law, by regulations or by EU legislation (e.g. accounting; tax formalities, administrative and accounting management; fulfilment of obligations regarding electronic communication services as provided for by Legislative Decree no. 70 dated 9 April 2003; management of obligations for certification of events organised by IEG vis-à-vis the competent bodies);
3. to carry out activities relating to the management of customers/clients and suppliers, for the legitimate interest of IEG or third party recipients of the data, such as: management of credit lines and risk control (illicit prevention, insolvency, etc.); management of litigation and assignment or credit insurance; financial and insurance services instrumental to the management of customers/suppliers; management of electronic payment services; management of warehouse, logistics and transport; management of after-sales service extra warranty (via telephone, email and / or contact form on the Site); activation by registration, and subsequent management and technical maintenance and security, of the online account of the person connected to the IEG website for access to the same and/or services made available therein (e.g. e-commerce) and password or similar authentication credentials; management and use of exhibitor lists and personal data; sales management (pre-sale and sale of tickets online and on site, issue of free tickets); management of relations with customers, buyers, other visitors, journalists, VIPs (e.g. military, politicians, groups, others) such as control and registration of access and accreditation; management of personnel of suppliers responsible for security services; production and distribution of online and paper catalogues of exhibitors;
4. to carry out other IEG organisational and production activities based on a legitimate interest of IEG such as quality system management, management control, general planning of strategic and operational marketing activities, VIP master data management (e.g. for special conditions such as discounts, cards, quick access), production, printing and dissemination of promotional publishing materials on paper or via the web (e.g. house organ), the management of accreditation and involvement of communication bodies, the media and representatives of services connected with the performance of journalistic activities; the management of video surveillance; the management of information points (info points) for exhibitors, buyers and visitors; the management of certification requirements for events organised by IEG with regard to AEFI - Associazione Enti Fieristici Italiani; the management of internationalisation (organisation of non-EU events: please read the section "data transfer abroad"). In some cases, we also ask for your personal data (e.g. photographic images and video-audio) to allow you to participate in events, competitions and thematic initiatives of an extraordinary and temporary nature, which by their nature provide for the communication and dissemination of such data. In these cases, we will notify you by asking you to give your express and specific consent.

Secondary purposes or soft spam (subcategory of direct marketing) are:

1. Basic profiling: (by which is meant the automated processing of personal data consisting in the use of personal data to assess certain personal aspects relating to a natural person, in particular to analyse or predict aspects relating to (...) the economic situation, (...) the personal preferences, interests, reliability, behaviour, location or movement of that natural person. Profiling is a relevant activity for privacy purposes only if it specifically concerns natural persons, therefore when the same operations described herein concern information relating to entities other than natural persons, the privacy policy does not apply and therefore these operations can be carried out by IEG without constraints.
   We process the data to also analyse in a predictive way and/or create groups of natural persons divided by market segments based on a minimum set of elements. For your profiling we analyse the data that you  provide when you use our services (e.g. to request our newsletter or to make purchases, or at the time of your registration or later). In particular, we operate a so-called basic profiling, i.e. not particularly invasive of the privacy of the data subjects, since it is limited to the following data (which for convenience we list in relation to the individual categories of data subjects to which they refer):
   
   1. in the case of exhibitors: name and surname, company name of the organisation to which they belong, contact details, residence or head office, country of origin, website, sector of activity, type of product or service offered, annual promotional/advertising budget, type of distribution - shop, department store, concept store, markets of interest, brand;
   2. in the case of buyers/visitors: name and surname, company name of the organisation to which they belong, contact details, work position and level of responsibility of the contact person, residence or head office, country of origin, website, year of establishment of the company, turnover, number of employees, sector of activity, percentage of business connected to Italy and abroad, Italian and foreign regions of interest, main categories of products or services of interest to the buyer and/or marketed by the buyer (also in terms of percentage of sales by geographical area), categories of customers of the company, purpose of the visit;
   3. in the case of journalists: name and surname, contact details, sector and newspaper to which they belong, country of origin, language;
   4. in the case of event/congress/meeting speakers: name and surname, contact details, sector, profession/topics covered.
   
   In some cases, if you are a customer or prospect, we associate the data you provide to us with additional personal data collected about you while you are visiting our websites or while using the services provided by those websites (e.g. cookies relating to the pages of our website you have visited, the country from which you are connecting) or through other communication channels (e.g. social media) or through services of massive sending of commercial emails (e.g. which messages you have received, which emails you opened, which proposals you accepted through specific actions such as that of opening an attachment or adhering to our request to link to landing pages or attachments to the email message, etc.).
   
   Profiling allows us, in particular, to limit the sending of promotional communications not relevant to your likely expectations and needs or through undesirable channels.
   
   We sometimes associate the above-mentioned data with the following additional data:
   • log data related to your navigation on our websites or to the use of the services provided by our websites (e.g. cookies)
   • data collected through other communication channels (e.g. social media linked from our site, with which you interact).
   
   Such basic profiling activity has a dual purpose: to better understand customers, both by dividing them into groups and considering them individually, and to analyse the effectiveness of marketing to develop and update products, services and offers in line with the preferences of our targets.
   
   Basic profiling aims to align the services and goods offered by IEG with current and potential demand, measure the results of specific promotions, take corrective actions to improve business results (e.g. reducing the risk of investing resources in theme areas marginal to the target) and the effectiveness of business processes (e.g. ascertaining how many messages and promotional content we have sent you have been seen and clicked by you), limit the sending of promotional communications not relevant to your likely expectations and needs or through undesirable channels). This means that IEG does not send the same offers to all data subjects and will be able to send you advertising communications as close as possible to your tastes and interests or preferences, or through the contact methods you prefer, improving your shopping experience, even for your own benefit.
   
   Basic profiling allows us, moreover, to identify and manage the correct positioning of the exhibitor's stand within the different thematic areas of the Event, facilitate meetings between buyers and exhibitors during the Event through the creation of an agenda of meetings between operators based on the automated matching of specific supply and demand.
   
   IEG also uses the data to advertise services and products on social media to other people who have a similar profiles to yours and who may therefore be the most interested in what is offered. In this case, however, IEG does not know the names of the recipients of the promotional measures.
   
   Basic profiling does not imply your exclusion from specific advantages or from the possibility of freely exercising your rights in relation to personal data processed by IEG; in particular, it does not affect your ability to participate in the Events and/or take advantage of our trade fair and/or congress/convention services) (e.g. on-line pre-registration, off-line purchase).
   
   
2. Sending, through any electronic means of communication (e.g. email, text message/sms, instant messaging such as Whatsapp and Telegram, social messages) and through traditional methods (e.g. ordinary mail), commercial communications, advertising and offers to sell products/services similar to those of interest to the customer/prospect or related to products/services for trade fairs/congresses and/or related to them (e.g. industry publishing, championships/competitions, etc.) - on the whole activities defined as "soft spam".
   For further information, see the following chapter "Legal basis of processing".

Mandatory or optional communication of data and consequences of failure to provide

For the primary purposes of processing (provided for above from 1 to 4) processing is lawful even without the consent of the data subject. The provision of data to IEG is mandatory if they are necessary for the fulfilment of legal obligations and failure to provide such data in this case will make it impossible to enter into a contract with you and/or the organization to which you belong.
In other cases, you are free not to provide us with the data, but in this case IEG will not be able to carry out the pre-contractual relations requested by you (e.g. processing of requests for information), register you on the Website and/or provide the services or products in relation to which IEG requests registration and/or the provision of data.

The non-registered user may browse the Site and view only the contents and materials available without registration.

In relation to the secondary purposes of processing (limited to the communication of data from IEG to third parties for the same purposes), your consent is always optional (free and deniable).

cases of simplified consent or Exemptions from the consent requirement for direct marketing purposes

Please note that the Privacy Code allows so-called "soft spam". This means that without having to acquire your express consent, IEG uses the e-mail address and other data that you have provided us with in the context of a previous purchase of services, participation in events, interest in our services, to send you, through email, text messages, instant messaging such as Whatsapp or Telegram, commercial communications and sales offers, provided they relate to products and services (ours and/or of third partners) similar to those of your interest and/or related to them. In general, these activities are referred to as "soft spam".

Upon receipt of any promotional communication made by IEG for the purposes already provided, you will be informed of the possibility of unsubscribing, in which case you will no longer receive promotional communications relating to the event from which you have unsubscribed or from the IEG function relating to communications concerning and sent by the function itself.

In the event of IEG so requesting - for direct marketing purposes other than soft-spam (i.e. to be able to send commercial communications through channels other than those used in the aforementioned soft-spam) - IEG will ask for your prior consent.

Revocation of consent

Even after you have given your consent to the processing of data for the aforementioned direct marketing, as a data subject you may at any time notify IEG of a different desire, through one of the following alternative methods:

• by clicking on the "unsubscribe" button, made available to the user at the bottom of the promotional emails sent to the data subject, an email will automatically be sent to IEG and consequently the name of the data subject registered in a special black-list (managed by our software MAGNEWS), preventing further future direct marketing actions by IEG towards the same;
• by sending a declaration of revocation of consent to IEG by ordinary mail or email (which in this case will be manually recorded in the MAGNEWS software by IEG and in the CRM of the Company). This method of communication is always necessary if the data subject wishes to express a more analytical selective will, either regarding the use of certain individual means and not others (e.g. only paper, only electronic, rejecting that sent by automated systems, etc.) for the reception, with prior consent, of marketing communications of IEG, or regarding individual marketing purposes among those actually feasible (for example, choosing to receive only newsletters and not invitations to our Events);
• by sending, without formalities, a clear communication by telephone that consent has been withdrawn to IEG. Upon receipt of this opt-out request, IEG will remove and delete the data from the databases used for processing for direct marketing purposes and, where possible, inform any third parties to whom the data have been communicated for the same purposes of such deletion.
• If you wish to revoke your consent to any advertising communications that come from social channels (e.g. Facebook, Twitter, etc.), you must directly notify the revocation to the individual social platform, in the manner made available from time to time by the same and/or by the browser you use (IEG not being technically able to affect for such purpose the social platforms of third parties).

The above objection will not have any effect on the provision of any ongoing contract activities.

In the event of IEG requesting your telephone number and of your having given your consent (optional, optional and specific) to this direct marketing purpose, IEG may process it even if you have registered the user in the Public Register of Objections: because the number in this case is communicated by you and not taken from public telephone directories.

IEG may also process personal data, through the use of telephone calls with operator and the use of ordinary mail, for the above purposes of direct marketing other than soft-spam, without your prior specific consent (in which case it is always without prejudice to your right to object to processing in a simplified manner and also electronically through registration in the Public Register of Objections (http://www.registrodelleopposizioni.it) provided for by Presidential Decree 178/2010) of your fixed or mobile telephone number of which you are the holder and other personal data concerning you as a "subscriber" in paper and electronic directories available to the public.

Consent to the communication of data to third parties

IEG may also, only with your further, separate, additional, documented, express and optional consent, communicate or transfer the data to third parties who process them as Joint Data Controllers or independent data controllers (usually third party partners in the promotion of Events) and who use them at their own discretion for their own purposes of direct marketing or profiling. In the event of you not giving your consent, IEG may not disclose data to third parties for such purposes but will not interfere with the relationship -pre-contractual or contractual- between IEG and you or the organization to which it belongs.

Legal bases of processing

IEG may lawfully process the data for the following reasons:

• In the case of the primary purposes, processing is necessary, as the case may be, for the execution of pre-contractual measures taken at the request of the data subject (e.g. requests for clarification, sending of information or commercial offers), for the execution of a contract to which the data subject is a party, or for fulfilling a legal obligation to which EGF is subject (e.g. to allow verification of the correct fulfilment of legal and contractual obligations towards the data subject or towards third parties by the administrative and tax authorities, the audit board or the auditors, etc.).) and/or to pursue the legitimate interest of IEG (prevailing over the interests or rights and fundamental freedoms of the data subject) to process the data in order to effectively and efficiently manage the relationship with customers and/or suppliers and to organise the related production, organisational and management processes (including relations with its subcontractors and/or with parent companies, subsidiaries or affiliates pursuant to art. 2359 of the Italian Civil Code or with companies subject to common control).
• In the case of the secondary purposes of basic profiling and soft-spam, the processing is based on IEG's legitimate interest in promoting its products and/or services to current and potential customers, including on the basis of personalised, albeit non-invasive, criteria.
• In the case of secondary purposes consisting in the transfer of data to third parties,  processing is based on the prior consent of the data subjects (for further information see the following chapter "Communication to third parties".

Communication of data to third parties

IEG communicates your personal data to third parties only when this is necessary and functional to achieve the purpose of data processing pursued as a function of the service or product you requested. The communication to third parties is limited to the data strictly necessary for the respective purposes of IEG.

The third-party recipients shall process the data as:

1. "external data processors" (i.e. on our behalf and in accordance with our written guidelines aimed at ensuring compliance with privacy regulations during processing and under our supervision);
2. "Joint-Controllers" (i.e. on the basis of a written agreement governing their respective activities and responsibilities in relation to personal data);
3. "independent controllers" (in this case they will provide the data subject with all the necessary legal information on respective processing).

As part of the primary purposes and without prejudice to communication to third parties (e.g. tax authorities) made in execution of legal obligations or arising from regulations or other Community legislation, the data may be disclosed by IEG to all persons whose intervention in processing is necessary based on the performance required by the data subject and/or regulatory obligations, including but not limited to: other parent companies, subsidiaries or affiliates of the IEG group and/or third partners that perform activities functional or complementary to the provision of products or services requested by the data subject (e.g. organisational secretarial services, management of requests for information, estimates, orders, contracts, after-sales), third parties in charge of the execution of activities connected with and/or instrumental to the processing (such as sales agents, banks for the management of collections and payments, commercial information companies, debt collection companies, credit transfer companies, credit insurance companies, electronic payment service providers, couriers, carriers and forwarders, enveloping and mail forwarding companies, factoring companies, insurance companies, lawyers and law firms, accountancy experts, accountants, auditors and auditing firms, members of the supervisory body ex Legislative Decree 231/2001 in relation to organisational models aimed at preventing the committing of certain categories of crimes, auditors, third parties responsible for carrying out web hosting services and/or maintenance of this website and/or computer systems used by it and/or electronic files connected to the site, carriers and freight forwarders in charge of transporting goods, call centre service companies that provide customer support during the Events), public security authorities and computer forensics companies in the event of suspected crimes or other offences committed to the detriment of IEG and/or third parties.

To make a payment on the site, you can use the online Paypal service provided by the third-party provider. The user, to complete the purchase, must enter the required data in the screen of interest (e.g. credit card). Such data will be processed by the payment service provider (Paypal Inc. - click on the link: https://www.paypal.com/it/webapps/mpp/ua/privacy-full) which will act as an independent Controller, without passing through the server of IEG, which will only receive notification of payment.

In the case of processing for secondary purposes only (basic profiling, direct marketing limited to soft-spam), pursuant to provisions of the Supervisory Authority dated 4 July, 2013 containing the "Guidelines to combat spam" we will also communicate the data to: advertising and P.R. agencies, companies in charge of marketing analysis, advertising, communication and/or public relations agencies, design companies, press and maintenance of advertising or promotional publishing materials and/or manage them on-line, website production companies, web marketing companies, direct e-mailing service companies (e.g. Mail-ups or similar), call centre service companies with registered offices and operating centres in Italy, consultants and/or other entities to which we entrust activities necessary for these purposes; IT system maintenance companies on which our databases reside or through which they are processed; providers of electronic communications and ICT services; third-party commercial partners - even if operating in production sectors not included in the e-shop, for example other trade fairs or trade associations - with which IEG activates co-marketing or event management actions.

IEG may also share certain data (name, surname, email) with third-party social media platforms (e.g. Facebook, Google) that use them for the sole purpose of identifying other similar people who may be interested in IEG's services and/or products, so as to advertise them through social media platforms. In this case, IEG does not know the names of the data subjects contacted by the social media.

The data are processed within the IEG Customer Relationship Management (CRM) information system dedicated to the management of customers, suppliers and other contacts. This CRM is based on certain cloud services subscribed to by the IEG and provided by third-party providers (SALESFORCE.COM Inc., SugarCRM Inc., HubSpot Inc.), whose servers may be located in the EU or other non-EU countries (see "Transferring Data Abroad" section below).

For the privacy policy of the third provider SALESFORCE, see the URL: https://www.salesforce.com/eu/campaign/gdpr/. SALESFORCE.COM INC. is an American company registered with the competent US body under the EU-US Privacy Shield Convention (see URL: https://www.salesforce.com/content/dam/web/en_us/www/documents/legal/Privacy/privacy-shield-notice.pdf), which ensures the third-party provider complies with the security requirements of the personal data it processes.

For the privacy policy of the third-party provider SugarCRM INC. see the URL: https://www.sugarcrm.com/legal/privacy-policy. SugarCRM INC. is an American company registered with the competent US body under the EU-US Privacy Shield Convention (see https://www.sugarcrm.com/legal/privacy-shield-notice).

For the privacy policy of the third-party provider HubSpot INC. see the URL: https://legal.hubspot.com/privacy-policy. HubSpot INC. is an American company registered with the competent US body under the EU-US Privacy Shield Convention (see https://www.privacyshield.gov/participant?id=a2zt0000000TN8pAAG).

IEG has also signed specific agreements with SALESFORCE.COM INC. and HubSpot Inc. for the management of personal data, through which these third-party suppliers have undertaken with IEG to comply with rules that essentially ensure that processing takes place in accordance with legal requirements for the protection of data subjects.

Data dissemination

The data will not be disseminated, unless - contractually and by law - it is required to be published on the IEG website (e.g. publication of online or printed catalogues of exhibitors participating in an Event, publication of a list of winners of competitions or prize operations with a list of names).

Mergers and other events involving automatic transfer

In the event of IEG entering into bankruptcy proceedings (bankruptcy, composition, etc.) or transferring all or part of its business or division of which the personal data is part, or its shares, to a third party, or merging with a third party or substantially transferring all or part of its assets to a third party, such third parties involved may automatically acquire the availability of the personal data and all other information provided by the data subject to IEG. By using this website, the data subject consents to such transfer of information, as required by applicable law.

Data transfer abroad

The data shall be stored on the Controller’s servers located at the premises of the latter and/or on the servers in EU countries of companies providing outsourced IT services to the Controller (e.g. disaster recovery).

In the case of Events taking place in the U.S.A. organised by IEG and/or in which IEG participates with its own initiatives, the data may be disclosed by IEG to third-party recipients located in one or more of the United States of America; the transfer will be based:

1. on "Privacy Shield" bilateral convention in force between the EU (European Union) and the U.S.A., which obliges companies and other bodies that import such data into the U.S.A., and that comply with the convention, to apply a series of  measures for the protection of the personal data received or otherwise acquired and processed;
2. in the event of the importer of the data into the U.S.A. not adhering in advance to the Privacy Shield mechanism, in accordance with the rules provided by the same Privacy Shield, the transfer of data by IEG to the third-party importer in the U.S.A. will only take place after the U.S.A. importer has entered into a specific contractual agreement with IEG, containing standard contractual clauses that conform with the text adopted by the EU Commission, by which the third-party recipient, for the processing operations for which it is responsible, undertakes towards IEG, for itself and its employees, and for the final benefit of the data subject, to comply with privacy obligations substantially equivalent to those required of IEG by EU legislation.

Only if such a contractual transfer agreement with the third-party data importer in the USA is not possible or excessively expensive, shall IEG transfer the data to the USA only if (i) it is necessary for the execution of a contract concluded between the data subject and IEG or for the execution of pre-contractual measures taken at the request of the data subject; (ii) it is necessary for the conclusion or performance of a contract concluded for the benefit of the data subject between IEG and another natural person or legal entity (such other natural person or legal entity being normally an IEG branch or business partner established in the USA). Alternatively, IEG reserves the right to request specific consent from the data subject to the transfer of data to the USA.

In the case of Events taking place in other non-EU countries, organised or participated in by IEG, the transfer of data from IEG to third-party recipients established in those countries takes place, for the purposes of the information only, against adequate guarantees in the form of the prior conclusion by the third party importer of a specific contractual agreement with IEG, consisting of standard contractual clauses in line with the text adopted by the EU Commission, whereby the third-party addressee ("importer"), for the processing operations under its responsibility, undertakes to respect, for itself and its employees, privacy obligations substantially equivalent to those which IEG has to comply with according to EU law. Only if it is not possible or excessively expensive to conclude such a contractual transfer agreement, shall IEG transfer the data to a non-EU country because this is necessary for i) the execution of a contract concluded between the data subject and  IEG or for the execution of pre-contractual measures taken at the request of the data subject; ii) for the conclusion or execution of a contract entered into in favour of the data subject between IEG and another natural person or legal entity of the data subject (e.g. an IEG branch or partner established in a non-EU country). Alternatively, IEG reserves the right to request specific consent for the transfer of data to a non-EU country; the request is usually contained in the registration form for the Event.

OTHER CASES OF TRANSFER

IEG uses website management services, email and/or email direct marketing services provided by third-party suppliers based or located abroad; in this case, the data are transferred by IEG to the servers of these third-party suppliers abroad, in compliance with the guarantees provided by the GDPR (EU Privacy Regulation 679/2016) and therefore:

• on the basis of a decision of the European Commission declaring the adequacy of the level of protection of personal data guaranteed by the third country, (e.g. USA-Privacy Shield agreement) or,
• in the absence of such a decision, on the basis of appropriate guarantees in the form of ad hoc written agreements between the IEG and the third supplier, or in the absence thereof,
• on the basis of your consent, which in this case is requested by IEG using the appropriate forms for the collection of personal data.

The list of foreign third parties to whom the transfer is made (so-called "data importers") can be seen at this link.

Period of data retention

The Data Controller shall process the data for the time necessary respectively to pursue the relevant purposes as stated above, in particular:

• for 10 years from the date of conclusion of the contract (in the case of clients) or from the collection of the data of the data subject (in the case of prospects);
• for 10 years from the collection of the data of the data subject (in the case of clients and prospects);
• for 5 years from the publication of the product in the case of promotion of editorial products;
• for a period of 60 days, after the end of each Event, in the case of data made available at points of collection of requests for assistance communicated to us by visitors and exhibitors (including insurance desk, Info point and First Aid);
• for a maximum period of 2 editions of the catalogue for the data contained in the promotional catalogue (paper and/or digital) of the individual Events;
• until the end of the certification and therefore until the certification has taken place for the certification data of the Events;
• for 1 year after collection for data necessary for IT security purposes (e.g. log-in records, failed logs and log-outs when accessing restricted areas of Event-related IEG websites);
• for 10 years from the date of collection of the logs relating to the reading of IEG's online privacy policy and to the online actions (e.g. clicks, flags and the like) through which the communication to IEG of the data subject’s consent is made;
• In the event of a dispute between you and us or our third-party suppliers, we will process the data for as long as it is necessary to exercise the protection of our rights or those of our third-party suppliers, i.e. until the issuance and full execution of a legally binding measure between the parties or of a transaction;
• for 3 months from the end of the individual Event to which they refer for data related to the "Business Matching" service provided during the Events;
• for 3 months from the end of the individual Event to which they refer for data related to the drafting of letters of invitation for the application for consular visas (e.g. copy of passport, etc...).

Upon termination of the respective maximum period of time, the personal data shall be permanently destroyed or rendered completely anonymous.

The duration of retention of data collected by cookies is instead explained in the section "Cookie Policy".

Data controller

The Controller of personal data processing is Italian Exhibition Group S.p.A., with registered office in Rimini, Via Emilia, 155. The data controller has appointed as external Data Processors the categories of external entities to whom the Company communicates personal data for the above purposes (unless they assume the direct role of independent data controllers due to their managerial autonomy in relation to the processing entrusted to them). In the case of external processors, processing will be based on our directives and under our general periodic supervision of the security measures taken by the third party.

The rights of the data subject

As data subject you are entitled to:

• ask the Data Controller to confirm whether or not personal data concerning him or her are being processed and, if so, to obtain access to the personal data and the following information: (a) the purposes of processing; (b) the categories of personal data concerned; (c) the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular when these are recipients from third countries or international organisations; (d) where possible, the intended retention period for the personal data or, where that is not possible, the criteria used to determine that period; (e) the existence of the right of the data subject to request the controller to correct or erase the personal data or to restrict the processing of personal data concerning him or her or to object to their processing; (h) the existence of an automated decision-making process, including profiling and, at least in such cases, meaningful information on the logic used, and the importance of and expected consequences for the data subject of such processing.
• where personal data are transferred to a third country or an international organisation, to be informed of the existence of appropriate guarantees relating to the transfer;
• to request, and obtain without undue delay, the amendment  of inaccurate data; taking into account the purposes of processing, the supplementing of incomplete personal data, including by providing a supplementary statement;
• to request the erasure of data if (a) the personal data are no longer necessary for the purposes for which they were collected or otherwise processed; (b) the data subject withdraws the consent on which the processing is based and there is no other legal basis for processing; (c) the data subject objects to the processing, and there is no overriding legitimate reason to proceed with the processing, or objects to the processing for direct marketing purposes (including profiling functional to such direct marketing); (e) the personal data must be erased in order to comply with a legal obligation under Union law or the law of the Member State to which the controller is subject; f) the personal data have been collected in relation to the offer of services of the information company.
• to request the restriction of processing regarding the data subject where one of the following situations applies: a) the data subject disputes the exactness of the personal data for the period required by the data controller to check the exactness of such personal data; (b) the processing is unlawful and the data subject objects to the erasure of the personal data and requests instead that their use be restricted; c) although the data controller no longer needs them for processing purposes, the personal data are required by the data subject to ascertain, exercise or defend a right in court (d) the data subject has objected to processing carried out for direct marketing purposes, pending verification as to whether the legitimate reasons of the data controller take precedence over those of the data subject.;
• to obtain from the data controller, on request, the communication of the third parties to whom the personal data have been sent;
• to revoke at any time the consent to processing of personal data if previously communicated for one or more specific purposes, its being understood that this will not affect the lawfulness of the processing based on the consent given before revocation.
• to receive in a structured format, commonly used and readable by automatic means, the personal data concerning the data subject provided by him or her to the Controller and, if technically feasible, to have such data sent directly to another controller without any impediment by the Controller to whom they were provided, if the following (cumulative) condition is met: (a) processing is based on the data subject's consent for one or more specific purposes, or on a contract to which the data subject is a party and to the performance of which processing is necessary; and (b) processing is carried out by automated means (software) (overall right to so-called "portability"). The exercising of the so-called right to portability is without prejudice to the right to erasure provided for above;
• the data subject shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or which significantly affects him or her in a similar manner.
• the data subject may at any time also lodge a complaint with the competent supervisory authority on the basis of the GDPR (that of his or her place of residence or domicile).

The data subject may exercise his or her rights by writing to the Data Protection Officer of the Data Controller, Italian Exhibition Group S.p.A., with registered office in Via Emilia, 155 - 47921 Rimini (Italy) or by email: privacy@iegexpo.it.

It is also possible to request a list of Independent Controllers, Joint-Controllers and External Data Processors.

IEG in order to monitor compliance with the GDPR and the laws applicable to the processing of personal data of the data subject by IEG, the latter has appointed an independent third party (Data Protection Officer): lawyer Luca De Muri, domiciled for the office at the headquarters and the email of Italian Exhibition Group S.p.A.

JOINT-CONTROLLER OF STATISTICAL DATA PROCESSING WITH FACEBOOK

The Privacy Policy on the website www.iegexpo.it is also provided for the Facebook pages of the events of the Italian Exhibition Group (list available HERE). In this regard, Italian Exhibition Group Spa is Co-Chairman of the statistical data processing, together with Facebook Ireland Limited. The data processed also includes the statistical data produced by the Insight function of the Facebook page. - see also Joint statistical data controller together with Facebook.

To view the data regulations of Instagram click HERE

Policy change

This privacy policy, from the date of its publication, supersedes any previous versions. Unless otherwise stated, the above privacy policy will continue to apply to personal data collected up to that time. IEG reserves the right to make changes to this privacy policy at any time by notifying users on this page. Please refer to this page often, taking as reference the date of last amendment indicated at the bottom. In the event of non-acceptance of future changes, the data subject must cease to use the website or the functions to which the change in privacy refers, and in the absence of such abstention the changes will be deemed to have been accepted (except those that change the conditions for obtaining consent to processing, where required).

Privacy Notices

1. Customer & Prospect Privacy notice

---

Cookies policy

The Italian Garante per la protezione dei dati personali (data protection) , through its Provision dated 8 May 2014, has adopted, as of June 2, 2015, the European Directive 2009/136 / EC requiring directors of web pages to publish information relating to the cookie policy related to the website that visitors are browsing. On this page you can find the information necessary to understand, identify, use or delete cookies on this website in accordance with such Provision.

This Policy can be updated at any time due to changes either in current legislation and/or in the configuration and type of cookies used, so we suggest you to periodically review this cookie policy in order to know all subsequent updates of the same.

When significant changes have been made to this cookie policy, users will be notified via a notification on the site.

What they are and how cookies are used

Cookies are short fragments of text (letters and / or numbers) that, during the first user’s navigation on the website, allow the web server to store on the user’s client device (computer, smartphone or tablet) information about the user, to be reused during the same visit to the website (session cookies) or later, even after some time (persistent cookies) to automatically recognize the user (or other users who use the same tool and/or device) and to associate to this recognition certain consequences of various kinds. Cookies are stored, according to user preferences, by the single browser (eg Internet Explorer, Chrome, Firefox, Opera) on the specific client device. Similar technologies, such as, for example, web beacons, transparent GIFs and all forms of local storage introduced with HTML5, can be used to gather information about the use of services. A cookie can not retrieve any other data from the user's hard disk nor transmit computer viruses or acquire email addresses. Each cookie is unique to the user's web browser. Some of the functions of cookies can be delegated to other technologies. In the following, the term 'cookie' refers to cookies and all similar technologies. Their operation is totally dependent on the internet browser that the user uses and can be enabled or not by the user himself.

In order to always guarantee the best possible navigation, our site offers the best services with cookies enabled. By default, almost all web browsers are set to automatically accept cookies.

More information about cookies

On the basis of the criterion of ownership, that is depending on who manages them, cookies can be of two different possible categories:

• of "first party" when they are managed directly from the website that originated them;
• ​"third party" when cookies are set and managed by other organizations / websites other than the website visited by the user and that may reside in Italy or abroad. The third-party cookies fall under the direct and exclusive responsibility of the third-party operator, and in relation to their installation, the first part manager assumes the mere role of technical intermediary.

For example on many websites is the presence of YouTube videos, Google APIs, use of Google Maps, and the use of "social plugins " for Facebook, Twitter, Google+ and LinkedIn. These are parts of the page visited generated directly by the aforementioned sites and integrated into the page of the host site. The most common use of social plugins is aimed at sharing content on social networks in order to increase the user visitor's experience.

The presence of these plugins involves the transmission of cookies to and from all sites managed by third parties.

Being third-party sites cookies, used for the purposes of these third parties exclusive owners, the relevant information and methods to lend or deny their consent to them are available by clicking the relevant links in the cookie list of the appropriate section that follows, which please refer to.

On the basis of the characteristics and use of cookies is distingu ono various types of cookies. Our Site uses or may use, in combination with each other, the following categories of cookies when the user browses our sites, mobile sites or mobile applications:

• Permanent cookies or "persistent": these cookies remain stored on the device even after leaving the Web site or in any case have closed the browser: in particular, they will remain until their deadline or until they are deleted by the user. Persistent cookies satisfy many features in the interest of surfers (such as password storage), however in some cases they can also be used for promotional purposes.
• Session cookies or “temporary”: They have a limited duration to the visit and are deleted when the browser is closed, which ends the "session" of access to the website. As a rule, they allow the user to access personalized services and take full advantage of the site's features, avoiding the use of other technologies that could compromise the privacy of users' browsing.
• Thecnical Cookies: These cookies are essential for the proper functioning and use of a website. They are used to manage functionalities and different services related to websites (eg for the transmission of session identifiers necessary to allow a login or access to the reserved functions in the sites and the safe and efficient exploration of the site). They are essential for accessing protected resources without having to re-enter credentials at each page change. These cookies avoid the use of other technologies that could compromise the privacy of users' browsing. These cookies are used only for this purpose and are therefore first-party cookies.
  Among the technical cookies are also cookies to integrate products and functions of third-party software: this type of cookie integrates features developed by third parties within the site pages such as icons and preferences expressed in social networks in order to share the content of the site or for the use of third-party software services (such as software to generate maps and additional software that offer additional services). These cookies are sent from third-party domains and from partner sites that offer their functionality between the pages of the Site.
  The duration of technical cookies is strictly limited to the work session and are automatically deleted when you close the browser or they may use a longer residence time in order to remember the visitor's choices. They are used, for example, to preserve user preferences such as layout, language, etc. what preferences remain valid even after the browser is closed and reopened.
  The deactivation of technical cookies can compromise the user experience and navigation of the website.
  For the use of technical cookies, the law requires the release of a correct information to the interested party, as it is with this communication, ie without the creation of specific banners on the Site. Therefore, no specific consent is required for use from the user.
• For all non-technical cookies, on the other hand, their installation to the manifestation is subject to prior user’s consent in the simplified forms provided by Provision 8.5.2014 of the Guarantor, ie through the publication of a special synthetic banner that can be viewed by the user / visitor the first "landing" on the site and allowing to generate further use of the Site (in particular based on the "scroll", or on the continuation of navigation within the same web page) with which the user / visitor it can implicitly communicate its consent, or alternatively, to access an analytical cookie information (ie this information, in which it can express its necessary consent or dissent, such consent or not, can be formulated by the user not necessarily in reference to the individual cookies installed but in relation to broader categories of cookies, and / or specific products re and / or intermediaries with whom the Site has established business relations.
• Analysis cookies or "analytics": these cookies - temporary or permanent - allow gathering and analyzing aggregated and / or disaggregated statistical information regarding access (eg geographical area of ​​origin of the user, access hardware used, browser, age, visited, time spent, pages visited, gender interests for marketing purposes, etc.) and in general the pages behavior of users on the site and therefore to improve the experience and make the content more interesting for the user. Analytical cookies are sent from the site itself or from third-party domains; they are equalized to technicians cookies only if implemented and used directly from the site first part (without, therefore, the third-party intervention). In the event that the analytical cookies are made and / or used by third parties (third-party domains outside the site owner first part), the same can not be assimilated to technical cookies and have a different legal treatment.
  They also allow you to monitor the system and improve its performance and usability. The deactivation of these cookies can be performed without any loss of functionality and will be discussed in detail later.
  Cookies "analytics" used by us do not involve any possibility of tracing the identification of the individual user. For example, the site makes use of log files (ie records the history of operations as they are executed) and log files (which include IP addresses, browser type, Internet Service Provider (ISP), date, time, page input and output and the number of clicks ), to analyze the technical trendsof use and administer the site. The information collected in this way are not a "personal data" as they are and collected and analized in a totally anonymous. In this case the data controller does not have an obligation to notify the Guarantor.
• " Profiling " cookies or “advertising” (always permanent). They are used to obtain information, aggregated or not, useful for evaluating the use of the website and the activities carried out by the visitor (choice of viewing specific pages, specific products and / or services, etc.), used by the website owner to create user profiles and send commercial advertisements of targeted products and / or services, that is based on previous user activities (instead of the generalist offers offered without distinction to all users).
  For these cookies, user consent is always required.
  Profiling cookies are used to collect information about the user, in order to send advertising messages in line with the preferences expressed by the user in the context of surfing the internet.

List of cookies on the website

Having said this, we inform you that our Site uses the following cookies:

Cookie nameSession / permanentFunction (technical, analytical, advertising)Duration (if permanent and not deleted before by the user himself)
(PHSESSID, fe_typo_userand similar)	Session (local) ;	technical cookie with a function of memorizing the user's choices within the site. This cookie is also used to store the products added to the cart, if the website is an e-commerce site.	it is deleted once you leave the site
Cookie- Alert		Cookie that tracks if a user has consented or not the use of cookies	1 years
Facebook Conversion pixel	Permanent	Advertising, analytical	2 years
Adwords Conversion pixel	Permanent	advertising	2 years
Adwords retargeting	Permanent	advertising	2 years
Facebook retargeting	Permanent	advertising	2 years
Google analytics Universal	Permanent	analytical	2 years
Google adwords user list	Permanent	advertising	2 years
Facebook User list	Permanent	advertising	2 years
Amazon affiliation	Permanent	advertising	2 years
Google publisher	Permanent	analytical	2 years
Optimizely	Permanent	advertising	2 years
4w marketplace	Permanent	advertising	2 years
Neodata	Permanent	advertising	2 years
Sizmek	Permanent	advertising	2 years
Flashtalking	Permanent	Advertising	2 years
Hubspot	Permanent	analytical	2 years
Wjstia	Permanent	analytical	2 years
Pingdom	Permanent	analytical	2 years
New relic	Permanent	analytical	2 years
Hotjar	Permanent	analytical	1 years

Profiling cookies (first parts)

The services we provide through our servers use first-party profiling cookies .

Third-party cookies

The website visited, to provide an excellent browsing experience, could make use of all or part of the following own and / or third-party cookies:

• Google | Google Analytics Universal | Google Maps
• Facebook
• Youtube
• Vimeo
• Addthis

Google Analytics Universal

Our site also uses cookies for Google Analytics Universal (managed to Google Inc., third party). Please note that through the functionality of Google Analytics is not collected any strictly personal information, but collect aggregated statistical data on the age, gender, and preferences of interest of our visitors related to our offered activities (in order to better evaluate the use of our site web and the activities carried out by the visitor and best address the services provided). These cookies are stored on servers that can be located in the United States or in other countries outside the EU. Google reserves the right to transfer the information collected with its cookie to third parties where this is required by law or where the third party processes information on its behalf.

The "Analytics" feature is however configured by our company, by default, in such a way as to significantly mask portions of the IP address of the user / visitor, and therefore the data on the IP address thus collected is already anonymized at the origin for which the analytical cookie does not allow to trace, even indirectly - and in particular through further processing - the identity of the user.

Please note that Google also ensures, and from now on, not to associate the user's IP address with any other data held by Google in order to obtain a more detailed user profile.

For any further information regarding Google Analytics, please refer to the Privacy Policy which can be viewed at the following link:

http://www.google.com/intl/it_ALL/analytics/learn/privacy.html

Advertising features of Google Analytics

Our site uses also the special advertising features of Google Analytics. They allow to activate additional features (not available through standard Google Analytics implementations), to collect, in addition to data normally collected by standard Google Analytics, also data on user traffic (through cookies for Google advertising and anonymous identifiers). In particular, the advertising features of Google Analytics implemented are as follows:

• Remarketing with Google Analytics and with Google Display Network and Google Search Network
• Reporting on impressions from the Google Display Network
• Integrations with the DoubleClick platform
• Reports on demographics and Google Analytics interests

These advertising functions also include advertising cookies of other third parties, useful to better target any advertisements on the sites of the display network of Google and Adwords (see below).

Oursite also uses Google Adwords to promote the services offered on the web. For more information about which cookies are used by Google Adwords, read this link. Our site also uses remarketing lists on the Adwords Search Network.

It is always possible for the user to disable the collection of such data collected through cookies through the ad settings contained in the appropriate page of your Google Account (http://www.google.com/ ads/ preferences ), or through the Google OptOut tool.

Social cookies: these cookies (of third parties) are provided directly by the social media network domains that can be hosted by our Site through links to official pages, buttons for sharing content and links.The use of these buttons and functionality involves the exchange of information (eg texts, photographs, videos, etc.) with such sites.

The use of these cookies is purely anonymous, no personal information is collected unless the user intends to provide it explicitly by sending contact or information request forms.

The management of information and how to delete social cookies is regulated by the same social media sites: therefore, the user is invited to consult directly the respective information on the privacy of each of them. Without prejudice for the above, for convenience we report the web addresses (URL) of the main information about third-party cookies and how are managed such third-party cookie (confirming that the data controller has no responsibility for the operation of such third-cookie parts on this site):

You Tube: https://www.google.it/intl/it/policies/privacy/

Facebook (info): https://www.facebook.com/about/privacy, https://www.facebook.com/legal/FB_Work_Privacy, https://www.facebook.com/help/cookie/and https://www.facebook.com/policies/cookies/
Facebook (configuration): log in to your account. Privacy section. Or follow the various guides on the web for example https://support.mozilla.org/en-US/kb/disable-third-party-cookie
Twitter information: https://twitter.com/privacy?lang=it , https://support.twitter.com/articles/20170514
Twitter (configuration): https://twitter.com/settings/security is https://support.twitter.com/articles/20170519-uso-dei-cookie-e-dialtre-tecnologie-simili-da-parte-di-twitter
Linkedin (information): https://www.linkedin.com/legal/cookie-policy
Linkedin (configuration): https://www.linkedin.com/settings/

Instagram: https://help.instagram.com/155833707900388

Google (information): on the use of data at http://www.google.com/policies/technologies/cookie/ and complete information at http://support.google.com/analytics/answer/6004245
Google (configuration): the general out-out guide for Google services (Maps , YouTube ...) is available at http://support.google.com/accounts/answer/61416?hl=it

Google+ (information): http://www.google.it/intl/it/policies/technologies/cookie/
Google+ (configuration): http://www.google.it/intl/it/policies/technologies/managing/

How to disable cookies

Accepting or refusing cookies is your right.

By default, browsers generally accept the use of cookies both from our site and from third-party sites. To allow the site to function properly, exploit its features and use in its entirety, we recommend that you accept the use of technical cookies. The user is enabled, however, to modify at any time the default configuration (default) for managing cookies. To manage the preferred modes of operation of cookies, as well as options to restrict or block cookies (waiver / opt -out), it is sufficient for the user to change the browser settings through the relative toolbar.

Remember that you must set the preferences on cookies for each device and each different browser used in surfing the Internet.

You can choose between the unconditional acceptance of all cookies (in particular: navigating in any form on our site after the initial appearance to the synthetic video banner that warns you of the presence of cookies in our. Website, you consent to implicitly' use of cookies), the indistinct rejection of all cookies in a definitive way, or the display of a popup window (notice) every time a cookie is proposed, in order to be able to evaluate whether or not to accept it by an explicit action by user.

It is possible to refuse consent and block all third-party cookies via browser plugins , by searching on Google "block and delete third-party cookies"; as a result of the research you get a lot of guides that differ depending on the operating system and the browser used.

Below are the links for configuring the most popular browsers that describe how to manage cookies:

• Chrome: https://support.google.com/accounts/answer/61416?hl=en
• Firefox: https://support.mozilla.org/it/kb/Gestione%20dei%20cookie
• Internet Explorer: http://windows.microsoft.com/it-it/windows-vista/block-or-allow-cookies -
• Opera: http://help.opera.com/Windows/10.00/it/cookies.html
• Safari: https://support.apple.com/it-it/HT201265

To configure or change your cookie preferences our cookies and third parties, just access the following internet pages:

• Google Chrome: Tools - Settings - Show advanced settings - Content settings - Cookies - Block third-party cookies and site data
• Mozilla Firefox: Tools - Options - Privacy - History - Use custom settings for history (uncheck all boxes)
• Internet Explorer: Settings - Internet Options - Privacy - Settings for the Internet zone (move the navigation bar to "Block all cookies")
• Opera:
• Safari: Settings - Preferences - Privacy - Block cookies (select "always") Safari (IOS): Settings - Safari - Block cookies

To change the cookie settings in browsers other than those listed above, please refer to the help documentation prepared by the manufacturer of the specific browser.

You can also selectively disable the action of Google Analytics by downloading and installing on your browser the additional opt-out component specially provided by Google for your browser, at the following link: http://tools.google.com/dlpage/gaoptout

For more information : http://www.google.it/intl/it/analytics/

To delete cookies from the Internet browser of your smartphone / tablet, it is necessary to refer to the user manual of the device.

For more information about cookies and privacy legislation, you can consult the relevant document prepared by the Privacy at the following link: http://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/2142939

Data Controller for the cookies when they take the nature of personal data (also allowing, by means of subsequent possible elaborations, the identification of the data subject’s name to which they refer), is Italian Exhibition Group S.P.A. with registered office in Rimini, Via Emilia n. 155, email: privacy@iegexpo.it.

IEG appointed various internal persons to process the data; they belong to corporate functional areas that need to process data for the purposes indicated in this information, such as office administration, human resources, IT, marketing, etc. IEG also has appointed some external data processors; eg they are are entities to which we must disclose the data for said purposes (where these outsiders area not independen due to their managerial autonomy in relation to treatment entrusted to them). In the event that the external manager has been authorized by our Company to use any third party sub-suppliers for the processing of data, the names of such third sub-suppliers have been previously communicated in writing to the Owner. A complete and updated list of external data processors can be consulted by you at any time on simple written request.

Rights of the interested party

You have the right to:

• ask IEG to confirm whether or not personal data processing is current and, in this case, to obtain access to your personal data and the following information: a) the purposes of the processing; b) the categories of personal data in question; c) the third party recipients or categories of third party recipients to whom the personal data have been or will be communicated, in particular if recipients of third countries or international organizations; (d) where possible, the retention period of the personal data provided or, if not possible, the criteria used to determine this period; e) the existence of your right to request IEG to rectify or delete personal data or limit the processing of your personal data or to oppose their treatment; f) the right to lodge a complaint with a supervisory authority; g) if the data are not collected from the data subject, all information available on their origin; h) the existence of an automated decision-making process, including profiling and, at least in such cases, significant information on the logic used, as well as the importance and expected consequences of such processing for the data subject.
• if the personal data are transferred to a third country or to an international organization, you have the right to be informed of the existence of adequate guarantees regarding the transfer;
• request, and obtain, without undue delay, the correction of inaccurate data; taking into account the purposes of the processing, the integration of incomplete personal data, also by providing an additional declaration;
• request the deletion of data if a) personal data are no longer necessary with respect to the purposes for which they were collected or otherwise processed; b) you revoke the consent on which the treatment is based and there is no other legal basis for the treatment; c) you oppose the processing, and there is no legitimate overriding reason to proceed with processing, or oppose the processing performed for direct marketing purposes (including functional profiling for such direct marketing); d) personal data have been processed unlawfully; e) personal data must be deleted to fulfill a legal obligation under Europena Union or Member State law to which IEG is subject; f) personal data have been collected with regard to the provision of information society services.
• request the limitation of processing that concerns you, when one of the following hypotheses occurs: a) you dispute the accuracy of yout personal data, for the period necessary for IEG to verify the accuracy of such personal data; b) the processing is illegal and you oppose the cancellation of personal data and asks instead that its use is limited; c) although IEG no longer needs it for processing purposes, personal data are necessary for you to verify, exercise or defend a right in court; d) you object to the processing performed for direct marketing purposes, pending verification of the possible prevalence of the legitimate reasons of IEG with respect to yours;
• obtain from the data controller, upon request, the communication of the third recipients to whom the personal data have been communicated;
• revoke at any time the consent to the processing of their personal data where previously communicated for one or more specific purposes, it being understood that this will not affect the lawfulness of the treatment based on the consent given prior to the revocation;
• to receive, in a structured format, in common use and readable by automatic device, personal data concerning the data subject that you provided to IEG and, if technically feasible, to have such data directly transimitted by IEG to another data controller without impediments on our part, if the following (cumulative) condition occurs: a) the processing is based on your consent for one or more specific purposes, or on a contract of which your are a party and the treatment is necessary for the fulfilment of the contractual obligations; and b) the processing is carried out by automated means (software) (total right to the so-called "portability"). The exercise of the right to the portability is without prejudice to the right to cancellation as better above set forth by;
• not to be subjected to a decision based solely on automated processing, including profiling , which produces legal effects that concern him or who has a similar impact on his person.
• lodge at any time a complaint with the competent Supervisory Authority on the basis of the GDPR (that of your place of residence or domicile) or with the civil Court.

You can exercise his rights by writing to Italian Exhibition Group SpA, Data Protection Function Officer , based in Via Emilia, 155 - 47921 Rimini (Italy) or e-mail address: privacy@iegexpo.it . It is possible to request in writing to us a list of co-owners and external data processors.

IEG has appointed an independent third party responsible to ensure compliance with the GDPR and the laws applicable to the processing of your personal data this activity (DataProtection Officer – DPO). Our DPO is the Avv. Luca De Muri, as above domiciled for the position at Italian Exhibition Group SpA.

---

Treatment

The treatment includes operations of:

• collection (by hard copy, IT and telematic, by telephone - also through apps made available to the data subject by the Data Controller - and / or by e-mail, or by public registers, lists of documents and / or public databases and / or private (business information company),
• registration, organization, storage and processing on paper, magnetic, automated or telematic media, processing of data collected by third parties, modification, selection, extraction, comparison, use, interconnection also to data of other subjects on the basis of qualitative, quantitative and temporal criteria , recurring or definable from time to time, temporary treatment aimed at rapid aggregation or transformation of the data,
• profiling (this means an automated processing of personal data consisting in the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning (...) the economic situation, (...) preferences personal, interests, reliability, behavior, location (…) of that physical person;
• communication, dissemination, erasure and destruction of data, or combinations of two or more of the aforementioned transactions.

The treatment does not under any circumstances involve the adoption of fully automated decisions by IEG.

---

Personal data

It constitutes personal data any information concerning an identified or identifiable natural person ("interested"); an identifiable natural person can be identified, either directly or indirectly, with particular reference to an identifier such as a name, an identification number, location data, an online ID or one or more characteristic elements of his physical identity, physiological, genetic, psychological, economic, cultural or social.

In the event that the user or organization, to which the personal data refer, is a natural person or sole proprietorship, the same is an "interested party" for privacy purposes. In any other case (for example if you are a joint-stock company) the information referring to the user or organization, are in any case equated to personal data to the limited effects of the application of the substantive rules on the obligations of disclosure and obtaining the prior consent to treatment, only if processed for profiling and direct marketing purposes.

---

Profiling

Profiling is a relevant activity for privacy purposes only if it specifically concerns natural persons, therefore when the same operations described here concern information of subjects other than natural persons, the privacy law does not apply and therefore these operations can be carried out by of IEG without constraints.

For your profiling we use the data (example name and surname, company name to which you belong, brand, residence or location, country of origin, landline and mobile phone, e-mail address, website, type of distribution - store , department store, concept store, type of geographic market of origin and sale, economic or merchandising sector of activity, type of product / service, expected annual budget / advertising budget, markets of interest) that releases us when you use individual services (es to request the newsletter or to make purchases, or at the time of your registration or later) also associating them with your browsing data on IEG websites or the use of services provided by the site (eg cookies) or data collected through other communication channels (eg social media with which you interact linked from our site).

We process the data to analyze also in a predictive way and / or create groups of natural persons divided by market bands based on a minimum set of elements (eg profession, country and / or geographical area of ​​origin, merchandise or economic category of belonging), up to more advanced profiles based on age, sex, preferences declared by you concerning the professional areas of interest, online behavior and previous purchases.

This activity has a dual purpose: to better understand customers, both as groups and as individuals, and analyze the effectiveness of marketing to develop and update products, services and offers in line with our target preferences.

Profiling aims to align the services and goods offered by IEG with current and potential demand, measure the results of specific promotions, take corrective actions aimed at improving business results (eg reducing the risk of investing resources towards marginal thematic areas for target) and the effectiveness of commercial processes (eg by ascertaining how many messages and promotional content we have sent you have been seen and clicked on), limit the sending of promotional communications not relevant to your probable expectations and needs or via channels that are not appreciated). This means that IEG does not send the same offers to all interested parties and will be able to send you advertising communications as close as possible to your tastes and interests or preferences, or through your favorite contact methods, improving your experience purchase, even to your own advantage.

The profiling by cluster allows us, among other things, to identify and manage the correct positioning of the exhibitor's stand within the various theme areas of the Event, to facilitate the meeting between buyers and exhibitors during the Event through the creation an agenda of meetings between operators based on the automated crossing between specific supply and demand.

IEG also, if you allow profiling, use the data to advertise social media services and products to other people who have a profile similar to yours and therefore may be more interested in what is offered,

Profiling does not imply your exclusion from specific advantages or the possibility to freely exercise your rights in relation to personal data processed by IEG; in particular, it does not prejudice the possibility for the data subject to participate in the Events and / or to use the ordinary services (eg online pre-registration, purchase of services) sold by IEG.

PRIVACY POLICY – ver.02.06.2018