Security and Privacy
Privacy policy of this Website
These privacy policy guidelines apply to the Website www.ermitage.tv (the "Website"). The privacy policy (the "Privacy Policy") refers to the processing of personal data by La Machine du Temps sarl (the Data Controller) via the Website upon Users visiting same, and to the Users’ interaction with the services and functionalities of the Website. The Privacy Policy has been drafted in accordance with Recommendation no. 2/2001, adopted on May 17, 2001 by the Working Group for the Protection of Personal Data (Art. 29) in relation to the minimum requirements for online data collection in the European Union. Moreover, it serves as a Privacy Statement provided to data subjects pursuant to Art. 13 of Regulation 679/2016 (the "Privacy Regulation"). The Privacy Policy specifies the identity of the Data Controller who controls and manages the personal information collected and processed through the Website, as well as indicating what personal information is collected and for what purposes, the methods of processing, the scope of communication to third parties, the security measures adopted in order to protect and safeguard the personal data of Users, and the ways in which Users can monitor the processing of their data and exercise their rights pursuant to the Privacy Regulation.
The Data Controller
The Data Controller is the company La Machine du Temps sarl, based in 14 Avenue de l'Opera - 75001 Paris, France and, for the purposes of the aforementioned Regulation, at the headquarters of the undersigned. For the purposes of the Regulation, the Data Controller may be contacted as above or by email at info@ermitage.tv.
Legal basis for processing
As part of our business, your personal data collected through the Website will be processed in compliance with the general principles of lawfulness, necessity, correctness and relevance, never exceeding the original purpose for which it was collected, and based - where necessary - on your specific consent.
The nature of collected and processed data
The Data Controller collects and processes the personal data necessarily provided by Users when filling out the forms present on the Website, such as name and contact details. Moreover, if Users subscribe to the data monitoring service, such data is processed according to the specifications of the service itself. Each Website section from which data is collected contains a link to a specific Privacy Statement drawn up pursuant to art. 13 of the Privacy Regulation. Whenever necessary in accordance with the Privacy Regulation, the User’s consent shall be obtained before processing personal data. The Data Controller also processes the User’s so-called browsing data, i.e. the data whose transmission to the Website is implicit in the operation of the computer systems responsible for managing the Website and in the use of Internet communication protocols, for example the domain names of the computers used by Users connecting to the Website and other parameters relating to the type and the computer operating system.
Browsing data
The information systems and software used by this Website acquire, as part of their standard operating procedures, certain personal data, which is then transmitted automatically through the use of Internet communication protocols. This information is not collected to be associated with identified data subjects, but by its very nature could, by being processed and associated with data held by third parties, allow the identification of Users. This category of data includes the IP addresses or domain names of the computers used by Users connecting to the Website, the URI (Uniform Resource Identifier) addresses of requested resources, the time of request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response from the server (successful, error, etc.), and other parameters regarding the User’s operating system and IT environment. Such data is used exclusively to obtain anonymous statistical information on the use of the Website and to check its correct operation. Personal data collected while browsing the Website will not be subject to communication or dissemination.
Data provided voluntarily by Users
The optional, explicit and voluntary sending of emails to the addresses indicated on this Website, and/or the filling in of the forms present therein result in the acquisition of the sender’s address, with a view to responding to requests, and of any other personal data included in the message. Cookies
This Website uses certain types of cookies in order to avoid the use of other IT technologies potentially prejudicial to the confidentiality of the User’s browsing experience. The Data Controller has chosen to use session cookies (these are not stored on the User’s computer, being instead removed when the browser is closed) rather than persistent cookies. This Website makes exclusive use of technical cookies, i.e. cookies that, pursuant to the Italian Data Protection Authority’s Measure No. 229 of May 8, 2014, “Simplified Arrangements to Provide Information and Obtain Consent Regarding Cookies”, are used for the sole purpose of “carrying out the transmission of a communication on an electronic communications network, or insofar as this is strictly necessary to the provider of an information society service that has been explicitly requested by the contracting party or user to provide the said service” (see Section 122(1) of the Code). - Browsing or session cookies, which ensure normal browsing and use of the Website (allowing, for example, authentication to restricted areas) - Analytics cookies, which can be equated to technical cookies insofar as they are used directly by the Website manager to collect aggregate information on the number of visitors and the pattern of visits to the Website; (see https://support.google.com/analytics/answer/6004245 for information on the security and privacy principles of the “Google Analytics” cookies used) - Functional cookies, which allow Users to browse as a function of certain pre-determined criteria so as to improve the quality of service. No profiling cookies are used. It is possible to visit the Website even without cookies, although in this case it may not be possible to use certain services, such as those enabling purchases and access to restricted areas. Most browsers accept cookies automatically. You can avoid the automatic acceptance of cookies by selecting the option “do not accept cookies” among those proposed. For more information on how to do this, please refer to the instructions provided by your browser. At any time, you can delete the cookies already stored on your hard drive. You can also refer to the instructions provided at the following links:
Internet Explorer: https://windows.microsoft.com/it-it/internet-explorer/delete-manage-cookies
Mozilla Firefox: https://support.mozilla.org/it/kb/Eliminare
Google Chrome: https://support.google.com/chrome/answer/95647
Apple Safari: http://support.apple.com/kb/PH17191?viewlocale=it_IT
Purposes of data processing
Data is collected and processed for the exclusive purpose of allowing access to the information requested and for the purpose of the service requested via the appropriate form. The contact details of Users who request information or who subscribe to newsletters may be used to send promotional communications, also through automated methods, subject to obtaining their express consent. Browsing data is processed exclusively for obtaining statistics on visits to and use of the Website and for the purpose of monitoring the proper functioning of the Website. Moreover, such data may be used to ascertain responsibility in the event of computer crimes against the Website or carried out through the Website.
Mandatory nature of the provision of data
To duly manage Users’ requests and send out newsletters, we must necessarily collect all the required information present in the published forms. Failure to provide such data will result in our being unable to provide the services requested.
Processing methods
Personal data provided voluntarily by Users is processed by means of our IT system and recorded on computer media protected by appropriate Security Measures. Our information systems and computer programs are configured so as to minimize the use of personal and identification data not necessary for the specific processing purposes pursued.
Data retention period
Processed data will be stored in our computer archive for as long as is necessary based on the services requested. If you decide to revoke your consent to the sending of commercial information or newsletters, we will stop sending them. Personal data collected upon sending a request for information will be stored for as long as is necessary based on the information requested. Once the requested activity has been completed, said data may be deleted or stored for the sole purpose of documenting the activity carried out (when indispensable) or for historical and/or statistical purposes (in this case, the User who made the request will not be directly identifiable).
Place of data retention
Collected personal data will be stored and processed through an electronic system managed by the Data Controller, which may also be located at external Server Farms (in any case located in the European Union). You may contact the Data Controller for precise information on the place of data retention.
Scope of communication of personal data
The Data Controller communicates the personal data of Users to the extent and in the manner specified in this Privacy Policy and in the Privacy Statement published when providing data, and in any case in full compliance with the consent expressed by said Users at the time of Ermitage TV collecting the data, whenever this is necessary in accordance with the Privacy Regulation. Your personal data will only be accessible, within the Data Controller’s Company, to those persons who need to be familiar with them in connection with their assigned duties and in their capacity as Data Processing Operators, and to any Data Processors appointed. Please contact the Data Controller for a complete and up-to-date list of any Data Processors appointed. Your personal data may also be communicated to third parties insofar as the legitimate recipients of communications required by law or applicable regulations. Said third parties will process your data in their capacity as Data Controllers or Data Processors, as the case may be. Your personal data will in no case be communicated to third parties for promotional purposes and will not be disseminated in any way or transferred to any foreign country or international organization.
Your Rights as a Data Subject
We inform you that, as a Data Subject, you have all the rights laid down by the Regulation: art. 15 (Right of Access), art. 16 (Right to Rectification), art. 17 (Right to Erasure), art. 18 (Right to Restriction of Processing), art. 20 (Right to Data Portability), art. 21 (Right to Object). You also have the right to revoke, at any time, your consent to the processing of data; withdrawal takes effect from the moment it comes to our attention, without however prejudicing the lawfulness of processing based on consent given prior to withdrawal. You also have the right to lodge a complaint with a Supervisory Authority. In all the cases described, the exercising of such rights will be brought to the attention of those to whom your data has been communicated, except where exempted to do so pursuant to the Regulation. In some cases (erasure, restriction, objection), the fact of exercising your rights may make it impossible to provide you the services requested, either in whole or in part. All the rights described are exercised by simply notifying the Data Controller (also by email at info@ermitage.tv), either in person or through a representative. Ermitage TV undertakes to reply promptly to any such communication. This Privacy Policy is subject to updating by the Data Controller. The version published on the Website is the latest one available (currently updated as of May 31, 2018).
These privacy policy guidelines apply to the Website www.ermitage.tv (the "Website"). The privacy policy (the "Privacy Policy") refers to the processing of personal data by La Machine du Temps sarl (the Data Controller) via the Website upon Users visiting same, and to the Users’ interaction with the services and functionalities of the Website. The Privacy Policy has been drafted in accordance with Recommendation no. 2/2001, adopted on May 17, 2001 by the Working Group for the Protection of Personal Data (Art. 29) in relation to the minimum requirements for online data collection in the European Union. Moreover, it serves as a Privacy Statement provided to data subjects pursuant to Art. 13 of Regulation 679/2016 (the "Privacy Regulation"). The Privacy Policy specifies the identity of the Data Controller who controls and manages the personal information collected and processed through the Website, as well as indicating what personal information is collected and for what purposes, the methods of processing, the scope of communication to third parties, the security measures adopted in order to protect and safeguard the personal data of Users, and the ways in which Users can monitor the processing of their data and exercise their rights pursuant to the Privacy Regulation.
The Data Controller
The Data Controller is the company La Machine du Temps sarl, based in 14 Avenue de l'Opera - 75001 Paris, France and, for the purposes of the aforementioned Regulation, at the headquarters of the undersigned. For the purposes of the Regulation, the Data Controller may be contacted as above or by email at info@ermitage.tv.
Legal basis for processing
As part of our business, your personal data collected through the Website will be processed in compliance with the general principles of lawfulness, necessity, correctness and relevance, never exceeding the original purpose for which it was collected, and based - where necessary - on your specific consent.
The nature of collected and processed data
The Data Controller collects and processes the personal data necessarily provided by Users when filling out the forms present on the Website, such as name and contact details. Moreover, if Users subscribe to the data monitoring service, such data is processed according to the specifications of the service itself. Each Website section from which data is collected contains a link to a specific Privacy Statement drawn up pursuant to art. 13 of the Privacy Regulation. Whenever necessary in accordance with the Privacy Regulation, the User’s consent shall be obtained before processing personal data. The Data Controller also processes the User’s so-called browsing data, i.e. the data whose transmission to the Website is implicit in the operation of the computer systems responsible for managing the Website and in the use of Internet communication protocols, for example the domain names of the computers used by Users connecting to the Website and other parameters relating to the type and the computer operating system.
Browsing data
The information systems and software used by this Website acquire, as part of their standard operating procedures, certain personal data, which is then transmitted automatically through the use of Internet communication protocols. This information is not collected to be associated with identified data subjects, but by its very nature could, by being processed and associated with data held by third parties, allow the identification of Users. This category of data includes the IP addresses or domain names of the computers used by Users connecting to the Website, the URI (Uniform Resource Identifier) addresses of requested resources, the time of request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response from the server (successful, error, etc.), and other parameters regarding the User’s operating system and IT environment. Such data is used exclusively to obtain anonymous statistical information on the use of the Website and to check its correct operation. Personal data collected while browsing the Website will not be subject to communication or dissemination.
Data provided voluntarily by Users
The optional, explicit and voluntary sending of emails to the addresses indicated on this Website, and/or the filling in of the forms present therein result in the acquisition of the sender’s address, with a view to responding to requests, and of any other personal data included in the message. Cookies
This Website uses certain types of cookies in order to avoid the use of other IT technologies potentially prejudicial to the confidentiality of the User’s browsing experience. The Data Controller has chosen to use session cookies (these are not stored on the User’s computer, being instead removed when the browser is closed) rather than persistent cookies. This Website makes exclusive use of technical cookies, i.e. cookies that, pursuant to the Italian Data Protection Authority’s Measure No. 229 of May 8, 2014, “Simplified Arrangements to Provide Information and Obtain Consent Regarding Cookies”, are used for the sole purpose of “carrying out the transmission of a communication on an electronic communications network, or insofar as this is strictly necessary to the provider of an information society service that has been explicitly requested by the contracting party or user to provide the said service” (see Section 122(1) of the Code). - Browsing or session cookies, which ensure normal browsing and use of the Website (allowing, for example, authentication to restricted areas) - Analytics cookies, which can be equated to technical cookies insofar as they are used directly by the Website manager to collect aggregate information on the number of visitors and the pattern of visits to the Website; (see https://support.google.com/analytics/answer/6004245 for information on the security and privacy principles of the “Google Analytics” cookies used) - Functional cookies, which allow Users to browse as a function of certain pre-determined criteria so as to improve the quality of service. No profiling cookies are used. It is possible to visit the Website even without cookies, although in this case it may not be possible to use certain services, such as those enabling purchases and access to restricted areas. Most browsers accept cookies automatically. You can avoid the automatic acceptance of cookies by selecting the option “do not accept cookies” among those proposed. For more information on how to do this, please refer to the instructions provided by your browser. At any time, you can delete the cookies already stored on your hard drive. You can also refer to the instructions provided at the following links:
Internet Explorer: https://windows.microsoft.com/it-it/internet-explorer/delete-manage-cookies
Mozilla Firefox: https://support.mozilla.org/it/kb/Eliminare
Google Chrome: https://support.google.com/chrome/answer/95647
Apple Safari: http://support.apple.com/kb/PH17191?viewlocale=it_IT
Purposes of data processing
Data is collected and processed for the exclusive purpose of allowing access to the information requested and for the purpose of the service requested via the appropriate form. The contact details of Users who request information or who subscribe to newsletters may be used to send promotional communications, also through automated methods, subject to obtaining their express consent. Browsing data is processed exclusively for obtaining statistics on visits to and use of the Website and for the purpose of monitoring the proper functioning of the Website. Moreover, such data may be used to ascertain responsibility in the event of computer crimes against the Website or carried out through the Website.
Mandatory nature of the provision of data
To duly manage Users’ requests and send out newsletters, we must necessarily collect all the required information present in the published forms. Failure to provide such data will result in our being unable to provide the services requested.
Processing methods
Personal data provided voluntarily by Users is processed by means of our IT system and recorded on computer media protected by appropriate Security Measures. Our information systems and computer programs are configured so as to minimize the use of personal and identification data not necessary for the specific processing purposes pursued.
Data retention period
Processed data will be stored in our computer archive for as long as is necessary based on the services requested. If you decide to revoke your consent to the sending of commercial information or newsletters, we will stop sending them. Personal data collected upon sending a request for information will be stored for as long as is necessary based on the information requested. Once the requested activity has been completed, said data may be deleted or stored for the sole purpose of documenting the activity carried out (when indispensable) or for historical and/or statistical purposes (in this case, the User who made the request will not be directly identifiable).
Place of data retention
Collected personal data will be stored and processed through an electronic system managed by the Data Controller, which may also be located at external Server Farms (in any case located in the European Union). You may contact the Data Controller for precise information on the place of data retention.
Scope of communication of personal data
The Data Controller communicates the personal data of Users to the extent and in the manner specified in this Privacy Policy and in the Privacy Statement published when providing data, and in any case in full compliance with the consent expressed by said Users at the time of Ermitage TV collecting the data, whenever this is necessary in accordance with the Privacy Regulation. Your personal data will only be accessible, within the Data Controller’s Company, to those persons who need to be familiar with them in connection with their assigned duties and in their capacity as Data Processing Operators, and to any Data Processors appointed. Please contact the Data Controller for a complete and up-to-date list of any Data Processors appointed. Your personal data may also be communicated to third parties insofar as the legitimate recipients of communications required by law or applicable regulations. Said third parties will process your data in their capacity as Data Controllers or Data Processors, as the case may be. Your personal data will in no case be communicated to third parties for promotional purposes and will not be disseminated in any way or transferred to any foreign country or international organization.
Your Rights as a Data Subject
We inform you that, as a Data Subject, you have all the rights laid down by the Regulation: art. 15 (Right of Access), art. 16 (Right to Rectification), art. 17 (Right to Erasure), art. 18 (Right to Restriction of Processing), art. 20 (Right to Data Portability), art. 21 (Right to Object). You also have the right to revoke, at any time, your consent to the processing of data; withdrawal takes effect from the moment it comes to our attention, without however prejudicing the lawfulness of processing based on consent given prior to withdrawal. You also have the right to lodge a complaint with a Supervisory Authority. In all the cases described, the exercising of such rights will be brought to the attention of those to whom your data has been communicated, except where exempted to do so pursuant to the Regulation. In some cases (erasure, restriction, objection), the fact of exercising your rights may make it impossible to provide you the services requested, either in whole or in part. All the rights described are exercised by simply notifying the Data Controller (also by email at info@ermitage.tv), either in person or through a representative. Ermitage TV undertakes to reply promptly to any such communication. This Privacy Policy is subject to updating by the Data Controller. The version published on the Website is the latest one available (currently updated as of May 31, 2018).