PRIVACY POLICY

Complying with the provisions of EU Regulation no. 679/2016 (GDPR General Data Protection Regulation). 


1) DATA CONTROLLER 

The Joint Data Controllers are: 

Mido Srl Unipersonale having registered offices at Via Alberto Riva Villasanta 3 20145 Milan, VAT. no. 07164050150 - Fully paid up share capital 120,000 € - R.e.a. (Economic and Administrative Index) no. 1710133, represented by its legal representative. 

ANFAO (Italian Optical Goods Manufacturers Associations) having registered offices at Via Alberto Riva Villasanta 3, 20145 Milan, represented by the Chairman of the Association. 

A Data Protection Officer has been appointed by MIDO and ANFAO who you may contact on: dpo@mido.it. 


2) DATA CATEGORIES 

PERSONAL DATA 
Registration form requires some data classified as personal data (article 4, let. a) Regulation 2016/679 (e.g. e-mail address or telephone number). During the MIDO, photographs or videos may be taken or filmed that are used by the joint data controllers to promote the brand and event. 


3) PROCESSING METHOD 

Your personal data are processed by MIDO and other entities who guarantee the required level of reliability and expertise with electronic and telematic procedures for purposes strictly related to the use of the website or organization of the event. 

Your personal data will not be transferred abroad to Countries not belonging to the European Union, that do not ensure an adequate level of protection. 


4) PURPOSE OF PROCESSING 

The data you provide are processed to provide the following services: 

Subject to the consent of the user, data may also be processed for: 

1) Direct marketing purposes (forwarding of advertising material, gifts, promotions, events and contests), even with messages sent by e-mail, SMS, MMS or telephone; 

2) Market surveys and studies in order to improve the MIDO show. 


5) PROVIDING PERSONAL DATA MAY BE OPTIONAL OR OBLIGATORY 

Providing your personal data to MIDO is necessary in order for you to be registered as Visitors and granted cards and/or invitations for the relevant access. You are obviously free to decide whether to fill out the form. With reference to the individual information requested at the time of the individual data collection, the mandatory nature is marked putting a specific character (*). Failing to enter the data specified as mandatory in the form might entail your failure to be registered as Visitor. 

Providing your personal data for marketing or profiling purposes is optional, and failure to communicate the same does not entail negative consequences. MIDO s.r.l. Unipersonale Via A. Riva Villasanta, 3 20145 Milano (Italy) Ph +39 02 32673673 www.mido.com 


6) LEGAL BASIS 

Processing your personal data for the main purposes is the contract for participation in the MIDO as visitor (see Article 6 (b) Regulation 2016/679). Processing your personal data for marketing purposes and profiling is subject to your consent, which you may however revoke at any time. 


7) RECIPIENTS AND CATEGORIES OF RECIPIENTS TO WHOM YOUR PERSONAL DATA MAY BE DISCLOSED 

In order to provide the services requested, MIDO may avail itself of external companies who carry out services strictly related to the execution and performance of the contracts and services provided, such as: Fiera Milano S.p.A., press agencies and banks that handle receipts and payments; financial administrations and other entities in order to fulfil regulatory obligations; self-employed professionals in order to fulfil administrative and accounting obligations, etc. 

Your personal data may also be disclosed to any parties to whom such disclosure is required pursuant to legal obligations or contracts signed by the parties. 

A list of the entities who process your personal data may be requested from MIDO srl. No personal data will be disclosed. 


8) DURATION OF PROCESSING 

The visitors' data will be retained for the time set forth by law, including applicable accounting laws. 

The personal data you provide for marketing purposes will be processed until you ask for the same to be deleted or revoke your consent: all commercial messages include a section in which you may revoke your consent simply and easily at any time. 


9) RIGHTS OF THE DATA SUBJECT 

The data subject to whom the personal data refer may ask the Data Controller to exercise its rights as set forth by articles 12 et sequitur of Regulation 2016/679, including the right to obtain confirmation of whether or not its personal data are retained by the same, the content and origin of the data, the purpose and method of processing. The data subject also has the right to verify the accuracy of its personal data, request to update, correct or, if it has an interest to do so, add supplementary data, delete and transform the same into anonymous format or block any data processed in breach of the law, including data that it is not necessary to retain for the purpose for which the data was collected or processed, and to object to the processing of any personal data, for legitimate reasons, even if such data are pertinent to the purpose for which the same was collected, and to the processing of personal data for the purposes of sending advertising messages or direct sales material, market surveys or information, promotional or commercial messages. The data subject also has the right to the portability of data and may revoke its consent, at any time, without prejudice to the legality of processing based on any consent given prior to such revocation. 

Finally, the data subject has the right to file a complaint with any Supervisory Authority (in Italy, this is the Data Protection Authority). 

Your rights may be exercised by sending a letter or message to 

Mido Srl Unipersonale having registered offices at Via Alberto Riva Villasanta, 3 - 20145 Milan (Italy) - privacy@mido.it. 


10) APPLICABLE LAW 

This Privacy Policy is subject to the applicable provisions of Italian law and REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND COUNCIL of 27 April 2016, on data processing protection of natural persons, and the free movement of such personal data, which abrogates Directive 95/46/EC (General Data Protection Regulation, also referred to as the GDPR).