Privacy Policy

The “Arte & Arte” Association promotes the spread of culture and art across the territory through exhibitions, courses, lessons, conferences, seminars, research, studies and publications of painting, sculpture, literature, photography and, in general, every form of art.

Everyone who supports our cultural activity is precious to us, along with the personal data that you have communicated to us:

  1. by visiting our website or
  2. by entering into contact with our offices through any channel (electronic, telephone, post, etc.).
  3. by subscribing to our newsletter

The Association, in the capacity of processing controller, guarantees and ensures that your personal data are always processed in respect of the rules provided by EU Regulation 2016/679 ("GDPR") and the relevant national legislation on data protection.
With this privacy policy, we inform you of the methods through which we collect, use, disseminate and possibly transfer your personal data.

  1. Identity and contact details of Processing Controller

    The processing controller is the “Arte & Arte” Association based in Como, Via Pannilani 23, which you can contact using the following details:

    telephone: +39-031.4492481

  2. Purpose of processing, legal ground and legitimate interest

    The processing of your personal data by the Association may occur based upon:

    1. your consent (for example, when you contact our offices for information, to participate, in the capacity of artists, in our shows, exhibitions, events, publications, publishing initiatives, prize competitions, etc.);
    2. a contract (if you are, for example, suppliers of our Association);
    3. a legal obligation (when we are required to complete fulfilments deriving from rules of law).

    When the communication of your personal data constitutes a legal obligation and/or a contractual obligation or a necessary requirement for the conclusion and execution of the commitments assumed by our Association, your refusal to provide data may involve the impossibility of us pursuing your requests.

  3. Protection of your data and recipients of the same

    Your personal data is processed by our specifically authorised and trained personnel, exclusively for purposes in relation to which they were collected.

    The Association has also implemented technical and organisational measures to guarantee the security of your personal data against loss, theft, misuse, unauthorised access, disclosure, alteration or destruction, both voluntary and accidental.

    Your personal data are stored exclusively at our Association's office and may be sent to third parties only to transmit information on our cultural activities (mailing service) or for holding exhibitions and/or events exclusively of cultural nature.

    In some cases, the Association may be required to send your personal data, in whole or in part, to third parties due to mandatory legal obligations.

  4. Transfer of data to third countries

    The Association does not transfer your data outside the European Union, except with your prior express consent.

  5. Data storage period

    Subject to your explicit request for erasure, your personal data are stored in our paper and electronic archives, with those contact data constituting an important instrument for the dissemination of cultural heritage that our Association intends to achieve.

  6. Your rights

    You are, in any case, entitled to exercise the following rights:

    1. right of access to personal data, right to obtain the rectification or erasure of the same or the restriction of processing;
    2. right to object to processing;
    3. in the presence of the necessary requirements, right to data portability only for data in electronic format.

    In relation to data for which the legal ground for processing is your consent, you may revoke that consent at any time, but without prejudice to the lawfulness of the processing performed by our Association based upon the consent provided by you prior to the revocation.

  7. Complaint

    If you are not satisfied with how your personal data are being processed, you may, in the presence of the necessary conditions, lodge a complaint with the territorially competent supervisory authority, as identified by Articles 3, 55 and 56 of the GDPR.
    For clarifications and further information, please visit the Data Protection Supervisor's institutional website at the following website address