top of page
Sfondo di carta strutturata

Policy Privacy

Pursuant to EU Regulation 2016/679 (GDPR)

Last updated: January 17, 2026

The Municipality of Pozzallo, as data controller, informs users that the "Pozzallo Nata sul Mare" platform was developed using Wix.com's technological infrastructure. The following describes how personal data is managed, with particular attention to security and physical storage.

1. Data Controller and Data Processors

  • Data Controller: Municipality of Pozzallo, Corso Vittorio Veneto, 97016 Pozzallo (RG).

  • Technical Manager: IMMAGINA ADV by Candiano Marcello.

  • Data Protection Officer (DPO): __________________________________ (to be completed by the Municipality, e.g. dpo@comune.pozzallo.rg.it).

  • Infrastructure Provider (Subprocessor): Wix.com Ltd.

  • Contacts: For any requests relating to data, you can write to: cultura@comune-pozzallo-rg.it .

2. Technological Infrastructure and Physical Data Storage

The Platform and its related "CityHand" web app are built using the professional development environment Wix Studio. The software architecture and data storage use a multi-tiered cloud infrastructure that ensures scalability and security.

  • Infrastructure Responsibility: Physical data storage is entrusted to Wix.com Ltd. (subprocessor), which operates as a global cloud service provider. Data is hosted in highly reliable data centers located in the United States, Ireland, Israel, and other selected regions to ensure maximum access speed and data redundancy.

  • Data Center Security: Physical servers are protected by state-of-the-art security measures, including 24/7 surveillance, biometric access controls, and fire/flood systems certified to ISO 27001 and ISO 27018 standards.

  • Physical and Logical Protection: * PCI DSS Certification: Because the platform handles paid events, the infrastructure complies with the strict Payment Card Industry Data Security Standards, ensuring that payment data is isolated and encrypted.

    • Data Residency and GDPR: The transfer of data to servers located outside the European Economic Area (EEA) takes place in full compliance with Chapter V of the GDPR, through the adoption of the European Commission's Standard Contractual Clauses (SCC), ensuring that the level of protection for Pozzallo citizens is never lower than EU standards.

  • Backup and Disaster Recovery: The system provides automatic, daily database backups. In the event of a technical failure of the main servers, the infrastructure is configured for rapid recovery (disaster recovery) to minimize travel service downtime.

  • Integration with Native and Third-Party Apps: The platform uses Wix's proprietary APIs and third-party widgets (e.g., Google Maps for POI navigation). Each provider is selected based on their compliance with the security standards required by Italian and European law.

3. Third Party Apps

The "Pozzallo Nata sul Mare" Platform integrates services and applications provided by third parties to enrich the user experience and ensure advanced features (interactive maps, payments, statistics).

  • Type of Integrations: The Web-App uses APIs and plugins from industry-leading providers, including, but not limited to:

    • Mapping services (e.g., Google Maps): To enable the display of Points of Interest (POIs) and assisted navigation. These services may collect data on the user's IP address and location according to their own policies.

    • Payment Gateways (e.g., Stripe, PayPal): For the secure management of ticket transactions. These providers operate as independent data controllers; no sensitive credit card data is displayed or stored on IMMAGINA ADV or the Municipality of Pozzallo servers.

    • Social Widgets (e.g., Meta, Instagram): For displaying city photo feeds. Interaction with these widgets involves the exchange of cookies managed by the respective social networks.

  • Data Processing Responsibility: The user is informed that activating these services involves direct interaction with the servers of third-party providers. The Municipality of Pozzallo and IMMAGINA ADV do not have direct control over the data processing methods used by these third-party providers, but are committed to selecting only partners who guarantee high security standards and GDPR compliance.

  • User Consent: The activation of certain features (such as browser-based geolocation) requires specific consent, which the user can provide or revoke at any time via their device settings or the Platform's cookie banner.

  • Links to External Sites: The Logbook or POI pages may contain links to local partner or competitor sites. This Privacy Policy does not extend to these external sites; users are encouraged to consult the privacy policies of their respective owners before browsing.

4. Purpose and Legal Basis

Personal data is collected and processed for the following purposes, based on the relevant legal bases set forth in the GDPR:

A) Provision of Platform and Web App services:

  • Purpose: To allow navigation, use of the "CityHand" Web App, consultation of Points of Interest (POI) and interaction with maps.

  • Legal Basis: Performance of a contract to which the data subject is party or implementation of pre-contractual measures (Art. 6, par. 1, letter b, GDPR)

B) Event Management and Ticketing (Free and Paid):

  • Purpose: To manage reservations and the sale of tickets for cultural events and to send the related confirmations.

  • Legal Basis: Fulfillment of contractual and tax obligations (Art. 6, par. 1, letter b and c, GDPR).

C) Institutional and Information Communication (Newsletter):

  • Purpose: To send updates on tourism, cultural, and social initiatives in the city of Pozzallo.

  • Legal Basis: The data subject's explicit consent, provided by ticking the optional box in the registration forms (Art. 6, par. 1, letter a, GDPR).

D) Geolocation for Urban Navigation:

  • Purpose: To allow the user to view their position in relation to the city's monuments and services in real time.

  • Legal Basis: The explicit consent provided by the user via the browser or mobile device settings (Art. 6, par. 1, letter a, GDPR).

E) Security and Fraud Prevention:

  • Purpose: Technical monitoring, antivirus scanning, and firewall protection to prevent cyber attacks and illicit use of the platform.

  • Legal Basis: Legitimate interest of the Data Controller in ensuring the security of the system and the data processed (Art. 6, par. 1, letter f, GDPR).

5. Protection of Minors

The Municipality of Pozzallo recognizes the importance of protecting the privacy of minors, particularly in the context of cultural services and the Municipal Library.

  • Registration Age Limit: Registration on the platform, creating a "member" account, and purchasing event tickets are reserved exclusively for users who are 18 years of age or older.

  • Digital Consent (14 years): In accordance with Italian law, minors who have turned 14 can independently consent to the processing of their data exclusively for information services (e.g., subscribing to the Newsletter).

  • Children's Services (Under 14): For participation in workshops, reading groups, or events for children under 14 organized by the Library, the processing of personal data is permitted only with the explicit and documented consent of parents or legal guardians.

  • Parental Responsibility: We encourage parents to monitor their children's use of the Web App, especially with regards to the live geolocation function during urban navigation.

  • Exercise of Rights: If a parent discovers that their child has provided personal data without consent, they can request its immediate deletion by writing to cultura@comune-pozzallo-rg.it.

6. Security and Data Protection

The Municipality of Pozzallo and the Technical Manager (IMMAGINA ADV) adopt rigorous technical and organizational security measures to protect data from unauthorized access, accidental loss, destruction, or damage.

  • Network Infrastructure: The platform is hosted on Wix servers, which guarantee compliance with international security standards PCI DSS (for payments) and ISO 27001.

  • Encryption: All communications between the user's browser and the Platform occur via HTTPS (SSL/TLS) encrypted protocol, ensuring that the data entered into the forms (contacts, reservations, payments) cannot be intercepted.

  • Active Defense: As envisaged in the technical plan of the "Pozzallo Nata sul Mare" project, the system is protected by:

    • Advanced Firewalls: For filtering traffic and preventing DDoS attacks or intrusion attempts.

    • Antivirus and Malware Scanning: Periodic monitoring of databases and source code to identify and neutralize cyber threats.

  • Access Restriction: Access to personal data is limited exclusively to authorized Municipality personnel and IMMAGINA ADV technicians, who are bound by confidentiality obligations.

  • Data Breach: In the event of a data breach (hacker attack or accidental loss), the Data Controller undertakes to notify the Data Protection Authority and the interested parties within the timeframes and methods set forth in Articles 33 and 34 of the GDPR.

7. Warranties and Limitation of Liability

  • Use of the "CityHand" Platform and Web App is the user's sole responsibility. The Municipality of Pozzallo and the Technical Manager, IMMAGINA ADV, are committed to maintaining the system's efficiency. However, the following limitations apply:

  • Service Availability: The Platform is provided "as is" and "as available." Despite the adoption of advanced security measures, uninterrupted or error-free service is not guaranteed. Operational continuity is strictly dependent on the regular renewal of third-party services (Wix Hosting and Aruba Domain); failure by the Organization to renew them annually will result in the cessation of public accessibility, without liability for the Technical Manager.

  • Accuracy of Information: Although the content is carefully curated, the Municipality is not responsible for any inaccuracies regarding event schedules, third-party ticket prices, or program changes not communicated promptly by external organizers.

  • Use of Mobile Devices: The Municipality and the Technical Manager decline all responsibility for damage to persons or property resulting from the use of the Web App while physically navigating the territory (e.g., distraction while driving or walking). Users are required to comply with the Highway Code and common safety rules.

  • Technical Malfunctions: In accordance with the "Basic Support" agreement, IMMAGINA ADV's liability is limited to restoring existing functionality in the event of a malfunction. It is not liable for indirect damages, data loss, or malfunctions due to force majeure or technical problems with global infrastructure (Wix/Aruba).

  • External Links: The Platform may contain links to third-party websites. The Municipality has no control over these websites and is not responsible for their content or privacy policies.

8. Indemnity

You agree to indemnify, hold harmless, and defend the Municipality of Pozzallo, as well as the Technical Manager IMMAGINA ADV di Candiano Marcello, its employees, collaborators, and suppliers, from any claims, damages, liabilities, losses, costs, or expenses (including reasonable legal fees) arising from:

  • A) Violation of the Terms: Any use of the Platform and the Web-App that violates these Terms and Conditions or the Privacy Policy.

  • B) Violation of Third Party Rights: Any action by the user that violates the intellectual, industrial property or privacy rights of other parties.

  • C) Improper Use of Content: The unauthorized or illegal use of the texts, images, or technical data (e.g. reverse engineering of the Web App) on the site.

  • D) Content Posting: Any damage caused by comments, messages, or files uploaded by the user through the contact forms or interactive areas of the Platform.

Under no circumstances will the Municipality or the Technical Manager be liable to the user or third parties for indirect, punitive, or incidental damages resulting from the user's negligent conduct while using the digital services.

9. Dispute Resolution (ODR) and Jurisdiction

In the event of any dispute arising from the interpretation or execution of this Privacy Policy and the Terms of Use, the Municipality of Pozzallo and the User undertake to seek an amicable and amicable solution.

  • Online Dispute Resolution (ODR): In accordance with Article 14 of EU Regulation No. 524/2013, consumers are informed that the European Commission has established an online platform for resolving disputes (ODR - Online Dispute Resolution) arising from online purchases of goods or services. The platform is accessible at the following address: https://ec.europa.eu/consumers/odr/ .

  • Mediation: If an amicable resolution is not possible, the parties may resort to mediation procedures provided for by current Italian legislation.

  • Applicable Law: All legal relationships arising from the use of the Platform are governed exclusively by Italian law.

  • Competent Court: For any dispute that cannot be resolved out of court, the Court of Ragusa will have exclusive jurisdiction, without prejudice to the mandatory jurisdiction of the consumer (the user's place of residence or domicile) if applicable pursuant to the Consumer Code.

bottom of page