top of page
Textured paper background

Privacy Policy

Pursuant to EU Regulation 2016/679 (GDPR)

Last updated: January 17, 2026

The Municipality of Pozzallo, as Data Controller, informs users that the "Pozzallo Nata sul Mare" platform was developed using the technological infrastructure of Wix.com. The methods for managing personal data are described below, with particular attention to their security and physical conservation.

1. Data Controller and Data Processors

  • Data Controller: Municipality of Pozzallo, Corso Vittorio Veneto, 97016 Pozzallo (RG).

  • Technical Manager: IMMAGINA ADV of Candiano Marcello.

  • Data Protection Officer (DPO): __________________________________ (to be filled in by the Municipality, e.g. dpo@comune.pozzallo.rg.it).

  • Infrastructure Provider (Sub-processor): Wix.com Ltd.

  • Contacts: For any request relating to data, you can write to:cultura@comune-pozzallo-rg.it

2. Technological Infrastructure and Physical Data Storage

The Platform and the related "CityHand" Web-App are created through the Wix Studio professional development environment. The software architecture and data storage make use of a multi-level cloud infrastructure that guarantees scalability and security.

  • Infrastructure Responsibility: The physical storage of data is entrusted to Wix.com Ltd. (sub-processor), which operates as a global cloud service provider. Data is hosted in highly reliable data centers located in the United States, Ireland, Israel and other select regions to ensure maximum access speed and data redundancy.

  • Data Center Security: Physical servers are protected by state-of-the-art security measures, including 24/7 surveillance, biometric access controls and fire/flood systems certified to ISO 27001 and ISO 27018 standards.

  • Physical and Logical Protection: * PCI DSS Certification: As the platform manages paid events, the infrastructure complies with the strict Payment Card Industry Data Security Standard, ensuring that payment data is isolated and encrypted.

    • Data Residency and GDPR: The transfer of data to servers located outside the European Economic Area (EEA) takes place in full compliance with Chapter V of the GDPR, through the adoption of the Standard Contractual Clauses (SCC) of the European Commission, ensuring that the level of protection of the citizens of Pozzallo is never lower than community standards.

  • Backup and Disaster Recovery: The system provides automatic and daily database backups. In the event of technical failures of the main servers, the infrastructure is configured for rapid recovery (Disaster Recovery) in order to minimize downtime of the tourist service.

  • Integration with Native and Third Party Apps: The platform uses Wix's proprietary APIs and third-party widgets (e.g. Google Maps for POI navigation). Each supplier is selected based on compliance with the safety standards required by Italian and European law.

3. Third Party Apps

The "Pozzallo Nata sul Mare" Platform integrates services and applications provided by third parties to enrich the user experience and guarantee advanced features (interactive maps, payments, statistics).

  • Type of Integrations: The Web-App uses APIs and plugins from industry-leading suppliers, including, but not limited to:

    • Mapping Services (e.g. Google Maps): To allow the display of Points of Interest (POI) and assisted navigation. These services may collect data about your IP and location according to their policies.

    • Payment Gateway (e.g. Stripe, PayPal): For the secure management of ticket transactions. These suppliers operate as autonomous data controllers; no sensitive credit card data is displayed or stored on the servers of IMMAGINA ADV or the Municipality of Pozzallo.

    • Social Widget (e.g. Meta, Instagram): For viewing photo feeds of the city. Interaction with these widgets involves the exchange of cookies managed by the respective social networks.

  • Responsibility for Processing: The user is informed that the activation of these services involves direct interaction with the servers of third-party suppliers. The Municipality of Pozzallo and IMMAGINA ADV do not have direct control over the methods of data processing carried out by these subjects, but are committed to exclusively selecting partners who guarantee high standards of security and compliance with the GDPR.

  • User Consent: The activation of some functions (such as geolocation via browser) requires specific consent which the user can provide or revoke at any time via the settings of their device or the Platform's cookie banner.

  • Links to External Sites: Inside the Logbook or POI cards there may be links to sites of local partners or territorial competitors. This Privacy Policy does not extend to such external sites; The user is invited to consult the privacy policies of the respective owners before browsing.

4. Purpose and Legal Basis

Personal data is collected and processed for the following purposes, based on the relevant legal bases provided for by the GDPR:

A) Provision of the Platform and Web App services:

  • Purpose: To allow navigation, use of the "CityHand" Web App, consultation of Points of Interest (POI) and interaction with maps.

  • Legal basis: Execution of a contract of which the interested party is a party or execution of pre-contractual measures (Art. 6, par. 1, letter b, GDPR)

B) Event Management and Ticketing (Free and Paid):

  • Purpose: Manage reservations and the sale of admission tickets for cultural events and the sending of related confirmations.

  • Legal basis: Execution of contractual and tax obligations (Art. 6, par. 1, letters b and c, GDPR).

C) Institutional and informative communication (Newsletter):

  • Purpose: To send updates on tourist, cultural and social initiatives in the city of Pozzallo.

  • Legal basis: The explicit consent of the interested party, provided through the optional tick in the registration forms (Art. 6, par. 1, letter a, GDPR).

D) Geolocation for Urban Navigation:

  • Purpose: To allow the user to view their position in relation to the city's monuments and services in real time.

  • Legal Basis: The explicit consent provided by the user via the settings of the browser or mobile device (Art. 6, par. 1, letter a, GDPR).

E) Security and Fraud Prevention:

  • Purpose: Technical monitoring, antivirus scanning and firewall protection to prevent cyber attacks and illicit uses of the platform.

  • Legal basis: Legitimate interest of the Data Controller in guaranteeing the security of the system and the data processed (Art. 6, par. 1, letter f, GDPR).

5. Protection of Minors

The Municipality of Pozzallo recognizes the importance of protecting the privacy of minors, in particular in the context of cultural services and the Municipal Library.

  • Age Limit for Registration: Registration on the platform, the creation of a "member" account and the purchase of tickets for events are reserved exclusively for users who are at least 18 years of age.

  • Digital Consent (14 years): In accordance with Italian legislation, minors who have reached the age of 14 can independently give consent to the processing of their data exclusively for information services (e.g. subscription to the Newsletter).

  • Services for Children (Under 14 years): For participation in workshops, reading groups or events dedicated to children under 14 organized by the Library, the processing of personal data is permitted only with the explicit and documented consent of parents or legal guardians.

  • Parental Responsibility: We invite parents to monitor their children's use of the Web App, especially regarding the live geolocation function during urban navigation.

  • Exercise of Rights: If a parent finds that their child has provided personal data without consent, they can request immediate cancellation by writing to cultura@comune-pozzallo-rg.it.

6. Security and Data Protection

The Municipality of Pozzallo and the Technical Manager (IMMAGINA ADV) adopt rigorous technical and organizational security measures to protect data from unauthorized access, accidental loss, destruction or damage.

  • Network Infrastructure: The platform is hosted on Wix servers, which guarantee compliance with international security standards PCI DSS (for payments) and ISO 27001.

  • Encryption: All communications between the user's browser and the Platform take place via the HTTPS (SSL/TLS) encrypted protocol, ensuring that the data entered into the forms (contacts, reservations, payments) cannot be intercepted.

  • Active Defense: As foreseen by the technical plan of the "Pozzallo Nata sul Mare" project, the system is protected by:

    • Advanced Firewall: For filtering traffic and preventing DDoS attacks or intrusion attempts.

    • Antivirus and Malware Scanning: Periodic monitoring of databases and source code to identify and neutralize cyber threats.

  • Limitation of Access: Access to personal data is limited exclusively to authorized personnel of the Municipality and IMMAGINA ADV technicians, bound by confidentiality obligations.

  • Data Breach: In the event of a data breach (hacker attack or accidental loss), the Data Controller undertakes to notify the event to the Guarantor Authority and to the interested parties within the times and in the manner provided for by the articles. 33 and 34 of the GDPR.

7. Warranties and Limitation of Liability

  • The use of the Platform and the "CityHand" Web App is under the responsibility of the user. The Municipality of Pozzallo and the IMMAGINA ADV Technical Manager are committed to keeping the system efficient, however the following limitations apply:

  • Service Availability: The Platform is provided on an "as is" and "as available" basis. Despite the implementation of advanced security measures, the service is not guaranteed to be uninterrupted or error-free. Operational continuity is strictly linked to the regular renewal of third-party services (Wix Hosting and Aruba Domain); failure to renew the annual renewal by the Institution will result in the cessation of public accessibility, without liability for the Technical Manager.

  • Accuracy of Information: Although the contents are treated with the utmost care, the Municipality is not responsible for any inaccuracies regarding event times, third-party ticket prices or program changes not communicated promptly by the external organizers.

  • Use of Mobile Devices: The Municipality and the Technical Manager decline any responsibility for damage to people or things resulting from the use of the Web App during physical navigation in the area (e.g. distraction while driving or pedestrian). The user is required to respect the rules of the Highway Code and common rules of prudence.

  • Technical Malfunctions: In line with the "Basic Support" provided for in the contract, IMMAGINA ADV's liability is limited to restoring existing functionality in the event of a failure. We are not responsible for indirect damages, data losses or malfunctions due to force majeure or technical problems of global infrastructures (Wix/Aruba).

  • External Links: The Platform may contain links to third party sites. The City has no control over these sites and is not responsible for their contents or their privacy policies.

8. Indemnity

The user agrees to indemnify, indemnify and defend the Municipality of Pozzallo, as well as the Technical Manager IMMAGINA ADV of Candiano Marcello, its employees, collaborators and suppliers, from any claim, damage, liability, loss, cost or expense (including reasonable legal fees) arising from:

  • A) Violation of the Terms: Any use of the Platform and the Web-App that contravenes these Terms and Conditions or the Privacy Policy.

  • B) Violation of Third Party Rights: Any action by the user that violates the intellectual or industrial property rights or privacy of other parties.

  • C) Improper Use of Contents: The unauthorized or illegal use of the texts, images or technical data (e.g. reverse engineering of the Web-App) present on the site.

  • D) Insertion of Contents: Any damage caused by comments, messages or files uploaded by the user via the contact forms or interactive areas of the Platform.

Under no circumstances will the Municipality or the Technical Manager be liable to the user or third parties for indirect, punitive or incidental damages resulting from the user's negligent conduct during the use of the digital services.

9. Dispute Resolution (ODR) and Competent Court

In the event of disputes arising from the interpretation or execution of this Privacy Policy and the Terms of Use, the Municipality of Pozzallo and the User undertake to seek an amicable and good-natured solution.

  • Online Resolution (ODR): In accordance with the art. 14 of EU Regulation no. 524/2013, the consumer user is informed that the European Commission has established an online platform for the resolution of disputes (ODR - Online Dispute Resolution) arising from purchases of goods or services online. The platform is accessible at the following address:https://ec.europa.eu/consumers/odr/

  • Mediation: If an amicable resolution is not possible, the parties may resort to mediation procedures provided for by current Italian legislation.

  • Applicable Law: All legal relationships deriving from the use of the Platform are governed exclusively by Italian Law.

  • Competent Court: For any dispute that cannot be resolved out of court, the Court of Ragusa will have exclusive jurisdiction, without prejudice to the mandatory court of the consumer (place of residence or domicile of the user) if applicable pursuant to the Consumer Code.

bottom of page