Privacy policy

Pertinent to the use of the Comune di Milano websites and interrelated services
PERSONAL DATA PROTECTION CODE - Article 13 of Legislative Decree n.196 /June 30th, 2003
In concordance with the principles set forth in the Legislative Decree n.196 /June 30th, 2003 (Personal data protection code), the Comune di Milano offers users the resources to interact with its portal in order to consult or make use of the relative services available that can be accessed at corresponding to the home page of the Turismo del Comune di Milano official website (Municipality of Milan - Official Tourism Website). 

In addition to outlining the administration procedures for the site, in accordance with art.13 of the aforementioned "code", this document also intends to inform users who connect to the Comune di Milano portals upon the processing procedures for personal data in use and the relevant statutory warranties.

This information is provided exclusively for the Turismo del Comune website and not for any other websites that can be accessed via links.

Purposes of processing
Personal data will be processed in relation to the services offered by the Comune di Milano through its portal exclusively for the purposes that are within the institutional duties of the Administration or pertaining to procedures required by law or regulation. Within the context of these objectives the processing will also comprise data relative to enrolments/registrations on the portal necessary for managing relations with the Comune di Milano, as well as to facilitate effective official communication and to comply with any possible legal, regulatory or contractual obligations.

Place and methods of processing
The processing of the data related to the website services will be carried out predominantly at the Comune di Milano headquarters and with the cooperation of other individuals specifically designated as controllers. The data is processed for the length of time strictly necessary to achieve the objectives, including by the use of automated tools in compliance with security measures to prevent data loss, illicit or incorrect use and unauthorised access.

The data will only be processed by personnel, mainly technical operators in charge of the processing, or by other employees assigned to carry out periodical maintenance, according to the principles of fairness, legality, transparency and relevance and  is limited to the purpose of collection and subsequent processing. 

The personal information provided by users who register or use the services of the Comune di Milano website and provide references - such as name, surname, address, telephone number and email address - may be used for other processing operations that are compatible with the purposes of the collection such as sending official and public communications via email. 

The personal data of users who request documents or information (newsletters, replies to questions, acts and regulations etc.) will only be used to carry out the service or assistance requested and will be communicated to third parties only when necessary for a required purpose (for example, shipping services and transport).

The data related to the online service may not be shared or sold unless the provisions of law or regulations state otherwise.

Type and nature of data processed

Navigation data

Access to the site involves recording data used for the sole purpose of collecting statistical information or to ensure the correct mode of operation.
The data collected comprises IP addresses and/or domain names of the computers operated by users connecting to the site, the URI (Uniform Resource Identifier) of the requested resources, the time of request, the method used in submitting the request to the server, the file size obtained in response, the numerical code indicating the status of response provided by the server (successful, error, etc.) and other parameters relating to the user’s operating system and IT environment.
Such data is not gathered in order to be associated with identified data subjects but, by its nature, could enable identification of users through processing and association with data held by third parties, especially when it is necessary to ascertain responsibility in case of hypothetical computer crimes that harm the site. 

Data provided voluntarily by the user

The elective, explicit and voluntary sending of the user’s email to the addresses indicated in the different access channels of the website and the compilation of the data entry formats (input masks) entail the acquisition of the sender's email address, necessary for responding to requests, and to any other data included in the communication.

In this case, the data collected will be used exclusively to respond to the user’s requests, for example, information on the use of a service, advice on problems connecting to the site, information about navigational problems on the site, guidance for access problems to the site or to the user’s account. In order to better examine the request the users may be contacted by email, telephone or by other means of communication by an Admin operator.

A summary of the specific information will be reported or displayed on the web pages dedicated to the particular services on request.

Obligation or option to provide data
Aside from what has been specified for the navigation data, the user is free to provide his/her personal data contained in the application forms or indicated in contacts with the Municipality of Milan to request any communication or any documentation.

Failure to provide the data (i.e. personal details, email address, telephone number) necessary to activate the service may make it impossible to fulfil the request.

Owner and manager of the personal data processed
The Owner of the personal data processed through the website is the Comune di Milano, based in Milan in Piazza della Scala, 2. The manager of the personal data processed is the Municipality of Milan, Milano piazza della Scala, 2.


By contacting the owner of the site the users/data subjects can at any time exercise the rights listed in art. 7 of Legislative Decree no. 196/2003 provided below in its entirety:

Art. 7 Legislative Decree no. June 30th, 2003, n. 196

1. A data subject shall have the right to obtain confirmation as to whether or not personal data concerning him/her exist, regardless of the data being already recorded, and communication of such data in intelligible form. 

2. A data subject shall have the right to be informed:

a) of the source of the personal data;
b) of the purposes and methods of the processing;
c) of the logic applied to the processing, if the latter is carried out with the help of electronic means;
d) of the identification data concerning the data controller, the data processors and the representative designated under article 5, paragraph 2;
e) of the entities or categories of entity to whom or which the personal data may be communicated and who or which may access said data in their capacity as designated representatives in the State’s territory as data processors or persons in charge of the processing. 

3. A data subject shall have the right to obtain: 

a) updating, rectification or, where interested therein, integration of the data; 
b) deletion, transformation into an anonymous context or blocking of data that has been processed unlawfully, including data whose withholding is not necessary for the purposes for which it has been collected or subsequently processed;
c) a guarantee to the effect that the processes as per letters a) and b) have been notified, as also related to their contents, to the entities to whom or which the data was communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected. 

4. A data subject shall have the right to object, in whole or in part:

a) for legitimate reasons to the processing of personal data concerning him/her pertinent to collection purposes;
b) to the processing of personal data concerning him/her where it is carried out for the purpose of sending advertising materials, direct sales, market research or commercial communication surveys.

Under article 13 of the Code for the Protection of Personal Data (Legislative Decree no. 196/2003) the interested parties are informed that the processing of data provided directly through the web portal in order to make use of the services offered or acquired for this purpose is carried out by the Comune di Milano, as Owner of the data processor, and its sole objective is to carry out activities related to the management of official communications comprising sending messages via email to email addresses provided at the time of registration/enrolment on the portal.

The processing of personal data will, therefore, be carried out with the use of automated procedures in the manner, and to the extent necessary, to pursue the objectives and to ensure the security and confidentiality of the data.

The personal information provided during registration/enrolment on the portal (name, surname, address, telephone numbers, email etc.) will be used by the email communication services.

The provision of data is compulsory and any refusal precludes the possibility of making use of the services provided by the Comune di Milano.

The aforementioned data may also be used for sending official communications not closely related to the service on the portal but compatible with institutional purposes.

Those concerned reserve the right to request cancellation of the email communication services at any time.

The processing will be undertaken by the entities responsible for its procedure and designated as agents.

The data collected is not subject to disclosure to third parties with the exception of those involved in the management process who have been properly identified and designated as data processors.

The persons concerned have rights recognised under art. 7 of the aforesaid Code, in particular, the right of access to personal data relating to themselves, to request correction, updating and deletion if incomplete, incorrect or collected in violation of the law and to oppose its processing for legitimate reasons by addressing the request to the Comune di Milano as the Data Owner. 

1. Cookies
Cookies are text files that the sites visited by users send to their terminals and that are retransmitted to the same sites on the next visit. Cookies can be divided into two main categories: "technical cookies" and "cookie profiling". 

1.1 Technical Cookies
The Comune di Milano website uses technical cookies to enable safe, fast and efficient browsing of the website and to provide users with the services requested. The prior consent of the user is not required for the installation of these cookies.

1.1.1 Technical Session Cookies 
Session cookies are used for the navigation and for the authentication to online services and restricted areas. The use of these cookies (which are not stored permanently on the user's computer and are erased when the browser is closed) is strictly limited to transmitting session identifiers (consisting of random numbers generated by the server) necessary to enable effective navigation on the site.

The session cookies used on this site refrain from the use of other information technologies that could compromise the privacy of the users and do not allow the acquisition of personal identification data.

The use of persistent cookies is strictly limited to the acquisition of statistical data that is strategic for understanding the level of use of our site.

1.1.2 Analytical Cookies
Analytical cookies are assimilated to technical cookies and are used to collect information - in an anonymous and aggregated way - on the number of users and how they visit the site. The data obtainable from these cookies is managed by the Comune di Milano, as manager of the site, solely for statistical purposes and for the development of reports on the use of the site.

1.2 Profile Cookies 
The site does not use profile cookies, i.e.cookies intended to create profiles on the user in order to send advertising messages matched to preferences indicated during navigation on the Comune di Milano website.

No personal user data is intentionally acquired from the site. 

1.3 Third Party Cookies

For the use of certain services or apps on the Comune di Milano portal, third-party cookies may be installed on the user’s terminal by means of the Comune di Milano’s website which adhere to the obligations of information and consent.

Cookies installed on the Comune di Milano’s website for services provided by third parties are attributable to:

YouTube, Google Maps
2. How to disable individual cookies (opt-out)

2.1 AddThis
This cookie can be disabled at 

3. How to disable  the cookies from the browser settings
Most browsers automatically accept cookies but you have the option of refusing them. If you do not want to receive or store cookies you can modify your browser’s security settings (Internet Explorer, Google Chrome, Mozilla Firefox, Safari, Opera, etc ...). Each browser has different procedures for managing your settings:

3.1 Microsoft Internet Explorer
Go to “Tools” and select “Internet options”. In the pop up window select “Privacy” and adjust the cookie settings or use the following links: 

3.2 Google Chrome for Desktop
Select “Settings” then “Show advanced settings”, in the “Privacy”  section select “Content Settings” and adjust the cookie settings or use the following links: 

3.3 Google Chrome for mobile phones
Access via the following links: 

3.4 Mozilla Firefox
Select “Options” and in the pop up window select “Privacy” to adjust the cookie settings or use the following links: 

3.5 Apple Safari
Select “Preferences” and then “Security” to adjust the cookie settings or use the following links: 

3.6 Opera
Select “Preferences” then “Advanced” then “Cookies” to adjust the cookie settings or use the following links: 

3.7 Android native browser
Select “Settings”, then “Privacy” and select or deselect the “Accept cookie” option.

For browsers other than those listed above please refer to the relative guide to identify options for managing cookies.