top of page
Textured Paper_edited.jpg

Privacy Policy

Pursuant to EU Regulation 2016/679 (GDPR)

Last updated: April 17, 2026

Nova Pro Loco Pozzallo APS, as Data Controller, informs users that the platform prolocopozzallo.it was developed using the technological infrastructure of Wix.com. The methods for managing personal data are described below, with particular attention to their security and physical conservation.

1. Data Controller and Data Processors

  • Data Controller: Nova Pro Loco Pozzallo APS -​ Headquarters: Via Buonarroti 5, Pozzallo, Italy, 97016 (RG)

  • Technical Manager: IMMAGINA ADV of Candiano Marcello.

  • Data Protection Officer (DPO): Antonio Boschetti President Nova Proloco Pozzallo Aps

  • Infrastructure Provider (Sub-processor): Wix.com Ltd.

  • Contacts: For any request relating to the data, you can write to: novaprolocopozzallo2023@gmail.com

2. Technological Infrastructure and Physical Data Storage

The Platform and the related Web-App are created through the Wix Studio professional development environment. The software architecture and data storage make use of a multi-level cloud infrastructure that guarantees scalability and security.

  • Infrastructure Responsibility: The physical storage of data is entrusted to Wix.com Ltd. (sub-processor), which operates as a global cloud service provider. Data is hosted in highly reliable data centers located in the United States, Ireland, Israel and other selected regions to ensure maximum access speed and data redundancy.

  • Data Center Security: Physical servers are protected by state-of-the-art security measures, including 24/7 surveillance, biometric access controls and fire/flood systems certified to ISO 27001 and ISO 27018 standards.

  • Physical and Logical Protection: * PCI DSS Certification: Since the platform manages paid events, the infrastructure complies with the strict Payment Card Industry Data Security Standard, ensuring that payment data is isolated and encrypted.

    • Data Residency and GDPR: The transfer of data to servers located outside the European Economic Area (EEA) takes place in full compliance with Chapter V of the GDPR, through the adoption of the Standard Contractual Clauses (SCC) of the European Commission, ensuring that the level of protection of the citizens of Pozzallo is never lower than community standards.

  • Backup and Disaster Recovery: The system provides automatic and daily database backups. In the event of technical failures of the main servers, the infrastructure is configured for rapid recovery (Disaster Recovery) in order to minimize downtime of the tourist service.

  • Integration with Native and Third Party Apps: The platform uses Wix's proprietary APIs and third-party widgets (e.g. Google Maps for POI navigation). Each supplier is selected based on compliance with the safety standards required by Italian and European law.

3. Third Party Apps

The Platform prolocopozzallo.it  integrates services and applications provided by third parties to enrich the user experience and guarantee advanced features (interactive maps, payments, statistics).

  • Type of Integrations: The Web-App uses APIs and plugins from industry-leading suppliers, including, but not limited to:

    • Mapping Services (e.g. Google Maps): To allow the display of Points of Interest (POI) and assisted navigation. These services may collect data about the user's IP and location according to their policies.

    • Payment Gateway (e.g. Stripe, PayPal): For the secure management of ticket transactions. These suppliers operate as autonomous data controllers; no sensitive credit card data is displayed or stored on the IMMAGINA ADV or Nova Proloco Pozzallo APS servers.

    • Social widgets (e.g. Meta, Instagram): For viewing photo feeds of the city. Interaction with these widgets involves the exchange of cookies managed by the respective social networks.

  • Responsibility for Processing: The user is informed that the activation of these services involves direct interaction with the servers of third-party suppliers. Nova Proloco Pozzallo APS and IMMAGINA ADV do not have direct control over the methods of data processing carried out by these subjects, but undertake to select exclusively partners who guarantee high standards of security and compliance with the GDPR.

  • User Consent: The activation of some functions (such as geolocation via browser) requires specific consent which the user can provide or revoke at any time via the settings of their device or the Platform's cookie banner.

  • Links to External Sites: Within the Blog or POI tabs there may be links to sites of local partners or territorial competitors. This Privacy Policy does not extend to such external sites; The user is invited to consult the privacy policies of the respective owners before browsing.

4. Purpose and Legal Basis

Personal data are collected and processed for the following purposes, based on the relevant legal bases provided for by the GDPR:

A) Provision of Platform and Web App services:

  • Purpose: To allow navigation, use of the Web App, consultation of Points of Interest (POI) and interaction with maps.

  • Legal basis: Execution of a contract of which the interested party is a party or execution of pre-contractual measures (Art. 6, par. 1, letter b, GDPR)

B) Event Management and Ticketing (Free and Paid):

  • Purpose: To manage reservations and the sale of admission tickets for cultural events and the sending of related confirmations.

  • Legal basis: Execution of contractual and tax obligations (Art. 6, par. 1, letters b and c, GDPR).

C) Institutional and Information Communication (Newsletter):

  • Purpose: To send updates on tourist, cultural and social initiatives in the city of Pozzallo.

  • Legal basis: The explicit consent of the interested party, provided through the optional tick in the registration forms (Art. 6, par. 1, letter a, GDPR).

D) Geolocation for Urban Navigation:

  • Purpose: To allow the user to view their position in relation to the city's monuments and services in real time.

  • Legal basis: Explicit consent provided by the user via the settings of the browser or mobile device (Art. 6, par. 1, letter a, GDPR).

E) Security and Fraud Prevention:

  • Purpose: Technical monitoring, antivirus scanning and firewall protection to prevent cyber attacks and illicit uses of the platform.

  • Legal basis: Legitimate interest of the Data Controller in guaranteeing the security of the system and the data processed (Art. 6, par. 1, letter f, GDPR).

5. Protection of Minors

TheNova Proloco Pozzallo APS recognizes the importance of protecting the privacy of minors, in particular in the context of the services offered.

  • Age Limit for Registration: Registration on the platform, the creation of a "member" account and the purchase of tickets for events are reserved exclusively for users who are at least 18 years of age.

  • Digital Consent (14 years): In accordance with Italian legislation, minors who have reached the age of 14 can independently give consent to the processing of their data exclusively for information services (e.g. subscription to the Newsletter).

  • Children's Services (Under 14 years): For participation in workshops, reading groups or events dedicated to children under 14 organized by the Library, the processing of personal data is permitted only with the explicit and documented consent of parents or legal guardians.

  • Parental Responsibility: We invite parents to monitor their children's use of the Web App, especially with regards to the live geolocation function during urban navigation.

  • Exercise of Rights: If a parent finds that their child has provided personal data without consent, they can request immediate cancellation by writing to novaprolocopozzallo2023@gmail.com

6. Security and Data Protection

Nova Proloco Pozzallo APS and the Technical Manager (IMMAGINA ADV) adopt rigorous technical and organizational security measures to protect data from unauthorized access, accidental loss, destruction or damage.

  • Network Infrastructure: The platform is hosted on Wix servers, which guarantee compliance with international security standards PCI DSS (for payments) and ISO 27001.

  • Encryption: All communications between the user's browser and the Platform take place via HTTPS (SSL/TLS) encrypted protocol, ensuring that the data entered in the forms (contacts, reservations, payments) cannot be intercepted.

  • Active Defense: As foreseen by the technical plan of the "Pozzallo Nata sul Mare" project, the system is protected by:

    • Advanced Firewall: For filtering traffic and preventing DDoS attacks or intrusion attempts.

    • Antivirus and Malware Scanning: Periodic monitoring of databases and source code to identify and neutralize cyber threats.

  • Access Limitation: Access to personal data is limited exclusively to authorized personnel of the Municipality and IMMAGINA ADV technicians, bound by confidentiality obligations.

  • Data Breach: In the event of a data breach (hacker attack or accidental loss), the Data Controller undertakes to notify the event to the Guarantor Authority and to the interested parties within the times and in the manner provided for by the articles. 33 and 34 of the GDPR.

7. Warranties and Limitation of Liability

  • The use of the Platform and the Web App is under the responsibility of the user. TheNova Proloco Pozzallo APS and the Technical Manager IMMAGINA ADV are committed to maintaining the system efficient, however the following limitations apply:

  • Availability of the Service: The Platform is provided on an "as is" and "as available" basis. Despite the implementation of advanced security measures, the service is not guaranteed to be uninterrupted or error-free. Operational continuity is strictly linked to the regular renewal of third-party services (Wix Hosting and Aruba Domain); failure to renew the annual renewal by the Institution will result in the cessation of public accessibility, without liability for the Technical Manager.

  • Accuracy of Information: Although the contents are edited with the utmost attention, Nova Proloco Pozzallo APS is not responsible for any inaccuracies regarding event times, third-party ticket prices or program changes not communicated promptly by external organizers.

  • Use of Mobile Devices: TheNova Proloco Pozzallo APS and the Technical Manager decline any responsibility for damage to people or things resulting from the use of the Web App during physical navigation in the area (e.g. distraction while driving or walking). The user is required to respect the rules of the Highway Code and common rules of prudence.

  • Technical Malfunctions: In line with the "Basic Support" provided for in the contract, IMMAGINA ADV's liability is limited to restoring existing functionality in the event of a failure. We are not responsible for indirect damages, data losses or malfunctions due to force majeure or technical problems of global infrastructures (Wix/Aruba).

  • External Links: The Platform may contain links to third-party sites. Nova Proloco Pozzallo APS does not exercise any control over such sites and is not responsible for their contents or their privacy policies.

8. Indemnity

The user agrees to indemnify, indemnify and defendNova Proloco Pozzallo APS, as well as the Technical Manager IMMAGINA ADV of Candiano Marcello, its employees, collaborators and suppliers, from any claim, damage, liability, loss, cost or expense (including reasonable legal fees) arising from:

  • A) Violation of the Terms: Any use of the Platform and the Web-App that contravenes these Terms and Conditions or the Privacy Policy.

  • B) Violation of Third Party Rights: Any action by the user that violates the intellectual or industrial property rights or privacy of other parties.

  • C) Improper Use of Contents: The unauthorized or illegal use of texts, images or technical data (e.g. reverse engineering of the Web-App) present on the site.

  • D) Insertion of Contents: Any damage caused by comments, messages or files uploaded by the user via the contact forms or interactive areas of the Platform.

In no event willNova Proloco Pozzallo APS or the Technical Manager be liable towards the user or third parties for indirect, punitive or incidental damages resulting from negligent conduct of the user during the use of the digital services.

9. Dispute Resolution (ODR) and Competent Court

In the event of disputes arising from the interpretation or execution of this Privacy Policy and the Terms of Use,Nova Proloco Pozzallo APSand the User undertake to seek a friendly and good-natured solution.

  • Online Resolution (ODR): In accordance with art. 14 of EU Regulation no. 524/2013, the consumer user is informed that the European Commission has established an online platform for the resolution of disputes (ODR - Online Dispute Resolution) arising from purchases of goods or services online. The platform is accessible at the following address: https://ec.europa.eu/consumers/odr/.

  • Mediation: If an amicable resolution is not possible, the parties may resort to mediation procedures provided for by current Italian legislation.

  • Applicable Law: All legal relationships deriving from the use of the Platform are governed exclusively by Italian Law.

  • Competent Court: For any dispute that cannot be resolved out of court, the Court of Ragusa will have exclusive jurisdiction, without prejudice to the mandatory court of the consumer (place of residence or domicile of the user) if applicable pursuant to the Consumer Code.

bottom of page