Pursuant to Art. 13 of Regulation (EU) 2016/679 on the protection of individuals with regard to the processing of personal data and the recommendation regarding certain minimum requirements for the online collection of personal data in the EU
  1. Data controller
The Data Controller for the processing of personal data is the Betrieb Landesmuseen [Department of Provincial Museums], which operates through the South Tyrol Museum of Mining.
Department of Provincial Museums
E-mail address:
Tel. +39 0471 320162
South Tyrol Museum of Mining
E-mail address:
Tel. +39 0472 055085
Data Protection Officer (DPO)
The contact details of the Data Protection Officer (DPO) are as follows:
Renorm GmbH
E-mail address:
Tel. +39 0471/1882777
This privacy policy statement is intended to provide information on the processing, purposes, methods and, in general, management of personal data collected through the website (hereinafter the “website”). This privacy policy statement applies only to this website and therefore excludes additional pages that may be accessed via any link.
  1. Purpose of data processing and legal basis for processing
The Data Controller guarantees, within the limits of the law, that the processing of personal data will be carried out in respect of the fundamental rights and freedoms as well as in respect of the dignity of the data subject, with particular reference to confidentiality, personal identity and the right to the protection of personal data.
In accordance with the conditions of lawfulness provided for in Article 6, GDPR 2016/679, the personal data you provide via the website may only be processed for the following purposes:
a)            management of reservations
processing is necessary for the performance of a contract to which the data subject is a party or for the implementation of pre-contractual measures (Art. 6, para. 1, sentence 1, (b)).
b)           newsletter subscriptions
the data subject has given his/her consent to the processing of personal data relating to him/her for one or more specific purposes (Art.6, para.1, sentence 1, (a)).
c)            website browsing and improvement
more details on these purposes and data types can be found in the Cookie Policy section.
  1. Type of data processed
The following categories of personal data may be processed for the purposes mentioned above:
a.            generic personal data (e.g. first name, last name, phone number and email address).
  1. Data processing methods
Data processing is carried out:
a.            by staff members who are authorised to carry out processing activities;
b.            using manual and electronic systems;
c.            by persons who are legally authorised to carry out these tasks;
d.            with appropriate organisational and technical measures to ensure the confidentiality of the data and to prevent access by unauthorised third parties.
We would also inform you that your data will not be subject to automated decision-making processes.
  1. Retention of personal data
The data you provide will be kept for as long as is strictly necessary for the realisation of the relevant purposes, in particular:
reservation management: max. 10 years in accordance with the retention periods for accounting, tax and administrative records (Art. 2200 of the Italian Civil Code).
newsletter: until cancellation
website navigation and improvement: see Cookie Policy
  1. Distribution and disclosure of personal data
Your personal data will not be distributed; however, it may be disclosed to third parties in the following cases:
a.            public administrations and authorities, if provided for by law;
b.            service providers and third parties that have a contractual relationship with the Data Controller, who have been appointed as “processors” in accordance with Article 28 of the GDPR, and who are obliged to comply with the data protection obligations on the basis of a specific agreement with the Data Controller;
c.            legal entities that are entitled to access the data on the grounds of legal and administrative regulations.
  1. Rights of the data subject
You have the right to assert your rights with respect to the Data Controller as set out in Article 15 ff. of the GDPR 2016/679, namely:
-              information regarding personal data;
-              the right to rectification and erasure (“right to be forgotten”) of personal data;
-              the right to the restriction of processing;
-              the right to data portability;
-              the withdrawal of consent to the processing of personal data.
If you believe that your rights have been violated, you have the right to file a complaint with the Italian Data Protection Authority: