Etnaland Policy
Privacy Notice – Video Surveillance of Outdoor Areas
Pursuant to Article 13 of Regulation (EU) 2016/679 and Article 4 of Law no. 300/1970
The undersigned, Dr. Francesco Russello, in his capacity as legal representative of Etnaland s.r.l., with registered office in c.da Agnelleria s.n., Belpasso (CT), Italy, hereby informs data subjects about the installation of a video surveillance system in the outdoor areas of the Etnaland amusement park, for the purpose of meeting security requirements.
Below is the privacy notice concerning the processing of data collected through the use of the video surveillance system.
1. Data Controller
The Data Controller is Etnaland s.r.l., VAT No. 01544040841, with registered office in Belpasso, c.da Agnelleria s.n., Italy.
The Data Controller may be contacted by email at info@etnaland.eu.
2. Nature of the data processed and purposes of processing
The data processed by the Data Controller are those acquired through the video surveillance system installed to monitor the outdoor areas of the amusement park.
The purposes for which such data are processed mainly concern security needs and the prevention of unlawful acts.
3. Legal basis for processing
Pursuant to Article 6 of the GDPR, the legal basis for processing is the legitimate interest of the Data Controller, who records images in order to collect possible evidence and to protect people and property against possible assaults, theft, robbery, damage, acts of vandalism, as well as for fire prevention purposes.
4. Processing methods and data retention period
The company uses a closed-circuit video surveillance system operating 24 hours a day.
Images are recorded and stored exclusively by authorized surveillance personnel and are deleted within 72 hours of collection, except for any extensions due to holidays or closure periods.
Images may be viewed only by authorized personnel or by judicial or police authorities.
Personal data shall be processed in compliance with the fundamental rights and freedoms of individuals and with human dignity, with particular reference to confidentiality, personal identity and the protection of personal data.
5. Communication and/or disclosure of data
The data shall not be disclosed, sold or shared with third parties, except where necessary with public security authorities.
6. Rights of the data subject
The rights granted to you under the GDPR include the right to:
- request from the Data Controller access to your personal data and information relating to such data; rectification of inaccurate data or completion of incomplete data; erasure of personal data concerning you, where one of the conditions set out in Article 17(1) of the GDPR applies and subject to the exceptions provided for in Article 17(3); restriction of processing where one of the cases set out in Article 18(1) of the GDPR applies;
- request and obtain from the Data Controller, where the legal basis of the processing is a contract or consent, and the processing is carried out by automated means, your personal data in a structured, commonly used and machine-readable format, also for the purpose of transmitting such data to another controller (the so-called right to data portability);
- object at any time to the processing of your personal data where particular circumstances relating to your situation apply;
- withdraw consent at any time, limited to cases in which the processing is based on your consent for one or more specific purposes and concerns ordinary personal data or special categories of personal data.
Processing carried out on the basis of consent before its withdrawal shall remain lawful; - lodge a complaint with a supervisory authority (Italian Data Protection Authority).