Data Protection and Privacy Policy

Data Protection and Privacy Policy

We are committed to handling your personal information responsibly and to protecting the privacy and security of the personal information that is provided to us or collected by us during the course of our business. With this Data Protection and Privacy Policy (hereinafter referred to as the “Policy”), the Locarno Film Festival (hereinafter referred to as the “Festival”) wishes to provide the public with information on the nature, scope and purpose of the data that it collects, uses and processes. In addition, the Festival also wishes to draw your attention to the rights that you have by means of this Policy. Kindly read the Policy of the Festival carefully before using or visiting (the natural person doing so hereinafter referred to as the “User” or the “Data Subject”, unless otherwise specified) the Festival’s services (hereinafter collectively referred to as the “Services”), namely when:

  • visiting the Festival’s website (www.locarnofestival.ch) or the official Festival App (hereinafter both referred to as the “Website”);
  • applying for a Festival accreditation, acquiring a Festival accreditation or a Festival ticket, accepting an invitation to make use of the Services as well as submitting a film for the Festival’s consideration;
  • contacting the Festival for recruitment purposes;
  • visiting or using any web-application or website made accessible by any staff member of the Festival referring to the present Policy;

 

  • providing any information to the Festival per email, phone, mail or in person when visiting the Festival’s premises or interacting in any manner with Festival’s staff;
  • participating to any Festival event, conference, class or movie presentation (hereinafter referred to as the “Event” or, collectively, the “Events”);
  • participating in competitions on the Website;
  • ordering or buying tickets or merchandise through the Locarno Film Festival Box Office (shop.locarnofestival.ch) and the Locarno Boutique (boutique.locarnofestival.ch) both online and on-site.

As a general rule, Data Subjects provide Personal Data (i.e. any information relating to an identified or identifiable natural person; hereinafter referred to as “Personal Data”) to the Festival. If Users provide us with Personal Data of other persons (family members, work colleagues, staff members, etc.), please make sure that Data Subjects are aware of this Policy. We kindly ask Users to provide us with Data Subjects’ Personal Data only if allowed to do so and under the condition that such Personal Data is correct.

In some cases, however, the Festival might collect Personal Data about Users from a third-party source, such as a government agency, an information or service provider or from public records.

By continuing to use the Festival’s website or any System making reference to this Policy you consent to the latter’s content.

1. Data Controller

Unless otherwise specified, the controller, i.e. the responsible person (hereinafter referred to as “Data Controller”) of the Personal Data of Services’ Users is:

Festival internazionale del film di Locarno
Via Franchino Rusca 1
CH-6601 Locarno
T. +41 91 756 21 21
privacy@locarnofestival.ch

2. Policy Statement

The Festival processes Personal Data with great care and only for the purpose of measuring and improving the performance of its Services, thereby being fully committed to ensure the rights Data Subjects are granted under the applicable data protection laws. The access and use of the Services are governed by this Policy, which applies to all Users and any other party accessing or using the Services. This Policy also governs the Festival’s collection of Data Subjects’ Personal Data (hereinafter referred to as “Data Collection”).

3. Legal basis

The legal basis for the Personal data Collection is determined by Swiss national laws, namely the Swiss Federal Data Protection Act (hereinafter referred to as “FADP”). The Festival – without being legally obliged – aligned its Policy with the EU General Data Protection Regulation 2016/679 (hereinafter referred to as “GDPR”) as the Services may be provided to Users outside of Switzerland.

4. Types of Personal Data collected

The Personal Data which can be object of the Data Collection might include:

  • email address;
  • first and last name;
  • phone number;
  • address;
  • city;
  • state and ZIP code;
  • biographical information;
  • information Users of the Services provide to the Festival for the purpose of attending meetings and events or being taken into consideration for a job offer;
  • users’ credit card details when purchasing through the Locarno Box Office online and on-site
  • date of order and of delivery of the item supplied through the Locarno Box Office online and on-site
  • details of Festival participants’ visits to the Festival’s offices, to their presence in the context of the Festival and its events (including participants’ being photographed or recorded during official Festival events);
  • cookies and usage data. Usage data include the IP address, the date and time of the access, the name and URL of the file accessed, the website from which the access is made (referrer URL), the browser used, the operating system of the computer used and the name of the access provider. The Festival’s use of this data allows a smooth connection setup, a comfortable use of the Services as well as a comprehensive evaluation of its system’s security and stability. Cookies and similar technologies, the latter often referred to as tracking data, assist in the context of user authentication, remembering Users preferences, illustrating how Users use the Services and managing as well as evaluating the effectiveness of the Festival’s marketing projects. Data Subjects are free to refuse all cookies. In this case Data Subjects might be unable to use parts of our Services. For further information as to Cookies, click here to read our Cookie Policy, which forms an integral part of this Policy

5. Use and processing of Personal Data

The Festival will not misuse any Personal Data provided by Users when using the Services. Primarily, the Festival’s Data Collection aims at concluding and processing contracts with Users of our Services as well as with business partners. In addition to the aforementioned and in light of its (or any third party’s) legitimate interest, the Festival might collect Personal Data of Users or other third parties for the purposes of:

  • analysing, developing and optimizing the Festival’s Services and its products, including behavioural targeting;
  • interacting with external social networks and platforms as well as accessing third-party accounts;
  • managing the Festival’s business relationship with Users or Users’ organizations, whether in connection with human resources and recruitment purposes, with the sale of goods and services or with the submission of a movie or any product or service for the Festival’s consideration;
  • registration and authentication as well as displaying content from external platforms and managing contacts or sending messages;
  • processing the Festival’s marketing and sponsorship policy, including organizing events and conferences;
  • market and opinion research;
  • securing the Festival’s business operations, including the Festival’s IT systems and its premises;
  • asserting legal claims and elaborating appropriate defence in the context of legal dispute;
  • preventing criminal offences or other misconduct;
  • complying with court orders and other mandatory regulatory requirements.

Data Subjects’ unambiguous consent forms the basis of Data Collection, which will be stopped as soon as the purpose of Data Collection ceases to apply; in any case the Festival will retain Personal Data only for as long as it is necessary for the purposes set out in and connected to this Policy.

In case Users have given the Festival their consent to process Personal Data for certain purposes, the Festival will limit the processing of such Personal Data according to such consent.

6. Personal data-related health security measures for Locarno74

In light of the current COVID-19 situation and due to the potential introduction of additional pandemic containment measures by the Federal Office of Public Health (FOPH), the Festival will record Visitors’ contact details for each of their visits to its Event or Services.

The Festival will store Visitors’ Personal Data as well as their seat number (if available) for 14 days. This Personal Data will be available upon request of the health authorities, who may request it in case of potential contact with an infected person. The authorities may contact Visitors and order quarantine measures.

Visitors will be considered point of contact for all the attendees (i.e. further Visitors) that will use the tickets associated to the primary Visitors’ order. Visitors’ Personal Data will not be used for any other purpose and will be destroyed 14 days after your last visit.

When the participation in an Event or Service is linked to the presentation of a valid Covid certificate, Visitors Personal health data won’t be accessible to the Festival in case of holders of the Swiss Covid certificate or EU Digital COVID Certificate. Personal health data of holders of other COVID certificates or proofs of vaccination or similar documents will only be stored as long as it is needed for verification purposes.

7. Methods of processing Personal Data

As concerns the methods of processing Personal Data, kindly click here to read our detailed information, which forms an integral part of this Policy.

8. Hosting, retention and transfer of Personal Data

The Festival has its legal seat in Locarno, Switzerland, and Services’ Users’ Personal Data are hosted in an encrypted database.

The Data Controller processes Personal Data in a proper manner and takes appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of such data. As soon as the retention of Personal Data will cease to be necessary for the purposes set out in and connected to this Policy, such data will be cancelled.

The Data Collection is carried out using computers and/or IT enabled tools, following organizational procedures and modes strictly related to the purposes indicated in this Policy. In addition to the Data Controller, in some cases, the Personal Data might be accessible to external parties (such as third-party technical service providers and platforms, mail carriers, hosting providers, IT companies, communications agencies) appointed, if necessary, as Data Processors by the Data Controller. The updated list of these parties may be requested from the Data Controller at any time by contacting the Festival under the address provided in Art. 1 above.

The Festival is entitled to transfer Personal data for the purposes set out in this Policy to third companies located in Switzerland or abroad. The Festival’s affiliates, agents and third-party service providers who have access to Personal Data obtained through the Website are obliged to respect the User’s privacy, comply with legal obligations and adhere to contractual safeguards. When transferring Personal Data internationally the Festival makes sure to comply with applicable laws and regulations, for example, by entering into agreements which will ensure that the recipients of the User’s information maintain an adequate level of data protection.

The Festival will not sell User’s Personal Data to any third party.

9. Data Subjects’ rights

In accordance with and as far as provided by applicable law (as is the case where the GDPR is applicable), Data Subjects can exercise under certain circumstances the following rights in relation to their Personal Data:

  • right to access: Data Subjects can request access to their Personal Data and specific information connected to its processing;
  • right to erase and rectify: Data Subjects can request a rectification or the partial or complete erasure of their Personal Data;
  • right to restriction of processing: Data Subjects can request that the Festival restricts the processing of their Personal Data;
  • right to object: Data Subjects can object to the processing of their Personal Data

Moreover, shall Data Subjects have given the Festival their consent to process their Personal Data for certain purposes, they can revoke such consent at any time.

The Festival might refuse to provide access or might be obliged to retain certain Personal Data in case the relevant statutory restrictions or the Festival’s overriding interests impose such actions. Shall this be the case, the Festival will promptly provide Data Subjects the reasons that led the Festival to take such a decision.

Shall Data Subjects wish to exercise the above-mentioned rights, kindly contact the Festival at the email or postal address provided in Art. 1 above. Please be informed that every Data Subject has the right to enforce its rights in court or to lodge a complaint with the competent data protection authority. The competent data protection authority for Switzerland is the Federal Data Protection and Information Commissioner (http://www.edoeb.admin.ch).

10. Links to third party websites

The Festival’s Services might contain links to third-party website or services that are not owned or in any way controlled by the Festival. For that reason, the Festival assumes no responsibility for the content, privacy policies or practices of any third-party website or service. Data Subjects hereby understand and agree that the Festival shall not be liable – neither directly nor indirectly – for any damage arising from or out of any occurrence in, upon, at, or relating to any such website or service.

11. Voting, competitions and prize draws

The Festival and its sponsor UBS offer Users the opportunity to participate in competitions and prize draws. By participating in the competitions or prize draws, Users agree to be bound by this Policy and the General Terms and Conditions. The Festival is authorized to transfer all the Personal data collected to its sponsor UBS. The Personal data collected is used to identify the winner of the competition, to distribute the prizes, to analyze the Users in terms of age, gender and popularity of the competition or activity and for marketing purposes.

12. Enforcement and severability clause

The Festival’s potential failure in enforcing any right or provision of this Policy cannot be considered a waiver of such rights. If any provision of this Policy is held to be invalid or unenforceable by a court, the remaining provisions of this Policy will remain into effect.

13. Amendments of this Policy

The Festival retains the right to amend or change this Policy at any time. Changes of this Policy will be published on the Website.