- visiting the Festival’s website (www.locarnofestival.ch; hereinafter referred to as the “Website”);
- applying for a Festival accreditation or submitting a film for the Festival’s consideration;
- contacting the Festival for recruitment purposes;
- visiting or using any web-application or website employed by any staff member of the Festival referring to the present Policy;
- providing any information to the Festival per email, phone, mail or in person when visiting the Festival’s premises or interacting in any manner with Festival staff;
- participating to any Festival event, conference, class or movie presentation.
As a general rule, Data Subjects provide Personal Data (i.e. any information relating to an identified or identifiable natural person; hereinafter referred to as “Personal Data”) to the Festival. If Users provide us with Personal Data of other persons (family members, work colleagues, staff members, etc.), please make sure that Data Subjects are aware of this Policy. We kindly ask Users to provide us with Data Subjects’ Personal Data only if allowed to do so and under the condition that such Personal Data is correct.
In some cases, however, the Festival might collect data about Users from a third-party source, such as a government agency, an information or service provider or from public records.
By continuing to use the Festival’s website or any System making reference to this Policy you consent to the latter’s content.
1. Data Controller
Unless otherwise specified, the controller, i.e. the responsible person (hereinafter referred to as “Data Controller”) of the Personal Data of Services’ Users is:
Festival internazionale del film di Locarno
Via Franchino Rusca 1
T. +41 91 756 21 21
2. Policy Statement
The Festival processes Personal Data with great care and only for the purpose of measuring and improving the performance of its Services, thereby being fully committed to ensure the rights Data Subjects are granted under the applicable data protection laws. The access and use of the Services are governed by this Policy, which applies to all Users and any other party accessing or using the Services. This Policy also governs the Festival’s collection of Data Subjects’ Personal Data (hereinafter referred to as “Data Collection”).
3. Legal basis
The legal basis for the Data Collection is determined by Swiss national laws, namely the Swiss Federal Data Protection Act (hereinafter referred to as “FADP”). The Festival – without being legally obliged – aligned its Policy with the EU General Data Protection Regulation 2016/679 (hereinafter referred to as “GDPR”) as the Services may be provided to Users outside of Switzerland.
4. Types of Personal Data collected
The Personal Data which can be object of the Data Collection might include:
- email address;
- first and last name;
- phone number;
- state and ZIP code;
- biographical information;
- information Users of the Services provide to the Festival for the purpose of attending meetings and events or being taken into consideration for a job offer;
- details of Festival participants’ visits to the Festival’s offices, to their presence in the context of the Festival and its events;
5. Use of Personal Data
The Festival will not misuse any Personal Data provided by Users when using the Services. Primarily, the Festival’s Data Collection aims at concluding and processing contracts with Users of our Services as well as with business partners. In addition to the aforementioned and in light of its (or any third party’s) legitimate interest, the Festival might collect Personal Data of Users other third parties including but not limited to:
- analysing, developing and optimizing the Festival’s Services and its products, including behavioural targeting;
- interacting with external social networks and platforms as well as accessing third-party accounts;
- managing the Festival’s business relationship with Users or Users’ organizations, whether in connection with human resources and recruitment purposes, with the sale of goods and services or with the submission of a movie or any product or service for the Festival’s consideration;
- registration and authentication as well as displaying content from external platforms and managing contacts or sending messages;
- processing the Festival’s marketing and sponsorship policy, including organizing events and conferences;
- market and opinion research;
- securing the Festival’s business operations, including the Festival’s IT systems and its premises;
- asserting legal claims and elaborating appropriate defence in the context of legal dispute;
- preventing criminal offences or other misconduct;
- complying with court orders and other mandatory regulatory requirements.
Data Subjects’ unambiguous consent forms the basis of Data Collection, which will be stopped as soon as the purpose of Data Collection ceases to apply; in any case the Festival will retain Personal Data only for as long as it is necessary for the purposes set out in and connected to this Policy.
In case Users have given the Festival their consent to process Personal Data for certain purposes, the Festival will limit the processing of such Personal Data according to such consent.
6. Methods of processing Personal Data
As concerns the methods of processing Personal Data, kindly click here to read our detailed information, which forms an integral part of this Policy.
7. Hosting, retention and transfer of Personal Data
The Data Controller processes Personal Data in a proper manner and takes appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of such data. As soon as the retention of Personal Data will cease to be necessary for the purposes set out in and connected to this Policy, such data will be cancelled.
The Data Collection is carried out using computers and/or IT enabled tools, following organizational procedures and modes strictly related to the purposes indicated in this Policy. In addition to the Data Controller, in some cases, the Personal Data might be accessible to external parties (such as third-party technical service providers and platforms, mail carriers, hosting providers, IT companies, communications agencies) appointed, if necessary, as Data Processors by the Data Controller. The updated list of these parties may be requested from the Data Controller at any time by contacting the Festival under the address provided in Art. 1 above.
The Festival has its legal seat in Locarno, Switzerland, and Services’ Users’ Personal Data are hosted in an encrypted database.
8. Data Subjects’ rights
In accordance with and as far as provided by applicable law (as is the case where the GDPR is applicable), Data Subjects can exercise under certain circumstances the following rights in relation to their Personal Data:
- right to access: Data Subjects can request access to their Personal Data and specific information connected to its processing;
- right to erase and rectify: Data Subjects can request a rectification or the partial or complete erasure of their Personal Data;
- right to restriction of processing: Data Subjects can request that the Festival restricts the processing of their Personal Data;
- right to object: Data Subjects can object to the processing of their Personal Data
Moreover, shall Data Subjects have given the Festival their consent to process their Personal Data for certain purposes, they can revoke such consent at any time.
The Festival might refuse to provide access or might be obliged to retain certain Personal Data in case the relevant statutory restrictions or the Festival’s overriding interests impose such actions. Shall this be the case, the Festival will promptly provide Data Subjects the reasons that led the Festival to take such a decision.
Shall Data Subjects wish to exercise the above-mentioned rights, kindly contact the Festival at the email or postal address provided in Art. 1 above. Please be informed that every Data Subject has the right to enforce its rights in court or to lodge a complaint with the competent data protection authority. The competent data protection authority for Switzerland is the Federal Data Protection and Information Commissioner (http://www.edoeb.admin.ch).
9. Links to third party websites
The Festival’s Services might contain links to third-party website or services that are not owned or in any way controlled by the Festival. For that reason, the Festival assumes no responsibility for the content, privacy policies or practices of any third-party website or service. Data Subjects hereby understand and agree that the Festival shall not be liable – neither directly nor indirectly – for any damage arising from or out of any occurrence in, upon, at, or relating to any such website or service.
10. Enforcement and severability clause
The Festival’s potential failure in enforcing any right or provision of this Policy cannot be considered a waiver of such rights. If any provision of this Policy is held to be invalid or unenforceable by a court, the remaining provisions of this Policy will remain into effect.
11. Policy changes
Changes of this Policy will be published on the website www.locarnofestival.ch.