Data protection information notice

General information

The Antonio Meneghetti Scientific and Humanistic Research Foundation website is subject to the Swiss Federal Act on Data ProtectionFADPas well as to any other applicable foreign law on data protection and to the General Data Protection RegulationGDPRof the European Union (EU). The EU recognizes that the Swiss Federal Act on Data Protection guarantees an adequate level of data protection. The following data protection declaration provides information on the type, the content and the scope of data collection and on personal data processing (hereafter “data”) by the managing authority in the framework of the online art auction and of the website aste.fondazionemeneghetti.ch.

Definition of terms used (fromArticle 3 FADP)

  • personal data (data): all information relating to an identified or identifiable person (Art. 3, letter a, FADP)
  • data subjects: natural or legal persons whose data is processed (Art. 3, letter b, FADP)
  • processing: any operation with personal data, irrespective of the means applied and the procedure, and in particular the collection, storage, use, revision, disclosure, archiving or destruction of data (Art. 3, letter e, FADP)

Competent authority

If not indicated otherwise and for exceptional cases only, the Foundation in the person of its pro tempore legal representative is competent for processing of data described in this general information notice.

Fondazione di Ricerca Scientifica ed Umanistica Antonio Meneghetti

6900 Lugano – via San Gottardo 10

e-mail: info@fondazionemeneghetti.ch

Collecting of personal data

Forms online

When you send a contact request through the ad-hoc created form, the data inserted in the form, including contact data you indicate, are stored at the Foundation in order to process your request. These data are not transmitted to any other party without your consent.

If mandatory fields are not filled in, we cannot grant any service.

These collected data satisfy our legitimate interest to process data according to Art. 6, paragraph 1, letter f of the GDPR which allows for processing of data necessary in order to fulfil contractual obligations or pre-contractual measures.

Data collection on our website

Access data (server log files)

When you visit our website, our servers temporarily save each access to a server log file. The following data get detected (without requiring any action by the user) and saved for a maximum of 12 months, until their automatic cancellation:

  • IP address of the requesting computer
  • date and time of access
  • name and URL of the recalled file
  • website from which the access took place
  • user’s computer and browser operating system
  • country from which access took place and language settings of user’s browser
  • name of user’s internet access provider

Those data are not aggregated to other data sources. Collecting and processing of data serve the purpose of allowing the use of our website (to establish a connection) and to guarantee the security and the stability of our system in the long run. The IP address is used in order to detect the country of origin of our website visitor so as to be able to set the language of our website accordingly. In addition, the IP address gets analysed for statistical purposes in the case of attacks on network infrastructure of aste.fondazionemeneghetti.ch. Those collected data satisfy our legitimate interest to process data according to Article 6, paragraph 1, letter f of the GDPR.

Cookies

This website uses the so-called cookies: the cookies do not damage your computer and do not transmit viruses. They are used to make our website more effective, safe and user-friendly. Cookies are small text files sent to your computer and memorized by your browser.

Most cookies that we use are the so-called “session cookies”. After visiting the website, they get cancelled automatically. Other cookies could remain memorized in your browser until they are cancelled manually. These cookies allow us to recognize your browser upon your next visit.

Most browsers accept cookies automatically. However, the user can set his/her browser so as to prevent the saving of cookies on the computer and so as to receive a warning each time a cookie arrives. Deactivating cookies can lead to a situation when the visitor cannot use all features of our website.

Cookies allowing the process of electronic communication or cookies allowing you to use certain features which you request (such as the shopping cart) are memorized in accordance with the art. 6, paragraph 1, letter f of the GDPR.

Purchasing online

When you use our system for purchasing artworks online, the following personal data are collected, their use being reserved exclusively for managing the sales contract correctly and for fulfiling contractual obligations:

  • name and surname
  • e-mail address
  • password
  • invoice address
  • credit card details (only when activating the related control box)
  • archive of orders

Analytics and advertising

Your personal data are not used in any way for advertising purposes, neither to create psedonymized user profiles. We do not make use of any retargeting technology or tracking tools (or specialized cookies) serving the purpose of analysing the visitor’s behaviour.

Transfer of personal data to third parties

We transfer personal data to third parties only in cases where it is necessary in order to execute contract obligations, for example to the bank in charge of making a payment. No communication, processing or transfer of data to third parties takes place. In close cooperation with our internet and newsletter service providers, we also guarantee that your data are protected to the maximum possible extent from unauthorized access, loss, abuse or falsification.

Where the website contains links to third parties websites, after you click on those links, the Foundation does not have any influence whatsoever over purchases, processing, saving or use of personal data by third parties and does not assume any responsibility in this sense.

Storage of personal data

We store your personal data in a personalized form for the time necessary to fulfil the purpose for which they got collected; in the case of contracts, this normally means the entire duration of the contractual relationship. We store your personal data also when a legitimate interest to keep them arises. In particular, this happens when your personal data serve us in order to be able to enforce our claims or to defend ourselves from claims by others, for archiving purposes or in order to guarantee IT safety and security. We also store your data for the time during which they are subject to the legal obligation to be kept.

For certain data there is a mandatory storage period of ten years. For others, shorter deadlines apply, such as in case of recording certain processes in the Internet (log data).

When these deadlines expire, we take care of cancelling and anonymizing your personal data.

What are your personal data processing rights?

You can object the processing of data which exceeds the contractual needs on the basis of article 6, paragraph 1, letter f of GDPR.

If the conditions applicable to a single case are not satisfied and if no legal exceptions apply, you also have the right to information, correction, cancellation or limitation of data processing, provided that this is not in contradiction with the legal obligation to store data or in contradiction with an authorization to data processing.

You also have the right to receive personal data put at our disposal in a commonly used format (right to data portability).

Many data processing steps are allowed only with your explicit consent. You can lift a previously given consent at any moment. Lifting your consent does not affect the lawfulness of processing based on the consensus prior to its lifting.

You can exercise the above-mentioned rights (information, cancellation or lifting consent) by sending a request via e-mail to the competent authority indicated above.

You are also free to file a complaint against the way in which we process your data to the competent supervisory authority, if you think that such processing violates current regulations.

Modifying this data protection declaration

This data protection declaration can be adapted in due time, in particular when our data processing changes or when new legal obligations come into force. Generally, the updated version of the data protection declaration applies, each time a new processing activity starts falling under new rules.

SSL encryption

This website uses the SSL encryption in order to guarantee a protected transmission of your personal data.