Privacy Policy

  2. Destination Florence Convention and Visitors Bureau Scrl (hereinafter also “DFCVB”) is a non-profit consortium company which for over 20 years has been the official association for promoting Florence as a destination. Its mission is to attract top events, conferences, international weddings and quality tourism. With over 300 highly specialized partner companies operating in the local tourism sector, DFCVB connects businesses with local institutions and international customers (buyer, association, corporate e institutions), as a facilitator in the area and the primary gateway to Florence as a destination.

    DFCVB takes care of your privacy, therefore we have adopted a Privacy Policy regarding the way we collect, use, transfer and store your data. We invite you to read this document to learn about our privacy protection policies, if you have any questions you can write to us at the contacts indicated below.

    With this document DFCVB provides you, pursuant to articles 13 and 14 of Regulation EU 2016/679 the protection of natural persons with regard to the processing of personal data (hereinafter “GDPR”), some information relating to the use of the websiteweb ((hereinafter only “Site”) and any processing of personal data connected to it.


    2.1 Data collected while using the website

    Personal data may be used to identify or contact you, as well as to provide better services to all our users.

    Data collected automatically

    The computer systems and software procedures used to operate the website and all DFCVB applications acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. These information are not collected to be associated with identified data subjects but for its nature, could, through processing and association with data held by third parties, allow the users to be identified.

    This type of data include: the IP address or domain name of the device that is used, the operating system, the model and brand of the device, the phone operator, the URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the reply given by the server (successful, error, etc.) and other parameters related to the operating system and IT environment of your device.

    These data are used to obtain anonymous statistical information on the use of the website and to check its proper functioning.

    Data provided voluntarily by the user

    If you choose to interact with any forms on the site or to contact us by email, you may have to send and/or provide some personal information, necessary to identify you and/or to respond to your requests. The information that may be requested are, by way of example: name and surname, telephone number, e-mail address, contact data and type of request.

    You are responsible for the accuracy of the personal information you submit/provide to DFCVB.

    2.2 Provision of the data

    Apart from that specified for navigation data, the user is free to provide their personal data. Failure to provide such data may, however, make it impossible to obtain what has been requested.


    3.1 Your data will be processed:

    • to allow you to use the functions available and, in particular, to contact our member company and partners;
    • to reply to your requests;
    • for the technical management of the services of the site;
    • to exercise the rights of the Data Controller.

    Other purposes may be indicated in the information related to the use of specific services.

    33.2 The legal bases of the processing

    In relation to the purposes 3.1.a and 3.1.b, the legal basis of the processing is the execution of a contract of which the data subject is a party and/or the execution of pre-contractual measures adopted at the request of the same.

    For the purposes 3.1.c and 3.1.d, the legal basis of the processing is the legitimate interest of the Data Controller in a correct administration of the systems, as well as to exercise and defend its rights.


    Your data will be processed for the time necessary to manage your requests, as well as – where necessary – for the period required by law.

    Once the storage terms indicated above have elapsed, your personal data will be destroyed, deleted or made anonymous, compatibly with the technical cancellation and backup procedures.


    The data will be processed, in compliance with the necessary security and confidentiality, collected and recorded for specific, explicit and legitimate purposes.

    Each data processing is based on principles of correctness, lawfulness and transparency and can be carried out either manually or through automated methods and will take place through appropriate technical and organizational measures, avoiding the risk of loss, destruction, unauthorized access or disclosure or, in any case, illicit use, as well as through reasonable measures to promptly delete or rectify any inaccurate data.


    Designated personnel, duly trained and operating under the authority and responsibility of the Data Controller, will process the data. Information can be communicated to recipients that carry out activities related to the purposes above, such as communication services, e-mail and mail provider and website’s hosting and technical assistance and other service providers related to the aforementioned purposes. Only the data strictly necessary for the performance of the activities will be communicated to the subjects indicated above. The updated list of all recipients is available at the headquarters of the Data Controller and will be provided at your request by writing to the following e-mail address:


    You can exercise rights under Chapter III of GDPR at any time. In particular, you have the right to ask the Data Controller for access to your data, their correction or cancellation, the integration of incomplete data, the limitation of processing, to object, to receive them in a structured, commonly used and machine-readable format, as well as to exercise the other rights recognized by the applicable regulations. These rights can be exercised using the portal’s features or by writing to the following e-mail address: Pursuant to art. 77 of the GDPR, moreover, you have the right to lodge a complaint with the Supervisory Authority if you consider that the processing violates the GDPR.


    At the following link [INSERIRE LINK COOKIE POLICY] you can find all the information on cookies installed through this site, as well as the necessary indications on how to manage your preferences in this regard.


    DFCVB, as Data Controller, reserves the right to make changes to this privacy policy at any time by giving notice to Users on this page. Please therefore consult this page taking as reference the date of last modification indicated at the bottom.


    The Data Controller is Destination Florence Convention and Visitors Bureau Scrl which you can contact for any information or request using the following contacts: Via del Tiratoio,1 – Firenze (Fi) Telefono: 055/29881 E-mail:

    Contact details of the Data Protection Officer:

    Last updated: January 2023