Privacy & Cookie Policy

Policy pursuant to Article 13 of EU Regulation 2016/679 of the European Parliament and of the Council, of 27 April 2016, concerning the protection of individuals with regard to the processing of personal data, as well as the free circulation of such data, and repealing Directive 95/46/EC


Pursuant to Article 13 of EU Regulation 2016/679 (GDPR) and of Legislative Decree 196/2003 (Privacy Code), as amended by Legislative Decree 101/2018, Roma Convention Group S.p.A. (hereinafter: “RCG” or “Owner”) makes known the following information to those who access the website (“Users”/”Data Subjects”).

This policy is provided exclusively in relation to the Owner’s website and not to other websites the User might visit through links shown or made accessible on the website itself if not property of the Owner.

1.Identity and Contact Details of the Data Controller

The Data Controller is Roma Convention Group S.p.A. - VAT n.10891851007 - with headquarters in Viale della Pittura, 50 – 00144 ROME in the person of its pro tempore legal representative.

To contact the Data Controller you can use the following details:

2.Type of Data Processed

The data processed can be the following:

Personal data, or any information relating to an identified or identifiable natural person (“Data Subject”). We consider as identifiable the natural person who can be identified, directly or indirectly, with particular reference to an identifier such as the name, an identification number, location data, an online identifier or one or more elements of their identity, such as first name, last name, e-mail address, phone number.

Specific data, i.e. personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs or union membership, as well as genetic data, biometric data intended to identify a natural person, data relating to the health or sexual life or sexual orientation of the person. These data may be processed only if the interested party spontaneously shares them  with the Data Controller.

Browsing data, since the computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This category of data includes IP addresses or domain names of the computers and terminals used by Users, the URI/URL (Uniform Resource Identifier/Locator) addresses of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the User’s computer environment.

3. Purpose and Legal Basis of the Processing

For all Users of the website, personal data may be used for the following purposes:

Purpose of the Processing
Legal Basis of the Processing

3.1 Allowing navigation through the public pages of our website and checking their correct functioning; in this case, the data being processed will only be the IP addresses through the use of technical cookies, please refer to the cookie policy for more information.

Legitimate interest of the Data Controller to ensure the proper functioning of their website. Article 6, paragraph 1, letter a) of the GDPR.

3.2 Replying to any request received through the e-mail addresses published on the website; the User sending messages implies the subsequent acquisition of their e-mail address, necessary to reply to requests, as well as of any other personal data included in the e-mail. In this case, the acquired data will be processed exclusively to reply to requests from Users.

Legitimate interest of the Data Controller to reply to spontaneous requests for contact/ information sent by Users. Article 6, paragraph 1, letter a) of the GDPR.

Implementation of pre-coatntractual measures adopted at their request. Article 6, paragraph 1, letter b) of the GDPR.

3.3 Possible defense in court of one’s rights or interests before any competent authority or body.

Legitimate interest of the Data Controller to exercise their rights in court or out of court. Article 6, paragraph 1, letter a) of the GDPR.

4. Scope of Data Communication and Dissemination

The personal data of the interested parties may be communicated to specifically designated persons in charge, who work under the control of the Data Controller, or Data Processors. The data may be disclosed to the following categories of subjects: legal and tax consultants of the Owner, developer and manager of the website.

Any communication will take place in compliance with the purposes of the processing described above.

It is possible to request a list of data processors from the data controller at the addresses indicated in paragraph 1.

Personal data may be disclosed to third parties to comply with legal obligations, or to comply with orders from public authorities legitimated for this or to assert or defend a right in court.

5. Processing Method

Personal data will be processed with paper and computer tools by trained staff employed by the Data Controller, and by external parties who operate as Data Processors.

 The data will be stored on servers owned by the Data Controller at Aruba S.p.A.

The use of the Data Controller’s services is reserved for subjects legally able, on the basis of the relevant national legislation, to conclude contractual obligations. The Data Controller, where necessary for specific services, in order to prevent illegitimate access to them, shall implement preventive measures to protect their legitimate interest, such as checking the tax code and/or carrying out other permitted and suitable checks.

6.Data Retention Period

Personal data collected for the purposes indicated in paragraph 3.1 of this policy will not be stored.

Personal data collected for the purposes indicated in paragraph 3.2 will be kept for 2 years and for the following 10 years solely for the purpose of any defense in court.

Personal data collected for the purposes referred to in paragraph 3.3 will be kept for as long as necessary to exercise the rights of the Data Controller in a possible trial.

7.Data Protection Officer

To receive more information on the data processing methods, please contact the Data Protection Officer:

- by e-mail using the following email account:;
- by ordinary mail using the following address: Data Protection Officer at Roma Convention Group S.p.A., Viale della Pittura, 50 - 00144 ROME.

8.Rights of the Data Subject

You have the right to access your data at any time and to exercise the other rights provided for by the GDPR by using the contact details mentioned in paragraph 1. In particular, you have the following rights:

Right of access by the data subject (Art. 15, GDPR)

Right of reply (Art. 16, GDPR)

Right to cancellation (Art. 17, GDPR)

Right to restrict processing (Art. 18, GDPR)

Right to data portability (Art. 20, GDPR)

Right to object (Art. 21, GDPR)

The data subject has the right not to be subject to a decision based solely on an automated process that produces legal effects concerning them (Art. 22, GDPR)

Right to lodge a complaint with the supervising authority (Art. 77, GDPR)

This policy may be subject to changes. If substantial changes are made to the use of data by the Owner, they will notify the User by publishing them with the utmost clarity on their pages or through alternative or similar means.


What are cookies and how do we use them?

A “cookie” is a text file that is stored on computers, tablets, mobile phones and on any device used to browse the Internet, where it is stored before being re-transmitted to the same websites upon the next visit by the same user.

This website uses cookies to improve navigation and to provide services and features to its users and visitors. The use of cookies can be limited or disabled via the web browser; however, without cookies some or all of the website’s features may be unusable.

In particular, our website uses strictly necessary technical cookies that are essential to complete the activities requested by the user, for example, to store information provided by the user while browsing the website or to manage the “login” status during the visit; it uses third-party profiling cookies, during navigation the user can also receive on their terminal cookies sent from different websites or web servers (so-called third parties), on which some elements may reside (e.g. images, maps, sounds, specific links to pages of other domains) present on the website that the user is visiting.

Types of Cookies

Cookies can be classified in:

Session Cookies: they are removed once the user closes the browser and they, therefore, have a limited duration;

Permanent Cookies: they remain in the device used to browse the Internet for a set time. These cookies have typical expiration dates and, therefore, their duration varies based on the cookie used.

First-party and third-party Cookies: depending on whether they belong to the owner of the website or to a third party.

Technical Cookies
These first-party cookies are used to guarantee and facilitate the activities strictly necessary for the functioning of the website for its regular navigation and allow its functions (such as, for example, to authenticate to restricted areas, to save your session/your browsing preferences, to save products in your cart, to remember some criteria such as the language, to manage the distribution of traffic, etc.) and to collect some information in aggregate form (anonymous) about users.

Statistical Cookies
These cookies are used to collect information on the use of the webite by users (number of visitors, pages visited, time spent on the website, etc.).

Profiling Cookies
These are the cookies needed to create user profiles in order to send advertising messages in line with the preferences expressed by the user within the pages of the website.

For our website, we use the following cookies:

1.Technical Cookies
These cookies are connected to the functionality and aesthetics of the website. They help make a website usable by enabling basic functions such as page navigation and secure access to specific areas of the site. The website cannot function properly without these cookies.

Thess are session cookies and no data is stored.

2.First-party Statistical Cookies

Name of Cookie







Statistical data of access to the website

2 years




Statistical data of access to the website

2 years




Statistical data of access to the website

2 years




Statistical data of access to the website

2 years


The cookie only becomes operational following the user’s consent expressed by clicking on the appropriate banner.

Cookie Settings

At any time, the user can refuse to accept all or some of the cookies used by this website by simply selecting, on their browser, the settings that allow to decline them.

Each browser has specific setup instructions. Further information on the procedures to be followed to disable cookies can be found on the browser provider’s website.

Google Chrome:
Mozilla Firefox:
Internet Explorer:
Apple Safari:
It is still possible to use some parts of the website when cookies are disabled.

Data Controller

The Data Controller is Roma Convention Group S.p.A. - VAT number 10891851007 – with headquarters in Viale della Pittura, 50 – ROME in the person of its pro tempore legal representative.

To contact the Data Controller you can use the following details:


Where we are

Viale della Pittura, 50 – 00144 Roma

P. +39 06 5451 3710
F. +39 06 5451 3800

Member of

Roma & Lazio Convention Bureau Convention Bureau Italia ICCA