Terms and Conditions

Henoto S.p.A. (hereinafter referred to as “HENOTO” for the sake of brevity), with its registered office in Bologna (BO), Via A. Maserati 18, enrolled in the Bologna Register of Companies under No. 555349, Tax Code and VAT No. 03275590283, in the person of its Managing Director Engineer Giovanni Giuliani P.E.C. address: henoto@pec.it

1. Purpose of the Processing

The Data Controller processes exclusively common data and, in particular, personal identification data (by way of example: IP address, name, surname, company name, tax code, VAT number, address, telephone number, e-mail, bank and payment references - hereinafter, “Personal Data”) communicated by you through access to the site or by sending it to the Data Controller on the basis of your free and voluntary choice.

2. Objective for the processing

2.1. Your Personal Data will be processed by the Controller for the following purposes:

  • Browsing the site;
  • fulfilling pre-contractual (sending quotes) and contractual obligations arising from the existing relationship with the undersigned (fulfilment of the contract, trade fair access, issuing and signing the delivery report, issuing the invoice);
  • comply with the provisions of the law and regulations (e.g. tax declarations to the judicial authorities if requested, communications to public bodies for any authorisation requests, communications to the organising body of the trade fair event);
  • exercise the rights of the Data Controller, in particular, that of defence in court;

The provision of data for the above purposes is mandatory. Failure to provide the data and/or express refusal to process the data shall make it impossible for the Data Controller to fulfil the contract, without prejudice to the provisions of Article 8 below.

2.2. Subject to express consent, your Personal Data will also be processed by the Controller for the following purposes:

  • for the purposes of the performance by the Controller of promotional and marketing activities by means of automated and non-automated systems (sent directly by the Company or by means of the “Mailchimp”, “Benchmark email” and “Mailerlite” platforms and information tools) concerning the sending of newsletters, market and statistical research, customer satisfaction, advertising material, commercial communications and invitations to participations and events organised by the Controller;
  • automated processing, including profiling (“the collection and processing of data relating to the users of a service, in order to divide them into groups according to their behaviour”), for promotional and marketing purposes, with the express exclusion of decision-making, from which legal effects may derive for the data subject, exclusively based on automated processing alone;
  • for the purposes of the transfer of your Personal Data by the Data Controller to the companies of the Henoto and Bologna Fiere group (meaning all companies controlled or participated by BolognaFiere S.p.A. and Henoto S.p.A.), so that they may also interact with social networks by displaying sponsored pages, it being understood that the interactions and information acquired will in any case be subject to the User's privacy and cookie settings relating to each social network;
  • for the purpose of the Owner’s interaction with social networks by displaying sponsored pages; the interactions and information acquired will in any case be subject to the User’s privacy and cookie settings relating to each social network.
  • Prior express consent by completing the “work with us” form in order for the Interested Party to apply to work with Henoto;
  • Prior express consent by filling out the “contact us” form, in order to process requests and/or information from the data subject;
  • Prior express consent by indicating the e-mail address in the “newsletter” form, in order to receive Henoto’s newsletters.

The expression of consent in the cases set out above shall not be a condition for the provision of the services and facilities of the Controller and may be revoked at any time by written notice to be sent to mail: privacy@henoto.com.

3. Types of personal data processing.

The processing of your Personal Data is carried out by means of the operations indicated in art. 4 Privacy Code and art. 4 n. 2) GDPR and precisely: collection, recording, storage, consultation, processing, extraction, use, blocking, communication, cancellation and destruction of data.

Your Personal Data are subject to both paper and electronic processing. In any case, the logical and physical security of the data and, in general, the confidentiality of the Personal Data processed will be guaranteed, by implementing all the necessary technical and organisational measures adequate to guarantee their security.

4. Data access and processing.

4.1 For the purposes referred to in article 2.1) above, your Data shall be processed or may simply be accessed for the purposes referred to above: by Henoto's personnel (employees and collaborators), who shall act by virtue of an act of appointment as designated persons and under the responsibility of the Data Controller, by consultants and/or subcontractors, external companies providing services, including IT services, to which Henoto entrusts the performance of certain services for the pursuit of the purposes referred to in article 2) above, who shall act, where appropriate, as external Data Processors.

4.2 For the purposes referred to in article 2.2 above, your data may be accessed or processed not only by the parties referred to in article 4.1) above, but also by third party companies (Synclab s.r.l. unipersonale), on the basis of service contracts and, where appropriate, in their capacity as external data processors.

5. Storage of Personal Data.

Personal Data are stored on servers located in the Data Controller’s premises and on the cloud (server in Sizzera) and will not be transferred, without prejudice to the provisions of article 7 below.

6. Personal Data retention period.

The Data Controller shall process Personal Data relating to the purposes set out in article 2.1. above (except for the purpose of browsing the site), for the time necessary to fulfil the above purposes and in any case for no longer than 10 years from the termination of the relationship for the purposes of protection under the prescriptive terms.

For the processing subject to consent as set forth in Article 2.2. above and for the purposes of site navigation, taking into account the type of activity of the Data Controller and of the Third Party recipients of the Data, as indicated in Article 2.2. above, Personal Data will be processed for a maximum period of three years, unless the consent is revoked, to be made explicit in writing by e-mail to: privacy@henoto.com

7. Recipients and categories of recipients.

In addition to the recipients referred to in art. 4 and the companies subcontracting the services and suppliers of the goods/services requested, where the transfer of the data is necessary and functional to the fulfilment of the contract, the Data Controller may disclose some of your personal data to companies of the Henoto group and/or consultants to whom Henoto entrusts the performance of certain services in order to pursue the purposes referred to in art. 2.1 above.

In the event of the assignment of the supply of exhibition set-ups in territories other than Italy, the Data Controller may disclose some of your data to subjects residing abroad, exclusively for the purposes and if functional to the fulfilment of contractual obligations.

The transfer of data is regulated, in the cases provided for by law, by the appointment of the third party as Data Processor and, where applicable, by the stipulation of co-ownership contracts containing the standard contractual clauses pursuant to Commission Implementing Decision (EU) 2021/914.

The list of Data Processors is updated by the Controller and is available for consultation only at the Controller’s premises.

8. Rights of the data subject.

In your capacity as data subject, you have the rights set forth in Art. 7 Privacy Code and Art. 15 to 21 GDPR including:

  • Right of access - To obtain confirmation as to whether or not personal data relating to you is being processed and, if so, to receive information regarding, among others: the purposes of the processing, categories of personal data processed and the period of storage, recipients to whom the data may be disclosed (Article 15 GDPR);
  • Right of rectification - Obtain, without undue delay, rectification of inaccurate personal data concerning you and supplementation of incomplete personal data (Article 16 GDPR);
  • Right to erasure - Obtain, without undue delay, the erasure of personal data concerning you, in the cases provided for by the GDPR (Article 17 GDPR);
  • Right to the restriction of processing - Obtain from the Data Controllers the restriction of processing, in the cases provided for by the GDPR (Article 18 GDPR);
  • Right to data portability - To receive, in a structured, commonly used and machine-readable format, personal data concerning you and to have them transmitted to another controller without hindrance, in the cases provided for by the GDPR (Article 20 GDPR);
  • Right to object - Object to the processing of personal data concerning you, unless there are legitimate grounds for the Controller to continue the processing (Article 21 GDPR);
  • Right to withdraw consent - To withdraw, at any time, one or more consents expressed for the processing of Data, subject to the manifestation of consent (Article 7 GDPR).
  • Right to lodge a complaint with the supervisory authority - Lodge a complaint with the Italian Data Protection Authority, Piazza di Montecitorio n. 121, 00186, Rome (RM).

9. Procedures for exercising rights.

The rights referred to in Article 8. above may be exercised at any time by sending a written communication to: privacy@henoto.com.

It should be noted that the data controller will reply to the request within 30 days and, if the request is granted, the data controller will take charge of communications with the third parties responsible for the employee's data.

If the request is granted, the Data Controller undertakes to also delete the data from any archives, allowing the user to verify them remotely.

Should you wish to lodge a complaint regarding the manner in which your data is processed or regarding the response to your requests, you have the right to lodge a petition directly with the Supervisory Authority. Please note that Henoto's Data Protection Officer can be contacted at the following e-mail address: dpohenoto@lslex.com