Information provided pursuant to art. 13 of EU Regulation 2016/679 (for Brevity Rules) – to users who access the site

The information includes:

  • the nature of the personal information processed;
  • the purposes and legal bases of the processing of personal information (Article 13.1.c and 13.1.d of the Rules);
  • the identity and contact details of the data controller (Article 13.1.a and 13.1.b of the Rules);
  • any third parties involved in the processing activities (Article 13.1.e and 13.1.f of the Rules);
  • the retention period of personal information (Article 13.2.a of the Rules);
  • the nature of the data provided and the consequences of any refusal (Article 13.2.e of the Rules);
  • user rights (Article 13.2.b, 13.2.c and 13.2.d of the Rules).



The data controller is M.C.A. Events S.r.l., Via A. Binda 34, 20143 Milan (MI), VAT No. 12858130151.
Contact details:



Navigation data
The site collects personal data, which for transmission is implicit to the use of Internet communication protocols. This is information is not collected to be associated with identified interested parties, but for their nature could, through processing and association with data held by third parties, allow the user to be identified. This category of data includes IP addresses or domain names of the computers used by the user who connects to the site, the addresses in the Uniform Resource Identifier (URI) notation of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (success, error, etc.) and other parameters related to the operating system and the user’s computer environment. This data is used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the site.

Data provided voluntarily by the user
The optional, explicit and voluntary sending of messages using the “Contact us” service present on the site and/or sending e-mails to the company’s address, entails the subsequent acquisition of the sender’s address, necessary to respond to requests, as well any other personal data included in the request. The legal basis for this treatment is art. 6.1.b of the Regulations, is the execution of the services requested by the user.

Register to the site
Registering an account involves entering some personal data that must be true and accurate. Some data is mandatory and clearly indicated, further data is entered voluntarily and the non-inclusion does not involve any consequence. The user is invited to keep the data updated by accessing the personal account. The legal basis for this treatment is art. 6.1.b of the Regulations, is the execution of the services requested by the user. The user who chooses to activate the account through social media must be aware that the site can collect some data that the user has already provided to this social media (for example: e-mail address and public profile). The data controller has no control over the social media and does not establish the privacy settings of the social media. The user must therefore refer to the privacy policy of the social media he uses.

Newsletter and commercial communications
The user can voluntarily choose to receive newsletters and commercial communications. The site requests explicit and free consent before undertaking such promotional initiatives and may ask the user for additional information in order to create personalized and more relevant communications. The user can always easily revoke his/her consent, which is the legal basis of this processing (article 6.1.a of the Rules).

Commercial Orders
In case of an order, the site asks the user to provide personal data for the essential purpose of providing the service or the purchased item, including the post-sales phase (for example: delivery tracking, assistance services, customer satisfaction) and activities to prevent fraud and improper use of the site. The legal basis for data processing is the fulfillment of contractual obligations (Article 6.1.b of the Rules). For payments, the site uses third-party suppliers and does not retain bank information belonging to the user. The data controller has no control over the supplier of this type of service and the user must therefore refer to the privacy policy and terms of service of that provider.

The purpose of profiling is to propose products, services and initiatives tailored to the users preferences, habits and interests. Personal data may be used for remarketing, retargeting or profiling purposes also through third parties (for example: social networks). It is in the legitimate interest of the site to process personal data in such a way to offer personalized and interesting services, improving the performance of the site for its users.

The site invites parents and all those who supervise minors to instruct them on how to process personal data on the Internet in a safe and responsible manner. Minors must not transmit personal data to the site without the consent of their parents. The site is committed not to intentionally collect the personal data of minors, not to use the data in any way and not to communicate the data to third parties.

The cookie policy can be found at this link



The owner can transfer the personal data of the user to third parties qualified as data processors or data handlers to perform technical or commercial operations necessary to perform the services related to the best management of the site (for example couriers and postal operators; advertising, commercial and social media, IT service providers, payment service providers, customer support service providers). In such cases, data communication is essential to meet contractual commitments and to improve site performance. Through data processing agreements the owner obligates the data handlers to process the data in an appropriate and secure way. The user can request the list of data handlers using the e-mail of the data controller. In addition, the owner may be required to share the personal data of the user when required by law or by an order of public authority or to protect a right or a right of third parties. The owner does not transfer data outside the European Union.

Third-party sites
This information does not apply to other sites or platforms to which the site can connect (for example: banners, advertisements and other links to third-party sites or platforms) to which reference should be made by reading the related privacy policies.



Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access.



The holder stores personal data for the time necessary to provide the requested services to the user or to fulfill legal or tax obligations or for the minimum period required by law. In order to determine the appropriate period of storage of personal data memorized by the site with the user’s consent, the holder also takes into consideration the following criteria: the specific purposes specified in the information for which the site stores personal information; the type of relationship in progress with the user (how often the user accesses his account, if the user makes requests through the contact form, if the user continues to receive newsletters or commercial communications; how often he surfs the site , etc.); any specific request by the user to cancel data or withdraw consent; the legitimate commercial interest of the data controller. The site will delete or promptly make anonymous personal data no longer necessary according to law.



Apart from what specified regarding navigation data, the user can freely give his / her data through the contact form or to receive promotional communications or to purchase goods or services and failure to provide such data may make it impossible to obtain the services requested. Each form clearly indicates which data is mandatory in order to carry out what requested by the user.



The user has the right to receive confirmation regarding the possible existence of his/her personal data processed by the data controller.
In this case, pursuant to the Rules, the user has the right to:

  • be informed about the collection and use of his/her personal information;
  • access his/her personal information at no cost;
  • obtain the correction or completion of inaccurate or incomplete personal information;
  • obtain the cancellation of personal information;
  • under specific conditions, obtain the limitation or cancellation of his/her personal information;
  • obtain and re-use his/her personal information for his/her own purposes for different services when the treatment is based on a contract or consent and is performed automatically (“the right to data portability”);
  • under specific conditions, oppose the processing of his/her personal information;
  • the right to submit complaints regarding the collection and processing of personal information to the competent Guarantor;
  • the right to revoke consent of the processing of personal data at any time, except for the treatment carried out up to that time on the basis of the withdrawn consent .

For any information, the user is invited to consult the Internet site of the Authority for the protection of personal data – – where a section dedicated to these rights can be found.



Any changes to this information will be published on the site. The user is invited to check for any updates or changes.