Privacy & Cookie Policy

The website collects certain Personal Data of its Users.

This information is prepared on the basis of the legislation on the protection of personal data, including Articles 13 and 14 of Regulation (EU) 2016/679 (hereinafter, GDPR).

Data Controller.

Comune di Marliana (hereinafter, “Data Controller”) of the data processing of the company Comune di Marliana with registered office in Via della Chiesa, 5 Marliana – 51100 – Pistoia (PT) – p.iva 00361970478

Types of Data collected and Purposes of the processing

  1. a) Website . The Data Controller processes the personal, identifying data (e.g., first name, last name, company name, address, telephone, e-mail – hereinafter “personal data” or also “data”) communicated by you in connection with the conclusion of contracts for the services of the Data Controller. Unless otherwise specified, it is for the purpose of providing the service requested by the User.

(a.1) Account Registration.

This section describes what data the Owner may collect when you create an account on the Website and how this data is processed.

You may create a personal account on the Website in order to use the reserved features of the Website or to get in touch with the Institute. The creation of an account is not mandatory, and if you decide to create an account, you may cancel it at any time by contacting the Owner.

-Source of personal data and mandatory data

When creating an account on the Website, you provide the Controller with contact and identifying data. You acknowledge that some of the information you are asked to provide is essential to complete the registration process, and failure or refusal to provide such information will prevent us from following up on your request. You will find it clearly indicated on the Web Site which information is essential.

The additional information is optional and, if provided, may be used by the Controller to avoid inconveniences related to cases of homonymy.

You also acknowledge that by using some of the services provided on the Web Site, the Controller collects additional information related to how you interact with us (e.g., products placed in your shopping cart and not deleted before leaving the Web Site).

Please make sure that your information is correct, and if the personal information you have provided to us changes, please write to us as soon as possible at the email at the top of the page, or change your information directly online in the private area if you are registered. This will enable us to keep your personal data up to date.

-Manner of use of personal data

The Controller will only use this data to deliver services related to your account, which may include services related to online purchases, unless you have consented to the use of your personal data also to improve your shopping experience online and in our store. In the latter case, the Data Controller may then associate the personal data in your account with other information collected in other circumstances and use it in the manner described in connection with relationship marketing activities, obviously obtained upon your specific, informed and free consent.

Your personal data will be stored and used primarily by automated processing.

-Manner of sharing personal data.

Your personal data will be processed by our specifically authorized personnel and the data processors in charge of managing your account. The Controller will not disclose your personal data to third parties for direct marketing purposes or sell your personal data

(b) Newsletters. The Owner, subject to your informed, specific consent (through the dedicated form) processes your data for the purpose and in the manner set out in the dedicated information in the appropriate section on the site, to which you are referred.

  1. c) Contacts. It is possible to contact the Controller to request information and for any request related to our services. The purpose of the processing of your data is to fulfill your requests, and the legal basis of the processing lies in the execution of pre-contractual measures.


Methods and place of the processing of the Data collected

The processing is carried out by means of computer and/or telematic tools, with organizational methods and logics strictly related to the indicated purposes and, in particular, by adopting the appropriate security measures set forth in EU Regulation 679/2016. In addition to the Data Controller, in some cases, other subjects involved in the organization of this application (personnel authorized by the Data Controller) or external subjects (such as third party technical service providers, hosting providers, IT companies) also appointed, if necessary, Data Processors by the Data Controller may have access to the data. The updated list of Data Processors can always be requested from the Data Controller.

Legal basis of the processing

The Data Controller processes Personal Data related to the User, for the purposes set forth in:

-point 1, lett a): the processing of your data is necessary for the execution of the contract with the Controller (online buying and selling). In this case, your data will also be processed for the fulfillment of consequent legal obligations of accounting-fiscal-administrative nature.

-point 1, lett. b): the processing of your data will take place only with your specific consent, issued in the manner set out in the specific information on the site in the newsletter section to which you refer.

-point 2, lett. c): the processing of your data is necessary for the execution of pre-contractual measures (request for information on the products and services of the Owner).

However, it is always possible to ask the Controller to clarify the concrete legal basis of each processing.

Place and scope of communication of your data

Data are processed at the registered office of the Data Controller and in any other place where the parties involved in the processing are located.

Personal data are stored on servers located within the European Union. It is in any case understood that the Data Controller, should it become necessary, will have the right to move the servers outside the EU as well. In this case, the Data Controller assures you as of now that the transfer of data outside the EU will take place in accordance with the applicable legal provisions, subject to the stipulation of the standard contractual clauses provided by the European Commission.

Your data may be disclosed to third parties belonging to the following categories: subjects providing services for the management of the information system used by the Data Controller and communication networks (including e-mail); firms or companies within the scope of assistance and consulting relationships; competent authorities for the fulfillment of legal obligations and/or provisions of public authorities, upon request.

Subjects belonging to the above categories perform the function of Data Processors, or operate completely independently from the Data Controller.

The User may request information on the constantly updated list of data processors from the Controller by contacting him at the contact details given at the beginning.

Nature of data provision and consequences of refusal to respond

The provision of data for the purposes referred to in point 1, lett. a) and c) is functional in order to take advantage of the services requested, therefore, any refusal to provide such data will make it impossible for the Data Controller to perform such services. With regard to the purpose referred to in point 1, lett. b), the interested party may decide not to confer any data or subsequently deny the possibility of processing data already provided: in this case, he/she will not be able to receive newsletters, commercial communications and advertising material related to the Services offered by the Owner.

Retention Period.

Data are processed and kept for the time required by the purposes for which they were collected.


Personal Data collected for purposes related to the execution of a contract or the performance of pre-contractual measures between the Data Controller and the User will be retained until the execution of such contract is completed and, in any case, in accordance with applicable law.

The Controller may be obliged to retain Personal Data for a longer period in compliance with a legal obligation or by order of an authority.

The Controller will process Personal Data for as long as necessary to fulfill the above purpose and in any case for no longer than 2 years after the collection of the data for the Marketing purpose.

At the end of the retention period, the personal data will be deleted. Therefore, at the expiration of this period the right of access, deletion, rectification and the right to Data portability can no longer be exercised.

Never and for no reason do we sell or rent Users’ Data to third parties. The only uses of the Data are those highlighted in this policy. Users are the sole owners of their Data and may request its modification or deletion at any time.


User Rights

Users may exercise certain rights with respect to the data processed by the Data Controller.

In particular, under the GDPR, Users have the right to:

-revoke consent at any time;

-oppose the processing of their data;

-access to their own data;

-verify and request rectification;

-obtain restriction of processing;

-obtain the deletion or removal of one’s personal data;

-receive one’s data or have it transferred to another data controller;

-propose a complaint.

How to exercise rights

To exercise their rights, the User can address a request to the contact details of the Controller indicated in this document.

Specific disclosures

In addition to the information contained in this privacy policy, this Site may provide the User with additional and contextual disclosures regarding specific Services, or the collection and processing of Personal Data. In particular, with regard to the use of your data for marketing purposes (Newsletter), please refer to the specific dedicated disclosure.

System logs and maintenance

For needs related to operation and maintenance, this application may collect System Logs, i.e. files that record interactions and may also contain Personal Data, such as the User’s IP address.

Information not contained in this policy

Further information in relation to the processing of Personal Data may be requested at any time from the Data Controller using the contact details.


Cookie Policy

Cookies Policy

With this document, in accordance with Articles 13 and 14 of Regulation (EU) 2016/679 (hereinafter GDPR), Comune di Marliana of the company Comune di Marliana with registered office in Via della Chiesa, 5 Marliana – 51100 – Pistoia (PT) – p.iva 00361970478, the data controller, provides users of the site with some information regarding the cookies used

What are cookies

A “cookie” is a small text file created on the user’s computer when the user accesses a particular site, with the purpose of storing and transporting information. Cookies are sent by a web server (which is the computer on which the visited website is running) to the user’s browser (Internet Explorer, Mozilla Firefox, Google Chrome, etc.) and stored on the user’s computer; they are, then, re-sent to the website at the time of subsequent visits.

In the course of browsing, the user may also receive cookies from different sites (so-called “third-party” cookies) on his/her terminal, set directly by the operators of said websites and used for the purposes and in the manner defined by them.

Types of cookies used by this Site

The Site uses cookies only to ensure and facilitate navigation and enjoyment of the website and to collect information, in aggregate form, about site visits and content sharing. On the other hand, no cookies are used in any way for profiling purposes, and this also with reference to the installation, through the site, of third party cookies that could be used by them, in a completely autonomous way, for their own profiling purposes.

Owner’s cookies

The site uses only technical cookies, with respect to which, pursuant to Article 122 of the Privacy Code and the Garante Order of May 8, 2014, no consent is required from the data subject.

More precisely, the site uses technical cookies that are strictly necessary to allow navigation by the user, detailed below:

WordPress CMS

The cookies generated by this CMS serve solely to manage and maintain it. The cookies in question are generated to ensure the user’s good browsing session, or to manage the Site’s login system, so as to avoid web attacks and ensure greater security for the user. It is understood that these cookies will be deleted the moment the user leaves the site and therefore no data is kept within the site.

In the absence of such cookies, the website may not function properly.


Third-party cookies

A number of third-party cookies, including profiling cookies, are installed through, which are activated by clicking “ok” on the banner.

We detail the individual third-party cookies, as well as links through which the user can receive more information and request deactivation of the cookies.

Google Analytics

The Site uses Google Analytics. This is a web analytics service provided by Google Inc. (“Google”) that uses cookies that are deposited on the user’s computer to allow statistical analysis in aggregate form regarding the use of the website visited.

The Data generated by Google Analytics is stored by Google as indicated in the Policy found at the following link:

To consult the privacy policy of the company Google Inc., autonomous owner of the data processing related to the Google Analytics service, please refer to the website

It should be noted that the IP anonymization feature provided by Google has been activated.

At the following link the browser add-on for deactivating Google Analytics is also made available by Google.

Google Maps

The site uses or may use Google Maps. This is a service provided by Google Inc. (“Google”) to include interactive maps within web pages. This service involves the installation of cookies by Google.

Please refer to the following link: for Google Inc. privacy policy and deactivation.

Social Buttons

Social buttons are those particular “buttons” on the site that depict social network icons (example, Facebook and Twitter) and allow users who are browsing to interact with a “click” directly with social networks.

The social buttons used by the site on the “Contact Us” page and in the footer of the page, in the area dedicated to the publication of corporate data, are links that refer to the Owner’s accounts on the depicted social networks. Through the use of these buttons, therefore, no third-party cookies are installed.

On the other hand, the social buttons used on the “Blog” page allow the social network to which the icon refers to acquire data about the visit. Through the use of such buttons, third-party cookies, including profiling cookies, are therefore installed. However, the site does not share any browsing information or user data acquired through its site with the social networks accessible through the social buttons.

Links are provided where the user can view the privacy policy regarding data management by the Social to which the buttons refer:


Method of processing

Processing is carried out with automated tools by the Data Controller. No dissemination or communication is carried out.

Provision of data

With the exception of technical cookies, the provision of data is left to the will of the interested party who decides to browse the site after having read the brief information contained in the appropriate banner and/or to take advantage of services that require the installation of cookies (thus for content sharing via Add This).

The interested party can avoid the installation of cookies by keeping the banner (Refraining from closing it by clicking on the “OK” button) as well as through appropriate functions available on their browser

Disabling cookies

Without prejudice to what has been indicated above with regard to cookies strictly necessary for browsing, the user can eliminate other cookies through the functionality made available for this purpose by the Data Controller through this policy or directly through his or her browser.

Each browser has different procedures for managing the settings. The user can obtain specific instructions through the links below.

Microsoft Windows Explorer

Google Chrome 

Mozilla Firefox 

Apple Safari

The deactivation of third-party cookies is also possible through the methods made available directly by the third-party company that owns said processing, as indicated at the links given in the section “third-party cookies”

To get information about the cookies stored on your terminal and disable them individually, please refer to the link:

Owner of the data processing is: 

Municipality of Marliana

Tel: +39 0572 69851


In order to exercise the rights provided for in Section 7 of the Privacy Code, listed above, the interested party should address a written request to the company Comune di Marliana.