Gruppo BolognaFiere
Privacy and cookie policy
This page describes the methods of managing the site adopted by the MODENAFIERE in connection with the processing of personal data of the users who consult the site.
This privacy policy statement which has been drawn up also according to article 13 of the Italian Legislative Decree 196/2003 (Code for the Protection of Personal Data) is solely aimed at those people who interact with the web services of the MODENAFIERE starting from the address:

This information is provided for this website and for other websites belonging to Modenafiere srl relating to individual events, and not for other websites users may consult via links thereto.
This statement is also based on Recommendation N° 2/2001 that the European authorities for the protection of personal data, reunited in the working party instituted by article 29 of the directive N° 95/46/CE, adopted on 17th May 2001 to single out the minimum requirements for the collection of personal data online, and, in particular, the methods, times and nature of the information that the data controllers must supply to the users when they access the web pages, regardless of the reason for accessing the website.

Place where data is processed
Processing related to the web services of this site takes place at the aforesaid offices of the MODENAFIERE and is dealt with only by technical personnel of the office in charge of processing, or by any person who may be entrusted with maintenance operations. No data deriving from the web service will be communicated or diffused, except for what is set out below.

Any personal data provided by users who put forward requests for informative material (newsletters, answers to questions etc.) will only be used with the aim of supplying the service requested and is communicated to third parties only if it is necessary for this purpose.

Kind of data processed
Navigation data

Computerised systems and software procedures proposed for the functioning of this website, acquire, during their normal activity, some personal data whose transmission is implicit in the use of Internet communication protocols. This is information that is not collected to be associated with identified parties but which by nature could, by means of elaboration and association with data held by third parties, enable the identification of the users.

This category of data includes IP addresses or the dominion names of the computers in use by the users who access the site, the Uniform Resource Identifier addresses of the resources requested, the time of the request, the method used to place the request to the server, the dimension of the file obtained in answer, the numeric code indicating the state of the answer given by the server (successful, error, etc.) and other parameters relative to the operative system and the user’s computing environment.

This data is used solely with the aim of collecting anonymous statistic information about the use of the site and to control the correct functioning and is cancelled immediately after processing. The data could be used to verify responsibility in the case of hypothetic computer offences creating damage to the site: apart from this possibility, data regarding web contacts does not persist for more than seven days.

Data provided voluntarily by the user

The optional provision, explicit and voluntary of e-mail addresses to those addresses indicated on this site entails the successive acquisition of the sender’s address, necessary to reply to the request, as well as any other personal data contained in the message.

Any specific information will be progressively reported or visualised on the web pages prepared for particular services on request. .


No personal data of the user is purposely acquired by the site.
Cookies are not used for the transmission of information of a personal nature nor are so-called persistent cookies of any kind used, that is systems for the profiling or tracking of the users. The use of so-called session cookies (which are not persistently memorised on the user’s computer and which disappear when the browser is closed) is strictly limited to the transmission of session identifying marks (formed by casual numbers generated by the server) necessary to enable safe and efficient site navigation.

The so-called session cookies used on this site avoid the use of other computer techniques which could be prejudicial to the reserved nature of users’ navigation and do not permit the acquisition of the user’s personal identifying data.

Choice when providing data

Apart from what has been specified regarding navigation data, the user is free to provide personal data on the ModenaFiere request forms or those indicated in contact with the ModenaFiere offices to request the sending of informative material or other communications.

The conferral of data is compulsory for normal commercial and administrative practices and the possible lack of this conferral could lead to the failure of the contract and/or relationship and/or contact as well as the impossibility to obtain what is required.

Processing methods
The processing that personal data will undergo, requested or acquired, either at the beginning of an eventual contact and/or commercial, collaborative and working relationship and any eventual contacts made solely with the purpose of promoting the Company’s activity, has the aim of satisfying legal and contractual obligations and verifying the correct fulfilment of those obligations by MODENAFIERE and permitting the best possible activities most closely connected to its business purpose.

Data may be processed using appropriate methods and tools to guarantee confidentiality and may be carried out by electronic or automated means (network data processing systems not accessible to the public) and by non-automated means (paper-based archives), both protected by adequate security measures, such as personalised passwords offering exclusive access, personal identity codes and limited access to the archives, as provided for and regulated by articles 31 to 36 included in the Code always in compliance with article 11 of the Code.

With your formal consent, your personal details may be transmitted to:
a) collaborators external to ModenaFiere S.r.l., in their capacity as fiscal and/or accounting and/or legal consultants, only in those cases contemplated by the law, in order to ensure necessary administrative, accounting and/or fiscal procedures are carried out;
b)arent companies and/or subsidiaries of and/or BolognaFiere Group, of which ModenaFiere is part, sales networks (agents, licensees, collaborators and/or distributors), sub-suppliers and subcontractors that may be involved in the execution of the contractual or commercial relationship entered into;
c) companies that operate in the same business sector as MODENAFIERE Srl;
d)service companies operating in the domestic and EU financing and/or auditing sector

Where contracts for the purchase of tickets and/or exhibition spaces provide for the payment owed to ModenaFiere to be charged to a credit card, the manager of the transaction will be asked again to give his/her consent to the processing of the relevant data. This is because the personal and identification details of credit cards may not be accessed by MODENAFIERE Srl, but only by the manager of the electronic payment system (Paypal, etc.), who must request authorisation for data processing in order to proceed with the transaction.

Data Controller

The data controller is MODENAFIERE, with registered offices in Viale Virgilio 58, 41123 Modena, represented by its current duly authorised legal representative.

User’s rights

The users to whom the personal data refers have the right at any time to obtain confirmation that this data exists or not and to know the content and the origin of that data, to be able to verify the exactness or request the integration or updating, or the rectification (articles 7, 8, 9 and 10 of the Italian legislative decree N° 196/2003 reproduced below for your convenience).

According to those same articles, the user has the right to ask for the cancellation, the transformation into an anonymous form or the blocking of any data processed in breach of the law, as well as opposing, for legitimate reasons, its processing.

Requests should be sent to the Data controller writing to the following e-mail address:


This privacy document can be consulted in an automatic form by the most recent browsers that use the P3P standard (“Platform for Privacy Preferences Project”) proposed by the World Wide Web Consortium (

Every effort will be made to make the functioning of this site as interoperable as possible with the mechanisms of automatic privacy controls which are available in some of the users’ products.

Taking into consideration that the state of perfecting of the automatic control mechanisms does not at present make them exempt from errors or malfunction, we point out that the present document, published at the address, constitutes the “Privacy Policy” of this site and that it will be subjected to updating.

Art.7 Right of access to personal data and other rights
1. The data subject (party concerned) is entitled to obtain confirmation regarding the existence or otherwise of personal data regarding himself, even if such data is not yet registered, and to receive the said data in intelligible form.
2. The data subject is entitled to receive information regarding:
a) the origin of the personal data;
b) the purposes for which the data is being processed and the methods adopted;
c) the logics applied in the event that the data is processed with the use of electronic equipment;
d) details identifying the data controller, the data processing supervisors and the appointed representative as foreseen in article 5, paragraph 2
e) the subjects or the categories of subjects to whom the personal data may be transferred or to whose attention it may be brought in a capacity as appointed representative for the territory of the State in question, as data processing supervisors or data processors.
3. The data subject is entitled:
a) to have data up-dated, altered or, when in his or her interests, integrated;
b) to have data processed in breach of the law deleted, rendered anonymous or the circulation thereof restricted, including any information that need not be kept in relation to the purposes for which the data was collected or subsequently processed;
c) to obtain confirmation that the measures referred to in the foregoing points a) and b), also regarding the contents, have been brought to the attention of the parties to whom the data has been transferred or released, unless such an obligation proves impossible or would require means which are grossly disproportionate to the rights being protected.
4. The data subject is entitled to oppose, either in whole or in part:
a) upon legitimate grounds, the processing of personal data regarding himself, even if such data is relevant, with regard to the purposes underlying the collection thereof;
b) the processing of personal data regarding himself for purposes connected with the sending of advertising material, with direct sales, market research or sales communications.

Art.8 Exercise of rights
1. The rights described in article 7 are exercised, without the need for any formality, by a straightforward request to the data controller or the data processing supervisor, also through an authorised appointee, to whom an appropriate reply must be given without delay.
2. The rights described in article 7 may not be exercised by making a request to the data controller or the data processing supervisor, or by filing an application pursuant to article 145, if the personal data is processed:
a) on the basis of the provisions of decree-law no. 143 of 3rd May 1991, converted, by amendments, by law no. 197 of 5th July 1991, and subsequent amendments thereto, dealing with money laundering;
b) on the basis of the provisions of decree-law no. 419 of 31st December 1991, converted, by amendments, by law no. 172 of 18th February 1992, and subsequent amendments thereto, dealing with support to victims of extortion;
c) by parliamentary committees of inquiry set up in accordance with article 82 of the Constitution;
d) by a public figure other than public economic bodies, on the basis of a specific legal provision, exclusively for purposes related to monetary and currency policy, to the system of payments, the monitoring of brokers and credit and financial markets, as well as the protection of their stability;
e) pursuant to article 24, 1st paragraph, letter f), limited solely to the period during which there is a risk that the defence investigations that are being carried out or the right that is being exercised before judicial authorities could be effectively and tangibly prejudiced;
f) by suppliers of electronic communication services accessible to the public in relation to incoming telephonic communications, provided that there is a risk that the defence investigations referred to in law no. 397 of 7th December 2000 that are being carried out may be effectively and tangibly prejudiced;
g) on grounds of justice, at judicial offices at any stage or instance or the Magistrates’ Governing Body or other self-governing bodies or the Ministry of Justice;
h) according to article 53, without prejudice to the provisions of law No. 121 of 1st April 1981.
3. The Data Protection Registrar takes measures in the manner foreseen in articles 157, 158 and 159, also in response to notification by the data subject, in cases covered by paragraph 2, letters a), b), d), e) and f), and, in cases covered by letters c), g) and h) of the said paragraph, takes measures in the manner foreseen in article 160.
4. The rights described in article 7 may be exercised, when data of an objective nature is not involved, unless such action would amount to the rectification or integration of personal data of an evaluative nature relating to judgments, opinions or other judgements of a subjective nature, or an indication of forms of conduct to be followed or decisions being taken by the data controller.

Art.9 Methods by which rights can be exercised
1. The request made to the data controller or the data processing supervisor can be transmitted by registered letter, telefax or e-mail. The Data Protection Registrar may establish another appropriate system in the light of new technological solutions. When the rights foreseen under article 7, paragraphs 1 and 2 are being exercised, the request may also be made verbally and in such circumstances, a summarised record must be made by the data processor or the data processing supervisor.
2. When exercising the rights described under article 7, the data subject may confer written power of attorney or proxy upon individuals, bodies, associations or organisations. The data subject may also seek the assistance of an entrusted person.
3. The rights described in article 7 referring to personal data relating to deceased persons may be exercised by a person who has his or her own interests in such data or acts in order to safeguard the data subject or acts for family-based reasons worthy of protection.
4. The identity of the data subject is ascertained using appropriate evaluation tools, including deeds or documents available or the exhibition or attachment of a copy of an identification document. The person who acts on behalf of the data subject must exhibit or attach the copy of the power of attorney or proxy, signed in the presence of an appointee or signed and submitted together with a non-certified photocopy of a document identifying the data subject. If the data subject is a corporate body, organisation or association, the request must be made by the individual authorised to do so under the respective articles of association or regulations.
5. The request referred to under article 7, paragraphs 1 and 2, is made freely, without restrictions, and may be renewed, unless just grounds exist, after a period of no less than ninety days.

Art.10 Reply to data subject
1. In order to ensure that the rights described under article 7 can be exercised, the data controller must take suitable measures directed, in particular:
a) at facilitating the access to personal data by the data subject, also by using processing programmes purposely designed to select with precision data relating to individual parties concerned who have been or can be identified;
b) at simplifying procedures and reducing the time taken in replying to the applicant, also within the scope of offices or services set up to manage relations with the public.
2. The data is extracted by the data processing supervisor or the data processors and may also be passed on to the applicant verbally, or submitted for examination using electronic equipment, provided that in these circumstances, the data can be easily understood, bearing in mind also the quality and quantity of the information. If requested, the data can be transferred onto paper-based or computerised media, or transmitted via computer.
3. Unless the request relates to a particular processing operation or specific personal data or categories of personal data, the reply to the data subject shall include all the personal data relating to the data subject in any event processed by the data controller. If the request is addressed to a subject exercising a profession within the health sector or to a health organisation, the provisions of article 84, paragraph 1 must be complied with.
4. If it proves particularly difficult to extract the data, the reply to the request made by the data subject may also be given by exhibiting or delivering copies of deeds and documents containing the personal data requested.
5. The right to receive data in intelligible form does not cover personal data relating to third parties, unless the breakdown of the data processed or the lack of certain elements renders the personal data relating to the data subject incomprehensible.
6. The data must also be transferred in intelligible form through the use of comprehensible forms of text. If codes or symbols are transferred, the parameters applying in order to comprehend the relevant meaning must also be supplied.
7. When, following a request made under article 7, paragraphs 1 and 2, letters a), b) and c), the existence of data relating to the data subject is not confirmed, a contribution towards costs may be demanded, not to exceed the actual costs incurred for the research carried out in the case in question.
8. The contribution referred to in paragraph 7 cannot, in any event, exceed the amount calculated by the Data Protection Registrar under directions of a general nature, which may be established as a lump sum in the event that the data is processed with the use of electronic equipment and the reply is given verbally. Under the same directions, the Data Protection Registrar may provide that a contribution be demanded when the personal data appear on a special form of medium whose reproduction is specifically required, or when the complexity or extent of the requests demand the extensive use of equipment, by one or more data controllers, and the existence of data relating to the data subject is confirmed.
9. The contribution referred to in paragraphs 7 and 8 may also be paid through the post office or bank, or by debit or credit card, if this can be done when the reply is received and, in any event, no later than fifteen days from the date of the reply.
Buy online
Online Tickets