Via Francigena

Privacy Policy


The routes available on our websites are identified by our technicians, volunteers and/or by people outside our staff members.
The routes will sometimes be digitised, that is, plotted on digital maps and aerial photos using geographical information software, based on information given by hikers.
Whatever the processing technique, GPS trackers may contain errors due to the tools used or survey and plotting methods. In addition, the conditions of the routes can change significantly over time due to vegetation growth, snowfall, hydrogeological instability, roadworks, etc.
Therefore, GPS trackers should be considered indicative tools, just like the information contained in any topographical map.
Routes should particularly be travelled with utmost care and caution in cases of poor visibility and adverse weather conditions.
It may also be possible that the routes cross private property that we are unaware of or potentially dangerous paths due to vehicular traffic or risks of accidental falls (e.g. unprotected crossings, exposed mountain sections, etc.).
The European Association of Via Francigena Ways (EAVF) urges anyone who uses the routes posted on our sites to pay the utmost attention and to not rely solely on GPS tools.
The EAVF will not take any responsibility for any kind of problem or incident that happens along the website’s downloadable routes.

Site type

This site cannot be considered a newspaper as it is not updated periodically. It is not therefore an editorial product under Law 62 of 7.03.2001.


Data Controller
European Association of Via Francigena Ways
Legal headquarters: Casa Cremonini, Piazza Duomo 16, 43036 Fidenza (PR) – Italy
Headquarters: Palazzo Farnese, Piazza della Citadel 29, 29121 Piacenza – Italy
Controller email address:

Type of Data Processed
Among the Personal Data collected by this site, independently or through third parties, there are: Cookies, Usage Data, emails, telephone numbers etc.
Full details about the types of data collected are provided in the dedicated sections of this privacy policy or through specific information messages displayed before data collection.
Personal data can be freely provided by the user.
If any doubts are raised regarding mandatory data, users are encouraged to contact the Data Controller.
The use of cookies – or other tracking tools – on this site or within third-party services found on this site it is intended to provide a service to the user if not otherwise stated. This is in addition to the purposes described in this document and in the Cookie Policy, if available.
The user is responsible for the personal data of third parties obtained, published or shared on this site and guarantees that they have the right to broadcast or share them, freeing the Controller from any liability to third parties.

How and Where Data Collection is Processed

The Controller takes appropriate security measures to prevent unauthorised access, disclosure, modification or destruction of personal data. The service is carried out by computer and/or telematic software, with organisational methods and by means strictly related to the purposes indicated. In some cases, other parties involved in the organisation of this website, in addition to the Controller, may have access to personal data if necessary (personnel involved in administration, commerce, marketing, legal practice, system administration). The updated list of managers may always be requested from the Data Controller.

Legal Basis for Processing
The Data Controller holds a user’s personal data in one of the following situations:
•    The user has given their consent for one or more specified purposes Note: In some cases, the Controller may be authorised to process personal data without the consent of the user or another of the legal bases specified below, until the user opts “out-out” from processing. However, this is not applicable if the processing of personal data is regulated by European legislation on the protection of personal data;
•    Processing is necessary for the execution of a contract with the user and/or for the execution of pre-contractual measures;
•    Processing is necessary to fulfil a legal obligation to which the Controller is subject;
•    Processing is necessary for the performance of a task of public interest or for the exercise of public powers vested in the Data Controller;
•    Processing is necessary for the pursuit of the legitimate interest of the Data Controller or third parties;
•    It is, in any case, always possible to ask the Controller to clarify the concrete legal basis of each process and in particular to specify if it is based on the law, provided for by a contract or necessary to conclude a contract.

Data is processed at the Controllers operational and legal locations and in any other place where the parties involved in processing are located. For more information, please contact the Data Controller. The user’s personal data may be transferred to a country outside the country in which you are located. To obtain more information about the processing location, the user may refer to the section detailing the processing of personal data.
The user is entitled to obtain information about the legal basis of the transfer of data to outside the European Union or to an international organisation of public international law or made up of two or more countries, such as the UN, as well as the security measures taken by the Controller to protect personal data.
If one of the transfers described above takes place, the user may refer to the respective sections of this document or ask the Controller for information by contacting him using the details shown at the beginning of this page.

Retention Period
Data is processed and retained for as long as required for the purposes for which it was collected. Therefore, personal data collected for the purpose of the Collector’s legitimate interest will be withheld until that interest is fulfilled. The user may obtain further information about the legitimate interest pursued by the Controller in the relevant sections of this document or by contacting the Controller.
When the processing is based on the user’s consent, the Controller may retain the personal data until that consent is revoked. The Controller may be obliged to retain personal data for a longer period of time in accordance with a legal obligation or on the orders of an authority.
At the end of the retention period personal data will be deleted. Therefore, at the end of this term, the right of access, cancellation, adjustment and the right to portability of the data can no longer be exercised.

Purpose of the Processing of Collected Data
The user’s data is collected to enable the Controller to provide a service. To obtain further information on the purpose of processing and the specific personal data used for each purpose in the respective sections of this document.

Details About the Processing of Personal Data
Personal data is collected for the following purposes and using the following services:

•    To contact the user:

o    Mailing list or newsletter (this webiste)
o    Personal data collected: e-mail address
o    When registering for the mailing list or newsletter, the user’s email address will automatically be entered in a list of contacts to which emails can be sent with information, including commercial and promotional information, relating to this website. The user’s email address may also be added to this list as a result of registering with this Website or after making a purchase.
Contact Form (this Website)
By filling out the contact form with their data, the user consents to its use for the responding of requests for information or for any other nature indicated in the form’s header.

Managing Tags

This type of service is functional to the centralised management of tags or scripts used on this website.
The use of such services involves their reading of the user’s data and, if appropriate, its retention.
Google Tag Manager (Google LLC)
Google Tag Manager is a tag management service provided by Google LLC.
Personal data collected: cookies and data usage.
Location of treatment: USA – Privacy Policy.

User Rights

Users may exercise certain rights with respect to the data processed by the Controller.
In particular, the user has the right to:
•    withdraw their consent to the processing of previously expressed Personal Data.
•    object to the processing of their data when it occurs on a legal basis other than consent. Further details on the right of opposition are indicated in the below section.
•    obtain information about the data processed by the Data Controller, certain aspects of its processing and receive a copy of the processed data.
•    verify that their data is correct and request that it is updated or corrected.
•    when certain conditions apply, the user may request to restrict the processing of their data. In this case, the Controller will not process said data for any other purpose other than their retention.
•    when certain conditions apply, the user may request that the Controller delete their data.
•    receive their data in a structured format, commonly used and readable by an automatic device and where technically feasible, to have it transferred to another Controller. This provision is applicable when the data is processed with automated tools and the processing is based on the user’s consent, a contract of which they are a party or on contractual measures related to said contract.
•    make a complaint to the relevant personal data protection authority or take legal action.

Details of the Right to Object

When personal data is processed in the public interest, in the exercise of public powers in which the Controller is invested or to pursue a legitimate interest of the Controller, users are entitled to oppose the processing for reasons related to their particular situation. Users are advised that, if their data is processed for marketing purposes, they may object to the processing without providing any reason. To find out if the Controller processes data for direct marketing purposes, users can refer to the respective sections of this document.

How to Exercise Rights

To exercise their rights, users can direct a request to the Data Controller using the contact details indicated in this document. Requests are filed free of charge and processed by the Controller as soon as possible, in any case within a month.

Cookie Policy

This website uses of cookies. To find out more and to view more detailed information, consult the Cookie Policy.

Further Information on Processing

Defence in Court

The user’s personal data may be used by the Data Controller in court or in the preparatory stages of its eventual establishment to defend against the user’s improper use of this website or related services.
The user declares they are aware that the Controller may be obliged to disclose their data at the behest of the public authorities.

Specific Information

Upon the user’s request, in addition to the information contained in this privacy policy, this website may provide them with additional and contextual information regarding specific services or the collection and processing of personal data.

Information not Contained in this Policy

Further information regarding the processing of personal data may be requested at any time from the Data Controller using their contact details.

Changes to this Privacy Policy

The Data Collector reserves the right to make changes to this privacy policy at any time by giving users information on this page and, if possible, on this website as well as, if technically and legally feasible, notifying users of changes through the contact details on the system. Please consult this page regularly, referring to the last change date indicated at the bottom of the page.
If the changes affect processing which legally require consent, the Controller will re-collect the user’s consent if necessary.

Definitions and Legal References

Personal data (or data)

Personal data is any information that, directly or indirectly, in connection with any other information including a personal identification number, identifies an individual.

Usage Data

This is the information automatically collected through this website (also from third-party applications built into this website), including: the IP addresses or domain names of the computers used by a user who connects to this website; Uniform Resource Identifier (URI notation) addresses; request time; method used in forwarding the request to the server; file size obtained in response; numeric code indicating the response status from the server ( good end, error, etc.); the country of origin; the browser and operating system characteristics used by the visitor; the various time connotations of the visit (e.g. the time of stay on each page) and the details of the route followed inside the application, with particular reference to the sequence of pages consulted, parameters related to the operating system and the user’s computer environment.


The individual using this website who, unless otherwise specified, coincides with the data subject.


The individual to whom the personal data relates.

Data Processor (or Processor)

The individual, legal person, public administration and any other entity that deals with personal data on behalf of the Controller, as set out in this privacy policy.

Data Controller (or Controller)

The individual, legal entity, public authority, service or other body that, individually or together with others, determines the purpose and means of processing personal data and the tools adopted, including security measures, relating to the operation and use of this website. The Data Controller, unless otherwise specified, is the owner of this website.

The Website

The hardware or software tool through which the user’s personal data is collected and processed.


The service provided by this website as defined in its terms (if present) on this site.

European Union (or EU)

Unless otherwise specified, any reference to the European Union contained in this document is intended to extend to all current member states of the European Union and the European Economic Area.


A small portion of data stored within the user’s device.

Legal References

This privacy policy is drawn up from multiple legislative regulations, including Articles 13 and 14 of the Regulation (EU) 2016/679. Where not otherwise specified, this privacy policy applies only to this website.


The EAVF takes no responsibility for the inclusion of comments published by readers, both signed and anonymously. The responsibility for what is written rests solely on those who leave the comment. However, in view of current regulations, the EAVF reserves the right to delete comments that damage the image of others or that do not comply with the policy of this site.
In particular, the following are forbidden:

•    advertising messages for financial gain
•    messages with contents which constitutes a violation of Italian laws (incitement to delinquency or violence, defamation, etc.)
•    unwelcome messages:
•    messages irrelevant to the post
•    messages with offensive language
•    messages with racist or sexist content

By browsing on this site the user implicitly accepts what is written in this regulation.


Luca Bruschi
Director of the European Association of Via Francigena Ways