Via Francigena

Data Controller

European Association of the Via Francigena ways

Registered office: Casa Cremonini, Piazza Duomo 16, 43036 Fidenza (PR) – Italy

Holder e-mail address:

Types of Data Collected

Among the Personal Data collected by this site, either independently or through third parties, are:

  • cookies;
  • usage data;
  • e-mail address.

Full details on each type of data collected are provided in the dedicated sections of this privacy policy document or by means of specific information texts displayed prior to the collection of the data.

Personal Data can be freely provided by the User.

Users in doubt as to which Data is mandatory are encouraged to contact the Controller.

Any use of Cookies – or of other tracking tools – by this Site or by the owners of third party services used by this Site, unless otherwise specified, is for the purpose of providing the Service requested by the User, in addition to the further purposes described in this document and in the Cookie Policy document.

The User takes responsibility for third parties’ Personal Data obtained, published or shared through this Site and warrants that he/she has the right to communicate or disseminate them, releasing the Owner from any liability towards third parties.

Method and location of data processing

Treatment modes

The Data Controller takes appropriate security measures to prevent unauthorised access, disclosure, modification or destruction of Personal Data. The processing is carried out by means of computer and/or telematic instruments, with organisational methods and logics strictly related to the indicated purposes. In addition to the Data Controller, in some cases, other subjects involved in the organisation of this Web Site may have access to Data if necessary (administrative, commercial, marketing, legal personnel, system administrators), who are Data Processors on the part of the Data Controller. The updated list of Data Processors can always be requested at the Data Controller.

Legal basis for processing

The Controller processes Personal Data relating to the User if one of the following conditions is met:

  • the User has given consent for one or more specific purposes; Note: in some jurisdictions, the Controller may be allowed to process Personal Data without the User’s consent or another of the legal bases specified below, until the User objects (“out-out”) to such processing. However, this does not apply where the processing of Personal Data is governed by European legislation on the protection of Personal Data;
  • the processing is necessary for the performance of a contract with the User and/or the execution of pre-contractual measures;
  • processing is necessary to comply with a legal obligation to which the Controller is subject;
  • the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Controller;
  • processing is necessary for the pursuit of the legitimate interest of the Controller or of third parties.

However, it is always possible to ask the Controller to clarify the concrete legal basis of each processing operation and in particular to specify whether the processing is based on law, required by a contract or necessary to conclude a contract.


Data is processed at the operational and legal offices of the Controller and in any other place where the parties involved in the processing are located. For further information, please contact the Data Controller. The User’s Personal Data may be transferred to a country other than the one where the User is located. To obtain further information on the location of the processing, the User may refer to the section on Personal Data processing details. The User has the right to obtain information about the legal basis for the transfer of Data outside the European Union or to an international organisation under public international law or consisting of two or more countries, such as the UN, as well as about the security measures taken by the Controller to protect Data. Should one of the described transfers take place, the User may refer to the respective sections of this document or request information from the Data Controller by contacting it through the contact details provided at the top of the document.

Conservation period

Data is processed and kept for the time required by the purposes for which it was collected. Therefore, Personal Data collected for purposes attributable to the legitimate interest of the Data Controller will be retained until such interest is satisfied. The User may obtain further information about the legitimate interest pursued by the Controller in the relevant sections of this document or by contacting the Controller. When the processing is based on the User’s consent, the Data Controller may keep Personal Data for a longer time, until such consent is revoked. Moreover, the Controller may be obliged to keep Personal Data for a longer period in compliance with a legal obligation or by order of an authority. At the end of the retention period, Personal Data will be deleted. Therefore, at the expiry of this period, the right of access, deletion, rectification and the right to Data portability can no longer be exercised. In any event, Personal Data will not be retained for a period longer than ten years.

Purposes of Data Processing

User’s Data is collected solely to enable the Data Controller to provide its Services. To obtain further detailed information on the purposes of the processing and Personal Data concretely relevant for each purpose, the User may refer to the relevant sections of this document.

Details of Personal Data Processing

Personal Data is collected for the following purposes and using the following services:

Contact the User:

Mailing list or newsletter (this Web Site)

Personal data collected: e-mail

By registering for the mailing list or newsletter, the User’s e-mail address is automatically added to a list of contacts to whom e-mail messages containing information – including of a commercial and promotional nature – relating to this Web Site may be sent. The User’s e-mail address may also be added to this list due to registering on this Web Site or to the making of a purchase. Contact form (this Web Site). The User, by filling in the contact form with his or her Data, consents to their use to respond to requests for information or any other nature indicated in the header of the form. The User may at any time request his or her e-mail address to be removed from the mailing list.

Tag Management

This type of services is functional for the centralised management of tags or scripts used on this Web Site. The use of these services involves the flow of User’s Data through them and, where appropriate, their retention.


Google Tag Manager (Google LLC)

Google Tag Manager is a tag management service provided by Google LLC.

Personal data collected: Cookies and Usage Data.

Place of processing: USA – Privacy Policy.

User Rights

Users may exercise certain rights with regard to Data processed by the Data Controller.

In particular, the User has the right to:

  • withdraw consent at any time. The User may revoke his or her previously expressed consent to the processing of his or her Personal Data;
  • oppose the processing of their Data. The User may object to the processing of his or her Data when it is done on a legal basis other than consent. Further details on the right to object can be found in the section below;
  • access to their Data. The User has the right to obtain information on the Data processed by the Controller, on certain aspects of the processing and to receive a copy of the Data processed;
  • verify and request rectification. The User may verify the correctness of his/her Data and request that it be updated or corrected;
  • obtain the restriction of processing. When certain conditions are met, the User may request the restriction of the processing of its Data. In this case, the Data Controller will not process the Data for any purpose other than its storage;
  • obtain the deletion or removal of their Personal Data. When certain conditions are met, the User may request the deletion of their Data by the Data Controller;
  • receive their Data or have them transferred to another data controller. The User has the right to receive his or her Data in a structured, commonly used and machine-readable format and, where technically feasible, to have it transferred without hindrance to another controller. This provision is applicable when Data is processed by automated means and the processing is based on the User’s consent, on a contract to which the User is a party or on contractual measures related thereto;
  • propose a complaint. The User may lodge a complaint with the competent data protection supervisory authority or take legal action.

Details on the right to object

When Personal Data is processed in the public interest, in the exercise of public authority vested in the Controller or in pursuit of a legitimate interest of the Controller, Users have the right to object to the processing for reasons related to their particular situation. Users are reminded that if their Data is processed for direct marketing purposes, they may object to the processing without giving any reason. To find out whether the Controller processes Data for direct marketing purposes, Users may refer to the respective sections of this document.

How to exercise rights

In order to exercise their rights, Users may address a request to the contact details of the Controller indicated in this document. Requests are filed free of charge and processed by the Controller as quickly as possible, in any case within one month.

Cookie Policy

This Web Site makes use of Cookies. To find out more and to view the detailed information, the User can consult the Cookie Policy.

Further information on treatment

Defence in court

User’s Personal Data may be used by the Data Controller in legal proceedings or in the preparatory phases of such proceedings to defend against abuses in the use of this Web Site or related Services by the User. The User declares that he/she is aware that the Data Controller may be obliged to disclose Data by order of public authorities.

Specific information

At the User’s request, in addition to the information contained in this privacy policy document, this Web Site may provide the User with additional and contextual information regarding specific Services, or the collection and processing of Personal Data.

Information not contained in this policy

Further information in connection with the processing of Personal Data may be requested at any time at the Data Controller using the contact details.

Changes to this privacy policy

The Data Controller reserves the right to make changes to this privacy policy at any time by informing Users on this page and, if possible, on this Web Site as well as, if technically and legally feasible, by sending a notification to Users through one of the contact details held by the Data Controller. Please therefore consult this page regularly, referring to the date of last modification indicated at the bottom. If the changes affect processing whose legal basis is consent, the Data Controller will collect the User’s consent again, if necessary.

Definitions and legal references

Personal Data (or Data)

Personal data is any information that, directly or indirectly, even in conjunction with any other information, including a personal identification number, makes a natural person identified or identifiable.

Usage Data

This is the information collected automatically through this Web Site (including by third party applications integrated into this Website), including: IP addresses or domain names of the computers used by the User who connects with this Web Site, URI (Uniform Resource Identifier) notation addresses, the time of the request, the method used to forward the request to the server, the size of the file obtained in response, the numerical code indicating the status of the server response (successful, error, etc.), the country of origin, the characteristics of the browser and operating system used by the visitor, the various time connotations of the visit (e.g. the time spent on each page) and details of the itinerary followed by the User, the country of origin, the characteristics of the browser and operating system used by the visitor, the various temporal connotations of the visit (e.g. length of time spent on each page) and the details of the itinerary followed within the Application, with particular reference to the sequence of pages consulted, the parameters relating to the operating system and the User’s IT environment.


The individual using this Web Site who, unless otherwise specified, is the Data Subject.


The natural person to whom Personal Data refers.

Processor (or Manager)

The natural person, legal entity, public administration and any other entity that processes personal data on behalf of the Controller, as set out in this privacy policy.

Data Controller (or Owner)

The natural or legal person, public authority, service or other body which, individually or jointly with others, determines the purposes and means of the processing of personal data and the instruments adopted, including the security measures relating to the operation and use of this Web Site. The Data Controller, unless otherwise specified, is the owner of this Web Site.

This Web Site

The hardware or software tool by which Users’ Personal Data is collected and processed.


The Service provided by this Web Site as defined in the relevant terms (if any) on this Web Site.

European Union (or EU)

Unless otherwise specified, any reference to the European Union in this document shall be deemed to extend to all current member states of the European Union and the European Economic Area.


Small portion of data stored within the User’s device.

Legal references

This privacy policy is drawn up on the basis of multiple legal regulations, including Articles 13 and 14 of Regulation (EU) 2016/679.

Unless otherwise specified, this privacy policy relates exclusively to this Web Site.


EAVF takes no responsibility for the content of comments that are published by readers, whether signed or anonymously. The responsibility for what is written lies solely with the person who leaves the comment. However, given the regulations in force, EAVF reserves the right to delete comments that damage the image of others, or that do not comply with the policy of this Site.


In particular, the following are not allowed:

advertising messages for profit

messages with a content that constitutes a violation of Italian laws (incitement to crime or violence, defamation, etc.)

and the following are not welcome:

messages not related to the post

messages with offensive language

messages with racist or sexist content

By browsing this Site you implicitly accept all that is written in this regulation.


Last updated: 20 March 2023