Comune di Venezia
Logo Comune di Venezia
Venice Access Fee
Comune di Venezia
Follow us

Information on the processing of personal data in compliance with Articles 13 and 14 of EU Regulation 2016/679 (referred to below as the GDPR)

In compliance with EU Regulation 2016/679 and Municipal Council Resolution No. 150 dated May 15 2018, which approved the criteria and organisational methods for the personal data protection system of the Municipality of Venice, the following information is provided regarding the processing of data related to the implementation of the Access Fee to the Ancient City of the Municipality of Venice or to other minor islands of the Venetian Lagoon, executed by the Economy and Finance Area:

1. The Data Controller and the Data Protection Officer

The Data Controller: Municipality of Venice
Competent Officer: Director of the Economy and Finance
direzionefinanziaria@pec.comune.venezia.it
The Data Protection Officer: rpd@comune.venezia.it
rpd.comune.venezia@pec.it

2. Data Subjects, purpose, and lawfulness conditions (legal basis)

a) Data Subjects:

  • Natural persons paying the Access Fee through the dedicated online platform;
  • Natural persons exempt/excluded who are not required to provide any data to benefit from the exclusion/exemption;
  • Natural persons requesting an exemption/exclusion from the payment of the Access Fee through the platform;
  • Natural persons requesting an exemption or exclusion from the payment of the Access Fee through alternative methods;
  • Natural persons whose data is processed in compliance with the obligations arising from the implementation regulations of the Access Fee, in order to perform the necessary checks or inspections in compliance with the implementing regulations governing the Access Fee.

b) Puropse:

the purpose of the processing relates to the implementation of a municipal fee (Access Fee to the Historic City of the Municipality of Venice or to the other minor islands of the Venetian Lagoon) and is aimed at fulfilling tax-related requirements. Specifically, it involves verifying the proper fulfilment of the relevant obligations by the data subjects, including checking the payment made or the accuracy of the information provided to benefit from exclusion/exemption from the tax obligation).

c) Lawfulness conditions (legal basis):

The lawfulness conditions (legal basis) for processing are as follows: the execution of a task in the public interest or connected to the exercise of public authority vested in the Municipality of Venice (under Article 6, paragraph 1, letter e) of the GDPR).

The following legal bases are particularly relevant:

  • Article 1, paragraph 1129, of Italian Law No. 145 dated December 30 2018, which authorised the Municipality of Venice to establish and govern, through a regulation adopted according to Article 52 of Italian Legislative Decree No. 446 dated December 15 1997, the fee referred to in Article 4, paragraph 3-bis, of Italian Legislative Decree No. 23 dated March 14 2011, for access to the Ancient City and the other minor islands of the Venetian Lagoon;
  • Article 4, paragraph 3-bis, of Italian Legislative Decree No. 23 dated March 14 2011, governing the Landing Tax;
  • Article 52 of Italian Legislative Decree No. 446 dated December 15 1997, regulating the legislative authority of Municipalities and Provinces;
  • Article 1, paragraphs 161 and following, of Italian Law No. 296 dated December 27 2006, governing the time limits for assessment in cases of non-payment of local taxes;
  • Articles 16 and 17 of Italian Legislative Decree No. 472 dated December 18 1997, referenced by Article 1, paragraph 161, of Italian Law No. 296 dated December 27 2006;
  • Article 1, paragraph 164 and following, of Italian Law No. 296 dated December 27 2006, governing the time limits for tax refunds by local authorities;
  • Article 1, paragraphs 179 and following, of Italian Law No. 296 dated December 27 2006, governing the possibility of assigning assessment activities to entrusted entities registered in the "Register for the Assessment and Collection of Local Authority Revenues" established at the Italian Ministry of Economy and Finance under Article 53 of Italian Legislative Decree No. 446 dated December 15 1997;
  • Article 7-bis of Italian Legislative Decree No. 267 dated August 18 2000, governing provisions on violations of Municipal regulations;
  • Municipal Regulation for the establishment and regulation of the Access Fee, with or without carrier transport services, to the Ancient City of the Municipality of Venice and other minor islands of the Venetian Lagoon, approved by Municipal Council Resolution No. 51 dated September 12 2023, and its subsequent modifications and integrations;
  • Municipal Executive Committee Resolution No. 249 dated December 12 2023, which approved the agreement templates governing relations with carriers regarding the implementation of the Access Fee;
  • Municipal Council Resolution No. 190 dated September 16 2025, which approved the guidelines for the experimental trial period for the implementation of the Access Fee for the year 2026;
  • Municipal Executive Committee Resolution No. 254 dated November 18 2025, which determined the amount of the Access Fee during the experimental trial period for its implementation for the year 2026;
  • Municipal Council Resolution No. 32 dated February 24 2026, governing the methods of payment of the Access Fee;
  • Municipal Council Resolution No. 41 dated March 5 2026, which approved the operating procedures for the experimental trial period for the implementation of the Access Fee for the year 2026;
  • Municipal Council Resolution No. 42 dated March 5 2026, which identified the specific zones where the Access Fee is not applicable for the purposes of managing the monitoring and inspection activities.

3. Categories of data and their source

The processing concerns the following categories of personal data:

  • Common identifying data (such as name and surname) in cases of fee payment through the portal;
  • Common identifying data (such as name, surname, place and date of birth, and residence) when provided without Italian digital authentication services, such as SPID/CIE/CNS;
  • Common identifying data (such as name, surname, place and date of birth, and tax code) when provided with Italian digital authentication services, such as SPID/CIE/CNS;
  • Contact information (such as e-mail address and telephone number);
  • Data necessary for potential checks on the reasons provided for exemption/exclusion from the payment of the Access Fee.

In compliance with Article 14 of the GDPR, if the data has not been provided directly by the Data Subjects, it is hereby stated that it must be submitted through the Portal by the third-party applicant.

4. Processing Methods

Data processing is performed in compliance with the principles prescribed by Article 5 of EU Regulation 2016/679 and the rights of the Data Subject governed by Chapter III of EU Regulation 2016/679.

Processing is executed using both digital and paper-based methods and includes the operations or set of operations necessary to achieve the specified purposes.

In particular, processing is executed with the following tools and procedures:

  • The Portal for purchasing the document certifying the payment of the Access Fee or for obtaining the document confirming exclusion/exemption from payment;
  • Digital tools and software applications used during inspections conducted in the territory;
  • The acquisition of substitute declarations of certification/affidavits during checks and inspections carried out within the territory;
  • The verification of any documentation submitted for the granting of any titles of exclusion/exemption from the payment of the Access Fee.

The Data Controller does not engage in any profiling activities.

Any official checks or inspections on the declarations issued for exclusion/exemption purposes may be processed and are governed by Italian tax regulations.

5. Security measures

Data is processed in compliance with Article 32 of EU Regulation 2016/679, ensuring security through appropriate protection measures to reduce the risks of data destruction or loss, alteration, unauthorised disclosure, or accidental or unlawful access. Processing is performed by authorised individuals responsible for carrying out the relevant procedures.

6. Communication and disclosure

The personal data processed may be disclosed to third parties, both public and private, in compliance with the relevant legal, regulatory, and/or contractual obligations, exclusively for the purpose of verifying the validity of the reasons provided for exclusion/exemption from the payment of the Access Fee. Where necessary, third parties are appointed as Data Processors by the Data Controller under Article 28 of the GDPR. At any time, the Data Subject is entitled to request an updated list of all Data Processors appointed by the Data Controller.

7. Transfer of data to a third country or an international organisation

Data is processed on an IT infrastructure implemented using cloud solutions from non-European providers, which are properly contracted in compliance with the conditions set out in Article 45 of the GDPR.

8. Obligation to provide personal data

Providing data is mandatory, and failure to do so results in the inability to obtain the necessary justification document for entry and access to the Ancient City of the Municipality of Venice or other minor islands of the Venetian Lagoon.

9. Data retention period

The data of individuals who have made payments through the designated platform is retained until the 5th year following the date of payment, which is the final deadline, under Article 1, paragraph 164, of Italian Law No. 296 dated December 27 2006, for requesting a refund of amounts paid but not due. The data of individuals who have requested an exclusion/exemption document and whose presence is not confirmed during inspections in the territory will be deleted at 12:00 a.m. (midnight) on the last day of validity of the document. The data of individuals whose presence in the territory is recorded will be retained until December 31 of the 5th year following the inspection. This is the final deadline, under Article 1, paragraph 161, of Italian Law No. 296 dated December 27 2006, for issuing tax assessment notices that the Municipality must notify if it verifies that the declared reason for exclusion/exemption is not truthful.

10. Rights of the Data Subject

Data Subjects are entitled, under certain conditions, to exercise the rights provided for in Chapter III of EU Regulation 2016/679 and specifically the right to access their personal data, to request their rectification, restriction, or deletion, as well as to object to their processing, subject to the existence of legitimate reasons by the Data Controller. In order to exercise these rights, Data Subjects may submit requests to: the Municipality of Venice, the Director of the Economy and Finance Department, and the Data Protection Officer, in compliance with Article 37 of EU Regulation 2016/679. In the event of new circumstances and/or changes to the data processing as described above, the Data Controller, which is the Municipality of Venice, undertakes to provide the Data Subject with any additional information required.

11. Right to lodge a complaint

Under Article 77 of EU Regulation 2016/679, in the event of alleged violations of the regulation, the data subject may lodge a complaint with the Italian Supervisory Authority – the Data Protection Authority, without prejudice to any other form of administrative or judicial remedy.