Privacy Policy

Cookies and Newsletter Privacy Policy

 

We are committed to protecting the privacy of our users in accordance with Article 13 of Legislative Decree 196/2003, “Personal Data Protection Code” (Privacy Code) and Article 13 para.1 of EU Regulation 2016/679 on the protection of natural persons with regard to the processing of personal data (GDPR).
In accordance with the aforementioned legislation, this processing is based on the principles of correctness, lawfulness and transparency and the protection of your privacy and your rights.

1. EXTENDED INFORMATION ON THE USE OF COOKIES

What are Cookies?

Cookies are small text files used to improve website navigation. Thanks to Cookies, browsing preferences such as the language spoken, display options, etc., can be stored by the browser in use.
Cookies are saved on the device used, to facilitate the use of the contents and can only be read by the site that generated them.
No personal user data is acquired by the site in the mere browsing of web pages. Cookies are not used to transmit personal information.

The website [privacy view=”site_name”] uses the following cookies:

Technical Cookies
These Cookies are essential to enable you to browse the site and use its functionalities. Technical Cookies are used which are strictly necessary for the functioning and navigability of the site, and Cookies relating to the saving of preferences in order to optimise its use (e.g. language preferences). Without Cookies, it is possible that certain functionalities may not be accessible or may not function properly.

Performance Cookies (third parties)
This site uses the Google Analytics service, provided by Google Inc. to collect statistical information on the use of the site with the specific aim of improving its performance and usability.
All information collected by these Cookies is aggregated anonymously and is only used to improve the functionality of the site.

Below you will find the privacy policy of Google Inc. http://www.google.it/policies/privacy/

Profiling Cookies (third parties)
Some Cookies may also be used to show special offers consistent with the preferences expressed during browsing in order to improve the user’s shopping experience and conditions.
The Cookies we use for profiling do not collect information that would personally identify the user browsing the site’s pages.
The site uses Profiling Cookies in connection with the ‘remarketing’ function of Google Adwords, allowing personalised ads to be published in Google’s content network based on the pages visited by users on the site. Third-party vendors, including Google, use Cookies to serve ads based on users’ previous visits to your website.
The information obtained only allows the browser to be identified and it is not possible to identify the user in any way.
How it works: some pages of the site include a remarketing code that allows the browser’s Cookies to be read and configured in order to determine the type of ad the user will see based on the data relating to their visit to the site.
The remarketing lists created are stored on Google’s servers where all Cookie IDs associated with the interests are stored.
More information on the remarketing tool can be found at this link: https://support.google.com/adwordspolicy/answer/143465?hl=it&ref_topic=3123080&rd=1

Social Network Cookies (third parties)
The site integrates the main Social Networks through scripts made available by them. These scripts may use Cookies in order to facilitate the sharing of content on social networks or interaction with subscribers and other members.
These types of Cookies are managed by the different social network companies, each of which is responsible for its own Cookies.

You can learn more about the published privacy policies via the links below:

Indication of consent
To consent to the processing of data and the use of all Cookies, simply exit this Policy by closing the relevant page, continue browsing the site or click on any of its elements. To withhold consent or configure the handling of Cookies differently, please follow the instructions in the following paragraph.

Configuring Cookie management in the browser
The major browsers allow you to change the settings for managing Cookies. You can decide to: allow Cookies to be saved by websites, deny saving Cookies altogether, or decide on a case-by-case basis which Cookies to accept.

These settings vary depending on the browser used to navigate. Below are links to the information pages of the most popular ones:

For further information on the use of Cookies by third-party services and further instructions on how to manage Cookies in your browser, please consult the following address: http://youronlinechoices.eu.

If you decide to set your browser to refuse Cookies on this site, please note that some features may not be available and access to some sections may be limited.

2. COMMERCIAL MAILING SERVICE INFORMATION

The owner of the website [privacy view=”site_url”] may process some of your personal data (such as email address, etc.) to inform you about site news and active promotions. Any user may, of course, unsubscribe from these newsletter services at any time by simply clicking on the appropriate link in each communication sent.

3. TYPES OF DATA PROCESSED

The data you provide through the methods provided by the website, i.e.: the “contact us” form, the newsletter, the booking engine and the official email address indicated on the website, will be processed for the purpose of carrying out tourist booking services and requesting information or availability on the website:
[privacy view=”site_url”]
Apart from what is specified for navigation data, the user is free to provide the personal data requested from time to time, but failure to do so may make it impossible to provide the services requested.

4. DATA PROCESSING METHODS

Contents and services are provided only to those who authorise the processing of their personal data. Data is processed using automated tools (including those of third parties) or manually, and in a manner that guarantees maximum security and confidentiality. The right to use the collected data is not transferred to third parties, nor is it disseminated or transferred abroad.

Processing may be carried out by electronic means or on paper.
Specific security measures are followed to prevent unlawful or incorrect use of, and unauthorised access to, the data. Please note, however, that internet communications by email may pass through several countries before being delivered to the recipients. The website [privacy view=”site_name”] cannot take responsibility for any unauthorised access or loss of personal information beyond its control.

5. USE OF DATA

The data will only be disclosed to those parties necessary for the fulfilment of the booking contract or of requests made by you. No further dissemination of data will be made outside this context.

6. DATA CONTROLLER AND DATA PROCESSOR

[privacy view=”company_name”], [privacy view=”company_address”], e-mail [privacy view=”referral_email”].

7. RIGHTS OF DATA SUBJECT

You may at any time exercise your rights vis-à-vis the Data Controller, in accordance with Article 7 of Legislative Decree 196/2003 and Article 15 GDPR, which we reproduce in full at the bottom of the page for your convenience.

a) Minors (Article 8 GDPR)
The Data Controller’s website and services are not intended for children under 16 years of age and the Data Controller does not knowingly collect personal information from minors. The processing of a minor’s personal data is lawful if the minor is at least 16 years old. Where the minor is under 16 years of age, such processing is lawful only if and to the extent that such consent is given or authorised by the holder of parental responsibility.
In the event that information on minors is inadvertently recorded, the Controller shall delete it in a timely manner.

8. DATA PROTECTION ON OTHER WEBSITES LINKED TO THE SITE

MyGuestCare
The website uses a reservation system that is essential in order to check availability and allow independent quotations for services of interest. Use of the booking system is effected through access to the domain booking.myguestcare.com. This domain is connected to the Google Analytics account of the site [privacy view=”site_url”] and uses the same Cookies already approved by the user for browsing the site [privacy view=”site_url”].

LEGISLATIVE DECREE No.196/2003
Article 7 – Right of access to personal data and other rights
1. The Data Subject shall have the right to obtain confirmation as to whether or not personal data concerning him/her exist, even if not yet recorded, and to receive such data in intelligible form.
2. The Data Subject has the right to be informed:
a) of the origin of the personal data;
b) of the purposes and methods of processing;
c) of the logic applied in the event of processing by electronic means;
d) of the identification details of the Data Controller, the Data Processors and the Designated Representative in accordance with Article 5(2);
e) of the parties or categories of parties to whom the personal data may be communicated or who may become aware of them in their capacity as Designated Representatives in the territory of the State, as managers or processors.
3. The Data Subject has the right to obtain:
a) the updating, rectification or, where applicable, completion of the data;
b) the deletion, anonymisation or blocking of data processed in breach of the law, including data whose retention is not necessary for the purposes for which the data were collected or subsequently processed;
c) certification that the operations referred to in points a) and b) above have been notified, including as regards their content, to those to whom the data has been communicated or disseminated, unless this proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected.
4. The Data Subject has the right to object, in whole or in part:
a) for legitimate reasons, to the processing of personal data concerning him/her, even if relevant to the purpose of collection;
b) to the processing of personal data concerning him/her for the purpose of sending advertising material or direct sales or for carrying out market research or commercial communication.

EU Regulation 2016/679 (GDPR)
Article 15 – Data Subject’s right of access
1. The Data Subject shall have the right to obtain from the Data Controller confirmation as to whether or not personal data relating to him/her are being processed and, if so, to obtain access to the personal data and to the following information:
a) the purposes of the processing;
b) the categories of personal data concerned;
c) the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations;
d) where possible, the envisaged period for which the personal data will be retained or, if this is not possible, the criteria used to determine that period;
e) the existence of the right of the Data Subject to request from the Data Controller the rectification or erasure of personal data concerning him/her or to object to the processing of personal data concerning him/her;
f) the right to lodge a complaint with a Supervisory Authority;
g) where the data is not collected from the Data Subject, all available information on its origin;
h) the existence of any automated decision-making process, including profiling as referred to in Article 22(1) and (4), and, at least in such cases, meaningful information on the logic used, as well as the expected relevance and consequences of such processing for the Data Subject.
The Data Subject also has the rights set out in Articles 16 to 21 GDPR (right to rectification, right to oblivion/deletion, right to restriction of processing, right to data portability, right to object), as well as the right to complain to the Data Protection Authority.

METHODS OF EXERCISING RIGHTS
Requests may be sent by registered letter, telefax or email to [privacy view=”company_address”] – tel. [privacy view=”company_tel”], fax [privacy view=”company_fax”], email: [privacy view=”referral_email”].

[privacy view=”site_name”] reserves the right to change or amend this Privacy Policy at any time, particularly as new industry regulations come into force. In such case, the changes will enter into force 15 days after the date of publication on the site.