DATA CONTROLLER IDENTIDY AND DATA:
Data controller : HOTEL IMPERIAL S.R.L.
Registered office: Via Faà di Bruno, 119 – 61032 Fano
Should you need further information as far as personal data processing is concerned, please contact: firstname.lastname@example.org
DATA PROCESSING PURPOSES:
Your personal data are processed, throughout the website, for the following purposes:
a) After completing the website FORM, you can access the provided services and their performance such as: i.e. communications regarding your request, request processing, special needs or requests fulfilment, general information dispatch, etc…;
b) Complying with legal and fiscal laws (customer management, contracts management, orders and invoices);
c) Management of any dispute between the parties (complaints, breaches of contract between the parties, transactions, debt collection procedures, fraudulent acts)
d) Updating, by means of emails, about marketing activities, including, i.e. information regarding promotions, discounts, news, events and advertising campaigns launched by the Controller (“Newsletter”);
Processing your personal data for the above written a)b) purposes is required in order to properly provide services to subscribed customers. The legal basis for data processing is the performance of the contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract actions related to the website services (pursuant to Regulation art. 6 comma 1, lett.b).
Your data processing for the c) point purposes is based on the legitimate interest pursued by the Controller (legal defence of their own rights) (pursuant to Regulation art. 6 comma 1, lett.f).
Processing your personal data for the above written d) purposes is based on your personal consent (pursuant to Regulation art. 6 comma 1, lett.a).
TYPES OF PERSONAL DATA SUBJECTED TO PROCESSING:
Data processing may concern:
– Personal data (i.e. first name, last name, address, place and date of birth, telephone number and email address)
– Automatically collected data (technical data: i.e. IP address, browser, information about your computer, (approximate) device data localization; cookies and other similar technologies collected data: for further information, please visit our “Cookie” section).
The optional, explicit and voluntary dispatch of emails to addresses reported on this website automatically implies the collection of data regarding sender’s address (which is fundamental in order to reply), and of any other possible personal written data.
PERSONAL DATA ADDRESSEE CATEGORIES
The above written data may be communicated to:
– Individuals who have been authorized by the Controller to process personal data (pursuant former Regulation Art.29)
– Third parties, officially defined as Data Processors, who are authorized to process data on behalf of us and whose list can be requested;
Both paper and electronic data may therefore be communicated to the following addressee categories:
– Tax authorities and/or other public entities, if required by law or on their specific request;
– Other companies, subjects and third parties co-operating with the Controller in managing activities which are connected, instrumental or subsequent to the performance of website services (i.e. newsletter dispatch, ecc..)
– External consultants (i.e. managing and complying with fiscal laws)
DATA PROCESSING PROCEDURE:
Previously authorized and instructed individuals in charge are processing your personal data by means of IT devices under the supervision of the Controller, pursuant Regulation Art. 29. We inform you that proper security measures were taken in order to prevent data loss, illegal or incorrect usage and unauthorized access (pursuant to Privacy Regulation Art. 5 and 32).
CONSEQUENCIES TO REFUSAL TO DISCLOSE PERSONAL DATA
Releasing personal data according to the above written points a) b) c) is compulsory in order to manage your general information request only
Processed data for the purpose in points d) is optional and based on your voluntary given consent. The refusal to release your personal data for the above written purposes implies the impossibility to provide the required services.
Nevertheless, you can decide whether to give or refuse your consent for the latest purpose, without affecting your access to our website services.
Being a data subject, you have the right to revoke your consent at any time without affecting the legal soundness of the data processing procedures linked to a previously given consent.
PERSONAL DATA RETENTION
Your personal data will be recorder and stored according to the following terms and conditions:
a) Personal data related to products and services, general information etc… collected through the completed website form: your data are going to be stored only in order to assure you a proper and complete reply
b) Processed data related to marketing purposes (exclusively for those users who gave their explicit consent to marketing purposes): personal data are stored until the user requires the interruption of the service or, in any case, within two years since his/her last direct interaction with http://www.hotel-imperial.it.
DATA SUBJECTS’ RIGHTS
Being a data subject you can exercise any of the rights displayed in Regulation Art.15 (right of access), Art.16 (Right to rectification), Art.17 (right to erasure, “right to be forgotten”), Art.18 (Right to restriction of processing), Art.19 (Notification obligation regarding rectification or erasure of personal data or restriction of processing), Art.20 (Right to data portability), Art.21 (Right to object).
Moreover, being a data subject you have the right to lodge a complaint with a supervisory authority, pursuant to Regulation Art.77, whenever the above written rights were not acknowledged. The complaint can be lodge to the Data Protection Authority. For more information, please visit the Protection Authority website http://www.garanteprivacy.it (English section).
To exercise the above written rights, please email the Controller at email@example.com
TRANSFERS OF PERSONAL DATA TO THIRD COUNTRIES OR INTERNATIONAL ORGANIZATIONS
National boundaries delimit the processing data environment and there is no intention to transfer them to a third country or to an international organization.
AUTOMATED PROCESSING OF PERSONAL DATA AND PROFILING
No automated processing of personal data are used (profiling included).