Interested Parties: Users of the Website www.hotelstelvioabormio.com
As the Data Controller of your personal data according to Articles 13-14 of EU Regulation 2016/679 (hereinafter ‘GDPR’), Albergo Stelvio di Umberto Capitani hereby informs you that the aforementioned regulation provides for the protection of persons and other subjects regarding the processing of personal data, and that such processing is based on the principles of fairness, lawfulness, transparency and protection of your privacy and your rights.
The information and personal data provided by you or otherwise collected as you use the website is processed in accordance with the provisions of the above regulation and the obligations of confidentiality therein.
Type of Data Processed
During their ordinary operation, the computer systems and software procedures used to operate this website collect some personal data the transmission of which is implicit in the use of Internet communication protocols. This information is not collected in order to be associated with identified interested parties. However, given its nature, it could allow users to be identified by processing and associating it with data held by third parties. This category of data includes IP addresses or domain names of computers used by users to connect to the site, URI (Uniform Resource Identifier) of requested resources, the time of such requests, the method used to submit such requests to the server, the size of the file sent in response, the numerical code indicating the status of the response from the server (successful, error, etc.) and other parameters relating to the operating system and computer environment. These data are used only to obtain anonymous statistical information on the use of the site and to check its proper functioning, and they are deleted immediately after processing. If necessary, these data can be used to ascertain responsibility in the event of computer crimes against the site.
Data Provided Voluntarily by the User
The optional, explicit and voluntary sending of e-mail messages to the addresses indicated on this website entails the subsequent acquisition of the sender’s address, which is necessary to respond to requests, as well as of any other personal data included in the message.
Specific policies are shown whenever necessary or displayed on the pages of the website that have been set up for particular on-demand services and include forms for the collection of data.
Processing Methods: the personal data collected in any forms are processed by manual or electronic means. All processing shall be carried out in accordance with the procedures set out in Articles 6 and 32 of the GDPR and by adopting the appropriate security measures provided for.
Data processing related to web services is carried out at the registered office of the Data Controller and at the hosting provider of this website, which is the company Kreandoweb di William Onesti with registered office in Via Brolo Sopra 18 in Scandiano (RE), Italy, Tax Number NSTWILM67D15F257J and VAT Number 02645940350. The servers of this company that host the website are located in France.
Communication: your data are processed within the company by the categories of persons authorized by the Data Controller to process personal data (for more information, please contact the Data Controller):
Your data may be disclosed to third parties, in particular to:
- external providers;
- companies that carry out ordinary and extraordinary maintenance of the website.
Dissemination: your data shall not be disseminated.
Storage Period: we inform you that, in accordance with the principles of lawfulness, purpose limitation and data minimisation, in accordance with Art. 5 of the GDPR, the storage period of your personal data does not exceed the time necessary for the provision of the services.
Data Controller: as provided for by the law, the Data Controller is the undersigned individual company Albergo Stelvio di Umberto Capitani, e-mail address email@example.com, represented by its legal representative.
You have the right to have your personal data deleted, communicated to you, updated, amended or integrated by the Data Controller, and, more in general, you can exercise all the rights provided for in Articles 15, 16, 17, 18, 19, 20, 21, 22 of EU Regulation 2016/679, a copy of which is provided below.
No personal data of users is collected by the site for this purpose.
The use of so-called session cookies (which are not permanently stored on the user’s computer and disappear when the browser is closed) is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server), which is necessary to allow safe and efficient navigation of the site.
The so-called session cookies used by this site avoid the use of other IT techniques that could potentially compromise the privacy of user navigation, and they do not allow the collection of personal data identifying the user.
APPLICATION OF THIS POLICY
If you have any doubts about this Policy, please contact Albergo Stelvio di Umberto Capitani by sending an e-mail to firstname.lastname@example.org
CHANGES TO THIS POLICY
Alberto Stelvio di Umberto Capitani reserves the right to update this policy, so as to adapt it to any future changes in the legislation, as well as to implement any suggestions made by employees, customers, partners and users. If any changes are made by Albergo Stelvio di Umberto Capitani, the word ‘update’ shall be displayed next to the website policy link on the main privacy page on the main page of www.hotelstelvioabormio.com.
If any substantial changes are made to this policy, Albergo Stelvio Umberto Capitani shall publish these changes in a visible manner.
EU Reg. 2016/679: Articles 15, 16, 17, 18, 19, 20, 21, 22 – Rights of the Interested Party
The interested party has the right to obtain confirmation of the existence of any personal data concerning them, even if such data have not yet been stored, and that such data be communicated to them in intelligible form.
- The interested party has the right to now:
- the origin of the personal data;
- the purposes and methods of processing;
- the logic applied, if any processing is carried out with the aid of electronic instruments;
- the identity of the Data Controller, Data Supervisor and the persons in charge of the processing as provided for by Article 5, paragraph 2;
- the subjects or categories of subjects to whom the personal data may be communicated or disclosed as data supervisors, persons in charge of the processing in the territory of the State, or persons authorized to process such data.
- The interested party has the right to:
- have their data updated, amended or, if there are interested therein, integrated;
- have their data deleted or transformed into anonymous form, or have any unlawful data processing blocked, including the processing of any such data the storage of which is not necessary for the purposes for which the data were collected or subsequently processed;
- receive a confirmation that the actions as per letters a) and b) and the content thereof have been notified to the persons to whom the data were communicated or disclosed, unless this requirement proves impossible or requires a clearly disproportionate effort compared with the right that is to be protected.
- The interested party has the right to object, in whole or in part:
- to the processing of their personal data for legitimate reasons, even if such data are processed for the purpose for which they were collected;
- to the processing of their personal data for the purpose of sending advertising materials or commercial communications or for the purpose of direct sales or market surveys.