This document is made up of the following parts:
- Normative Requirements
- Holder of the treatment
- Place of teatment
- Data collection
- Cookies Management
- Optional supply of data
- Modality of treatments
- User’s rights
- Sharing, communication and diffusion of data
- Informative to the guests
1. NORMATIVE REQUIREMENTS
Directive 95/46 / EC on the “protection of individuals with regard to the processing of personal data, as well as on the free movement of such data”.
Directive 2002/58 / EC on the “processing of personal data and the protection of privacy in the sector of electronic communications”.
EU European Regulation 679/2016 – General Data Protection Regulation –
2. HOLDER OF THE TREATMENT
During the consultation of this site, data relating to identified or identifiable people may be processed.
The data controller is:
Hotel Marmorata Srl – Via Bizantina, 3 – Locality Marmorata -84010 Ravello (Sa)
Tel: +39 089 877777 mail: firstname.lastname@example.org
3. PLACE OF TREATMENT
The treatments connected to the web services of this site take place on servers located in the Italian state.
4. DATA COLLECTION
Collection of technical data
The use of the site by visitors, involves the full and implicit acceptance and respect of what is written in this document. The site, for technical and security reasons, and for statistical purposes, automatically collects information on accesses, (the information is not of an identifying type or classified as particular data), which are electronically stored and processed exclusively for the aforementioned purposes and for the time necessary.
We inform you that personal data, which you may provide via this site, are processed exclusively for the management of your request and for the practices required by law. Some data, requested through an appropriate form, are essential to start the request itself and for the practices required by law. In this case you will not be asked to give any consent as the data that you send us will fall within the exempted cases in accordance with current legislation and with reference to the Article 6 of the Law 679/2016 (GDPR).
Optional consent: Your refusal to provide such data will make it impossible for us to process your request.
Through this site, visitors can use a “booking engine” to get a personalized quote and book by obtaining a direct confirmation. In case of reservation, some data are sent to the hotel and stored in the integrated system. Consequently, to the treatment of the data memorized, also compete the owner and the person responsible of the data treatment of the company that owns the booking engine.
The company that owns the booking engine is: Vertical Booking Srl – Piazza Pontida n ° 7 – 24122 Bergamo.
What is a cookie?
Cookies are short text files that are downloaded to your device when you visit a website. At each subsequent visit the cookies are sent back to the website that originated them (first-party cookies) or to another site that recognizes them (third-party cookies). Cookies are useful because they allow a website to recognize the User’s device. They have different purposes such as, for example, allowing you to efficiently navigate between pages, remember favorite websites and, in general, improve the browsing experience. They also help to ensure that the advertising contents displayed online are more targeted to the users and their interests. Depending on the function and purpose of use, cookies can be divided into technical cookies, profiling cookies, third-party cookies. Cookies are used by the majority of websites. Cookies can not be used to identify visitors by themselves. Usually a cookie contains the name of the domain where it comes from, the age of the cookie itself and a value; usually a randomly generated unique number. Cookies can be deactivated completely in your browser at any time, changing the browser preferences. Disabling cookies may compromise the operation of some parts or features of this website.
The website in question uses the following types of cookies:
Technical session cookies
The use of session cookies are strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to allow the safe and efficient exploration of the site.
The session cookies used on this site avoid the use of other technologies that could compromise the privacy of users’ browsing and do not allow the acquisition of personal identification data. These cookies are processed in computer mode.
Additional technical cookies
The Hotel Marmorata Srl uses some technical cookies:
– consent cookies. They are the one related to the cookie that is inserted to register the consent for the use of analytics and / or profiling cookies. You are free to delete the cookie from your computer.
– additional technical cookies. There are additional technical cookies essential for the proper functioning of the website.
These cookies allow us to provide the services requested by users and to browse the site using its best performance. This type of cookie can not be disabled as it is necessary for the proper functioning of the site.
Duration of cookies
Some cookies (session cookies) remain active only until the browser is closed or the logout is processed. Other cookies “survive” when the browser is closed and are also available to the user’s in the following visits. These cookies are called persistent cookies and their duration is set by the server when they are created.
List of third party cookies
The website uses or may use third party cookies to follow the list of possible cookies and related privacy policies.
Google Analytics – Used to collect statistical and browsing data from the website https://policies.google.com/privacy
PHPSESSID: it is a session technical cookie used by the PHP programming language; it allows to keep active a connection between the browser and the server. It does not collect any data relating to the user. It is deleted when the users closes the browser they are using.
_ga: Performance cookies set by Google Analytics (assimilated to technical cookies), it is necessary to distinguish univocally each user who accesses the website, assigning a random identifier (ID) at the first access. It lasts about two years.
_gat: Performance cookies set by Google Analytics (assimilated to technical cookies), is used to limit the number of requests to be sent to the Google server in a given period of time. It lasts 10 minutes.
_utmz: Performance cookie set by Google Analytics (assimilated to technical cookies), related to sinxis.com, has a duration of 6 months.
_utmz: Performance cookie set by Google Analytics (assimilated to technical cookies), related to vimeo.com, has a duration of 6 months.
6. Management of cookies
The data controller recalls that the total or partial disabling of technical cookies can compromise the use of the site features.
It is possible to selectively disable the action of Google Analytics by installing on your browser the opt-out component provided by Google. To disable the action of Google Analytics, please refer to the link below:
However, you can decide whether or not to accept cookies by changing the security settings of the browser.
Firefox: : https://support.mozilla.org/it/kb/Gestione%20dei%20cookie
Internet Explorer: http://windows.microsoft.com/it-it/windows7/how-to-manage-cookies-in-internet-explorer-9
Opera: : http://help.opera.com/Windows/10.00/it/cookies.html
7. OPTIONAL DATA SUPPLY
We inform you that personal data, which you may provide via this site, are processed exclusively for the management of your request and for the practices required by the law. Some data, requested through an appropriate form, are essential to start the request itself and for the practices required by law. In this case you will not be asked to give any consent as the data that you send us will fall within the exempted cases in accordance with current legislation and with reference to the Article 6 of the Law 679/2016 (GDPR).
Optional consent: Your refusal to provide such data will make it impossible for us to process your request.
8. METHOD OF TREATMENT
The information relating to accesses on the site and personal data that users will communicate by filling out the contact form, will be stored into electronic media protected by password and will be treated confidentiality by the manager of our structure that will keep them for the time necessary for the execution of the request. Any particular data are processed in compliance with the regulations in force and in particular with the law 679/2016 (GDPR).
For the access to the IT tools used during the collection, consultation and storage of data, the data controller and processor has put in place all the technical and organizational measures necessary to ensure an adequate level of security, avoiding the possibility of unauthorized disclosure and ensuring in this way the confidentiality, the integrity and the availability of data as well as, in the event of a physical or technical incident, to ensure the ability to restore data in a short time.
In accordance with the art. 8 of the REGULATION (EU) 2016/679, on this website, the services are offered exclusively to those who have reached the age of majority or for which (if minors under the age of 16) parents’ consent has been collected. If we discover that a minor has provided us with personal information without the permission of the parents or guardian, we will immediately delete this information.
9. SHARING, COMMUNICATION AND DIFFUSION OF DATA
The data collected may be transferred or communicated to other companies, specifically identified, for activities strictly connected to the operation of the service, such as the management of the site itself or its components. Personal data may be transmitted to third parties, but only and exclusively if this is necessary to comply with requests from the Judicial Authority or Public Security. No data coming from the web service is diffused.
10. USER RIGHTS
The User will be able to exercise the rights to which the art. 7 of the Privacy Code and the art. 15 GDPR refer to.
In particular, the User has the right at any time to obtain from the Hotel Marmorata Srl confirmation of the existence or not of personal data concerning him, even if not yet registered, and their communication in a intelligible form.
The User also has the right to obtain confirmation: a) of the origin of personal data; b) of the purposes and methods of the data treatment; c) of the logic applied in case of treatment carried out with the aid of automated tools; d) of the identification details of the owner, of the managers and of the designated representative; e) of the subjects or the categories of subjects to whom the personal data may be communicated or who can learn about them as representative designated in the territory of the State, as managers or agents.
The User also has the right to obtain: a) the update, the rectification or, when interested, the integration of data; b) the cancellation, the transformation into anonymous form or the block of data processed unlawfully, including those data whose preservation is unnecessary for the purposes for which the data were collected or subsequently processed; c) the certification of the operations to which letters a) and b) refer to, have been brought to the attention, also with regards to their content, to whom the data have been communicated or diffused, except the case where such fulfillment is proved impossible or if it involves a disproportionate use of the law with respect to the protected right.
The Users have the right to object, in whole or in part: a) for legitimate reasons, to the processing of personal data concerning them, even though they are relevant to the purpose of the collection; b) to the processing of personal data concerning them for the purpose of sending advertisements or direct sales material or for carrying out market research or commercial communications (for example relating to newsletter services).
Where applicable, the User also has the rights reported in the Articles 16-21 GDPR (Right of rectification, right to be forgotten, right of limitation of treatment, right to the portability of contractual data and rough navigation, right of opposition), as well as the right of complaint to the Guarantor Authority.
How rights are carried out
We also wish to inform you that the European Regulation recognize certain rights to you such as the right of access and correction, or the right of cancellation or limitation or opposition to the treatment in addition to the right of the portability of the data, if applicable (articles 15 to 22 of the EU Regulation No. 679 of 2016). You could also make a complaint to the supervisory authority, according to the procedures established by current legislation.
To carry out the rights specified in the article above, the user will be able to contact the company Hotel Marmorata s.r.l by email email@example.com at any time.
11. CHANGES TO THE CURRENT PRIVACY POLICIES
The data controller periodically checks its privacy and security policy and, if necessary, these are revised in relation to the changes of the regulation, the organization or the technology. In case of any change, the new version will be published on this webpage.
12. INFORMATION TO THE GUESTS
in accordance with current legislation on the protection of personal data (EU Regulation No. 679 of 2016), we wish to inform you that the processing of your personal data is carried out with accuracy and transparency, for lawful purposes and protecting your privacy and your rights .
The treatments are also carried out with the help of IT tools for the following purposes:
- to acquire and confirm your booking of our accommodation services and extra services, and to provide all the services requested. Since these are necessary treatments for the definition of the contractual agreement and for its subsequent implementation, your consent is not required, except if particular data, so-called sensitive data are given. In case of refusal to provide personal data, we will not be able to confirm the booking or to provide the services requested. The treatment will end on your departure, but some of your personal data may or must continue to be processed for the purposes and with the modality indicated in the following points;
- to fulfill the obligation set in the “Text of the Public Security Laws” (article 109 RD 18.6.1931 No. 773) which requires us to communicate to the Police Headquarters, for public security purposes, the gender of the clients staying at the hotel according to the modalities established by the Ministry of the Interior (Decree of 7 January 2013). The provision of data is mandatory and does not require your consent, and in case of refusal to provide these information we will not be able to host you into our hotel. The data acquired for this purpose are not stored by us, unless you provide us with the consent to store them as foreseen in point 4;
- to comply with current administrative, accounting and tax obligations. For these purposes, the processing of your data is carried out without the need to acquire your consent. Data are processed by us and our representatives, and are communicated outside only in fulfillment to legal obligations. In case of refusal to provide the data necessary for the above-mentioned obligations, we will not be able to provide the services requested. The data acquired for these purposes are stored by us for the time indicated by the respective regulations (10 years, and even more in the case of tax assessments);
- to speed up the registration procedures in case of future stays at our hotel. For this purpose, after obtaining your consent revocable at any time, your data will be kept for a maximum period of 10 years and they will be used when you will be our guest again for the purposes explained in the previous points;
- to perform the function of receiving messages and telephone calls addressed to you during your stay. For this purpose, your consent is required. You can withdraw your consent at any time. The treatment will end on your departure;
- to send you our promotional messages and updates on our rates and offers. For this purpose, after obtaining your consent, your data will be kept for a maximum period of 10 years and they will not be disclosed to third parties. You can withdraw your consent at any time;
- for purposes of protection of people, property and company assets through a video surveillance system of some areas of the hotel, recognizable by appropriate signs. For this treatment, your consent is not required, as it is our legitimate interest to protect the people and our property from possible aggressions, thefts, robberies, damages, acts of vandalism and for purposes of fire prevention and job security. The recorded images are deleted after 24 hours, except during bank holidays or other cases when the hotel is closed, and in any case not more than a week. They are not object of communication to third parties, except in cases where it is necessary to adhere to a specific investigation request by the judicial authorities.