Privacy policy

Pursuant to art. 13 of the European regulation 2016/679 (cd gdpr) and of the art. 13 of the d. lgs. 196 of 30/06/2003.

Last updated: 25 May 2018.

2. Our policy on processing of personal data

The processing of your personal data is very important and we intend to comply with all the principles prescribed by the privacy legislation. Our policy expect us to treat personal data with the maximum lawfulness, security, correctness, transparency and confidentiality, as well as to collect only the data strictly necessary for the purposes indicated here.

3. What kind of personal data we need and for what purposes

With the help of automated electronic tools we collect and process only the personal data you voluntary provide us in order to allow the selected accommodation to respond to your requests. Besides, in case of your further consent (specific and optional), we will process that information to keep you informed of any new promotions and offers.

To achieve the aforementioned purposes, we only need your name and e-mail address. If you spontaneously decide to provide further personal data through the "optional" sections of the contact form or through other tools available on the website www.alberghi.it, such information could be considered "Sensitive data" (for example any data that can disclose a person's racial origin or ethnicity, religious or other beliefs, political opinions, membership of parties, trade unions and/or associations, health, or sex life). Sensitive data would be processed only and exclusively for the services you have requested from us.

Using our website and the contact form implies the automatic provision of your navigation data (since we also ask you for your informed consent; see also the cookie policy), including your IP address, the date and time of access to our services, type of browser and device used (etc.). This data will be used for statistical purposes, eventually for analytical purposes (concerning your preferences) and for taking part in surveys.

4. Consequences in case of refusal to communicate personal data

Your name, your e -mail address and your consent to the processing are necessary to provide our services for the purposes indicated above. The refusal to confer such personal data implies the impossibility to establish a contact with the structure chosen by you.

5. Data processors (subjets that have access to your data)

  • The structure you have chosen: the data you provide to us are sent to the structure selected by you so that it can respond directly to your requests. Therefore, filling out the contact form and providing your data authorize us (the Data Controller) to transfer these data to the structure you have chosen. The Data Controller is not responsible for the processing operated by third parties, therefore we invite you to also read the privacy policy of the chosen structure.
  • Person Tasked with Processing: the Data Controller employs collaborators and employees who would be able to access the personal data you have provided strictly within the limits necessary for the performance of their auxiliary tasks.
  • External data processors: personal data may also be accessible to third parties who perform auxiliary services. Third parties are chosen by the Data Controller on the basis of appropriate standards of professionalism, safety and experience (computer technicians responsible for the maintenance of electronic equipment; hosting provider etc.).

6. How and for how long the data you provide us are stored

The data you provide us will be kept by the Data Controller in a specific database allocated on servers owned by an external company based in an EU country. Your data will be stored for 36 months. After that period of time the information will be kept exclusively in an impersonal form as summary/aggregate data in order to be used only for statistical purposes.

7. Security measures

We are committed to guaranteeing maximum security in the processing of your data and for this reason we have equipped our offices with the necessary environmental measures to prevent break-ins and to avoid leaks. In addition, we have equipped our IT systems with software protected by passwords and constantly updated anti-viruses.

8. Your rights

Regarding the processing of personal data you have the following rights:

  1. right to access personal data: at any time you can request and obtain information or confirmation of the existence of data in our possession concerning your person (and eventually receive a copy);
  2. right to request correction of the above mentioned data;
  3. the right to obtain the portability of the data you provide with consent;
  4. right to withdraw consent at any time; right to cancel it's own personal data; the right to limit the future processing of personal data according to the procedures and cases indicated by the law (articles 4 and 18 of the EU Reg. 679/2016);
  5. right to fill a complaint with a supervisory authority according to the articles: 15 to 22 of the GDPR 679/2016.

You can exercise your rights by contacting the Data Controller (and the contacts indicated in point 1. of this document) providing the e-mail address communicated at the time the data were provided.

This legislation integrates and replaces the previous one that can be consulted here: view the old privacy policy