PRIVACY INFORMATION GDPR ON WEBSITE AND COOKIES
as contained in EU regulation 2016/679 GDPR article 13 appl. on 25/5/2018
The purpose of the privacy statement is to provide maximum transparency regarding the information collected by the website and how it is used.
1 DATA CONTROLLER
S.I.A.B. S.r.l., VAT number 02732400045 is the data controller in charge of the processing of personal data. The registered office of the Data Controller is in Piazza Giovanni Arpino, 3712042 Bra (CN), Italy telephone: 39 0172 421516 E-mail: firstname.lastname@example.org PEC: email@example.com
The personal data of the interested parties are collected and processed by S.I.A.B. Srl in a way that is adequate, pertinent and limited to the purpose, in a lawful, correct and transparent way.
2 COLLECTED DATA AND PURPOSE
During their normal operation, the IT systems and software procedures used to operate this website acquire some personal data whose transmission is implicit in the use of internet communication protocols. This is information that is not collected to be associated with identified interested parties, but which by its very nature could, through processing and association with data held by third parties, allow users to be identified. ln this category of data fall:
• Internet Protocol (IP) address or domain names of the users who connect to the website;
• Addresses in URI (Uniform Resource Identifier) notation of the requested resources;
• The time of the request;
• The method used in submitting the request to the server;
• The size of the file obtained in response;
• The numeric code indicating the status of the response given by the server (e.g. success, error, etc.) and other parameters relating to the operating system and the User’s IT environment.
The collection of data and information takes place for the following purposes:
• ln an exclusively aggregated and anonymous form in order to verify the correct functioning of the site. None of this information is related to the physical person-user of the site, and does not allow identification in any way (from 25 May 2018 this information is processed based on the owner’s legitimate interests);
• For security purposes (spam filters, firewalls, virus detection), the automatically recorded data may possibly also include personal data such as the IP address, which could be used, in accordance with applicable laws, in order to block attempts to damage the site itself or to cause damage to other users, or in case of harmful activities or when it constitutes a crime. These data are never used for user’s identification or profiling, nor crossed over with other data, nor provided to third parties, but used only for the purpose of protecting the site and its users (from 25 May 2018 this information is processed based on the owner’s legitimate interests);
• Communicate data to third parties that perform functions that are necessary or instrumental to the service operations, such as the management of comments on the site, the request for information, site maintenance, management of accounting and administration.
ln the case of specific services and/or information requested by the user through the “Contacts” section, the site records the identification data provided by the user such as name, surname, email address, telephone and the text contained in the “message” box. These data are voluntarily provided by the user and are used exclusively to contact the user in relation to the services and/or information described in the “message” item.
This information is forwarded to the email firstname.lastname@example.org and processed by personnel who has been authorized by the data controller to process the data.
With the prior consent of the interested parties, S.I.A.B. Srl may process the personal data provided for commercial purposes and to carry out direct marketing actions, such as sending informative material and commercial communications or for carrying out market research.
The methods of processing personal data provided through this website also include the use of manual, IT and telematic tools (including telephone, e-mail and other technological methods of information exchange) and are properly used to maintain data privacy and security.
The treatment is carried out through automated tools (e.g. using electronic procedures and media) and / or manually (e.g. on paper) for the time that is strictly necessary to achieve the purposes for which the data were collected and, in any case, in accordance with the current regulatory provisions. Specific security measures are observed to prevent the loss of data, any illicit or incorrect use and unauthorized access.
3 STORAGE TIME AND COMMUNICATION TO THIRD PARTIES
The data that is automatically collected by the website during its operation are used exclusively for the purposes indicated above and kept for the time that is strictly necessary to carry out the specified activities. In any case, the personal data collected by the site will not be provided to third parties, for any reason, unless it is a legitimate request by the judicial authority and only in the cases established by law.
The data provided by the user in the “Contacts” section may be provided to third parties if this is necessary for the provision of a specific service requested by the User, or for carrying out security checks or site optimization. These data will be kept for the time that is strictly necessary to carry out the specified activities.
4 LEGAL BASIS OF DATA PROCESSING
This site processes data based on consent. With the use or consultation of this site, visitors and users explicitly approve this privacy statement and give their consent to the processing of their personal data in relation to the methods and purposes described below, including any disclosure to third parties if necessary for the provision of a service.
Starting from May 25, 2018 (date from which the GDPR is applied), this website processes some of the data based on the legitimate interests of the data controller.
5 DATA PROCESSING PLACE
The website automatically collected data are processed at the Web Hosting datacenter. The web hosting Register Spa based in UK is responsible for data processing on behalf of the owner, is located at UK and acts in accordance with European standards.
The data collected in the contact section is processed at Hotel Cavalieri Piazza Giovanni Arpino, 37 – 12042 – Bra (CN), Italy.
A cookie is nothing more than the traces and information left on our servers during our internet connections or left there when we browse the network. Cookies, therefore, while on the one hand improve our net surfing, on the other they can jeopardize both our privacy and the security of our information. They improve net browsing when, for example, we fill out a form with our favorite news and a server can transform this information into a cookie, which can be sent to our browser; the first time we contact this site, a cookie will be sent to our browser, thus allowing the server to load the news on the page, to meet our needs.
There are basically two macro categories of cookies: technical cookies and profiling cookies.
6.1 Technical cookies:
They are used to allow communication over an electronic communication network or to provide a service expressly requested by the user. They are not used for other purposes. In the category of technical cookies, the use of which does not require the user’s consent, the following are distinguished:
• Browsing or session cookies: they guarantee normal browsing and use of the website (e.g. to authenticate and access restricted areas). The use of these cookies (which are not stored permanently on the user’s device and are automatically eliminated upon browser closing) is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to allow safe and efficient website exploration.
• Analytics cookies: they are used only to collect information in aggregate form, on the number of users who visit the site and how they visit it.
• Functionality cookies: allow the user to browse based on a series of selected criteria (e.g. language, products or services purchased) to improve the service rendered to the user.
6.2 Profiling cookies:
They are aimed at creating profiles related to the user and used to send targeted promotional messages according to the preferences shown while surfing the net. These cookies can only be used for these purposes with the user’s consent.
All cookies other than technical ones are installed or activated only following the consent expressed by the user the first time he visits the site. Consent CAN be expressed in a general way, interacting with the brief information banner on the site’s landing page, in the manner indicated in this banner; or CAN be selectively provided or denied, in the manner indicated below. This consent is valid for future visits as well. However, the user always has the option to revoke all or part of the consent already expressed.
6.3 Cookies used by this site
Below is the list of cookies used on http://www.tartufimorra.com, their type and purpose. Furthermore, where necessary, the links to the web pages from which, at the user’s discretion, each specific cookie can be selectively disabled:
COOKIES NAME TYPE DESCRIPTION
Necessary Cookie This cookie allows you to save your consent to the installation of profiling cookies.
Necessary Cookie These cookies store information about your settings (language, favorite properties, etc.) and allow us to personalize the site.
Booking Engine Session
Necessary Cookies These cookies store information about your settings (language, favourite properties, etc.) and allow us to customize the booking path.
Necessary Cookies These cookies allow us to save framework use related information.
utma, _utmb, _utmc, _utmz, utmt_GlobaleHotelTracker, utmt_HotelTracker
analytical / performance cookies these cookies are used to collect information on how visitors browse the site. We use this information to create reports on user traffic on the site, conversion statistics and to improve the site in general. Cookies collect the information anonymously.
acdc, udq uei, Uic, uid
Advertising cookies These cookies are not strictly linked to our site. They allow the updating of third-party advertisements when the user is browsing on the net..
Facebook Custom Audience
Advertising cookies These Remarketing e Behavioral Targeting cookies are provided by Facebook and link this website activity to the Facebook Advertising Network.
Advertising cookies AdWords Remarketing is a Remarketing and Behavioral Targeting service provided by Google Inc. that connects the activity of this Application with the Adwords advertising network and the Doubleclick Cookie.
6.4 Management of cookie preferences
Remember that you can manage your cookie preferences also through the browser
If you are using Internet Explorer
In Internet Explorer, click on “Tools” then “Internet Options”. On the Privacy tab, move the pointer upwards to block all cookies or downwards to allow all cookies, and then click OK.
If you use the Firefox browser
Go to your browser’s “Tools” menu and select the “Options” menu Click on the “Privacy” tab, uncheck the “Accept cookies” box and click OK.
If you use the Safari browser
From the Safari Browser select the “Edit” menu and select “Preferences”. Click on “Privacy”. Always set the “Block cookies” setting and click OK.
If you use the Google Chrome browser
Click ON the Chrome menus in the browser toolbar. Select “Settings”. Click on “Show advanced settings”. In the “Privacy” section, click on the “Content settings” button. In the “Cookies” section, select “Do not allow sites to store data” and check “block cookies and third-party site data”, and then click OK.
If you use any other browser, look in the browser settings for how to manage cookies.
6.5 PLUGIN SOCIAL NETWORK
The Site uses the “AddThis” plug-in. This allows you to share the contents of the Site on certain social networks. These plug-ins also optimize the simplicity of use of the Site. The use of “Addthis” involves the installation of cookies. The data collected (such as the time of use or the language of the browser) is transmitted to Add This LLC in the United States and processed there.
The use of data collected by Addthis through plug-ins is determined exclusively by Addthis. S.I.A.B. Srl is unable to access these cookies, just as Addthis cannot access S.I.A.B. Srl. You can find more information about the individual cookies we use and what they are used for in the table below.
Cookie Name Type Description
AddThis Bt, dia, dt, loc, uid, uvc, vc Advertising cookies Social media linking cookies
7 SAFETY MEASURES
This site processes user data in a legal and correct manner, adopting the appropriate security measures to prevent unauthorized access, disclosure, modification or unauthorized data destruction. The treatment is carried out using IT and / or telematic tools, with organizational methods and with logic that is strictly related to the purposes indicated. In particular, the site management software is constantly updated, and regularly scanned in order to check for viruses and dangerous codes.
In addition to the owner, in some cases, categories of agents involved in the website organization (administrative, commercial, marketing, legal, system administrators) or external subjects (such as third party technical service providers, postal couriers, hosting provider, IT companies) may have access to the data in question.
8 USER RIGHTS
According to the European Regulation 679/2016 (GDPR), the User can, within the limits established by current legislation, exercise the following rights:
• To object in whole or in part, for legitimate reasons, to the processing of personal data concerning the self, for the purpose of sending advertising materials, direct selling, market research or commercial actions;
• Request confirmation about the existence of personal data concerning the self (right of access);
• Know the origin;
• Receive intelligible communication;
• Have information about the logic, methods and purposes of data processing;
• Request the updating, correction, integration, cancellation, transformation into anonymous form, blocking of data processed in violation of the law, including those no longer necessary for the pursuit of the purposes for which they were originally collected;
• In cases of consent-based processing, receive at only the service cost, the data provided to the owner, in a structured and readable form by a data processor and in a format commonly used by an electronic device;
• The right to lodge a complaint with the supervisory authority (Privacy Guarantor);
• Exercise all the rights that are recognized by the current provisions of the law.
When the data are processed on the basis of legitimate interests, the rights of data subjects are guaranteed, in particular the right to object to the processing. This can be exercised by sending a request to the data controller.
The data controller indicates that the failure to provide the necessary personal data marked as mandatory, could make it impossible to execute any contract while the failure to provide the data marked as non-mandatory has no consequences for the execution of the request.
Those interested in the processing of personal data can exercise their rights as well as request information regarding their processing by sending a communication to the e-mail address email@example.com.
The data controller appointed by INVOLUCRA S.r.l. as webmaster of https://www.hotelcavalieribra.com