Hotel Angelo-hotel 3 stelle caorle-SITO UFFICIALE / Privacy Policy

Privacy Policy

INFORMATION ON THE PROCESSING OF PERSONAL DATA

In compliance with the obligations arising from national legislation (Legislative Decree of 30 June 2003 no. 196, Personal Data Protection Code) and EU legislation (European Regulation on the protection of personal data no. 679/2016, GDPR) and subsequent amendments, this website respects and protects the privacy of visitors and users, making every possible and proportionate effort not to infringe users’ rights.

CONSENT TO THE PROCESSING OF DATA

We hereby provide you with information concerning the collection and processing of your data as provided for by Article 13 of EU Regulation 679/2016 on the Processing of Personal Data (GDPR).

SUBJECT OF THIS POLICY

The information covered by this notice concerns the personal data processed by us, both data collected up to now and data that will be acquired in the future, either directly or through third parties, i.e. through other entities, databases, public institutions, etc.

DATA CONTROLLER

The data controller is: Eredi Nicora Mario snc di Nicora Alberto & C.
The Data Processing Manager is Ms Nicora Marialuisa, who can be contacted at info@hotelangelo.it.

PURPOSE OF PROCESSING

The processing of your data is carried out for administrative and accounting purposes related to an information request and to the management of a booking.

The provision of data is mandatory where required by law; it is optional in other cases, and refusal to provide such data may result in the impossibility of fulfilling or continuing a proper contractual relationship.

METHODS OF PROCESSING

Data may be processed manually or through electronic systems, always in accordance with fairness and with due confidentiality. Personal data acquired are processed using automated tools only for the time strictly necessary to achieve the purposes for which they were collected. The systems are equipped with appropriate and necessary security measures to prevent data loss, unlawful or incorrect use and unauthorised access.

LEGAL BASIS FOR PROCESSING

This website processes data on the basis of consent. By using or consulting this website, visitors and users explicitly approve this privacy policy and consent to the processing of their personal data in relation to the methods and purposes described below, including any disclosure to third parties where necessary for the provision of a service.

The provision of data and therefore consent to the collection and processing of data is optional; the user may deny consent and may withdraw consent already given at any time (via the Contacts link at the bottom of the page). However, denying consent may make it impossible to provide certain services and the browsing experience on the website may be compromised.

From 25 May 2018 (the date of entry into force of the GDPR), this website will process some data on the basis of the legitimate interests of the data controller.

RECIPIENTS OF THE DATA AND SCOPE OF DISCLOSURE

Data may be communicated, always and exclusively within the scope of the purposes illustrated above, to the following categories of subjects:

— central and local State bodies, public authorities and other institutions, for legal obligations or contractual commitments;

— sales agents, suppliers, customers, couriers and shipping companies; companies managing business software;

— legal and accounting firms, data processing companies and consultancy firms.

Data will not be disclosed, but may be made known to:

— our employees or collaborators;

— persons in charge of the data processing centre.

TRANSFER OF DATA TO A THIRD COUNTRY OR INTERNATIONAL ORGANISATIONS

Your data will not be transferred in any way to non-EU third countries or to countries not included in the list approved by Directive 96/46/EC.

DATA RETENTION PERIOD

Your personal data will be retained for up to 3 years after the provision of the service or sale of the product, or beyond the end of the assignment, unless otherwise required by law (for example, invoices retained for 10 years).

EXERCISE OF RIGHTS BY THE DATA SUBJECT

Pursuant to Articles 13(2)(b) and (d), 15, 18, 19 and 21 of the Regulation, the data subject is informed that:

  1. a) they have the right to request from the Company, as data controller, access to personal data, rectification or erasure of such data, or restriction of processing concerning them, or to object to processing, in the cases provided for;
  2. b) they have the right to lodge a complaint with the Personal Data Protection Authority, following the procedures and instructions published on the Authority’s official website at www.garanteprivacy.it;
  3. c) any rectification, erasure or restriction of processing carried out at the request of the data subject — unless this proves impossible or involves a disproportionate effort — will be communicated by the Company to each recipient to whom the personal data have been transmitted. The Company may inform the data subject of such recipients upon request.

The exercise of rights is not subject to any formal constraint and is free of charge.

For reference, Articles 15 to 23 of the Regulation can be consulted at the following link:
http://eur-lex.europa.eu/legal-content/IT/TXT/HTML/?uri=CELEX:32016R0679&from=IT

RIGHT TO LODGE A COMPLAINT WITH THE SUPERVISORY AUTHORITY

Where you believe that your data have been processed unlawfully, you have the right to contact the Supervisory Authority to lodge a complaint.

AUTOMATED DECISION-MAKING PROCESSES

The Data Controller does not use automated decision-making processes concerning your personal data, except for GDPR-compliant communication systems aimed at improving customer service.

UPDATES

This privacy policy was updated on 26 May 2018.