This document is made up of the following parts:
Normative Requirements
Holder of the treatment
Place of teatment
Data collection
Optional supply of data
Modality of treatments
User’s rights
Sharing, communication and diffusion of data
Modification to the present privacy policy
Informative to the guests
1. NORMATIVE REQUIREMENTS
Directive 95/46 / EC on the “protection of individuals with regard to the processing of personal data, as well as on the free movement of such data”.
Directive 2002/58 / EC on the “processing of personal data and the protection of privacy in the sector of electronic communications”.
EU European Regulation 679/2016 – General Data Protection Regulation –
2. HOLDER OF THE TREATMENT
During the consultation of this site, data relating to identified or identifiable people may be processed.
The data controller is:
Hotel Marmorata Srl – Via Bizantina, 3 – Locality Marmorata -84010 Ravello (Sa)
P.I.02916300656
Tel: +39 089 877777 mail: info@marmorata.it
3. PLACE OF TREATMENT
The treatments connected to the web services of this site take place on servers located in the Italian state.
4. DATA COLLECTION
Collection of technical data
The use of the site by visitors, involves the full and implicit acceptance and respect of what is written in this document. The site, for technical and security reasons, and for statistical purposes, automatically collects information on accesses, (the information is not of an identifying type or classified as particular data), which are electronically stored and processed exclusively for the aforementioned purposes and for the time necessary.
Contact forms: We inform you that personal data, which you may provide via this site, are processed exclusively for the management of your request and for the practices required by law. Some data, requested through an appropriate form, are essential to start the request itself and for the practices required by law. In this case you will not be asked to give any consent as the data that you send us will fall within the exempted cases in accordance with current legislation and with reference to the Article 6 of the Law 679/2016 (GDPR).
Optional consent: Your refusal to provide such data will make it impossible for us to process your request.
BOOKING ENGINE
Through this site, visitors can use a “booking engine” to get a personalized quote and book by obtaining a direct confirmation. In case of reservation, some data are sent to the hotel and stored in the integrated system. Consequently, to the treatment of the data memorized, also compete the owner and the person responsible of the data treatment of the company that owns the booking engine.
The company that owns the booking engine is: Vertical Booking Srl – Piazza Pontida n ° 7 – 24122 Bergamo.
5. OPTIONAL DATA SUPPLY
We inform you that personal data, which you may provide via this site, are processed exclusively for the management of your request and for the practices required by the law. Some data, requested through an appropriate form, are essential to start the request itself and for the practices required by law. In this case you will not be asked to give any consent as the data that you send us will fall within the exempted cases in accordance with current legislation and with reference to the Article 6 of the Law 679/2016 (GDPR).
Optional consent: Your refusal to provide such data will make it impossible for us to process your request.
6. METHOD OF TREATMENT
Data retention:
The information relating to accesses on the site and personal data that users will communicate by filling out the contact form, will be stored into electronic media protected by password and will be treated confidentiality by the manager of our structure that will keep them for the time necessary for the execution of the request. Any particular data are processed in compliance with the regulations in force and in particular with the law 679/2016 (GDPR).
Data protection:
For the access to the IT tools used during the collection, consultation and storage of data, the data controller and processor has put in place all the technical and organizational measures necessary to ensure an adequate level of security, avoiding the possibility of unauthorized disclosure and ensuring in this way the confidentiality, the integrity and the availability of data as well as, in the event of a physical or technical incident, to ensure the ability to restore data in a short time.
In accordance with the art. 8 of the REGULATION (EU) 2016/679, on this website, the services are offered exclusively to those who have reached the age of majority or for which (if minors under the age of 16) parents’ consent has been collected. If we discover that a minor has provided us with personal information without the permission of the parents or guardian, we will immediately delete this information.
7. SHARING, COMMUNICATION AND DIFFUSION OF DATA
The data collected may be transferred or communicated to other companies, specifically identified, for activities strictly connected to the operation of the service, such as the management of the site itself or its components. Personal data may be transmitted to third parties, but only and exclusively if this is necessary to comply with requests from the Judicial Authority or Public Security. No data coming from the web service is diffused.
8. USER RIGHTS
The User will be able to exercise the rights to which the art. 7 of the Privacy Code and the art. 15 GDPR refer to.
In particular, the User has the right at any time to obtain from the Hotel Marmorata Srl confirmation of the existence or not of personal data concerning him, even if not yet registered, and their communication in a intelligible form.
The User also has the right to obtain confirmation: a) of the origin of personal data; b) of the purposes and methods of the data treatment; c) of the logic applied in case of treatment carried out with the aid of automated tools; d) of the identification details of the owner, of the managers and of the designated representative; e) of the subjects or the categories of subjects to whom the personal data may be communicated or who can learn about them as representative designated in the territory of the State, as managers or agents.
The User also has the right to obtain: a) the update, the rectification or, when interested, the integration of data; b) the cancellation, the transformation into anonymous form or the block of data processed unlawfully, including those data whose preservation is unnecessary for the purposes for which the data were collected or subsequently processed; c) the certification of the operations to which letters a) and b) refer to, have been brought to the attention, also with regards to their content, to whom the data have been communicated or diffused, except the case where such fulfillment is proved impossible or if it involves a disproportionate use of the law with respect to the protected right.
The Users have the right to object, in whole or in part: a) for legitimate reasons, to the processing of personal data concerning them, even though they are relevant to the purpose of the collection; b) to the processing of personal data concerning them for the purpose of sending advertisements or direct sales material or for carrying out market research or commercial communications (for example relating to newsletter services).
Where applicable, the User also has the rights reported in the Articles 16-21 GDPR (Right of rectification, right to be forgotten, right of limitation of treatment, right to the portability of contractual data and rough navigation, right of opposition), as well as the right of complaint to the Guarantor Authority.
How rights are carried out
We also wish to inform you that the European Regulation recognize certain rights to you such as the right of access and correction, or the right of cancellation or limitation or opposition to the treatment in addition to the right of the portability of the data, if applicable (articles 15 to 22 of the EU Regulation No. 679 of 2016). You could also make a complaint to the supervisory authority, according to the procedures established by current legislation.
To carry out the rights specified in the article above, the user will be able to contact the company Hotel Marmorata s.r.l by email info@marmorata.it at any time.
9. CHANGES TO THE CURRENT PRIVACY POLICIES
The data controller periodically checks its privacy and security policy and, if necessary, these are revised in relation to the changes of the regulation, the organization or the technology. In case of any change, the new version will be published on this webpage.
10. INFORMATION TO THE GUESTS
Dear Guest,
in accordance with current legislation on the protection of personal data (EU Regulation No. 679 of 2016), we wish to inform you that the processing of your personal data is carried out with accuracy and transparency, for lawful purposes and protecting your privacy and your rights .
The treatments are also carried out with the help of IT tools for the following purposes:
to acquire and confirm your booking of our accommodation services and extra services, and to provide all the services requested. Since these are necessary treatments for the definition of the contractual agreement and for its subsequent implementation, your consent is not required, except if particular data, so-called sensitive data are given. In case of refusal to provide personal data, we will not be able to confirm the booking or to provide the services requested. The treatment will end on your departure, but some of your personal data may or must continue to be processed for the purposes and with the modality indicated in the following points;
to fulfill the obligation set in the “Text of the Public Security Laws” (article 109 RD 18.6.1931 No. 773) which requires us to communicate to the Police Headquarters, for public security purposes, the gender of the clients staying at the hotel according to the modalities established by the Ministry of the Interior (Decree of 7 January 2013). The provision of data is mandatory and does not require your consent, and in case of refusal to provide these information we will not be able to host you into our hotel. The data acquired for this purpose are not stored by us, unless you provide us with the consent to store them as foreseen in point 4;
to comply with current administrative, accounting and tax obligations. For these purposes, the processing of your data is carried out without the need to acquire your consent. Data are processed by us and our representatives, and are communicated outside only in fulfillment to legal obligations. In case of refusal to provide the data necessary for the above-mentioned obligations, we will not be able to provide the services requested. The data acquired for these purposes are stored by us for the time indicated by the respective regulations (10 years, and even more in the case of tax assessments);
to speed up the registration procedures in case of future stays at our hotel. For this purpose, after obtaining your consent revocable at any time, your data will be kept for a maximum period of 10 years and they will be used when you will be our guest again for the purposes explained in the previous points;
to perform the function of receiving messages and telephone calls addressed to you during your stay. For this purpose, your consent is required. You can withdraw your consent at any time. The treatment will end on your departure;
to send you our promotional messages and updates on our rates and offers. For this purpose, after obtaining your consent, your data will be kept for a maximum period of 10 years and they will not be disclosed to third parties. You can withdraw your consent at any time;
for purposes of protection of people, property and company assets through a video surveillance system of some areas of the hotel, recognizable by appropriate signs. For this treatment, your consent is not required, as it is our legitimate interest to protect the people and our property from possible aggressions, thefts, robberies, damages, acts of vandalism and for purposes of fire prevention and job security. The recorded images are deleted after 24 hours, except during bank holidays or other cases when the hotel is closed, and in any case not more than a week. They are not object of communication to third parties, except in cases where it is necessary to adhere to a specific investigation request by the judicial authorities.