PRIVACY AND COOKIES POLICY
INFORMATION ON THE PROCESSING OF PERSONAL DATA
DATA CONTROLLER AND DPO: Francesco Lanzillotta, legal representative of Hotel Lanzillotta.
SOURCE OF DATA COLLECTION: Cookies, third-party cookies (Google Analytics), digital forms.
In compliance with the obligations deriving from national legislation (Legislative Decree 30 June 2003 n.196, Code regarding the protection of personal data) and community, (European regulation for the protection of personal data n. 679/2016, GDPR) and subsequent changes, this site respects and protects the privacy of visitors and users, making every possible and proportionate effort not to infringe the rights of users.
LEGAL BASIS OF THE PROCESSING
This site processes data based on consent. By using or consulting this site, visitors and users explicitly approve this privacy statement and consent to the processing of their personal data in relation to the methods and purposes described below, including any disclosure to third parties if necessary for the provision of a service. The provision of data and therefore the consent to the collection and processing of data is optional, the user can deny consent, and can revoke a consent already provided at any time. However, denying consent may make it impossible to provide some services and the browsing experience on the site could be compromised.
DATA COLLECTED AND PURPOSE
Like all websites, this site also makes use of log files in which information collected in an automated manner is stored during user visits. The information collected could be the following:
internet protocol (IP) address;
type of browser and device parameters used to connect to the site;
name of the internet service provider (ISP);
visit date and time;
web page of origin of the visitor (referral) and exit;
possibly the number of clicks.
The aforementioned information is processed in an automated form and collected in an exclusively aggregated form in order to verify the correct functioning of the site, and for security reasons (from 25 May 2018 this information will be treated on the basis of the legitimate interests of the owner). For security purposes (spam filters, firewalls, virus detection), the automatically recorded data may possibly also include personal data such as the IP address, which could be used, in accordance with applicable laws, in order to block attempts to damage the site itself or to cause damage to other users, or in any case harmful activities or constituting a crime. These data are never used for the identification or profiling of the user, but only for the purpose of protecting the site and its users (from 25 May 2018 this information will be treated on the basis of the legitimate interests of the owner).
The data received will be used exclusively for the provision of the requested service and only for the time necessary for the provision of the service. The information that users of the site will deem to make public through the services and tools made available to them, are provided by the user knowingly and voluntarily, exempting this site from any responsibility for any violations of the laws. It is up to the user to verify that they have permission to enter personal data of third parties or content protected by national and international regulations.
The data collected by the site during its operation are used exclusively for the purposes indicated above and kept for the time strictly necessary to carry out the specified activities. In any case, the data collected from the site will never be provided to third parties, for any reason, unless it is a legitimate request by the judicial authority and only in the cases provided for by law.
The data used for security purposes (attempts to block or damage the site, incorrect login, filling in forms with false data, etc.) are kept for 30 days.
PLACE OF TREATMENT
The data collected by the site are processed at the headquarters of the Data Controller, at the web Hosting – OVH datacenter and at the headquarters of the webmaster Giampietro Grassi, both jointly responsible for data processing, processing the same on behalf of the owner, in the Economic Area. European and acting in accordance with European standards.
Session cookies are essential in order to distinguish between connected users, and are useful to prevent a requested functionality from being provided to the wrong user, as well as for security purposes to prevent cyber attacks on the site. Session cookies do not contain personal data and last only for the current session, i.e. until the browser is closed. Consent is not required for them. The functional cookies used by the site are strictly necessary for its use, in particular they are linked to an express request for functionality by the user (such as Login), for which no consent is required.
Instructions for disabling cookies can be found on the following web pages:
Microsoft Internet Explorer
THIRD PARTY COOKIES
This site also acts as an intermediary for third-party cookies, used to provide additional services and features to visitors and to improve the use of the site, such as buttons for social media, or videos. This site has no control over third party cookies, which are entirely managed by third parties. As a result, the information on the use of these cookies and their purposes, as well as on how to disable them, are provided directly by the third parties on the pages indicated below.
On the basis of a specific agreement with Google, which is designated as the data processing manager, the latter undertakes to process the data based on the requests of the Data Controller (see at the bottom of the information), given through the software settings. Based on these settings, the advertising and data sharing options are disabled. Further information on Google Analytics cookies can be found on the Google Analytics Cookie Usage on Websites page. The user can selectively disable the collection of data by Google Analytics by installing the specific component provided by Google on his browser.
cookie: test_cookie .doubleclick.net which is not a permanent cookie, but is only used to check if the user’s browser supports cookies.
For more information on the use of data and their processing by Google, it is recommended to read the information on the specific page prepared by Google, and on the page on how Google uses data when using sites or apps. of partners.
SOCIAL NETWORK PLUGIN
TRANSFER OF DATA TO NON-EU COUNTRIES
This site processes user data in a lawful and correct manner, adopting appropriate security measures to prevent unauthorized access, disclosure, modification or unauthorized destruction of data. The processing is carried out using IT and / or telematic tools, with organizational methods and with logic strictly related to the purposes indicated. In addition to the owner, in some cases, categories of employees involved in the organization of the site (administrative, commercial, marketing, legal, system administrators) or external subjects (such as suppliers of third party technical services, postal couriers) may have access to the data. hosting providers, IT companies, communication agencies).
By contacting us by e-mail at email@example.com or by contacting the DPO, you can ask our company to access your data, their cancellation, the correction of inaccurate data, the integration of incomplete data, the limitation of processing in the cases provided for by art. 18 of the GDPR, as well as the opposition to the processing in the hypothesis of legitimate interest of the Company.
Furthermore, in the event that the processing is based on consent or on the contract and is carried out with automated tools, you have the right to receive your personal data in a structured, commonly used and machine-readable format, as well as, if technically feasible, to transmit them to another holder without impediments.
You have the right to withdraw the consent given at any time for marketing and / or profiling purposes, as well as to oppose the processing of data for marketing purposes, including profiling related to direct marketing. The possibility remains valid that you prefer to be contacted for the aforementioned purpose exclusively through traditional methods, to express your opposition only to receiving communications through automated methods.
You have the right to lodge a complaint with the competent supervisory authority in the Member State in which you usually reside or work or in the State in which the alleged violation has occurred.
DATA CONTROLLER AND DPO
The data controller and DPO pursuant to the laws in force is Francesco Lanzillotta, Legal representative of Hotel Lanzillotta.