Privacy policy website Hotel Alpi Foza

1. Subject of treatment

The Data Controller processes personal, identifying, and non-sensitive data (including but not limited to: first name, last name, company name, address, telephone, e-mail – hereinafter, “personal data” or also “data”) communicated by you when registering on this website (hereinafter, “Site”), participating in opinion and popularity surveys, filling out registration forms through the Site, and from online requests.

1. Purpose of processing

Your personal data are processed for the following Service Purposes:

• Operate and maintain the Site or allow you access to dedicated areas;
• To enable you to take advantage of any Services you may have requested;
• Responding to online contact chats;
• Guarantee you access to programs and services;
• Offer assistance and advice even remotely;
• Process a contact request;
• For administrative-accounting activities in general;
• Fulfill obligations required by Law, regulation, EU legislation or an order from the Authority or upon requests from the Italian or foreign government or the Italian Chamber of Commerce;
• Prevent or detect fraudulent activity or abuse detrimental to the Site;
• Exercise the rights of the Owner, such as the right to exercise a right in court.

1. Method of processing and data retention period

The processing of your personal data is carried out by means of the operations specified in Art. 4 Privacy Code and Art. 4 n. 2) GDPR and namely: collection, recording, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, deletion and destruction of data. Your personal information is subject to both paper and electronic and/or automated processing, through the use of website hosted on the data controller’s server or on sites of external companies that allow the data controller to offer its services (such as to offer online chat support or deposit files for the customer by providing their email and name for downloading). The Data Controller will process personal data for as long as necessary to fulfill the above purposes and in any case for no longer than 10 years after termination of the relationship for service purposes and for no longer than 2 years after data collection for other purposes. In compliance with the provisions of Art. 5 paragraph 1(e) of Reg. EU 2016/679 the personal data collected will still be stored in a form that allows the identification of the data subjects for a period of time not exceeding the achievement of the purposes for which the personal data are processed.

1. Security

The Owner has taken a wide variety of security measures to protect your data against the risk of loss, misuse or alteration. In particular: it has taken the measures set forth in Articles 32-34 Privacy Code and Art. 32 GDPR. It uses, when necessary for more secure communications, data encryption technology established by the AES Standards (BCrypt) and secure data transmission protocols known as HL7 and HTTPS.

1. Data access

Your data may be made accessible for the purposes set forth in Art. 2.A) and 2.B):

• to employees and collaborators of the Data Controller, in their capacity as appointees and/or internal data processors and/or system administrators;
• to third-party companies or other entities (website provider, cloud provider, e-payment service provider, suppliers, hardware and software support technicians, shippers and carriers, credit institutions, professional firms, etc.) that perform outsourcing activities on behalf of the Data Controller, in their capacity as data processors.

1. Disclosure of data

Without your express consent (ex art. 24 lett. a), (b), (d) Privacy Code and Art. 6 lett. (b) and (c) GDPR), the Controller may disclose your data for the purposes set forth in Art. 2.A) to Supervisory Bodies and Judicial Authorities, as well as to all other parties to whom disclosure is required by Law. However, it is assured that your personal information will never be made public on the owner’s site.

1. Data Transfer

The management and storage of personal data will take place in Europe, on servers located in Italy of the Data Controller and/or third party companies also abroad, appointed and duly appointed as Data Processors for the use of the requested services. Data of a personal nature provided may be transferred abroad within and outside the European Union, within the limits and under the conditions set forth in Articles 44 et seq. of EU Regulation 2016/679, in order to comply with purposes related to such transfer.

1. Nature of data provision and consequences of refusal to respond

The provision of data for the purposes of Art. 2.A) is mandatory. In their absence, we will not be able to guarantee you either registration on the Site or the Services of Art. 2.A).
You can then decide not to provide any data or later deny the possibility of processing data already provided. In any case, you will continue to be entitled to the Services referred to in Art. 2.A).

1. Rights of the data subject

In your capacity as a data subject, you have the rights set forth in Art. 7 Privacy Code and Art. 15 GDPR and specifically the rights to:

• I) obtain confirmation of the existence or non-existence of personal data concerning you, even if not yet registered, and their communication in an intelligible form;
• II) Getting the indication: (a) of the origin of personal data; (b) of the purposes and methods of processing; (c) of the logic applied in the case of processing carried out with the aid of electronic instruments; (d) of the identification details of the owner, managers and designated representative under Art. 5, paragraph 2 Privacy Code and Art. 3, paragraph 1, GDPR; e) of the subjects or categories of subjects to whom the personal data may be communicated or who may become aware of them in their capacity as designated representative in the territory of the State, as managers or appointees;
• III) obtain: (a) the updating, rectification or, when you have an interest, the integration of data; (b) the cancellation, transformation into anonymous form or blocking of data processed in violation of the law, including data whose retention is not necessary in relation to the purposes for which the data were collected or subsequently processed; (c) certification that the transactions referred to in subparagraphs. (a) and (b) have been brought to the attention, also as regards their content, of those to whom the data have been communicated or disseminated, except where this proves impossible or involves the use of means manifestly disproportionate to the right protected;
• IV) oppose you, in whole or in part: (a) for legitimate reasons to process personal data about you, even if relevant to the purpose of collection; b) to the processing of personal data concerning you for the purpose of sending advertising or direct sales material or for carrying out market research or commercial communication, through the use of automated calling systems without the intervention of an operator by means of e-mail and/or through traditional marketing methods by means of telephone and/or paper mail. It should be noted that the data subject’s right to object, set forth in the preceding paragraph (b), for the purpose of direct marketing by automated means is extended to traditional methods and that, in any case, the possibility for the data subject to exercise the right to object even in part remains unaffected. Therefore, the data subject may choose to receive only communications by traditional means or only automated communications, or neither type of communication.

Where applicable, you also have the rights under Articles 16-21 GDPR (Right to rectification, right to be forgotten, right to restrict processing, right to data portability, right to object), as well as the right to complain to the Data Protection Authority.

1. Ways of exercising rights

You may at any time exercise your rights by sending:

• a registered letter with return receipt to the place of business, with address stated in the incipit;
• an e-mail to info@hotelalpifoza.com

1. Minors

This Site and the Owner’s Services are not intended for minors under the age of 18, and the Owner does not intentionally collect personal information referring to minors. In the event that information about minors is unintentionally recorded, the Owner will delete it in a timely manner upon the users’ request.

1. Titolare, manager and appointees

The Data Controller / Data Processor (pursuant to Articles 4, 24, 28 of EU Reg. 2016/679) is Hotel Alpi Foza in the person of Giovanni Munari, with registered office in Via Roma,14 36010 Foza VI.

The updated list of data processors and processors is kept at the Data Controller’s office.

1. Amendments to this Notice

This Notice is subject to change. We recommend, therefore, that you check this Policy regularly and refer to the most up-to-date version.

— ADDITIONAL POLICIES AND AGREEMENTS —

Confidentiality agreement for all information provided by our customers and site users

The data controller hereby declares that he/she is aware that as a result of the working relationship with clients and/or consultancy also free of charge with users of the site who contact the controller by email or chat or other channels of communication, he/she may become aware of data, information and news in general, having a confidential nature and undertakes to maintain the strictest confidentiality on what he/she receives, as well as on any other news, confidence and/or information, in the broadest meaning of the term, learned about and/or from the client or user of the site.

COPYRIGHT OF TEXT AND CONTENT

Graphics, layout, text, video, and code on this site may not be replicated, even partially, on other websites, mailing lists, newsletters, print magazines, and CD-ROMs, without the prior permission of the data controller, regardless of profit motive.

LINK POLICY.

Authorization, even to make links to our site, must be requested in writing by e-mail and is considered accepted only with a specific consent of the data controller, also in writing. Silence does not give rise to any authorization. Trademarks mentioned and programs on the site are exclusive to their respective owners in accordance with stated licenses.