Information on the processing of personal data
Interested Subjects: users of the Hotel Bacco website
This page describes how to manage the site with reference to the processing of personal data of users who consult it. This information, also made pursuant to art. 13 of EU Regulation 2016/679 (hereinafter “Regulation”), is intended for those who interact with the web services of the Hotel Bacco accessible electronically from the address www.bacco-hotel.de The information is provided only for the Hotel Bacco website and not for other websites that may be consulted by the user via links.
The information is also inspired by Recommendation no. 2/2001 that the European authorities for the protection of personal data, gathered in the Group established by art. 29 of the directive n. 95/46 / EC, adopted on 17 May 2001 to identify some minimum requirements for the collection of personal data online, and, in particular, the methods, timing and nature of the information that the data controllers must provide to users when they connect to web pages, regardless of the purpose of the link.
- Data Controller. The owner of the processing of personal data is BACCO DI MANNOZZI MASSIMO E C. S.N.C. with registered office in Camaiore (LU) Via M. Rosi 18 – 55043 Fraz. Lido, from now on: “Company” or “Owner” or “Hotel Bacco“), pursuant to EU Regulation 2016/679 (d ‘ now on: “Regulations“) reachable at the addresses email@example.com, PEC: firstname.lastname@example.org.
- The Personal Data object of the treatment. Following navigation of the Site, we inform you that Hotel Bacco will process your Personal Data which may consist of an identifier such as your name, an identification number, an online identifier or one or more characteristic elements of your physical, economic identity. , cultural or social suitable to make the interested party identified or identifiable. Reference is made to navigation data, cookies, data voluntarily provided by the user as specified below.
a. Navigation data
The computer systems and software procedures used to operate the Site acquire, during their normal operation, some Personal Data whose transmission is implicit in the use of Internet communication protocols. This is information that is not collected to be associated with identified interested parties, but which by their very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes the IP addresses or domain names of the computers used by users who connect to the Site, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user’s computer environment. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the Site and to check its correct functioning, to identify anomalies and / or abuses, and are deleted immediately after processing. The legal basis of these treatments is the legitimate interest of the Data Controller in the technical management relating to the functionality and security of the site.
c. Data provided voluntarily by the interested party
Sending e-mails to the addresses indicated on the site
The optional, explicit and voluntary sending of e-mails to the addresses indicated on the Hotel Bacco website entails the subsequent acquisition of the sender’s address, necessary to respond to requests as well as any other personal data included in the message. These data will be processed exclusively to respond to the user’s request.
Compilation of the booking request form
The site allows interested parties to request reservations directly through the site by entering some personal data (such as name and surname, address, e-mail and n. telephone as well as other information relating to the type of stay requested, the dates of the stay, at no. of travelers etc). These data will be processed exclusively to respond to the user’s request.
- Purpose of the processing, basis of legitimacy and mandatory or optional nature of the processing
The data processing we intend to carry out may have the following purposes:
a. Allow the provision of the Services requested by the User such as:
- general or specific request for information;
- booking request
- allow the User to correctly view and use the site through the use of necessary, functional cookies
The legal basis for the processing of Personal Data for the purposes indicated above is art. 6.1.b) (i.e. the execution of a contract of which the interested party is a party or execution of pre-contractual measures adopted at the request of the same) of the Regulation as the processing is necessary for the provision of the Services or for the response of requests from the ‘interested. The provision of Personal Data for these purposes is optional but failure to provide it would make it impossible to activate the Services provided by the Site. With regard to the necessary cookies, they are essential to ensure the functionality of the site.
b. fulfill any legal obligations. This purpose represents a processing of Personal Data carried out pursuant to art. 6.1.c) of the Regulations, for compliance with a legal obligation. Once the Personal Data has been provided, the processing is indeed necessary to fulfill a legal obligation to which the Data Controller is subject.
c. assert or defend rights in court, in the event of abuse in the use of the Site and / or the Services offered. The treatment would be carried out pursuant to art. 6.1.f) of the Regulations (legitimate interest of the owner)
d. manage any non-technical marketing cookies and non-technical statistical cookies for the site, if they are installed in the future, with the consent of the interested party (Article 6.1.a).
- Processing methods. Data processing may be carried out through the use of electronic, telematic or otherwise automated tools, in compliance with the technical and organizational security measures referred to in art. 32 of the EU Regulation, by persons authorized to process and duly instructed and trained, in compliance with the provisions of art. 29 of the aforementioned Regulation
- Recipients of Personal Data
Your Personal Data may be shared, for the purposes referred to in section 3 above, with:
a. subjects who typically act as data processors pursuant to art. 28 of the Regulations, i.e. subjects who provide assistance and advice from Hotel Bacco to the provision of Services; subjects with whom it is necessary to interact for the provision of the Services (such as hosting providers) or subjects delegated to carry out technical maintenance activities (e.g. maintenance of network equipment and electronic communication networks); (collectively “Recipients”); the list of data processors who process data can be requested from the Data Controller.
b. subjects, bodies or authorities, independent data controllers, to whom it is mandatory to communicate your Personal Data by virtue of legal provisions or orders of the authorities;
c. with regard to Cookies, they may be communicated to external parties for proper management of the relationship and in particular the categories of Recipients identified as Third Parties and specified in the detailed table of cookies. to which reference is made.
- Data retention
The Personal Data processed for the purposes referred to in section 3 (a-c) will be kept for the time strictly necessary to achieve those same purposes in compliance with the principles of minimization and limitation of conservation pursuant to art. 5.1.e) of the Regulations.
The Personal Data processed for the purposes referred to in section 3d will be processed until the consent is revoked.
More information about the data retention period and the criteria used to determine this period can be requested by writing to the Data Controller.
With regard to the retention times of cookies, please refer to the relative times specified in the appropriate table.
- Transfer of data abroad
The Data Controller normally does not make use of data processors located in non-EU countries. Where this is necessary, the transfer will take place in the forms and methods provided for by current legislation, and in any case guaranteeing an adequate level of protection.
For information on the transfer of personal data collected through third-party cookies, please refer to the privacy policies of each third party, available on the websites of the same and linked in the detailed table of cookies (Cookie Declaration)
- Rights of interested parties
Pursuant to articles 15 and following of the Regulations, you have the right to request access to your Personal Data, the correction or cancellation of the same, the limitation of processing in the cases provided for by art. 18 of the Regulation, obtain the data concerning you in a structured format, commonly used and readable by an automatic device, in the cases provided for by art. 20 of the Regulation. At any time, you can revoke pursuant to art. 7 of the Regulation the consent given; propose a complaint to the competent supervisory authority pursuant to article 77 of the Regulation (Guarantor for the Protection of Personal Data (www.garanteprivacy.it) pursuant to art.77 of the Regulation, if it considers that the processing of your data is contrary to the law in force.
You can make a request for opposition to the processing of your data pursuant to article 21 of the Regulation in which to give evidence of the reasons justifying the opposition: the Data Controller reserves the right to evaluate the request, which would not be accepted in the event of the existence of binding legitimate reasons. to proceed with the processing that prevail over your interests, rights and freedoms. Requests must be sent in writing to the Data Controller.
- Cookies and other online tracking tools
10.1. Definitions, characteristics and application of the legislation
Cookies are usually text strings that the websites (so-called publisher or “first party”) visited by the user or different sites or web servers (so-called “third parties”) place and store within a terminal device in the user’s availability (so-called “active” identifiers). Similar functions can be performed by other tools which, while using a different technology (so-called “passive” identifiers), allow for processing similar to those carried out through cookies.
Cookies and other technical identifiers. They are used for the sole purpose of “carrying out the transmission of a communication over an electronic communications network, or to the extent strictly necessary for the provider of an information society service explicitly requested by the contractor or by the user to provide this service” (cf. . art. 122, paragraph 1 of the Code). They do not require the acquisition of consent, but must be indicated in the information.
First and third party analytics cookies. They are comparable to cookies and other technical identifiers only if:
- they are used only to produce aggregate statistics and in relation to a single site or a single mobile application;
- for those of third parties, at least the fourth component of the IP address is masked;
- third parties refrain from combining analytics cookies, thus minimized, with other processing (customer files or statistics of visits to other sites, for example) or from transmitting them to other third parties. However, third parties are allowed to produce statistics with data relating to multiple domains, websites or apps that can be traced back to the same publisher or business group.
The owner who carries out on his own the mere statistical processing of data relating to multiple domains, websites or apps related to it can also use the data in clear text, in compliance with the purpose constraint.
Cookies and other tracking identifiers with a non-technical function. Used to bring back to specific, identified or identifiable subjects, specific actions or behavioral patterns recurring in the use of the functions offered (patterns) in order to group the different profiles within homogeneous clusters of different size, so that it is also possible to modulate the provision of the service in an increasingly personalized way, as well as sending targeted advertising messages, i.e. in line with the preferences expressed by the user in the context of surfing the net.
10.2 Types of cookies used by the Site
The Site uses the types of cookies grouped in the table below (“Cookie Declaration” table), and offers the possibility for the User to select the different types of cookies directly from the “immediate pop-up banner” upon first accessing the site. Subsequently, the User will have the possibility to modify his choices (consents) by recalling the banner as indicated below.
The User also has the possibility, for third-party cookies, to refer directly to the relative methods of selection and de-selection of the respective cookies, indicated by means of links, in the table below.
How to view and modify cookies through your navigation program (so-called browser)
The user can select which cookies to authorize through the use of the banner, as well as authorize, block or delete (in whole or in part) the cookies through the specific functions of his navigation program (so-called browser): however, in the hypothesis in when all or some of the cookies are disabled, it is possible that the Site is not available for consultation or that some services or certain functions of the Site are not available or do not work properly and / or the user may be forced to modify or manually enter some information or preferences every time you visit the Site.
10.3 Cookie banner settings
The banner has the following characteristics:
a) the banner contains the indication that the site uses technical cookies and, with the user’s consent, third party cookies or other tracking tools indicating the related purposes (as reported in the brief information),
c) the banner is set by default with only the necessary cookies: closing the banner by selecting the appropriate command “Use only necessary cookies” involves the persistence of the default settings and therefore the continuation of navigation in the absence of cookies or others tracking tools other than technical ones.
For the purpose of acquiring consent, the banner contains:
e) an “Accept all cookies” command to accept all cookies or other tracking techniques;
f) the command “Accept the selected cookies” with which the User can only give consent to some of the categories of cookies present and synthetically expressed within the banner. The user also has the possibility to click on “show details” and therefore be able to analytically choose the features, third parties and cookies to be installed and to be able to give consent to the use of all cookies if not given in precedence or revoke it, even in a single solution, if already expressed. In this regard, a “Customize Cookie” link is inserted within the footer of any page of the domain, which indicates the status of the consents previously given by the user, allowing for any modification or updating.
There will be no reiteration of the request for consent in the presence of a previous failure to provide it, except: if the conditions of the treatment change significantly; if it is impossible for the site to know if a cookie has already been stored in the device; if at least 6 months have passed since the previous presentation of the banner.