REGULATION EU 16/679
Data on persons identified or identifiable may be processed following the viewing of this website. The Data Controller of the data acquired by this site is Florida SRL – P.IVA 00633010228, manager of the Hoody Hotel, with registered office at Via Damiano Chiesa, 8 – 38066 Riva del Garda, from whom relevant information can be requested.
Processing activities related to navigation on this site aim to allow content to be viewed and to facilitate access to the services provided. We do not collect any type of data referring to minors (unless authorised by those with parental responsibility) or information that may reveal racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, data relating to health, sexual life, or sexual orientation, and request that data subjects do not use this site to send such data.
Data collected (personal data, residence data, e-mail and telephone contact details, information on booking services, browsing data, etc.) are processed in compliance with the technical and organisational security measures provided for by the EU Regulation by means of suitable procedures to guarantee their confidentiality. Data will not be processed by automated decision-making processes. All data provided is processed pursuant to the principles of correctness, lawfulness, and transparency, both in paper and electronic form, and protected by technical and organisational measures to ensure appropriate levels of security.
PURPOSES AND LEGAL GROUNDS FOR PROCESSING
Personal data collected with this site is processed for the following purposes:
- a) to execute a contract of which the data subject is a part (booking and management of hotel services, reply to any requests for information) and to respect the relative legal obligations. The legal basis for these purposes is given by the need to fulfil contractual and/or pre-contractual obligations, and the need to perform the resulting legal obligations. The provision of these personal data is indispensable for the requested services to be provided (if they are not supplied to the owner, the former may be unable to offer the services requested in whole or in part). Personal data collected for this purpose are processed for the time period necessary to fulfil the relationship, and are stored in compliance with the terms of the law.
- b) for marketing purposes (sending commercial communications and updates on the owner’s services or initiatives, sending advertising and promotional material). For this purpose, it is necessary to obtain the consent of the data subject. This consent is voluntary and optional (the ability to receive hotel services provided by the owner is not affected), and can be revoked at any time by means of a written request sent to the data controller.
During normal operation, the IT systems and software procedures for this website acquire various personal data, whose transmission is implicit when using Internet communication protocols. This information is not collected to be associated with identified data subjects, but, given its nature, it could allow for users to be identified when processed and associated with data held by third parties. This category includes the IP addresses or domain names of computers used by users who connect to the site, addresses of requested resources in URI (Uniform Resource Identifier) notation, time of the request, the method used to submit the request to the server, the file size obtained in response, the numerical code indicating the response status from the server (successful, error, etc.) and other parameters related to the user’s operating system and computer environment. These data could be used in order to obtain information on the use of the site and verify its proper operation. They are deleted after processing, unless they require storage in order to protect a legitimate interest of the owner.
- d) data provided voluntarily by the user: the provision of personal data in the forms on this site, and the optional, express, and voluntary sending of electronic mail to the addresses indicated on this site entails the subsequent acquisition such data by the owner in order to reply to the data subject. Specific information can be found on the area of the site dedicated to particular services requested by the user.
DISCLOSURE OF DATA
Data can be known by the owner and personnel in charge of their processing. In addition to the subjects specified above, data provided may be processed by third parties appointed as data controllers or autonomous data controllers, to the extent that this is necessary for the performance of their activities for the owner, and within the limits of their authorisation profiles (i.e. companies and/or freelancers involved in consulting activities, the provision of IT services, other subjects to whom their communication should become necessary for the performance of the contractual relationship, to fulfil legal obligations, and/or to pursue the purposes indicated above).
The data communicated will be transferred to third countries or non-EU international organisations in strict compliance with legal conditions.
EXERCISE OF RIGHTS AND REQUEST FOR INFORMATION
The data subject may exercise the rights referred to in Articles 15 and following of European Regulation n. 679/2016 at any time, namely: the right to know if your personal data are being processed, and to know its content and origin, to verify its accuracy or request its integration, deletion, limitation, update, correction, transformation into anonymous form, or blocking, oppose their processing for legitimate reasons, and lodge a complaint with the Guarantor for the Protection of Personal Data. Consent to processing may be revoked at any time, which will result in the termination of processing activities. These rights may be exercised with the Data Controller by sending an email to firstname.lastname@example.org
The contact details of the supervisory authority are as follows: email@example.com.