Privacy information on data processing
Information document article 13 EU Reg. 2016 / 679- GDPR
Subject: Information on the processing of personal data collected from the data subject through the website
In compliance with the provisions of EU Reg. 2016/679 (European Regulation for the protection of personal data) we provide you with the necessary information regarding the processing of the personal data provided.
The information refers to the website www.hotelkraft.it and is not to be considered valid for other websites that may be consulted through links on the owner's domain websites, which is not to be considered in any way responsible for the websites of third parties.
This is an information that is provided pursuant to art. 13 of EU Reg. 2016/679 (European Regulation for the protection of personal data) and is also inspired by the provisions of Directive 2002/58 / EC, as updated by Directive 2009/136 / EC, on the subject of Cookies as well as provided for by the Provision of the Guarantor Authority for the protection of personal data of 08.05.2014 regarding cookies.
1 - SUBJECTS OF THE TREATMENT
DATA CONTROLLER, pursuant to art. 4 and 24 of EU Reg. 2016/679 is ATESSA SRL with registered office in Via Solferino, 2 - 50123 Florence (FI) hereinafter, ("Owner")
2 - PURPOSE AND LAWFULNESS OF THE TREATMENT
The personal data provided will be processed in compliance with the conditions of lawfulness pursuant to art. 6 EU Reg. 2016/679 for the following purposes: Management of inherent data processing (Article 6 letter b):
- navigation on this website;
- possible compilation of data collection forms for sending an information request to the data controller;
- fulfillment of current administrative, accounting and tax obligations, as well as to comply with laws and regulations. For the purposes of applying the provisions on the protection of personal data, the treatments carried out for administrative and accounting purposes are those related to the performance of organizational, administrative, financial and accounting activities, regardless of the nature of the data processed.
Personal data provided voluntarily and optionally by users who submit requests to receive information on hotel services (prices, availability of rooms and conference rooms, etc.), register for the newsletter, make online reservations, or simply submit requests for recruitment by sending curricula in electronic format, are used for the sole purpose of performing the service or provision requested and are not disclosed to third parties unless the communication is required by law or is strictly relevant and necessary for the fulfillment of requests.
3 - NAVIGATION DATA
Like all websites, this site also makes use of log files in which information collected in an automated manner is stored during user visits. The information collected could be the following:
- internet protocol address (IP);
- type of browser and device parameters used to connect to the site;
- name of the internet service provider (ISP);
- date and time of visit;
- web page of origin of the visitor (referral) and exit;
- possibly the number of clicks.
This is information that is not collected to be associated with identified interested parties, but which by their very nature could, through processing and association with data held by third parties, allow users to be identified.
4 - DATA PROVIDED VOLUNTARILY BY THE USER
The optional, explicit and voluntary sending of electronic mail to the addresses indicated on this site entails the subsequent acquisition of the sender's address, necessary to respond to requests, as well as any other personal data included in the message.
5 - RECIPIENTS OR CATEGORIES OF RECIPIENTS OF THE DATA
The personal data provided through email contacts or through any CV spontaneously sent to the owner may be communicated to recipients, who will process the data as managers and / or as natural persons acting under the authority of the owner, in order to comply with contracts or related purposes.
Specifically, the data may be disclosed to recipients belonging to the following categories:
- Subjects that provide services for the management of the information system and communication networks of ATESSA SRL (including e-mail);
- Studies or companies in the context of assistance and consultancy relationships;
- Competent authorities for the fulfillment of legal obligations and / or provisions of public bodies, upon request;
- In the case of administrative accounting purposes, the data may possibly be transmitted to commercial information companies for the assessment of solvency and payment habits and / or to subjects for credit recovery purposes.
- In the case of spontaneous application, your data will be stored at our office and will be communicated exclusively to the competent subjects for the performance of the necessary services, with a guarantee of protection of the rights of the interested party. Your data will be processed only by personnel expressly authorized by the Data Controller and, in particular, by the following categories of persons in charge: Management and Administration of ATESSA SRL with functions of System Administrator and Personnel Management and Administration
The subjects belonging to the aforementioned categories perform the function of data processing manager, or operate in total autonomy as separate data controllers.
6 - HOLDER OF THE TREATMENT
The data collected by the site are processed at the headquarters of the Data Controller, and at the web Hosting datacenter. The web hosting, which is responsible for data processing, processing data on behalf of the owner, is located in the European Economic Area and acts in accordance with European standards.
The list of designated data processors is constantly updated and available at the headquarters of ATESSA SRL
7 - DATA TRANSFER TO A THIRD COUNTRY AND / OR AN INTERNATIONAL ORGANIZATION
The personal data provided will not be transferred abroad within or outside the European Union.
8 - STORAGE PERIOD AND CRITERIA
The processing will be carried out in an automated and / or manual form, with methods and tools aimed at guaranteeing maximum security and confidentiality, by persons specifically appointed for this.
In compliance with the provisions of art. 5 paragraph 1 letter. e) of EU Reg. 2016/679, the personal data collected will be stored in a form that allows the identification of the data subjects for a period of time not exceeding the achievement of the purposes for which the personal data are processed. To find out the criteria underlying the data retention period, write to info@krafthotel.it
9 - NATURE OF THE PROVISION AND REFUSAL
Apart from what is specified for navigation data, the user is free to provide personal data in dedicated areas on the site.
The provision of personal data for the purposes referred to in this information document is necessary to refine the specific functions and use the services offered to the Data Controller, for example to receive feedback on the request for information sent. Failure to provide personal data may make it impossible to obtain the requested service or to use the services offered by the site.
10 - RIGHTS OF THE INTERESTED PARTIES
You will be able to assert your rights as expressed by the articles. 15 - right of access, 16 - right of rectification, 17 - right to cancellation, 18 - right to limitation of processing, 20 - right to portability, 21 - right to object, 22 right to object to the automated decision-making process of the GDPR 679 / 16 of EU Regulation 2016/679, by contacting the Data Controller, by writing to info@krafthotel.it
You have the right, at any time, to ask the Data Controller to access your personal data, to correct them, to cancel them, to limit their processing.
Furthermore, you have the right to object, at any time, to the processing of your data (including automated processing, eg profiling) as well as to the portability of your data.
Without prejudice to any other administrative and judicial appeal, if you believe that the processing of your data violates the provisions of EU Reg. 2016/679, pursuant to art. 15 letter f) of the aforementioned EU Reg. 2016/679,
You have the right to lodge a complaint with the Guarantor for the protection of personal data and, with reference to art. 6 paragraph 1, letter a) and art. 9, paragraph 2, letter a), you have the right to revoke the consent given at any time. Link to the website of the Privacy Guarantor: http://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/4535524.
In the case of a request for data portability, the Data Controller will provide you with your personal data in a structured format, commonly used and readable by an automatic device, without prejudice to paragraphs 3 and 4 of art. 20 of EU Reg. 2016/679.