Privacy

ART. 13 OF REGULATION (EU) 2016/679

PRIVACY POLICY
INFORMATION ON THE PROCESSING OF PERSONAL DATA
PURSUANT TO ARTICLE 13 OF REGULATION (EU) 2016/679

Data subjects: users who consult the website www.hotelambasciatori.it/en of “HOTEL AMBASCIATORI SRL”

WHY THIS INFORMATION
Pursuant to Regulation (EU) 2016/679 (hereinafter "Regulation", or "GDPR"), this page describes the methods of processing personal data of users who consult the website of “HOTEL AMBASCIATORI SRL” accessible electronically at the following address: www.hotelambasciatori.it/en.
This information does not concern other sites, pages, or online services reachable via hypertext links that may be published on this site but refer to resources external to the domain www.hotelambasciatori.it/en.

DATA CONTROLLER Following consultation of the site, data relating to identified or identifiable natural persons may be processed.

The Data Controller is “HOTEL AMBASCIATORI SRL” with registered and operational office in Viale Amerigo Vespucci, 22 – 47921 Rimini (RN), VAT number: 01778610400, e-mail info@hotelambasciatori.it, tel. 0541.23.790.

DATA PROTECTION OFFICER
The Data Protection Officer (RPD / DPO) is the company Studio Paci & C. Srl (Contact Person Dr. Gloriamaria Paci) who can be contacted at the following address: dpo@studiopaciecsrl.it and telephone: 0541 - 1795431.

TYPES OF DATA PROCESSED, PURPOSES OF THE PROCESSING AND LEGAL BASIS

1) Navigation data
Legal basis: “data processing necessary for website navigation” – contractual obligation – art. 6 par. 1 letter b) GDPR
The computer systems and software procedures used to operate this site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
This category of data includes IP addresses or domain names of the computers and terminals used by users, the URI/URL (Uniform Resource Identifier/Locator) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user's computer environment.
Such data, necessary to navigate the Site and to use the information contained therein, are also processed by the controller for the purpose of:
-    obtaining aggregate and anonymous statistical information on the use of the Site (most visited pages, number of visitors by time slot or daily, geographical areas of origin of visitors, etc.);
-    checking the correct usability of the contents offered by the Site;
-    preventing or countering any possible cybercrime, the fraudulent use of the features available on the site, also for the purpose of reconstruction of security incidents and their traceability.

Retention period:
Navigation data, in compliance with the principles of lawfulness, purpose limitation, and data minimization, pursuant to art. 5 of the GDPR, will be retained for a period of time not exceeding the achievement of the technical purposes described above for which they are collected and processed, except for any need to establish criminal offenses by the Judicial Authority.

2) Data communicated by the user
Legal basis: “data processing necessary to answer users' questions” – contractual obligation – art. 6 par. 1 letter b) GDPR
The optional, explicit, and voluntary sending of messages to the contact addresses of “HOTEL AMBASCIATORI SRL”, private messages sent by users to institutional and social media profiles/pages (where this option is provided), as well as the compilation and forwarding of the forms present on the sites of “HOTEL AMBASCIATORI SRL”, involve the acquisition of the sender's contact data, necessary to reply, as well as all personal data included in the same communications.
Specific disclosures are published on the pages of the site set up for the provision of certain services; where necessary, the user's consent is collected, informing from time to time about the purposes and the optional nature of the provision.

Retention period:
The data communicated by the user are retained for the time necessary to manage individual requests; any subsequent retention for statistical purposes provides for the anonymization of such data (except for any need to establish criminal offenses by the Judicial Authority).

3) Identification via Social Media
Legal basis: “performance of contractual or pre-contractual measures adopted at the request of the data subject” – art. 6 par. 1 letter b) GDPR.

You are allowed to use your social profiles, such as Facebook and Google, for the verification of your identification aimed at online room reservation. We will become aware of the available information that you have authorized from your social profile, such as: profile ID, first name, last name, e-mail, mobile phone number. Any other available information will not be used.

4) Newsletter
Legal basis: “consent of the data subject” – art. 6 par. 1 letter a) GDPR
The processing of data necessary for the management of newsletters, following explicit consent expressed by the user, is described in a specific information notice reachable via the form dedicated to the newsletter. At any time it is possible to withdraw this consent by unsubscribing using the features indicated in all e-mails or by sending an e-mail to info@hotelambasciatori.it.

5) Cookies and other tracking systems
Use is made of:
a) technical cookies necessary for users' navigation, they facilitate the correct navigation of the site and the usability of contents by the user. Legal basis: “contract as they are functional and necessary”.
b) analytical cookies used to process aggregate statistical analysis on the use of and interaction with the site by the user. Subject to the user's consent. Legal basis: “consent”.
c) Profiling cookies allow the collection of information regarding the preferences expressed by the user during navigation and to process reports intended to be used for targeted advertising and marketing campaigns. Legal basis: “consent”.
Information on data processing, purpose, duration, and complete management of cookies, including their consent and withdrawal, are available in the “Cookie Settings” document also present in the footer.

6) Social Media Policy: Information about the processing of personal data carried out through the Social Media platforms used
For information on the processing of personal data carried out by the managers of the Social Media platforms, please refer to the information provided by them through their respective privacy policies. The Data Controller processes the personal data provided by users through the dedicated Social Media platform pages, within its business promotion and advertising purposes, to manage interactions with the users themselves (comments, public posts, messages, shares, etc.) in compliance with current legislation on the protection of personal data and this information notice; where necessary, the user's consent is collected, informing from time to time about the purposes and the optional nature of the provision.
Personal or “sensitive” data entered in comments or public posts within social media channels may be removed.

The platforms used are:
•     Facebook https://www.facebook.com/HotelAmbasciatoriRimini/
•     Instagram https://www.instagram.com/ambasciatori_rimini/

RECIPIENTS OF THE DATA
Recipients of the data collected following the consultation of some of the services listed above are certain entities designated by the Controller pursuant to Article 28 of the Regulation, as data processors, and further additional service providers in the context of web-agencies, digital communication, systems assistance, and any other digital service providers for whom it is possible to request the complete list by writing to info@hotelambasciatori.it.
Some data and information may be transmitted or acquired by entities identified as autonomous data controllers; such data relate to cookies that are usually anonymized before sending, for statistical purposes. If transfer to Non-EU countries is provided for, the guarantee measures undertaken will be indicated, as described in paragraph 6 of this document.
The personal data collected are also processed by the staff of “HOTEL AMBASCIATORI SRL”, who act on the basis of specific instructions provided regarding the purposes and methods of the processing itself.

SECURITY OF PROCESSING
Personal data transmitted and stored for the time necessary for the declared purposes are protected by specific technical and organizational security measures with reference to art. 32 of the Regulation, capable of guaranteeing on a permanent basis the confidentiality, integrity, availability, as well as the capacity to promptly restore the availability and access to personal data in the event of a physical or technical incident, also against the risks of destruction, loss, alteration, unauthorized disclosure or access, accidentally or unlawfully, to personal data transmitted, stored or otherwise processed.

TRANSFER OF PERSONAL DATA TO NON-EU COUNTRIES
The controller does not transfer personal data to Non-EU countries. However, by consenting to analytical and/or profiling cookies, Your data could be transmitted to the USA, a country that currently does not provide suitable guarantees for the processing of Your data, but Google has declared the implementation of supplementary security measures that the Controller has evaluated to be sufficient.

RIGHTS OF THE DATA SUBJECTS
Data subjects have the right to obtain from “HOTEL AMBASCIATORI SRL”, in the cases provided for, access to their personal data, rectification, erasure of the same, restriction of processing concerning them, portability, or to object to processing and to withdraw consent (where used as a legal basis) with reference to Articles 15 to 22 of the Regulation.
The request is submitted through the contact data of “HOTEL AMBASCIATORI SRL”, with registered and operational office in Viale Amerigo Vespucci, 22 – 47921 Rimini (RN), or by contacting the Data Protection Officer: Studio Paci & C. Srl (Contact Person Dr. Gloriamaria Paci) contactable at the following address: dpo@studiopaciecsrl.it and telephone: 0541 - 1795431.
To exercise your rights, it is also possible to use the form prepared and available on the website of the Italian Data Protection Authority at this link: https://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/9038275

RIGHT TO LODGE A COMPLAINT
Data subjects who believe that the processing of personal data relating to them carried out through this site takes place in violation of the provisions of the Regulation have the right to lodge a complaint with the Supervisory Authority, as provided for by art. 77 of the Regulation itself, or to judicial remedies (art. 79 of the Regulation). The form for lodging a complaint is available on the website of the Italian Data Protection Authority at this link: https://www.garanteprivacy.it/home/docweb/-/docweb-display/docweb/4535524