Privacy Newsletter
INFORMATION
ARTICLES 13 AND 14 OF REGULATION (EU) 2016/679
Data Subjects: Navigators, users of services, and newsletter subscribers
“HOTEL AMBASCIATORI SRL”, in its capacity as Data Controller of your personal data, pursuant to and for the purposes of Regulation (EU) 2016/679, hereinafter 'GDPR', hereby informs you that the aforementioned regulation provides for the protection of data subjects with respect to the processing of personal data and that such processing will be based on principles of correctness, lawfulness, transparency, and protection of your confidentiality and your rights.
To achieve its purposes related to the management of the relationship, the Data Controller needs to acquire personal data, such as, by way of example, first name and last name, telephone or mobile number, email address, fiscal code.
Your personal data will be processed in accordance with the legislative provisions of the aforementioned regulation and the confidentiality obligations provided therein.
Purposes of processing: Provision of the service: Your data will be processed to respond to any requests that may be received from the compilation modules and forms available on the website, or to requests received by email.
Legal basis: The legal basis of the processing is of a contractual nature in the terms in which a data processing is provided for against a request for information followed by a response.
Optional purposes: Marketing - newsletter reception service: in particular, your data will be processed, subject to your free consent, for the reception of newsletters, by entering your email address in the appropriate text box bearing the indications regarding the newsletter subscription, or by selecting/checking the appropriate box indicating "subscription to newsletters" present in a form.
Legal basis: The legal basis of the processing is the consent of the data subject.
Consequences of refusal of optional purposes: The provision of data is optional for you regarding the above-indicated purposes, and your eventual refusal to the processing does not jeopardize the continuation of the relationship or the consistency of the processing itself.
Consequences of failure to communicate: the processing of functional data for the performance of such obligations is necessary for a correct management of the relationship and their provision is mandatory to implement the purposes indicated above.
The Data Controller also points out that any failure to communicate, or incorrect communication, of one of the mandatory pieces of information, may cause the impossibility of the Data Controller to guarantee the consistency of the processing itself.
Methods of processing: The processing is carried out using manual and/or computer and electronic tools, in such a way as to guarantee the security, integrity, and confidentiality of the data in compliance with the physical and logical organizational measures, provided for by current provisions, so as to minimize the risks of destruction or loss, unauthorized access, unauthorized modification and disclosure in compliance with the methods referred to in articles 6, 32 of the GDPR.
Recipients: For the performance of certain activities, or to provide support to the operation and organization of the activity, some data may be brought to the knowledge of or communicated to recipients. Such subjects are distinguished into:
Third parties: (communication to: natural or legal persons, public authorities, service or other body that is not the data subject, the data controller, the data processor, and the authorized persons responsible for processing) including:
• Companies that manage traditional or computerized postal services
• Any other subjects whose communication of data is necessary for the achievement of the purposes indicated above.
Data processors: (the natural or legal person, public authority, service, or other body that processes personal data on behalf of the data controller)
• Providers of IT, web services, or other services necessary for the achievement of the purposes necessary for the management of the relationship.
Within the company structure, your data will be processed solely by personnel expressly authorized by the Data Controller, with assurance of adoption of a confidentiality agreement and, in particular, by the following categories of employees:
• Administration;
• Other employees whose processing is necessary for the correct execution of the relationship;
Disclosure: Your personal data will not be disclosed in any way.
Transfer of data to third countries: The controller does not transfer personal data to Non-EU countries. Should there be a need, the data subjects will be previously informed, and safeguard measures will be adopted for the transfer towards the recipients, which depending on the cases may be: verification of the existence of adequacy decisions for the recipient country by the Commission, signing of standard contractual clauses, verification of the adoption of any supplementary measures in transposition of the recommendation 01/2020 EDPB. Derogating from such safeguards, for data processing (in ref. of art. 49 of the GDPR), where applicable, the existence of a contract or pre-contractual measures in favor of the data subject or consent to the transfer is verified.
Retention period: We point out that, in compliance with the principles of lawfulness, purpose limitation, and data minimization, pursuant to art. 5 of the GDPR, the retention period of your personal data is established for a period of time not exceeding the achievement of the purposes for which they are collected and processed; in the event that a contract is signed, such retention period may cease with the expiration or withdrawal of the contract, the same data may be stored, where applicable, for an additional period of time for the purpose of managing any litigation, the legal basis of such retention being the legitimate interest of the data controller. The retention period for data processing relating to marketing is functional to the purposes pursued by the data controller, and in any case not exceeding 3 years from the last contact or feedback received.
Data Controller: the Data Controller, pursuant to the legislation, is “HOTEL AMBASCIATORI SRL”, with registered and operational office in Viale Amerigo Vespucci, 22 – 47921 Rimini (RN), VAT number: 01778610400 in the person of its legal representative pro tempore.
By sending an e-mail to the following address info@hotelambasciatori.it or a fax to the number 0541 – 23790 you may request more information regarding the data provided.
The Data Protection Officer (“DPO”) is Studio Paci & C. Srl (Contact Person Gloriamaria Paci) who can be contacted at the following details: dpo@studiopaciecsrl.it and telephone: 347-5244264.
Reg. EU 2016/679: Arts. 15, 16, 17, 18, 19, 20, 21, 22, 23 - Rights of the Data Subject
1. The data subject has the right to obtain confirmation as to whether or not personal data concerning him or her exist, even if not yet recorded, and their communication in intelligible form.
2. The data subject has the right to obtain indication of:
a. the origin of the personal data;
b. the purposes and methods of the processing;
c. the logic applied in case of processing carried out with the aid of electronic instruments;
d. the identification details of the controller, processors, and the representative designated pursuant to article 5, paragraph 2;
e. the subjects or categories of subjects to whom the personal data may be communicated or who may become aware of them in their capacity as designated representative in the territory of the State, processors, or persons in charge.
3. The data subject has the right to obtain:
a. the updating, rectification or, when interested therein, integration of the data;
b. the erasure, anonymization, or blocking of data processed in violation of the law, including those whose retention is not necessary in relation to the purposes for which the data were collected or subsequently processed;
c. certification that the operations referred to in letters a) and b) have been brought to the knowledge, also as regards their content, of those to whom the data were communicated or disclosed, except in the case where this requirement proves impossible or involves a manifest disproportionate use of means compared to the protected right;
d. data portability.
4. The data subject has the right to object, in whole or in part:
a. for legitimate reasons to the processing of personal data concerning him or her, even if pertinent to the purpose of the collection;
b. to the processing of personal data concerning him or her for the purpose of sending advertising materials or direct selling or for the performance of market research or commercial communication.
Complaint: Data subjects, where the prerequisites are met, also have the right to lodge a complaint with the Garante as supervisory authority according to the procedures provided for. For any further information, and to assert the rights recognized to you by the European Regulation, you may contact the data controller at the references listed above.
Consent
Formula for acquiring the consent of the data subject
Your consent to receive the newsletter will be recorded (IP address, email, date and time) by checking the box below the email entry, or following the position / clicking in the appropriate box, and jointly with pressing the "send" / "ok" button. This consent will be archived to prove its provision, and to allow you at any time to unsubscribe, in addition to all the other rights set forth above.