DISCLOSURE ON PROCESSING PERSONAL DATA
Pursuant to Art. 13 of EU Regulation 2016/679 and Legislative Decree 196/03 as amended
The data you (hereafter referred to as the “Data Subject”) provide will be processed in full compliance with EU Regulation 679/2016 and Legislative Decree 196/2003 and will be utilized solely to handle your requests. They may be communicated to third parties only if necessary for that purpose.
The data voluntarily provided by the Data Subject by completing the “CONTACTS” form on this website will be used exclusively to handle your requests and will not be used for other purposes, not even later at your request. Only if the Data Subject is registered with the “NEWSLETTER” service may the Hotel send informational or promotional material to the contacts indicated by the Data Subject.Data which is required to be communicated in order to access the service are expressly indicated; their absence will make it impossible to respond to your request.
Personnel appointed by the Controller will process the data, using procedures and technical and IT instruments that adequately protect the confidentiality and security of the Data Subject’s data. This will consist of the collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, utilization, interconnection, blocking, communication, dissemination, erasure, and destruction of said data and may include the combination of two or more of the aforementioned activities.
The data will be stored for as long as strictly necessary to provide the requested services to the Data Subject and will in all cases be erased at the Data Subject’s request, subject to additional retention obligations required by law. The Data Subject’s data will not be disseminated.
Within the sphere of its activity and for the aforementioned purposes, the Controller may avail itself of the services of third parties operating on behalf of the Controller and according to its instructions, as data processors. These are suppliers, commercial and production partners, intermediaries, technical and medical consultants, and other parties who collaborate with our organization in order to meet contractual commitments to you; parties who provide a service strictly and necessarily connected to the Controller’s activity, such as tax consultants, banks, forwarding agents, insurance companies, public and private entities, including for purposes of inspections or examinations; and parties who can access data pursuant to the provisions of law.
The Data Subject may request a complete and updated list of parties appointed as data processors through the contact information indicated below. The data may also be communicated to all parties authorized by law to collect them (such as provincial health agencies, the financial administration, etc.)
The data may be transferred within the European Union, where the LDC Italian Hotels srl or its suppliers and collaborators have their headquarters or servers. The data may be transferred outside the European Union, as Relais Sant'Uffizio is part of the international group LDC Hotels & Resorts, with headquarters in Taiwan.
For this reason, the data collected by the data controller are also available to other hotels within the LDC Italian Hotels group, in order to improve the service for the user.
DATA SUBJECT’S RIGHTS:
▪ Right of access (Art. 15 GDPR). The data subject has the right of access to his or her own data and to lodge a complaint with a supervisory authority;
▪ Right to rectification (Art. 16 GDPR). The data subject has the right to obtain from the controller rectification of inaccurate personal data concerning him or her;
▪ Right to erasure (right to be forgotten) (Art. 17 GDPR). The data subject has the right to obtain from the controller the erasure of personal data regarding him or her without undue delay;
▪ Right to restriction of processing (Art. 18 GDPR). The data subject has the right to obtain restriction of processing;
▪ Notification obligation (Art. 19 GDPR). The controller shall communicate any rectification or erasure of personal data or restriction of processing carried out in accordance with articles 16, 17, and 18 to each recipient to whom the personal data have been disclosed;
▪ Right to data portability (Art. 20 GDPR). The data subject has the right to receive the personal data concerning him or her which he or she has provided to a controller and has the right to transmit those data to another controller without hindrance from the controller;
▪ Right to object (Art. 21 GDPR). The data subject has the right to object to processing of personal data concerning him or her;
▪ Profiling (Art. 22 GDPR). The data subject has the right not to be subject to a decision based solely on automated processing, including profiling, which significantly affects him or her.
Most recent update: November 8, 2018
When consulting our web pages, it is possible that personal information and data will be collected through the voluntary completion of forms that appear on the website; in this case, the party involved must first read the data processing disclosure associated with that processing and consent to management by our company in the manners indicated in said disclosure.
To provide additional information or facilitate browsing by users, our web pages may contain links to other sites we have not created (such as search engines, suppliers of related solutions, etc.). The data processing policies applicable to those sites are not under our control and the protections provided in this disclosure do not extend to them; our company assumes no liability for personal data that may be collected there.
It is also possible to access the Site without the user being requested to provide any personal data. Nevertheless, during normal operation, the IT systems and software responsible for Site functioning acquire certain personal data whose transmission is implicit in the use of internet communication protocols, through the action of files (known as cookies) stored temporarily or permanently on your hard disk and the use of other software components downloaded or activated during browsing.
This information is not collected in order to be associated with identified data subjects, but due to its very nature could, through processing or association, make it possible to identify the user.
This category includes the IP addresses of the computers used by people who connect to the Site, the URL of the resources requested, the time of the request, the size of the file obtained in response, etc. These data are used solely to obtain anonymous statistical information on Site use (such as, in particular, the number of accesses), to check proper Site functioning, and to speed up, improve, or personalize the level of service to users, and are deleted immediately after they are processed.
The provision of data is optional; any refusal to provide this data, or the blocking of cookies or other software components, could make it impossible for us to send the information requested and/or result in improper site functionality.
The data collected will be handled exclusively by the company staff responsible for such and will not be given or communicated to others.
The data could be utilized to ascertain liability in case of hypothetical cybercrimes against the Site or third parties: except for this eventuality, at this time data on web contacts are not stored permanently.
The data controller is Sherwood Fortune S.R.L.. To exercise your above-listed rights, you may call +390141 916292 or send an email to [email protected]
Cookies are short fragments of text (letters and/or numbers) that allow the web server (the browser) to store information on the customer that will be reused during the same site visit (session cookies) or thereafter, even days later (persistent cookies). Based on user preferences, the individual browser stores cookies on the specific device used (computer, tablet, smartphone). Similar technologies can be used to collect information on user behavior and use of services.
In this document we will use the term “cookies” to refer to cookies and all similar technologies.
Types of cookies
▪Strictly necessary cookies. These are cookies which are indispensable for proper functioning of our site and are used to manage logins and access to the site’s reserved functions, in general to speed up, improve, or personalize the level of service to users. The duration of cookies is either strictly limited to the work session (they are deleted when the browser is closed), or have a longer duration and are used to recognize the visitor’s computer. Their deactivation could compromise the utilization of services accessible through login, while the public portion of the site normally remains usable.
▪Analytical and performance cookies. These are cookies that can be used to anonymously collect and analyze traffic and utilization of the site. While these cookies do not identify the customer, they make it possible, for example, to determine whether said user returns and reconnects at other times. They also make it possible to monitor the system and improve its performance and usability. These cookies may be deactivated with no loss in functionality.
▪Profiling cookies. These are permanent cookies used to identify (both anonymously and not) the user’s preferences and improve his/her browsing experience, in order to send advertising that is in line with preferences expressed while browsing online.
Third party cookies
By visiting a website, cookies may be received from both the site visited (“proprietary”), and from sites managed by other organizations (“third parties”). One example is the presence of social plugins (such as Facebook, Twitter, Google+) whose purpose is to share contents on social networks. The presence of these plugins involves the transmission of cookies from and to all sites managed by third parties. Management of information collected by “third parties” is governed by the relative disclosures, to which reference should be made.
Management of cookies
By using their browser settings, users may decide whether or not to accept cookies.
Attention: total or partial disabling of technical cookies could compromise the utilization of site functionalities reserved to registered users. On the contrary, public contents can still be used even if cookies are completely disabled.
Disabling “third party” cookies has absolutely no negative effect on browsing. The setting can be adjusted specifically for different websites and web applications. In addition, the best browsers make it possible to use different settings for “proprietary” and “third party” cookies.
For example, on Google Chrome, click the English key at the top right corner and select “Settings.” Then select “Show advanced settings” (“Under the hood”) and change the Privacy settings.