On 25 May 2018 it entered into force in the European Union, published on EU data protection 2016/679 (“GDPR”). It provides rigorous and specific guidelines on how personal data are collected and managed. This also applies to companies and people residing outside the EU but collecting data from EU citizens.
Who we are
owner: Hotel Magda of Cristallini Marina and c sas sede operativa hotel Derby
Registered office address: Via Michelangelo, 20 – 47838 Riccione -Rn
Fiscal code / VAT number: 01925620401
Responsible for personal data processing: Matteo Berardi
Website address: HTTP://derbyriccione.it
Email address: email@example.com
Telephone number: +39 0541 602150
What personal data do we collect?
When you use our services, you accept that our company collects some of your personal data. We deal with two types of data, personal data provided by the user for the use of our services and technical data that we automatically collect to improve the service.
User provided data
- email (mandatory)
You can also choose to provide us with the following information:
information to make a cost estimate
- check-in date
- departure date
- number of adults
- number of children
- age of children
- treatment – type of stay
- number of rooms
- message or notes
With this application we collect the following data:
- email (mandatory)
We keep this data only for the purpose of providing you with the requested service: sending informative newsletters about offers, news and events
If you provide personal data of third parties, such as those of your family or friends, you must be sure that these subjects have been adequately informed and have consented to the related processing in the manner described by this statement.
We do not disclose this information to third parties.
Data collected automatically
- data collected using cookies or similar technologies: for more information, please visit the “Cookies” section.
How do we use your data?
We use the collected data, if you have expressly provided your consent, for:
- reply directly to your contact request by e-mail
- send you occasional newsletters about offers, news and events
We process the collected data, in case you have expressly provided your consent, to analyze your habits or purchase choices in order to propose a service that is increasingly personalized and compliant with your interests.
Is the provision of data mandatory?
The provision of personal data is mandatory only for the processing necessary for the provision of the offered services (any refusal for the purpose of providing the service makes it impossible to use the service); it is optional for promotional and profiling purposes and any refusal to give consent does not have negative consequences on the provision of the service offered on the website and related applications.
Who are the subjects of data processing?
Data controller is Cristallini Marina in the person of its legal representative pro-tempore, with registered office located in Via Michelangelo, 20 – 47838 Riccione -Rn
The person in charge of data protection (Data Protection Officer) pursuant to art. 37 of the GDPR is none
The data collected as part of the provision of the service may be communicated to:
- companies that perform functions strictly connected and instrumental to the use of our services, such as suppliers that provide services for the review and verification of announcements, suppliers of direct marketing services and customer care
- public, administrative and judicial authorities by virtue of legal obligations
Your personal data may be transferred outside the European Union to be processed by some of our service providers. In this case, we make sure that this transfer takes place in compliance with current legislation and that an adequate level of personal data protection is guaranteed based on an adequacy decision, on standard clauses defined by the European Commission or on Binding Corporate Rules.
Under no circumstances we transfer or sell personal data to third parties.
The owner takes appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of personal data. Processing is carried out using IT and / or telematic tools, with organizational methods and with logic strictly related to the purposes indicated. In addition to the owner, in some cases, other subjects involved in the organization of this application (administrative, commercial, marketing, legal, system administrators) or external subjects (as suppliers of third party technical services, postal couriers, may have access to the data) hosting providers, IT companies, communication agencies) also appointed, if necessary, responsible for the processing by the owner. The updated list of managers can always be requested from the data controller.
What rights do you have on your data?
Users can exercise rights with reference to the data processed by the owner. In particular, the user has the right to:
- withdraw consent at any time. The user can withdraw consent to the processing of their personal data previously expressed.
- oppose the processing of your data. You may object to the processing of your data when it occurs on a legal basis other than consent. Further details on the right of opposition are indicated in the section below.
- access your data. The user has the right to obtain information on the data processed by the owner, on certain aspects of the process and to receive a copy of the data processed.
- verify and request correction. The user can verify the correctness of his data and request the update or correction.
- obtain the cancellation or removal of personal data. When there are certain conditions, the user can request the cancellation of their data by the owner.
- receive their data or have them transferred to another holder. The user has the right to receive his / her data in a structured format, commonly used and readable by an automatic device and, where technically possible, to obtain the transfer without hindrance to another holder. This provision is applicable when the data are processed with automated tools and the processing is based on the user’s consent, on a contract of which the user is a party or on contractual measures connected to it.
- propose a complaint. The user can lodge a complaint with the competent personal data protection authority or act in court.
- obtain treatment limitation. When certain conditions occur, the user can request the limitation of the processing of their data. In this case the owner will not process the data for any other purpose other than their conservation.
We have created this form to facilitate you in case you want to exercise the following rights on your personal data:
- View your personal information
- Correct your personal data (specify the fields to edit in the notes)
- Revoke your consent to the use of your personal data
- Delete personal data
- Portability of your data to others (specify in the notes)
For how long and how do we keep your data?
The data are processed and stored for the time required by the purposes of the services used and for which they were collected.
- Personal data collected for purposes related to the execution of a contract between the owner and the user will be retained until the execution of the contract is completed.
- Personal data collected for purposes related to the legitimate interest of the owner will be retained until the satisfaction of this interest. The user can obtain further information regarding the legitimate interest pursued by the owner in the relevant sections of this document or by contacting the owner at this email: firstname.lastname@example.org
When the processing is based on the user’s consent, the holder may retain the personal data for a longer time until such consent is revoked. In addition, the owner may be obliged to keep personal data for a longer period in compliance with a legal obligation or by order of an authority. At the end of the retention period, personal data will be deleted. Therefore, at the end of this term the right of access, cancellation, rectification and the right to data portability can no longer be exercised.