On 25 May 2018 a new regulation entered into force in the European Union, called the EU Data Protection General Regulation 2016/679 (“GDPR”). Provides rigorous and specific guidelines on how personal data are collected and managed. This also applies to companies and people residing outside the EU but collecting data from EU citizens.
owner of HOTEL RIVER SAS DI GIANGIULIO ROSA
Registered address VIA ORTIGARA, 21
Fiscal code / VAT number 01243350400
Responsible for the processing of personal data GIANGIULIO ROSA
Website address www.hotelriver.rimini.it
Email address Info@hotelriver.rimini.it
Telephone number +39 054126904
What personal data do we collect?
When you use our services, you accept that our company collects some of your personal data. We treat two types of data, personal data provided by the user for the use of our services and technical data that we automatically collect to improve the service.
Data provided by the user
With this application we collect the following data:
email (mandatory data)
You can also choose to provide us with the following information:
information to make a cost estimate
number of adults
number of children
age of children
number of rooms
message or notes
If you provide personal data of third parties, such as those of your family or friends, you must be sure that these subjects have been adequately informed and have consented to the related processing in the manner described by this statement.
We keep this data only for the purpose of providing you with the requested service (information request).
We do not disclose this information to third parties.
Data collected automatically
data collected using cookies or similar technologies: for more information, please visit the “Cookies” section.
How do we use your data?
We use the collected data, if you have expressly provided your consent, for:
to guarantee you access to our services and improve their provision, in particular for:
reply directly to your contact request by e-mail
We process the data collected, in case you have expressly provided your consent, to analyze your habits or consumption choices in order to propose a service that is more and more personalized and in accordance with your interests.
Is the provision of data mandatory?
The provision of personal data is mandatory only for the processing necessary for the provision of services offered (any refusal for the purpose of providing the service makes it impossible to use the service); it is optional for promotional and profiling purposes and any refusal to give consent does not have negative consequences on the provision of the service offered on the website and related applications.
Who are the subjects of data processing?
The data controller is GIANGIULIO rOSA in the person of its legal representative pro-tempore, with registered office located in VIA ORTIGARA, 21 -47921 RIMINI -P.I. 01243350400
The person in charge of data protection (Data Protection Officer) pursuant to art. 37 of the GDPR is GIANGIULIO ROSA
We remind you that you can contact the DPO at any time and send any questions or requests regarding your personal data and respect your privacy by writing to email@example.com
The data collected as part of the provision of the service may be communicated to:
companies that perform functions strictly connected and instrumental to the use of our services, such as suppliers that provide services for the review and verification of announcements, suppliers of direct marketing services and customer care
bodies and administrative and judicial authorities by virtue of legal obligations
Your personal data may be transferred outside the European Union to be processed by some of our service providers. In this case, we make sure that this transfer takes place in compliance with current legislation and that an adequate level of personal data protection is guaranteed based on an adequacy decision, on standard clauses defined by the European Commission or on Binding Corporate Rules.
Under no circumstances do we transfer or sell personal data to third parties.
The owner takes appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of personal data. Processing is carried out using IT and / or telematic tools, with organizational methods and with logic strictly related to the purposes indicated. In addition to the owner, in some cases, other subjects involved in the organization of this application (administrative, commercial, marketing, legal, system administrators) or external subjects (as suppliers of third party technical services, postal couriers, may have access to the data) hosting providers, IT companies, communication agencies) also appointed, if necessary, responsible for the processing by the owner. The updated list of managers can always be requested from the data controller.
What rights do you have on your data?
Users can exercise rights with reference to the data processed by the owner. In particular, the user has the right to:
- withdraw consent at any time. The user can withdraw consent to the processing of their personal data previously expressed.
oppose the processing of your data. You may object to the processing of your data when it occurs on a legal basis other than consent. Further details on the right of opposition are indicated in the section below.
access your data. The user has the right to obtain information on the data processed by the owner, on certain aspects of the treatment and to receive a copy of the data processed.
verify and request correction. The user can verify the correctness of his data and request the update or correction.
obtain the cancellation or removal of personal data. When certain conditions are met, the user can request the cancellation of their data by the owner.
receive their data or have them transferred to another holder. The user has the right to receive his / her data in a structured format, commonly used and readable by an automatic device and, where technically feasible, to obtain the transfer without hindrance to another holder. This provision is applicable when the data are processed with automated tools and the processing is based on the user’s consent, on a contract of which the user is a party or on contractual measures connected to it.
propose a complaint. The user can lodge a complaint with the competent personal data protection authority or act in court.
obtain treatment limitation. When certain conditions occur, the user can request the limitation of the processing of their data. In this case the owner will not process the data for any other purpose other than their conservation.
- For how long and how do we keep your data?
The data are processed and stored for the time required by the purposes of the services used and for which they were collected.
Personal data collected for purposes related to the execution of a contract between the owner and the user will be retained until the execution of the contract is completed.
Personal data collected for purposes related to the legitimate interest of the owner will be retained until the satisfaction of this interest. The user can obtain further information regarding the legitimate interest pursued by the owner in the relevant sections of this document or by contacting the owner at this email: firstname.lastname@example.org
When the processing is based on the user’s consent, the holder may retain the personal data for a longer time until such consent is revoked. In addition, the owner may be obliged to keep personal data for a longer period in compliance with a legal obligation or by order of an authority. At the end of the retention period, personal data will be deleted. Therefore, at the end of this term the right of access, cancellation, rectification and the right to data portability can no longer be exercised.