PRIVACY – REPORT OF EU REGULATIONS 2016/679 ON THE PROTECTION OF PERSONAL DATA GDPR AND REQUEST FOR CONSENT TO PROCESSING THE COLLECTED PERSONAL DATA OF THE PERSON CONCERNED.
In the following webpage we describe the website management regarding the personal data processing of the users who are consulting it. It is an informative report made according to EU Regulations 2016/679 on the protection of personal data GDPR and request for consent to processing the collected personal data of the person concerned, for the ones who interact with the web services of Villa Cheta Elite S.r.l. which is accessible through internet at the website www.villacheta.it. This informative report is exclusively made for the website www.villacheta.it and not for the other ones consulted through the links indicated in this page.
This informative report is made to inform you on your personal data processing.
- Identity and contact information on Data Controller.
The data Controller is the company VILLA CHETA ELITE SRL, with registered office in Maratea (PZ) 85046 Italy, Via Timponi – Fraz. Acquafredda,
email: [email protected], then indicated as “HVCE”, Romantic Hotel & Restaurant Villa Cheta Elite.
- Contact information of the Person in Charge for Data Protection “RPD”.
The RDP appointed by HVCE is Mr Scarfò Pierpaolo who will be the point of reference for the persons concerned and reachable through the following channels:
– email: [email protected];
– fax number: +390973878135;
– mail address: Hotel VILLA CHETA ELITE SRL, Via Timponi, 1 – Fraz. Acquafredda – MARATEA (PZ) 85046 Italy.
- Purposes and legal basis of processing.
The user’s personal data will be processed for the following purposes:
- a) execution of services requested by the user;
- b) direct marketing for marketing researches;
The data processing indicated at point a) is necessary to fulfill the service requested by the user and data processing indicated at point b) requires your explicit consent by marking specific “flags”.
We specify that the direct marketing activity done by HVCE has the purposes to collect and use a limited quantity of data concerning what is necessary to the purpose they are processed for, namely elaborating studies, researches, marketing statistics, sending informative and advertising material, fulfilling activities of direct sale or placing activities of products or services, sending commercial information, making interactive commercial communications with customers who expressed explicit consent.
As regards marketing activities we specify that in case of missed explicit consent to data processing by the user, the above-mentioned activities can’t be executed.
- Personal data receivers.
As regards the indicated purposes, your data may be communicated to:
Companies and professional operators who provide services for electronic data processing and for data information system and software consulting as well as management of informative services concerning what has been described before; for the indicated subjects we write only the category of receivers as they are often subject to updating. So the persons concerned may request the updated list of the receivers contacting the Data Controller through the channels indicated in law 1. of this report.
- Period of time for conservation of data.
Personal data will be kept for the period of time strictly necessary to achieve the purposes for which they have been collected and for which the user expressed his consent and in detail:
– for the purposes indicated at point a) of law 3, so for the time necessary to the fulfilment of contract obligations and in any case the period of time is no longer than 10 years since the data collection from you for the fulfilment of prescriptive obligations, and however not beyond the terms fixed with the law for regulations of rights.
– for the purposes indicated at point b) (namely direct marketing and marketing research purposes) of law 3. for 24 (twenty-four) months since the issue of the consent to processing.
- The rights of the person concerned.
The user may exercise his rights any time as follows:
- access to personal data: having or not the confirmation that a data processing concerning the same user is in progress and in case it is, the user has access to the following information: the purposes, the typology of data, the receivers, time of maintenance, the right to make complaint to supervisory authority, the right to ask for the amendment or the cancellation or the limitation of processing, or opposing to the processing itself as well as the existence of an automated system of decision; b. Request for amendment or cancellation of data or limitation of involved processing: as “limitation” they mean the mark of kept data with the purpose to limit the future processing; c. Opposition to processing: opposing to data processing for reasons concerning one’s own peculiar situation for the execution of a task regarding the public interest or for the pursuit of Owner’s legitimate interest; d. Portability of data: when an automated processing is done by consent or to fulfill a contract the user can ask for a structured format of the data concerning himself, which has to be of common use and readable with an automated device; in detail the data may be provided by the Data Controller in .xml format or similar; e. Revocation of the consent to processing for marketing purposes, both direct and indirect, marketing researches and to develop a general outline; the execution of this right doesn’t compromise the lawfulness of processing done before the revocation in no way; f. To make complaint pursuant law 77 of RGDP to competent supervisory authority according to one’s own permanent address, working place or the place where the rights have been violated; in Italy the competent authority is the Guarantor of personal data protection, who can be contacted through the information written on the website http://www.garanteprivacy.it.
The listed rights can be executed by sending proper request to the Person in Charge for Data Control through channels indicated in law 1 of this informative report. The requests for the execution of user’s rights will be dispatched without unjustified delay and in any case within a month since the request; only in case of high complexity of request and high number of requests this timeline will be extended to 2 (two) months.
- Communication and conferment of data.
The conferment of data by the user is compulsory as it is necessary to fulfill the requested service. Therefore the possible refusal of the user to confer data may cause the not execution of the service, according to the measure these data are necessary for those purposes.
- Cookies – none of the users’ personal data is acquired with the website intentionally.
The cookies are not used to transfer personal information and any kind of persistent Cookies is used, namely systems of users’ tracing. The use of session Cookies (which are not stored in the user’s computer but they vanish with the closure of the browser) is strictly limited to the transmission of session identifications (which are composed with random numbers produced by the server) and they are necessary to have a safe and efficient exploration of the website. The session cookies used in this website avoid the use of other data processing techniques, which are potentially prejudicial for the privacy of users’ web navigation and don’t allow the acquisition of users’ personal identification data.