This Website collects some Personal Data from its Users. On this page the management methods of the Website www.hotelbaiadeimergoli.it, with reference to the processing of the Personal Data of the Users who visit it.
Alton II S.r.l. Viale dell’Oceano Pacifico, 153 – 00144 Roma
Phone: +39 06 5196 3959
Web Site: www.gruppoalton.it
Data Protection Officer
With the entry into force of the EU Regulation 2016/679, Alton II Srl has appointed Pietro Marco Picierro as person responsible for the protection of personal data (DPOs). Interested parties may contact the Data Protection Officer (DPO) to exercise the rights provided for in the aforementioned regulation, using the following email addresses: DPOfirstname.lastname@example.org.
Types of Data collected
Mode and place of processing the Data obtained
Method of Processing
The Data Controller processes the Data of the Interested Parties and Users in a lawful and proper manner and shall take appropriate security measures to prevent unauthorized access, disclosure, modification or unauthorized destruction of the Data. Processing is carried out using computers and / or telematic means, with organizational methods and logics strictly related to the stated purposes. In addition to the owner, in some cases, access to the Data may be available to external parties (such as third party technical service providers, mail carriers, hosting providers, IT companies, communications agencies, postal couriers). The updated list of Managers may be requested from the Owner at any time.
The use of the collected Data
The Data Controller processes the User’s Personal Data for the following purposes:
- the User has given his consent for one or more specific purposes (contact form, comment form, newsletter subscription form, etc.);
- the processing is due for the execution of a contract with the User and / or the execution of pre-contractual measures;
- the treatment is due to satisfy a legal obligation to which the Data Controller is subject;
- the processing is due for the implementation of a duty of public interest or for the management of public powers vested in the owner;
- the processing is due for the pursuit of a legitimate interest of the owner or third parties.
owever, the User can always ask the Data Controller to explain the precise legal basis for any necessary treatment and above all to explain in detail what is the request for treatment (by law, expected or essential to conclude a contract).
The Data are processed at the headquarters of the Data Controller, unless stated otherwise in the rest of this document. For further information, please contact the Data Controller. The User can request information by contacting the Data Controller, on the legal basis of the transfer of Data outside the European Union or to an international organization; the User can also request information on the security measures implemented by the Data Controller to protect the Data.
The Data are kept for the time necessary to perform the service requested by the User, and the User can always ask for their suspension or removal. At the end of the aforementioned conservation time the Personal Data will be deleted.
Hosting Web OVH
OVH undertakes to guarantee the maximum security of its infrastructures, in particular by implementing an information systems security policy and responding to the requirements of numerous laws and certifications (PCI-DSS, ISO / IEC 27001 and certificates of SOC 1 type II and SOC 2 type II, etc. …). All OVH certifications and their perimeter can be consulted in the Certifications section of the OVH Website Certifications OVH website. Website: https://www.ovh.it
Hosting Web Aruba
Supervision and control
Anti-intrusion sensors, video surveillance, mantrap with double authentication mechanisms and anti-tailgating technology systems.
H24 / 365 monitoring
Network Operation Center (NOC) on-site, redundant and manned 24 hours a day, 365 days a year and entrusted exclusively to our staff.
The management and protection of data in high security infrastructures are ISO 27001 certified.
Power centers and cooling systems totally redundant and equipped with the most modern equipment.
Efficient backup areas, completely redundant, ensure maximum reliability of power and cooling.
The separation of all systems and environments and the self-extinguishing detection systems ensure maximum safety against the risk of fire.
Purposes of the processing of collected data
The User Data is collected to allow the Website to provide its Services, as well as for the following purposes: contact the User, allow the User to access accounts on third-party services, allow the User to interact with social networks and with platforms outside the Website, allow statistical analysis of visits to the Website.
Detailed information on the processing of Personal Data
Personal Data collected for the following purposes and using the following services:
Access to accounts provided by third parties
This type of service allows this Website to collect data from the user’s accounts on third-party services and perform actions with them. These services are not activated automatically, but require the express permission of the User.
Facebook permissions required by this site
The required permissions are:
- Basic information: the basic information of the User registered on Facebook which normally include the following Data: id, name, image, gender and language of localization and, in some cases, the “Friends” of Facebook. If the User has publicly made additional Data available, the same will be available;
- Sharing: sharing in place of the User;
- Insight: provides access to Insight data for pages, applications and domains that the user owns;
- Like: provides access to the list of all pages that the user has marked with the Like;
- Post: provides access to posts contained in the User timeline;
- Facebook Comments: Allows the User to leave their comments and share them within the Facebook platform.
Access to the Twitter account
Access to the Twitter account
Interaction with social networks and external platforms
This Website can allow interaction with social networks, or other external platforms, directly from its pages. The interactions and information acquired during the interactions with social networks from this Site are subject to the User’s privacy settings related to each social network.
Like button and Facebook social widgets
Tweet button and Twitter social widgets
YouTube social button and widgets
Displaying content from external platforms
This site can allow you to view content hosted on external platforms and interact with them.
Widget Video YouTube
Remarketing e Behavioral Targeting
Contact the User
Contact form (this Website)
By filling out the contact form with their Data, the User gives consent to their use to allow this Website to respond to requests made by the User regarding information, estimates, or any other purpose indicated in the form. Personal Data collected: first name, last name, email address, phone number and various types of Data.
Manage contacts and send messages
This type of service allows managing a database of e-mail contacts, telephone contacts or any other type of contact indicated in the form; the aforementioned data will be used to maintain communications with the User.
MailChimp (The Rocket Science Group, LLC.)
The statistical analysis services relating the visits to a website and its pages allow the Data Controller to monitor and analyze traffic data; the aforementioned services also allow the tracking of the User’s behavior.
Users may exercise certain rights with reference to the Data processed by the Data Controller. In particular, the User can:
- withdraw consent to the processing of their Personal Data previously expressed;
- oppose the processing of personal data when it occurs on a legal basis other than that relating to the express consent;
- obtain information on the Data processed by the Data Controller, obtain information on certain aspects of the processing, receive a copy of the Data processed;
- check the correctness of the data, request the update, ask for the correction;
- request the limitation of the processing of its data, if certain conditions occur;
- request cancellation of its Data by the Data Controller, if certain conditions occur;
- receive their data and, when technically feasible, have them transferred to another holder (applicable only in cases where the data are processed with automated tools with the consent of the User);
- propose a complaint to the competent Personal Data Protection Authority or act in court.
Users have the right to oppose the processing of Personal Data for reasons related to their particular situation, in case they are treated in the public interest, in the exercise of public authority of which the Owner is invested or to pursue a legitimate interest of the Owner. If the Personal Data are processed for direct marketing purposes, the Users can oppose their processing without providing the Holder with any reasons.
Exercise of rights
To exercise their rights, Users can make a request to the Owner, referring to the contacts indicated in this document. Requests will be processed by the Data Controller as soon as possible, always within one month of the request made by the User.
Additional information about data processing
Defense in court
The User’s Personal Data may be used for legal purposes by the Owner of the Website in court or in the stages leading to possible legal action arising from its improper use or that of related services by the User. The User declares to be aware that the Data Controller may be obliged to disclose the Data by order of the public authorities.
Specific information may be shown on the pages of the Website concerning particular services or the processing of Data provided by the User or by the Data Subject.
For operation and maintenance purposes, this Application and any third party services it uses may collect system logs, i.e., files that record interaction – including navigation. They may also contain personal data, such as IP addresses.
Information not contained in this policy
More information on processing Personal Information may be requested from the Owner at any time.
Personal Data (or Data)
Any information relating to an identified or identifiable real person. An identifiable real person is defined as any real person who can be directly or indirectly identified.
Information collected automatically from the Website, including the IP addresses or domain names of the computers utilized by the users who connect to the site, the URI addresses (Uniform Resource Identifier), the time of the request, the method utilized to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the server’s answer (successful outcome, error, etc.), the country of origin, the features of the browser and the operating system utilized by the visitor, the various time details per visit (e.g., the time spent on each page) and the details about the path followed within the site with special reference to the sequence of pages visited, and other parameters about the operating system and the User’s IT environment.
Means the individual user of the Website’s services or products.
The legal or natural person to whom the Personal Data refer.
The natural person, legal person, public administration or any other organization, association or organization designated by the Data Controller for the Personal Data processing system.
Data Controller (or Owner)
The natural person, legal person, public administration or any other body, association or organization with the right, also jointly with another Data Controller, to make decisions regarding the purposes, and the methods of processing of Personal Data and the means used, including the security measures concerning the operation and use of this Website. The Data Controller is the Data Controller of this Site, unless otherwise specified.
The Website corresponds to the instrument, hardware or software, through which the Personal Data of Users are collected and processed.
The Service provided by this Website.
European Union (or UE)
A Cookie is a small piece of text that Websites send to the browser and is stored on the User’s terminal.
Date of the last modification
October 13, 2022