PRIVACY POLICY
""How we manage and collect your personal data""
Who is the Data Controller of this web-site?
L'Arco dei Sogni S.a.s.
Via Posta Vecchia 1
98030 Malvagna ME
P. Iva IT03221700838
Owner eMail address : affittacamerearcodeisogni@gmail.com
Types of Data collected
The Personal datas collected by this Website, there are: name, surname, phone number, email. All information about all type of data collected, are provided in the dedicated sections of this Privacy Policy. Personal Data are freely provided by the User or in case of navigation data, collected automatically during the use of this Website. The datas requested by this Website are essential in order to provide the service, some of these datas are optional, Users are free to refrain from communicating such Data, this will not have any consequence on the availability of the Service or on its operation. Users who have doubts about mandatory datas, can contact the Data Controller for more information, using the contacts at the beginning of this document.
Any use of Cookies or other tracking tools by this Website, or by third party services, is usefull to provide the Service requested by the User, in addition to the further purposes described in this document and in the Cookie Policy.
The User assumes responsibility for the Personal Data of third parties obtained, published or shared through this Website and ensure that he has the right to communicate or publish them, freeing the Owner from any liability to third subject.
How we collect and process personal datas
Processing Mode
The Data Controller takes appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of Personal Data.
The processing is made through computer and/or digital tools, and when necessary on paper, with all security measures envisaged by the legislator.
In addition to the Data Controller, in some cases, other subjects, including employees and collaborators (administrative, commercial, marketing, legal, system administrators) or external subjects (suppliers of technical services, courier, hosting providers, communication agencies) may have access to the Data, and could be nominated by Data Controller as Data Processor. The updated list of Data Processors can always be requested at the Data Controller.
Legal basis of the processing
The Data Controller processes Personal Data of the User in order to the following conditions:
-
when the User has given consent for one or more specific purposes.
Note: in some jurisdictions the Data Controller may be authorized to process Personal Data without the User's consent, until he opposed against data processing ("opt-out"). However, this is not applicable if the processing of Personal Data is regulated by European legislation;
-
when processing is necessary for the execution of a contract with the User and/or the execution of pre-contractual measures;
-
when processing is necessary to fulfill a legal obligation of the Data Controller;
-
when processing is necessary for public interest or for the exercise of public authority vested in the Data Controller;
-
when processing is necessary for the pursuit of a legitimate interest of the owner or third parties.
In any case, it's always possible to ask at the Data Controller extended explanations about the legal basis of data processing using the contacts at the beginning of this document.
Place
The Data are processed at the operational headquarters of the Data Controller and in any other place where the parties involved are located.
The User's Personal Data may be transferred to other countries different with the User country.
The User have the right to obtain information regarding the legal basis for the transfer of Data outside the European Union.
For more information, the User can refer to the respective sections of this document or request specific information at the Data Controller.
Storage time
The Data are processed and stored for the time required by the purposes for which they were collected. Therefore:
The Personal Data collected through forms on the website, will be stored for the time necessary to give feedback to the User's requests.
Personal Data collected for purposes related to the legitimate interest of the Data Controller will be stored until such interest is met.
When the process is based on the consent of the User, the Data Controller can stored the Personal Data for a longer time and until such consent is revoked, in any case the Data Controller will store the User's data for a maximum period of 36 months. Furthermore, the Data Controller may be obliged to store Personal Data for a longer time in compliance with a legal obligation or by order of an authority.
At the end of the storage time the Personal Data will be deleted, over this term the access, cancellation, rectification and portability right will be revocated.
Purposes of the data collect processing
The Personal and Navigation Data obtained automatically or voluntarily released by the Users, are collected by the Data Controller for the following purposes:
Contacting the User, Reservations, Reviews, Customer support, Interaction with social networks and external platforms, Protection from SPAM, Statistics, marketing activities such as: sending information material through: email, newsletters, text messages, or using new communication platforms such as WhatsApp, Facebook, Telegram, Skype.
Collect and process data is necessary to follow up the User's requests. Any additional purposes, for example: marketing campaigns or sharing the User's data with partners or other companies, will need an explicit consent of the User, optional and separate. For all marketing purposes, each User has the right to revoke his/her consent, without this having consequences in the contractual relationship and/or for the performance of services requested by the User.
More information on the purposes of data processing may be requested at any time to the Data Controller using the contacts at the beginning of this document.
User’s Rights
Users may exercise some rights with reference to the Data processing. In particular, the User's rights are:
-
The right of access: the User can request the access at the own personal data and all information about how the Data Controller process them. Under request of the User, the Data Controller will provide an overview of the data processed, and a copy of the actual data collected and a description of the processing methods. The Data Controller will also provide the purposes of the processing, the way in which the data were acquired and the subjects with whom the data eventually shared.
-
The right of rectification: the User has the right to request the correction of personal data if they are inaccurate or incomplete.
-
The right to oppose: the User has the right to oppose at the processing of own Data when it occurs on a legal basis different than consent, may also oppose to the processing of Personal Data for profiling or automated processing purposes. When Personal Data is processed in the public interest, or to pursue a legitimate interest of the Data Controller, the User has the right to oppose at the processing only for particular reasons. The User must motivate of his opposition, unless the processing is carried out for direct marketing purposes. In the latter case, in fact, no motivation is required to exercise this right.
-
The right to data portability: the User has the right to obtain own personal data to transfer them somewhere else
-
The right to cancellation: the User has the right to request the cancellation of own data, when revoking the consent, or when they will no longer useful for the purposes for which they were collected. In this case, the Data Controller will carry out, as soon as possible, the cancellation. The Data Controller can deny the cancellation when the processing is done for a public interest or when the data will be necessary for the defense in court or to fulfill a legal obligation.
-
The right to limit the processing: When certain conditions are met, the User can request the limitation of the processing of own Data. In this case the Data Controller will not process the Data for any other purpose different by simple conservation.
-
The right to file a complaint: the User can file a complaint at the competent personal data protection authority or act in court.
How to exercise the rights
To exercise her/his rights the Users can send a request using the contact details of the Data Controller indicated in the beginning of this document. The requests are free and processed by the Data Controller as soon as possible, in any case within 30 days.
Cookie Policy
This Website uses cookie. To take more info about how we use the cookie, the User can consult our Cookie Policy.
More information about data processing
Defense in court
The User's Personal Data may be used by the Owner in court to defense himself.
The User declares to be aware that the Data Controller may be obliged to disclose the Data by order of the public authorities.
Specific information
In addition to the information contained in this privacy policy, this Website may provide, additional and contextual information regarding specific Services that need collection and processing of Personal Data.
System logs and maintenance
For needs related to operation and maintenance, this Website and some third party services may collect System Logs, which are files that record the interactions and that may also contain Personal Data, such as the User IP address.
Information not contained in this policy
More information about the processing of Personal Data may be requested at any time at the Data Controller using the contact details at the beginning of this policy.
Response to "Do Not Track" requests
This Website doesn't support "Do Not Track" requests.
To know if the third-party services support them, the User can consult their respective privacy policies.
Changes to this privacy policy
The Data Controller reserves the right to make changes at this privacy policy at any time, informing Users about it on this page and, if possible, on this Website. We please to consult this page regularly, referring to the date of the last modification indicated at the bottom.
If the modifications concern the legal basis to process the datas, the Data Controller, if necessary, will collect the User's consent again.
Definitions and legal references
Personal Data
The personal data are any information that directly or indirectly, also in connection with other information, including a personal identification number, make identifiable a person.
Using Data
The using datas are information collected automatically through this Website (also by third-party applications integrated into this Website), including: the language, the country, the device, the characteristics of the browser and the operating system used by the visitor, the various temporal connotations of the visit (for example the time spent on each page), and details regarding the behavior followed within the site, with particular reference to the sequence of pages visited.
User
The person who uses this Website that, unless otherwise specified, coincides with the person concerned.
The Person concerned
The person to whom the Personal Data refers.
Data Controller
The person, legal person, public administration and any other subject that processes personal data on behalf of the Owner, as set out in this privacy policy.
Owner of data processing
The physical or legal person, public authority or other subjcts that determines the purposes and means to process personal data and the tools adopted, including the security measures related to the operation and use of this Website. The Data Controller, unless otherwise specified, is the owner of this Website.
This Web-Site
The hardware or software tool through which the Personal Data are collected and processed.
Service
The Service provided by this Website.
European Union (or EU)
Unless otherwise specified, any reference to the European Union contained in this document, refer at all current member states of the European Union and the European Economic Area.
Cookie
Small portion of data stored in the User's device.
Legal references
This Privacy Policy is write up on the basis of multiple legislative systems, including art. 13 and 14 of Regulation (EU) 2016/679.This privacy statement applied exclusively to this Website.
Last change: May 25 2018