THE “DATA CONTROLLER”
Following access to this website, data pertaining to persons that are identified or identifiable may be processed. The “Data Controller” of the personal data collected following a visit to our website or any other data used for providing our services is Hotel Sorriso di Maja srls con sede a via VIII traversa, 9 - 48015 Milano Marittima (RA).
WHERE DATA IS PROCESSED
Data processing pertaining to the web services of this website is carried out at the aforementioned headquarters and said data is processed only by the technical personnel in charge of processing of the Data Processing Office, or by eventual persons in charge of processing who are entrusted to process occasional maintenance operations.
The personal data obtained from the users who submit hotel reservation requests or through informative material (informative notes, newsletters, registration, etc) is used only to carry out the services or assistance requested and is not transmitted to third parties, except in the following possible cases: • Business partners of Hotel Le Palme to whom Prestige Srl transmits the data exclusively in order to avoid on-line reservations; • Persons, companies or professional offices who lend assistance and consulting services to Prestige Srl concerning accounting, administrative, legal, financial and tax matters;
• Subjects who are authorized to have access to the data by law or through requests by the authorities;
TYPES OF DATA PROCESSED
The informatics systems and the software procedures used for the functioning of this website, during their normal functioning, acquire some personal data for which the transmission of said data is implicit in the use of Internet communication protocols. This concerns information that is not collected in order to be associated with identifiable interests but due to its nature, through elaboration and association with data obtained by third parties, could allow identification of the user. The data which fall within this category are: the IP address or the name and domain of the computer used by the user who accesses the website, the address which is revealed in the URI (Uniform Resource Identifier) of the resources requested, the time of the request, the method used in submitting the request to the server, the dimensions of the file obtained as a response, the numerical code indicating the server response status (successful, error, etc.) and other parameters pertaining to the operating system and the informatics used by the user.
This data is used only to gather anonymous statistical information regarding the use of the website and to control its correct functioning and is cancelled immediately after elaboration. The data may be used for ascertaining responsibility in the case of hypothetical informatics crimes damaging to the website: except in this last case, the data of the web contacts cease to exist after seven days.
Data voluntarily provided by the user
The optional, explicit and voluntary sending of E-mail to the addresses indicated in the website results in the successive obtainment of the address of the sender which is necessary in order to respond to the request, as well as the eventual ulterior personal data inserted into the message. Data will be kept only for registration request to send the newsletters or special offers, and will not be disclosed to anyone. Specific information for synthesis will be progressively reported or seen in the website pages that are designed for particular services and requests.
The personal information regarding the individual who visited the website is not collected or used. The visitors remain anonymous. The only exception to this rule concerns the information for personal identification needed to fulfill the contractual obligations of reservations on behalf of the user.
In the event of reservations made through the website, the user must provide his name, address, telephone number and information regarding the payment
manners and credit card used. PRESTIGI SRL will use said information only for elaboration of the reservations and to send specific information, which is relevant to the confirmation of said, such as a receipt, the reservation code and the conditions.
The information provided will not be used for marketing purposes and will not be sold, transmitted, given by contract or sent to third parties an any way, with the exception of our provider of on-line reservation services, “Vertical Booking”, to whom elaboration of the reservations is entrusted to, only for online reservations purposes
In any event, the administrator of the website guarantees the use of scrupulous procedures in order to protect the navigational data and the use of particular precautions to protect the data pertaining to the credit card, which is provided during on-line reservations.
None of the user’s personal data is purposely acquired by the website. Cookies are, in fact, not used for the transmission of information of a personal nature, nor are any kind of persisting cookies used, or rather systems for tracing the user. The use of session cookies (which are not memorized persistently on the user’s computer and vanish when the browser is closed) are strictly limited to the transmission of session identification data (made up of causal numbers generated by the server), which is necessary in order to allow safe and efficient exploration of the website. The session cookies used in this website avoid resorting to other informatics techniques that could be potentially un- safe for the user’s navigation and do not allow acquisition of the user’s personal identification data.
OPTION OF CONFERING DATA
!Except for that which is specified for the navigational data, the user is free to provide the personal data listed in the request forms of Vega Spa, Grand Hotel et de Milan or through contacts with the Office in order to make on-line reservations or to solicit the receipt of informative material or other communications. A lack of conferring this data may cause an impossibility to obtain what is requested. For completeness, one must remember that in a few cases (not in the ordinary management of this website) the Authorities may request information pursuant to article 157 of Legislative Decree no. 196/2003, in order to control the processing of personal data. In this case, a response is obligatory and a lack of response is penalized by administrative sanctions.
DATA PROCESSING MANNERS
Personal data is processed with automatic instruments for the length of time strictly needed to carry out the purposes for which the data was collected.
Specific safety measures are observed to avoid the loss, illicit or incorrect use and unauthorized access of data.
RIGHTS OF THE INTERESTED PARTY
The subject to whom the personal data refers to has the right at any time to obtain confirmation of the existence or non-existence of his data and to know the contents and the origin, verify its exactness or request integration updating, or modification (article 7 of Legislation Decree no. 196/2003). Pursuant to said article, the interested party has the right to request cancellation, transformation in anonymous form or blocking of the data processed in violation of the Law, and may also object in any case, for legitimate reasons, to his data being processed. The requests should be sent to PRESIGE SRL.
This information regarding privacy can be consulted automatically by the most recent browsers that implement the standard P3P (“Platform for Privacy Preferences Project”) proposed by the World Wide Web Consortium (www.w3c.org).
All efforts will be made to make the functioning of this website as inter- operable as possible with the automatic privacy control mechanisms available in some products used by the user.