Policy pursuant to article 13 (EU) Regulation 2016/679 GDPR concerning processing of personal data collected from the data subject.
This page, in compliance with the provisions of (EU) Regulation 2016/679 (European data protection Regulation), gives information related to personal data processing. “Personal data” means any information relating to an identified or identifiable natural person (“data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to criteria such as a name, location data, an online identifier or to one or more elements specific to his physical, physiological, genetic, mental, economic, cultural or social identity (C26, C27, C30 (EU) Reg. 2016/679).
1. PROCESSING SUBJECTS - DATA CONTROLLER
In accordance with art. 4 and 24 of (EU) Regulation 2016/679, the Data Controller is:
Hotel Lago di Garda S.r.l. - Via Lungolago Conca d'Oro 11, 38069 - Torbole sul Garda, Tn, Italy
Data Controller’s email address: firstname.lastname@example.org
2. PURPOSE AND LAWFULNESS OF PROCESSING
The personal data provided shall undergo processing for the following purposes, in compliance with the lawfulness conditions pursuant to art. 6 (EU) Regulation 2016/679:
A) Management of data processing concerning (art. 6 letter b):
- browsing this website;
contact form and support request: personal data provided by the user when filling out the contact form shall be processed exclusively for purposes connected to the request for information;
- online purchases and fulfillment of contractual and legal obligations and administrative-accounting purposes. Processing done for administrative-accounting purposes, with respect to application of personal data protection provisions, is that connected to performance of organizational, administrative, financial and accounting activities, irrespective of the nature of the data being processed.
B) Management of data processing concerning (art. 6 letter a):
- subject to your consent and until you file your opposition the data shall be processed exclusively for purposes connected to the request for information and in no case shall be transferred, sold or exchanged.
3. STORAGE TERM OR CRITERIA
Processing shall be done automatically or manually, with procedures and tools designed to ensure maximum security and confidentiality by specifically appointed subjects.
Personal data collected in compliance with the provisions of art. 5 paragraph 1 letter e) of (EU) Regulation 2016/679, shall be stored in a format that allows identification of the data subjects for a time period not greater than that of achievement of the purposes for which the personal data is being processed. Storage of the personal data provided depends on the processing purpose:
- browsing this website (session);
- requests for contacts, cost estimates, information (maximum 12 months);
- collection of data for staff selection (maximum 24 months);
- fulfillment of contractual and legal obligations and administrative-accounting purposes for purchases (maximum 10 years except for longer or shorter terms set down by the law);
- the data subject, for any information on data management/storage, may write to: email@example.com
4. DATA SUBJECTS’ RIGHTS
The data subject may assert his rights as expressed in articles 15, 16, 17, 18, 19, 20, 21 and 22 of (EU) Regulation 2016/679, addressing the Data Controller by writing to the address firstname.lastname@example.org
The data subject has the right, at any time, to ask the Data Controller for access to, correction and deletion of his personal data.
Refer to our cookies policy for more information on the cookies used in this website.
Date of update: 25 May 2018