Grand Hotel Milano SRL, with registered office in Viale Roma 46, 53042, Chianciano Terme (Siena) – Italy and email firstname.lastname@example.org, is the Data Controller for the processing of Personal Data (hereinafter, the “Data Controller”).
The computer systems and software procedures used to operate this Website acquire, during normal operation, some personal data that is then transmitted implicitly in the use of internet communication protocols.
This is information which, by its very nature, could identify users/visitors (e.g. IP address, domain names of computers used by users/visitors connecting to the Website, etc.) through processing and association with data held by third parties.
This data is only used for statistical information and to monitor the proper functioning of the Website.
In any event, web contact data is not retained for more than seven days, except when it is necessary to monitor instances of criminal activities against the Website.
No data deriving from the web service is communicated or disclosed.
If users/visitors connecting to this Website submit their personal data in order to access certain services or to make requests through email, they are aware that this involves the Data Controller’s acquisition of the sender’s address and/or any other personal data which, in turn, will be processed exclusively to respond to the request or to provide a service to the sender.
The personal information provided by users/visitors will be disclosed to third parties only if such disclosure is necessary to comply with requests made by users/visitors themselves or to satisfy legal obligations or public authorities.
Data is processed via automated means (i.e. using electronic procedures and electronic devices) and/or manually (i.e. hard copies) for the time strictly necessary to achieve the purposes for which the data was collected, albeit in accordance with the legal provisions in force.
In addition to those indicated in the individual policies that precede the completion of the forms of the different sections of the Website, the purposes of the processing performed by the Data Controller must be understood as:
The legal basis of the processing of the Website users/visitors’ data (the “Data Subjects”) performed by the Data Controller through the Website is constituted:
In some cases, in addition to the Data Controller, certain categories of managers and authorized parties involved in the business organization of the Website may have access to the data, including – by way of mere example – administration, sales, marketing, legal, system administrators (jointly referred to as the “Data Processors”). Furthermore, the Data Controller may use external parties (such as third-party technical service providers, carriers, hosting providers, cloud services, IT companies, communication agencies) who may be appointed as external Data Processors. The updated list of Data Processors can be requested to the Data Controller via the email indicated below.
For the services offered by the Website, the Data Controller uses servers located in Italy and thus, on the basis of Regulation 2016/679/EU, is to be considered as falling within the EU.
Data processed by the Data Controller will never be disclosed.
The processing related to the services of the Website takes place at the registered office of the Data Controller and is handled only by the technical staff in charge of processing
It is acknowledged that:
Without prejudice to what specified for navigational data that automatically acquires data, users/visitors are free to provide their personal data or otherwise. Failure to provide the data can merely render it impossible to obtain the requested service.
Pursuant to Regulation 2016/679/EU, the Data Subjects whose personal data is collected have the right at any time to obtain confirmation of the existence of such data and to know its content and origin, verify its accuracy or request its integration, updating or correction.
In relation to the processing of the aforementioned data, the user/visitor has the right to obtain from the Data Controller:
The subjects to whom the personal data refer also have the right to object for legitimate reasons to the processing of personal data concerning them, even if pertinent to the purpose of the collection, to request portability, exercise the right to be forgotten, as well as contact the Supervisory Authority responsible for the protection of personal data for any breach that the Data Subject believes to have suffered.
The Data Controller contact details are as follows:
Grand Hotel Milano SRL
Viale Roma, 46
53042 Chianciano Terme (Siena) – Italy
The Italian Data Protection Authority is as follows:
Italian Data Protection Authority
Piazza Venezia, 11, 00187, Roma
fax 06 696773785.
No automated decision-making processes are carried out on the aggregated data collected, if not for the best management of the Website.