General Data Protection Regulation (GDPR) and National Legislation – Legislative Decree No. 196/2003 (Privacy Code) 196
This website, in compliance with the European Regulation on the protection of personal data No. 679/2016 (GDPR) and the national legislation – Legislative Decree No. 196 of June 30, 2003 (Privacy Code) and subsequent amendments, respects and protects the privacy of visitors and users, making every possible and proportionate effort to avoid infringing on users’ rights.
The following information applies exclusively to the online activities of this site and is valid for users or visitors to our site only. It does not apply to information collected through channels other than this website. The purpose of this privacy notice is to provide maximum transparency regarding the information the site collects and how it uses it.
1) Legal Basis for Processing
This site processes data based on consent. By using or consulting this site, users and/or visitors explicitly approve this privacy notice and consent to the processing of their personal data as described below, including the possible disclosure to third parties if necessary for providing a service.
Providing data and thus consenting to the collection and processing of data is optional; the user can refuse consent and can revoke any consent already given (via the Contact link at the bottom of the page). Denying consent may result in the inability to provide some services, and the browsing experience on the site may be compromised.
From May 24, 2023, this website will process some of the data based on the legitimate interests of the Data Controller.
2) Purpose of the Data Collected
Like all websites, this site uses log files in which information is stored automatically during user visits.
The information collected may include:
- Internet Protocol (IP) address;
- Type of browser and device parameters used to connect to the site;
- Name of the Internet Service Provider (ISP);
- Date and time of the visit;
- The web page from which the visitor arrived (referral) and the exit page;
- Possibly the number of clicks.
The aforementioned information is processed automatically and collected in an aggregated form solely to verify the correct functioning of the website and for security reasons. From May 24, 2023, this information will be processed based on the legitimate interests of the Data Controller.
For security purposes (anti-spam filters, firewalls, virus detection), the data automatically recorded may also include personal data such as the IP address, which could be used, in accordance with the applicable laws, to block attempts to damage the site or cause harm to other users, or for harmful or criminal activities. Such data is never used for identifying or profiling the user but only to protect the site and its users. From May 24, 2023, this information will be processed based on the legitimate interests of the Data Controller.
If the site allows comments or specific services requested by the user, the site automatically collects and records some identifying information about the user, including the email address. This data is voluntarily provided by the user at the time of requesting the service. By submitting a comment or other information, the user expressly agrees to the Privacy Policy and specifically consents that the content submitted may be freely shared with third parties.
The data received will only be used to provide the requested service and for the time necessary to deliver the service.
The information that users choose to make public through the services and tools provided is voluntarily and knowingly provided by the user, releasing the website from any responsibility for possible legal violations. It is the user’s responsibility to ensure they have permission to submit personal data of third parties or content protected by national and international laws.
The data collected by our site during its operation is used exclusively for the purposes indicated above and stored for the time strictly necessary to carry out the specified activities. In any case, the data collected by the site will never be provided to third parties, unless required by legal authorities and in the cases provided by law.
3) Location of the Data Processing
The data collected by the site is processed at the Data Controller’s location and at the web hosting data center, which is appointed as the Data Processor, processing the data on behalf of the Data Controller. The data center is located within the European Economic Area (EEA) and operates in accordance with European regulations.
4) Cookies
This site, like all websites, uses cookies, small text files that allow the storage of information about visitors’ preferences, to improve the functionality of the site, simplify navigation by automating procedures (e.g., login, site language), and for analyzing site usage.
There are different types of cookies. Some are necessary for browsing the site, while others serve different purposes, such as ensuring internal security, administering the system, performing statistical analyses, understanding which sections of the site are of greatest interest to users, or providing a personalized visit of the site.
Session cookies are essential for distinguishing between connected users. They are useful to ensure that a requested functionality is provided to the correct user and for security purposes to prevent cyberattacks on the site. Session cookies do not contain personal data and last for the duration of the current session, i.e., until the browser is closed. These cookies do not require consent.
The functionality cookies used by the site are strictly necessary for site usage, specifically linked to an explicit user request for functionalities (such as logging in), and therefore no consent is required.
Disabling Cookies
Cookies are linked to the browser you use and can be disabled directly from the browser, thus refusing/revoking consent for the use of cookies. Please keep in mind that disabling cookies may prevent some features of the site from working properly.
Instructions for disabling cookies can be found on the following web pages:
Mozilla Firefox – Microsoft Internet Explorer – Microsoft Edge – Google Chrome – Opera – Apple Safari.
Third-party Cookies
This site also serves as an intermediary for third-party cookies, which are used to provide additional services and functionalities to visitors and to improve the use of the site, such as social media buttons or videos. This site has no control over third-party cookies, which are entirely managed by the third parties. Consequently, information about the use of these cookies and their purposes, as well as how to disable them, is provided directly by the third parties on the following pages.
In particular, this site uses cookies from the following third parties:
– Google Analytics: A Google analytics tool that, through the use of cookies (performance cookies), collects anonymous browsing data (IP truncated to the last octet) and is solely aggregated for the purpose of analyzing site usage by users, compiling reports on site activity, and providing additional information, including the number of visitors and the pages visited. Google may also transfer this information to third parties if required by law or where such third parties process the aforementioned information on behalf of Google. Google will not associate the IP address with any other data held by Google. Data transmitted to Google is stored on Google’s servers in the United States.
Based on a specific agreement with Google, which is designated as the data processor, Google is committed to processing the data according to the instructions of the Data Controller (see at the end of the notice), given through the software settings. The settings related to advertising options and data sharing comply with the visitor’s privacy choices.
For more information about Google Analytics cookies, visit the Google Analytics Cookie Usage on Websites page.
For more information on the use of data and its processing by Google, it is recommended to review the information provided on the dedicated page by Google, as well as the page on the Data Usage Policy by Google when using sites or apps from partners.
– YouTube: This is a Google-owned platform for video sharing that uses cookies to collect information about users and their browsing devices. The videos on this site do not carry cookies when the page is accessed, as the “advanced privacy (no cookie)” option has been set, meaning that YouTube does not store visitor information unless they voluntarily play the video.
Social Network Plugins
This site also incorporates plugins and/or buttons for social networks to enable easy sharing of content on your favorite social media networks. These plugins are programmed not to set any cookies upon accessing the page, to safeguard users’ privacy. Cookies may be set, if required by the social networks, only when the user actively and voluntarily uses the plugin. Please note that if the user is logged into the social network while browsing, they have already consented to the use of cookies through this site at the time of registration with the social network.
The collection and use of information obtained through the plugin are governed by the respective privacy policies of the social networks, which you are advised to refer to.
Facebook – (cookie policy)
Twitter – (cookie policy)
LinkedIn – (cookie policy)
5) Transfer of Data to Non-EU Countries
This site may share some of the collected data with services located outside the European Union area. Specifically, with Google, Facebook, and Microsoft (LinkedIn) via social plugins and the Google Analytics service. The transfer is authorized based on specific decisions of the European Union and the Data Protection Authority, particularly Decision 1250/2016, so no further consent is required.
6) Security Measures
This site processes user data in a lawful and fair manner, adopting appropriate security measures to prevent unauthorized access, disclosure, alteration, or unauthorized destruction of data. The processing is carried out using IT and/or telematic tools, with organizational methods and logic strictly related to the stated purposes. In addition to the Data Controller, in some cases, categories of Authorized/External Data Processors involved in organizing the site (administrative, commercial, marketing, legal staff, system administrators), or external parties (such as third-party technical service providers, postal couriers, hosting providers, IT companies, communication agencies) may have access to the data.
7) User Rights
Under the applicable regulations (EU Regulation 2016/679) and national laws, the user can, under the specified methods and limits, exercise the following rights:
- Request confirmation of the existence of personal data concerning them (right of access);
- Know the origin of the data;
- Receiving intelligible communication;
- To be informed about the logic, methods, and purposes of the processing;
- To request the update, correction, integration, deletion, anonymization, or blocking of data processed in violation of the law, including data that are no longer necessary for the purposes for which they were collected;
- In cases of processing based on consent, to receive, at the sole cost of any support, their data provided to the controller, in a structured format readable by a data processor and in a format commonly used by an electronic device;
- The right to lodge a complaint with the supervisory authority (Privacy Guarantor –www.garanteprivacy.it);
And more generally, to exercise all rights recognized by the current laws.
Requests should be addressed to the Data Controller.
In the case where data are processed based on legitimate interests, the rights of the data subject to the processing are still guaranteed (except the right to data portability, which is not provided by the regulations), particularly the right to object to the processing, which can be exercised by sending a request to the Data Controller.
8) Data Controller
The data controller pursuant to applicable laws is MAESTRI HOTELS S.R.L., contactable through the CONTACT section.
9) Data Processor
The web hosting provider TOTALCOM NETWORK SRL – Via J. Ressel 2 Bolzano, IT – Bolzano Business Register R.E.A. no. BZ – 221463 Tax Code and VAT number IT-02976770210 is designated as the Data Processor, processing data on behalf of the Data Controller. TOTALCOM NETWORK SRL is located in the European Economic Area and operates in accordance with European regulations (privacy policy of MAESTRI HOTELS S.R.L.).
Google is designated as the data processor, processing data on behalf of the Data Controller (Google Analytics).
Updates
This privacy policy is updated as of 21/02/2024.
