Privacy protection policy

PLEASE NOTE: This Privacy Policy is ef-fective as of 25 May 2018. The Owner reserves the right to modify or simply update its content, in part or in full, including due to changes in applicable legislation. The Owner will make such changes known as soon as they are applied and will be binding as soon as they are published on the website. The Data Controller therefore invites you to regularly visit this section to become aware of the most recent and updated version of the Privacy Policy so that you are always up to date on the data collected and its use.

Furthermore, this Privacy Policy only applies to the www.giulianahotel.com website, while it does not apply to other websites that may be consulted via external links.

1. Data controller and data processors - Art. 13 co. 1 lett. [a] [b] GDPR 2016/679

The Data Controller is the company/individual enterprise GIULIANA HOTEL S.R.L., with registered office in viale Trento, 15 47043-Gatteo Mare ( Fc ), Tax code/VAT number: 03355260401, which you may contact to exercise the rights recognised by the GDPR.
The updated list of all further Data Processors is available at the Data Controller's head office, which you can contact to view.

2. Types of Data processed and Purposes of processing - Art. 13 co. 1 lett. [c] [d] GDPR 2016/679

The Data processed are of a common type (identification) and navigation data (IP Addresses, URI notation addresses, etc.), but on occasion also special and/or sensitive data provided voluntarily for your particular needs (general and particular information on the User's orientations and preferences; food intolerances; health problems; etc.);

The Data Controller will process your data

A) without the need for your express consent for the following Service Purposes:

• Fulfilment of contractual and ac-commodation obligations (formulation of a quotation, management of bookings, issuance of invoices, estimates);
• Fulfilment of regulatory obligations, in particular accounting, tax and security obligations;
• Management of litigation.

The processing of Functional Data for the fulfilment of these obligations is necessary for the correct management of the requested service and its provision is compulsory in order to implement the abovementioned purposes. Failure to provide the Data may make it impossible for the Data Controller to respond to a possible request from the data subject.

B) only with your specific and distinct consent for the following Marketing Purposes:

• To transmit to you via e-mail, post and/or SMS and/or telephone contact, newsletters, commercial or promotional communications and/or services offered by the Data Controller; to send you information and commercial offers, including those of third parties; to send advertising and informative material; to carry out commercial communications, including interactive communications; to carry out direct sales or placement activities for products or services.
• Transmit questionnaires or other documents to you in order to detect the degree of satisfaction with the quality of the services offered; carry out studies and statistical research on sales, customers and other information, and possibly communicate the same to third parties; transfer to third parties the data collected and processed for commercial purposes, including for sale or attempted sale and also outside the territory of the European Union, or for all those purposes of a commercial and/or statistical na-ture that are lawful. Participate in prize draws related to promotions and commercial initiatives.
• Communicating greetings for national holidays.

Failure to provide consent for the purposes referred to in point B) will have no consequences. Consent is optional.

3. Communication and dissemination of data - Art. 13 co. 1 lett. [e] [f] GDPR 2016/679

Data may only be disclosed externally to the data subject and to persons explicitly indicated by the data subject. The data will not be further communicated and disseminated except to persons and/or companies duly authorised by the data controller for the best management of the service, to fulfil specific legal obligations always deriving from the service offered, also with regard to tax profiles, or for purposes strictly connected and instrumental to the operation of the service. The data will not be transferred to a third country or international organisation.

4. Processing methods - Art.13 co. 2 lett. [a] GDPR 2016/679

The processing of personal data consists of the collection, recording, organisation, storage, communication of the same data. The processing of personal data is carried out for the aforementioned purposes, by automated and computerised means in accordance with the provisions of Article 5 of the GDPR, in compliance with the rules of lawfulness, legitimacy, confidentiality and security provided for by the regulations in force. The data will be kept for a period of time necessary for the purposes for which they were collected or subsequently processed in accordance with legal obligations, and in any case no longer than 5 years.

5. Rights of the data subject - Art. 13 co. 2 lett. [b] [c] [ d] GDPR 2016/679

The data subject shall have the right to obtain access to and rectification of their personal data. The data subject has the right, for legitimate reasons, to obtain the deletion of the same or the limitation of the processing concerning him or her or to object to their processing, as well as, more generally, to exercise all the rights recognised to him or her by the applicable legal provisions. In order to exercise his or her rights, he or she may always contact the Data Controller, by sending his or her requests to info@giulianahotel.com, as well as to the Personal Data Protection Authority.