Here you’ll find a description of how the site is managed with regard to personal data processing of users who visit it. It is an information note written in compliance with art. 13 Leg. Decree 196/2003 and of the EU Reg. 679/2016 for those who interact with the web services available on the website: www.hotelmaggiore.net.
The information note is valid only for the site beforehand mentioned and not for any other website that can be visited through our links, for which HOTEL MAGGIORE di HIM S.R.L. is not responsible by any means.
We would like to inform you that visiting this website, data regarding identified or identifiable persons can be processed. HOTEL MAGGIORE di HIM S.R.L., in the person of its pro-tempore legal representative, with headquarter in VIA EMILIA PONENTE N.62/3 40133 BOLOGNA is the “Data Controller”.
Place of data processing
The processing of data linked to the web services on this site takes place at Edysma sas of Marco Gallerani & C. with headquarter in via Emilia 357, 40011 Anzola dell’Emilia (BO) at ARUBA BUSINESS srl (ex WIDESTORE srl) Via Gulinelli, 21 / a, 44122 Ferrara, to be considered co-responsible for the treatment, and are processed only by employees, collaborators or individuals in charge of the treatment, or by occasional individuals in charge of maintenance operations. Any data deriving from the web site services is not communicated or spread. Personal data, provided by users who make a request for the sending of informative materials are used for the sole purpose of providing the service requested and are communicated to third persons only if necessary for that purpose apart from (see the chapter “Voluntary nature of data providing”).
Purpose of the treatment
The collected data are processed in compliance with the GDPR, in order to perform the service requested by the user and fulfill the obligation assumed towards the same, such as, for example, respond to requests for information or request for sending the newsletter and related registration in the mailing list, concerning information messages and commercial and promotional communications relating to the activity carried out by the Owner, in full compliance with the principles of lawfulness and correctness and the provisions of the law. However, depending on the service requested and the type of website, the data could be used for promotional activities or to allow contact with other customers. In any case, the consent will always be required to the interested party for each type of processing of their data.
Type of data processed
Computer systems and software procedures that perform the functions of this website acquire, during their operations, personal data, whose transmission is implicit using internet communication protocols. Navigation data are data that are not gathered in order to be associated with identified persons, but that for their very nature could allow identifying data subjects, through elaborations and associations with data held by third parties. In this category of data there are: IP addresses or domain names of computers used by subjects that visit the website, addresses in URI notation (Uniform Resource Identifier) of demanded resources, the time of the request, the method used to send the request to the server, the size of the file obtained in reply, the number code indicating the state of the reply given by the server (success, error…) and other parameters regarding the O.S. and the subject’s computer environment. These data are processed for anonymous statistical purposes to know how the website is used and to control its correct functioning. They are immediately erased after processing. Data may be processed to carry out activities aimed at establishing liability in case of hypothetical crime to the website detriment.
Data provided voluntarily by the user
The optional, explicit and voluntary sending of email messages to the indicated addresses on this website implies the subsequent acquisition of the sender’s address, that is necessary to reply to the requests, as well as any other personal data eventually written in the message.
Specific informative reports in summary will be gradually shown on the pages of the website where particular services can be requested.
Voluntary nature of providing the requested data
Apart for what concerns navigation data, the user is free to provide the personal data on our forms or given as contacts to demand the sending of informative materials or other communications. However the non-communication of your personal data might result in the impossibility to obtain the service requested. To be thorough, we remind you that in some cases (not regarding the ordinary managing of the website), the Authority has the right to ask for information in accordance with art. 157 of the Leg. Decree n. 196/2003, with the aim to control the personal data processing. In these cases it is mandatory to provide the data on penalty of administrative sanctions.
How personal data are processed
The subjects to whom the personal data refer have the right at any time to access their personal data to obtain confirmation of the existence or otherwise of the same data and to know its content and origin, verify its accuracy, or request integration or updating, or rectification (Article 13 of EU Reg. 679/2016).
- The data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies:
- the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
- the data subject withdraws consent on which the processing is based according to point (a) of Article 6(1), or point (a) of Article 9(2), and where there is no other legal ground for the processing;
- the data subject objects to the processing pursuant to Article 21(1) and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Article 21(2);
- the personal data have been unlawfully processed;
- the personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject;
- the personal data have been collected in relation to the offer of information society services referred to in Article 8(1).
- Where the controller has made the personal data public and is obliged pursuant to paragraph 1 to erase the personal data, the controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers which are processing the personal data that the data subject has requested the erasure by such controllers of any links to, or copy or replication of, those personal data.
- Paragraphs 1 and 2 shall not apply to the extent that processing is necessary:
- for exercising the right of freedom of expression and information;
- for compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
- for reasons of public interest in the area of public health in accordance with points (h) and (i) of Article 9(2) as well as Article 9(3);
- for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) in so far as the right referred to in paragraph 1 is likely to render impossible or seriously impair the achievement of the objectives of that processing;
- for the establishment, exercise or defence of legal claims.
Requests must be addressed to HOTEL MAGGIORE di HIM S.R.L., VIA EMILIA PONENTE N.62/3 40133 BOLOGNA or to the email address: privacy[@]hotelmaggiore.net
Modification to the present document