Privacy Policy
Company information
Privacy Policy
> INFORMATION PURSUANT TO ARTICLES 13 AND 14 - EU REGULATION 2016/679
Data Subjects:
Website usersPrivacy Policy
The following describes the management methods of the www.hotelstellamaris.com service , the owner of which is Uappa's S.a.s. di Borioni Andrea e Marco. The information is provided pursuant to Article 13 of Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data. The information is provided only for the Hotel Stella Maris website and not for other websites that may be consulted by the user via links.Data Controller
As a result of consultation of this site, data relating to identified or identifiable persons may be processed.Data Controller: Hotel Stella Maris - Via Carducci, 321 - 47042 - Cesenatico - email: info@hotelstellamaris.com, Company Name: Uappa's S.a.s. di Borioni Andrea e Marco with registered office in Via Carducci, 321 47042 nuova (Fc).
Place of data processing and recipients
The processing operations connected to the web services of Hotel Stella Maris take place in ITALY at the Server Farm DATA4 GROUP Via Monzoro, 101-105 - 20007 Cornaredo (MI), these subjects are sub-contractors of Titanka! spa (primary data processor) with registered office in Strada degli Angariari, 46 47891 Falciano RSM which carries out the maintenance and management of the website.Type of data processed
Browsing data
The software applications used to operate the Hotel Stella Maris website acquire some personal data transmitted through secure protocols. This information is not collected to be associated with identified data subjects, but could, through processing and association with data held by third parties, allow users to be identified. This category of data includes IP addresses, browser identifier (user agent), URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the numerical code indicating the status of the response given by the server (e.g. successful, error) and other parameters relating to the operating system and the user's IT environment. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning.
Data provided voluntarily by the user
For access to some services provided through the Hotel Stella Maris website - the optional and voluntary insertion of some identification data (email, name, contact details, and information necessary to provide the requested service) may be required.
Purpose and legal basis
Service provision
The personal data provided by users who make use of the services provided by Hotel Stella Maris (e.g.: browsing the site, filling in forms for various requests) are used for the sole purpose of performing the service or performance requested. The legal basis for the processing is the execution of pre-contractual measures in order to respond to your requests.
Further communications following a stay
After purchasing a stay, Hotel Stella Maris may forward to the user further communications, including commercial ones, relating to its services. The legal basis for the processing set out above is the legitimate interest of the data controller (cons. 47 GDPR).
Direct marketing
In case of specific consent (by subscribing to the newsletter) Hotel Stella Maris may send you information about new products, promotions and special offers by e-mail. The user has the right to disable the service at any time through the appropriate procedure and/or the methods indicated below for the exercise of his rights. The legal basis for the processing described above is the consent of the data subject. Specific summary information, if necessary, if necessary, will be reported or displayed on the pages of the site prepared for particular additional services on request.
Data retention period
The data retention period is the one necessary for the purposes deriving from the requested services and for a further period of 36 months. If the requested information is the subject of an online transaction, such data may be stored for economic and tax reporting purposes, for a period of 10 years. With regard to the technical data managed by the site, such as cookies, the retention period is defined by the technical characteristics of the cookies themselves and specified in the "Site cookies" table. The data retention period is renewed for a further period of 36 months each time a new consent is given to data processing and/or to each access to the services offered through one's credentials (e.g. Personal area login).Optional nature of data provision
Apart from what is specified for navigation data, the user is free to provide Hotel Stella Maris with the personal data required to use the services provided through the site. Failure to provide data relating to the fields marked with an asterisk (mandatory) will make it impossible to use the service offered.Processing mode and security
The processing of personal data is carried out using IT tools suitable for guaranteeing the security and confidentiality of the data and in any case in compliance with the appropriate security measures as required by Article 32 of the GDPR, through secure communication protocols with SSL encryption algorithms. Your personal data will be processed in accordance with the legislative provisions of the aforementioned legislation and the obligations of confidentiality provided therein. The provisions of the Province of São Paulo are considered "good practices". of the Italian Data Protection Authority "Guidelines on promotional activities and the fight against spam of 4 July 2013 (Published in the Official Gazette no. 174 of 26 July 2013), the Guidelines on the processing of personal data for online profiling - 19 March 2015, and the Guidelines on automated decision-making processes and profiling - WP251, defined on the basis of the provisions of Regulation (EU) 2016/679.Data transfer to non-EU countries and adequacy guarantees
The service provider that deals with the hosting, maintenance and management services of the Hotel Stella Maris website is Titanka! spa, a web agency that guarantees compliance with the GDPR located in San Marino, a non-EU country that has implemented the European legislation on the processing of personal data, through the adoption of Law 21 December 2018 n. 171 with the same guarantees provided for by the GDPR itself. Pending the initiation of the procedures for an adequacy decision by the European Commission, data processing is permitted if the data subject is a party to a contract or pre-contractual measures, or has given his or her consent, informed of the possible risks of such data transfer. (Art. 49 GDPR - exceptions in specific situations)Further transfer of data to non-EU countries may take place as a result of the use of the services of Facebook, Google and any other social networks or external data processing providers, located in the USA. This data processing is guaranteed by the "Privacy Shield" agreements signed by the individual companies.
Recipients
In order to carry out and provide support to the operation and organization of the activity, some data may be brought to the attention or communicated to recipients. These subjects are divided into: Third Parties, Data Processors and Sub-Processors, and authorized personnel under the authority of the Data Controller or Data Processor.are defined as natural or legal persons, public authorities, agencies or other bodies other than the data subject, the data controller, the processor and the authorised persons responsible for the processing.
For data processing relating to administrative, accounting, legal obligations, customer management, contracts, data may be communicated to:
- Companies that manage traditional or computerized postal services.
- Companies registrants of domain names
- Any other subjects whose communication of data is necessary for the achievement of the purposes indicated above, or for a legal obligation;
Processors and sub-processors
are defined as natural or legal persons, public authorities, agencies or other bodies which process personal data on behalf of the controller
- Titanka! spa as primary data processor, and other sub-processors providing services for technological infrastructure, connectivity, and hosting services: Semplify srl c/o Repubblica di San Marino. Semplify srl makes use of additional Sub-Processors for the provision of services such as: Server Farm DATA4 GROUP Via Monzoro, 101-105 - 20007 Cornaredo (MI) - Italy, where the data are located.
- Any other IT service providers necessary for the provision of the service may be located in the USA with the guarantee of the "Privacy Shield" adequacy agreement.
Within our company structure
Your data will be processed only by personnel expressly authorized by the Data Controller, with the assurance of the adoption of appropriate instructions, training, confidentiality agreement and, in particular, by the following categories of employees:
- Administration personnel.
Diffusion
Your personal data will not be disclosed in any way.Rights of data subjects
Data subjects (subjects to whom the personal data refer) may at any time exercise the rights provided for by the Regulation, through a dedicated personal area. It is possible to access this area by requesting the link through the appropriate procedure at the bottom of this policy. A further way to exercise the rights of the Regulation, if the user has made use of the newsletter service, can be used through the appropriate link at the bottom of the email received. In particular, subjects may legitimately request the rights from art. 15 to art. 23, and specifically: 1.La deletion of all data. 2.La rectification/modification. 3.La limitation. 4.La portability. 5.Il right to object to automated decision-making (profiling). If necessary, report further requests in the notes field.Data subjects, if the conditions are met, also have the right to lodge a complaint with the Guarantor as supervisory authority according to the procedures provided. For any further information, and to assert your rights under the European Regulation, you can contact the data controller at the references above.
Exercising the rights of data subjects Requests can also be made using the following contacts:
Data controller: Hotel Stella Maris - Via Carducci, 321 - 47042 - Cesenatico - email: info@hotelstellamaris.com, Company Name: Uappa's S.a.s. di Borioni Andrea e Marco with registered office in Via Carducci, 321 47042 nuova (Fc).
Having read the information and obtaining the consent of the data subject
The undersigned, having acquired the information provided by the data controller pursuant to Article 13-14 and the GDPR, confirms that he or she has read this information on the processing of data, for the purposes indispensable for the provision of the service, and to allow Hotel Stella Maris a correct management and appropriate processing of the data, this information is also referred to in consideration that the data processor Hotel Stella Maris uses for the management of the website is Titanka! spa, located in the Republic of San Marino, a non-EU country that has adopted Law 171/2018 compliant with the GDPR, pending the start of the procedures for an adequacy decision by the European Commission.
Consent
As evidence of your explicit and unambiguous consent, we will record the time, date, IP address, and your email. We remind you that at any time you can exercise your rights (above) through the link at the bottom of the communications received, or through the contact channels.
Extended cookie policy
Extended information on the use of cookies pursuant to the provision of the Privacy Guarantor no. 229/2014, for those who interact with the Hotel Stella Maris web services, accessible from www.hotelstellamaris.com addresses . The Hotel Stella Maris website uses cookies and similar technologies to ensure the proper functioning of procedures and improve the user experience of online applications. This document provides detailed information on the use of cookies and similar technologies, how they are used by Hotel Stella Maris and how to manage them.Definitions
Cookies are small text strings that the sites visited by the user send to their terminal (usually to the browser), where they are stored and then retransmitted to the same sites on the next visit by the same user. Cookies are stored, based on the user's preferences, by the individual browser on the specific device used (computer, tablet, smartphone).Types of cookies
Based on their characteristics and use, cookies can be divided into different categories:Strictly necessary cookies
These cookies are essential to manage login and access to reserved functions of the site, typically for updating pages by web editors. The duration of these cookies is strictly limited to the work session (when you close your browser they are deleted). Their deactivation impairs the use of the services accessible from the login. The public part of the sites, on the other hand, remains normally usable.
Technical cookies (analysis and performance)
These are cookies used to collect and analyze traffic and use of the site anonymously. These cookies, although they do not identify the user, make it possible, for example, to detect if the same user returns to connect at different times. They also allow you to monitor the system and improve its performance and usability. On some pages of the site , www.hotelstellamaris.com may store the user's preferences regarding the font size and the preferred display mode (graphic, high contrast or textual) for the purpose of accessibility of the content. Disabling these cookies can be done without any loss of functionality.
Profiling cookies
These are permanent cookies used to identify (anonymously or not) the user's preferences and improve their browsing experience.