PRIVACY POLICY EX ARTICLE 13 OF EU REGULATION 2016/679
With the following privacy policy Como Lake Panorama apartments di Sabrina Dell’Oro con sede legale in Erba (CO), Via Giosuè Carducci, Codice fiscale e Partita IVA IT (“Company”)04044600130 We inform you that we consider it of fundamental importance that the processing of personal data, carried out in any way, whether automated or manual, is done in full compliance with the protections and rights recognized by the Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data, as well as the free movement of such data (hereinafter the “Regulation” or “GDPR”) and the other applicable regulations on personal data protection (hereinafter “Privacy Policy”).
The Company also informs that – pursuant to and for the purposes of the provisions of art. 13 of the Regulation – your personal data will be processed through electronic tools and manuals.
The following information is intended to describe, in general terms, the management of the website www.comolakepanorama.it (hereinafter the “Portal”) and this information is written based on the principle of transparency and all the elements required by the GDPR and is divided into individual sections in order to make the reading faster, easier and easy to understand (hereinafter the “Information”).
WHO IS THE DATA CONTROLLER?
The Data Controller is Como Lake Panorama apartments di Sabrina Dell’Oro in the person of the legal representative pro tempore with registered office in Via Giosuè Carducci, Tax Code and IT VAT number (“Company”)04044600130, e-mail: comolakepanorama@gmail.com (hereinafter referred to as the “Owner”).
DATA PROCESSED, PURPOSE AND LEGAL BASIS.
The Portal offers commercial and sometimes interactive information content. While browsing the site, the Company may acquire information about the visitor in the following ways:
• Navigation data.
The computer systems and software procedures used to operate the Portal acquire, in the course of their normal operation, some personal data whose transmission is implied by the use of Internet communication protocols. This is information that is not collected to be associated with identified data subjects, but that by its very nature could, through processing and associations with data held by third parties, allow users to be identified. This category of data includes the IP addresses or domain names of computers used by users connecting to the site, the addresses in notation URI (Uniform Resource Identifier) of resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the reply given by the server (good end, error, etc.) and other parameters related to the user’s operating system and computer environment. This data is used only for the purpose of obtaining anonymous statistical information on the use of the site and to check its proper functioning. The data could be used to establish liability in case of hypothetical computer crimes against the site.
• Data voluntarily provided by the user.
The optional, explicit and voluntary sending of messages using the “Contact us” service on the site and/or by sending e-mail messages to the address of the Company, entails the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data entered in the request. The legal basis for this processing is art. 6.1.b of the Regulation, that is to say the execution of measures requested by the user.
• Site registration
Registering an account involves entering certain personal data which must be true and accurate. The mandatory data to be inserted are clearly indicated by an asterisk, the other data is entered voluntarily and the non-insertion does not entail any consequences. The user is invited to keep these data updated by logging into his personal account. The legal basis for this processing is art. 6.1.b of the Regulation, that is to say the execution of measures requested by the user. The user who chooses to activate the account via social media should be aware that the Portal may collect some data that the user has already provided to this social media (e.g. email address and public profile). The controller has no control over social media and does not set the privacy settings of the social media. The user, therefore, must refer to the privacy policy of the social media you use.
• Newsletters and commercial communications
You may voluntarily choose to receive newsletters and commercial communications. The site asks for an explicit and free consent before undertaking promotional initiatives of this type and may ask you for additional information in order to create personalized and more relevant communications. The user can always easily revoke his consent, which is the legal basis for this processing (art. 6.1.a of the Regulation).
• Commercial orders
In case of an order, the site asks the user to provide personal data for the essential purpose of providing the service or the purchased good, including also the after-sales phase (e.g. tracking of delivery, support services, customer satisfaction) and activities to prevent fraud and misuse of the Portal. The legal basis for processing is the fulfilment of contractual obligations (art. 6.1.b of the Regulation). For payments, the site uses third-party providers and does not store banking information belonging to the user. The data controller has no control over the provider of this type of service and the user must therefore refer to the privacy policy and terms of service of that provider.
• Profiling
The purpose of profiling is to propose products, services and initiatives more appropriate to users’ preferences, habits and interests. Personal data may be used for purposes of remarkeitng, retargeting or profiling also through third parties (e.g. social networks). Regarding the users of the site it is in the legitimate interest of the site to process personal data to offer more interesting and personalized services by improving the performance of the site itself.
• Minors
The site invites parents and all those who supervise children to instruct them on how to handle personal data on the internet in a safe and responsible way. Minors should not submit personal data to the site without their parents’ consent. The site undertakes not to knowingly collect personal data of minors, not to use them in any way and not to communicate them to third parties.
• Additional categories of data.
This is all the personal data provided by the visitor through the site, for example, registering and/ or accessing a private area and/ or service and/ or participating in one of the initiatives launched by the Company, alone or in partnership with third parties, writing to an e-mail address of the Owner to request information or by calling our telephone number to have a direct contact with the Company.
• Cookie
Regarding the cookies used by the Company consult our cookie policy.
TO WHICH SUBJECTS YOUR PERSONAL DATA MAY BE COMMUNICATED?
Your personal data will be processed only by persons authorised for processing and by persons designated as Data Processors, pursuant to art. 28 of the GDPR, in order to carry out the processing activities necessary to pursue the purposes detailed in this Notice.
Your personal data may be communicated to public bodies or the judicial authority, where required by law or to prevent or punish the commission of a crime.
The list of Data Processors can be requested from the Data Controller at any time by writing to: comolakepanorama@gmail.com
METHODS OF DATA PROCESSING
The processing of personal data is mainly carried out using electronic procedures and media for the time strictly necessary to achieve the purposes for which the data were collected and, in any case, in accordance with the principles of lawfulness, correctness, no excess and relevance provided for by the current privacy legislation. Specific security measures are observed to prevent data loss, illegal or incorrect use and unauthorized access.
LINKS TO/FROM THIRD-PARTY SITES
From the Portal it is possible to link, through appropriate links, to other websites or you can connect to the Portal from third party websites. The Data Controller disclaims any responsibility regarding the possible request and/or release of personal data to third-party sites and in order to manage authentication credentials provided by third parties.
HOW LONG ARE YOUR DATA KEPT?
Your personal data will be kept for the period necessary to pursue the purposes described in this Policy. We inform you that the data related to the browsing logs, if recorded, will be kept by the Owner for a period equal to 3 months.
In particular, your data will be processed for a period of time equal to the minimum necessary provided for the fulfillment of legal obligations, as long as it is not necessary to keep them further in order to defend or enforce a right or to comply with any additional legal obligations or orders of the Authorities.
WHERE WILL YOUR PERSONAL DATA BE PROCESSED?
Your personal data will be processed by the Company within the territory of the European Union. If it becomes necessary to use subjects located outside the European Union, we inform you that these subjects will be appointed and the transfer of your personal data to such subjects, limited to the performance of specific processing activities, will be regulated in accordance with Title V of the GDPR. In such circumstances, the Company ensures that appropriate safeguards (such as the signing of standard contractual clauses approved by the EU Commission) are in place with the foreign company receiving the data; These clauses ensure a level of data protection corresponding to that laid down in European legislation.
WHAT ARE YOUR RIGHTS?
We remind you that you can exercise your rights under the GDPR and in particular obtain:
• the confirmation whether or not a processing of personal data concerning you is in progress and to obtain access to the data and the following information: purpose of processing, categories of personal data, recipients and/or categories of recipients, retention period);
• the rectification of inaccurate personal data concerning you and/or the integration of incomplete personal data, including by providing a supplementary statement;
• the deletion of personal data, in the cases provided for by the GDPR;
• the limitation to the processing in the cases provided for by the current Privacy Law;
• the portability of data concerning you and in particular to request the personal data provided to the Company and/or request the direct transmission of your data to another Controller;
• the opposition to processing at any time, for reasons related to your particular situation, to the processing of personal data in full compliance with the current Privacy Policy.
To exercise all your rights as identified above, simply contact the Data Controller by writing to the following e-mail box comolakepanorama@gmail.com
RIGHT OF COMPLAINT
Data subjects who believe that the processing of personal data relating to them is in violation of the provisions of the Regulation have the right to lodge a complaint with the Guarantor for the protection of personal data as provided by art. 77 of the Regulation itself, or to bring the matter before the appropriate courts (art. 79 of the Regulation).
CHANGES TO THIS POLICY
This information may change over time – also in connection with the possible entry into force of new regulations, the updating and/or provision of new services or technological innovations – for which we invite you to periodically consult this page.