Information on privacy and on the treatment of personal data

Legislative Decree no. 196 of 30 June 2003   lays down specific rules designed to guarantee that the processing of personal data is carried out in observance of the rights, fundamental liberties and dignity of the interested party. Particular emphasis is placed on confidentiality, on personal identity and on the right to protection of personal data. Under the above Decree the processing must be characterised by principles of propriety, lawfulness, relevance and transparency, ensuring that the confidentiality of the data and the rights of the party concerned are protected.

We have provided the following information in compliance with Article 13 of Legislative Decree 196/2003:

 Purposes of the processing
The personal data that you provide   at the time of booking will be processed for the following purposes:
a) Purposes directly connected with, and instrumental to, the completion of the advance booking services  together with the administrative and accounting management necessary for such advance bookings and the relations arising from the same;
b) Purposes connected to the performance of legal obligations;
The data collected and processed will be stored and used solely for the above purposes and only for the time strictly necessary for their achievement and in any case for a period no longer than six months after the check-out date in compliance with the principles and rules laid down by the law on privacy.

 Manner of Processing
The processing of the data provided will be effected with the use of computers, telematic transmission and paper in such a way as to guarantee their security and confidentiality with means and systems capable of avoiding the risks of losing or destroying the data concerned, of unauthorised access to, or processing of, the same or of damage to their completeness and confidentiality.
The processing of the data will take the form of their collection, acquisition, recording, organisation, storage, editing, use, consultation, possible amendment, transmission, deletion and all else useful and necessary for the management of the bookings made.
The data of the BOOKING ON LINE are in SSL connection , that is a protected connection.


 Nature of the provision of data
The data that you provide when requesting a booking and processed will be personal details, addresses, telephone numbers and E-mail addresses together with details relating to your credit card provided as guarantee of the booking.
The provision of data to be entered in the fields indicated as obligatory when you wish to make a booking, is obligatory and the failure to provide them will make it impossible to effect the tourist booking concerned.
The provision of data to be entered in those fields not identified as obligatory is however discretionary and the failure to provide them will not in any way impede the completion of the tourist booking requested.

Communication of Data to third parties
The data you provide will be communicated to third parties involved in, and affected by, the provision of the services requested and hence the completion of the tourist booking ( banks ).
The data provided will not be used save with your express consent given in advance, for sending correspondence or communications which are not strictly relevant to the requested or purchased services.
The data are in SSL connection , that is a protected connection.

 Rights of access to personal data and other rights
You are entitled to exercise your rights in connection with the Data Controller pursuant to Article 7 of Legislative Decree 196/2003 which we have set out in its entirety for your convenience:

Legislative Decree 196/2003,
Article 7 - Right of access to personal data and other rights
1. The interested party will have the right to obtain confirmation of the existence or otherwise of personal data which concern him even if not yet recorded, and their communication to him in an intelligible form.
2. The interested party will have the right to obtain the following indications:
a) the source of the personal data;
b) the purpose and manner of the processing;
c) the logic applied in the case of processing effected with the use of electronic means;
d) the identifying details of the data controller, of the data processors and the designated representative pursuant to Article 5, paragraph 2;
e) the parties or categories of parties to which the personal data may be communicated or which may obtain knowledge of the same in the capacity of designated representative in Italian territory, managers or appointees.
3. The interested party will have the right to require:
a) the up-dating of, rectification of, or, when of interest, addition to, the data;
b) the deletion, transformation into anonymous form or the blocking of data processed in breach of the law including those whose storage is not necessary with respect to the purposes for which the data were collected or subsequently processed;
c) Confirmation that the operations described under letters a) and b) above have been brought to the attention, including with regard to their contents, of those to whom the data have been communicated or disclosed save in a case when such an operation is shown to be impossible or involves the use of means manifestly disproportionate with respect to the right protected.
4. The interested party will have the right to oppose the following, in whole or in part:
a) the processing of data concerning him on the basis of legitimate grounds, even where pertinent to the purposes for which they were collected;
b) the processing of personal data concerning him effected to send advertising materials, direct sales or to conduct market research or commercial communications.
 

Data Controller and Data Processor of the processing 

Hotel Cristina snc di Faenzi Giulianelli Liliana

Via Adige 31

53042 Chianciano Terme (SI)

P.IVA 00367510526