Privacy Policy (EN)

Information document pursuant to article 13 of EU Reg. 2016/679 (GDPR) – Information on the processing of personal data collected from the interested party.

In compliance with the provisions of EU Reg. 2016/679 (European Regulation for the protection of personal data) we provide the necessary information regarding the processing of personal data provided.

Definitions: the art. 4 of EU Reg. 2016/679 defines “personal data” any information concerning an identified or identifiable natural person (“concerned”); an identifiable natural person can be identified, either directly or indirectly, with particular reference to an identifier such as a name, an identification number, location data, an online ID or one or more characteristic elements of his physical identity, physiological, genetic, psychological, economic, cultural or social.

SPECIFIC INFORMATION

HOLDER OF THE TREATMENT

pursuant to art. 4 of EU Reg. 2016/679, is Sandri Vanda & C. sas – Hotel Al Cavallino Bianco with offices in Via dei Platani n. 88, Zip Code 33054 City Lignano Sabbiadoro (UD), info@cavallinobiancolignano.it with exclusive reference to the role of owner of the business called “Hotel Al Cavallino Bianco”.

PURPOSE OF TREATMENT

The personal data provided will be processed for the following purposes:

    • navigation on this website.
    • compilation of data collection form for accommodation booking.

LEGAL BASIS OF THE TREATMENT

The legal basis applicable to the processing of your personal data for the purposes indicated is:

    • consent (Article 6 paragraph 1 letter a)), as the legal basis of the processing.
    • execution of pre-contractual measures / execution of the contract (Article 6 paragraph 1 letter b)) and legal obligations (Article 6 paragraph 1 letter c)) as legal bases of the processing.

RECIPIENTS OR CATEGORIES OF DATA RECIPIENTS

The personal data provided will be communicated to recipients who will process the data as managers (Article 28 of EU Reg. 2016/679) and/or as natural persons acting under the authority of the Data Controller and the Manager and who operate as employees or collaborators with specific appointments as authorized to process (art. 29 of EU Reg. 2016/679), for the purposes listed above in point 2.

By way of non-exhaustive example, the data will be communicated to:

  • subjects that provide services for the management of the information system used by the Data Controller and the related telecommunications networks, including e-mail and website management.
  • professionals and consultants in the field of assistance and consultancy relationships.
  • competent authorities for the fulfillment of legal obligations and/or provisions of public bodies, upon request.
  • companies or credit institutions that offer online payment services.

The subjects belonging to the aforementioned categories perform the function of data processing manager, or operate in total autonomy as separate data controllers.

The list of data processors is constantly updated and available at the registered office of the data controller.

Any further communication will take place only with your explicit consent, in accordance with and within the limits of the GDPR.

Your data, object of the treatment, will not be disclosed.

DATA TRANSFER TO A THIRD COUNTRY AND/OR AN INTERNATIONAL ORGANIZATION AND WARRANTIES

Personal data is stored on servers located within the European Union.

In any case, it is understood that the Data Controller, if necessary, will have the right to move the servers even outside the EU.

In this case, the Data Controller ensures from now on that the transfer of data outside the EU will take place in compliance with the applicable legal provisions, subject to the stipulation of the standard contractual clauses envisaged by the European Commission and the user will be informed.

DATA RETENTION PERIOD OR CRITERIA FOR DETERMINING THE PERIOD

The processing will be carried out in an automated and manual form, with methods and tools aimed at guaranteeing maximum security and confidentiality, by the Data Controller and/or by persons specifically authorized to do so.

In compliance with the provisions of art. 5 paragraph 1 letter. e) of EU Reg. 2016/679, the personal data collected will be stored in a form that allows the identification of the data subjects for a period of time not exceeding the achievement of the purposes for which the personal data are processed. The retention of the personal data provided depends on the purpose of the processing (the timing has been determined on the basis of criteria on which the interested party can receive information by writing an email to cavallinobianco@lignano.it ):

    • navigation on this website: see the provisions of the cookie policy.
    • booking accommodation and any possibility of online payment: for the minimum period required by law in relation to the accounting / tax regime adopted by the Data Controller and in any case no later than the following 10 years, in order to verify any pending, including documents accounting (e.g. invoices).

RIGHTS OF INTERESTED PARTIES

The interested party may assert their rights as expressed by the EU Regulation 2016/679, by contacting the Data Controller, by sending an e-mail to cavallinobianco@lignano.it or by writing to the headquarters of the Data Controller indicated above.

The interested party has the right, at any time, to ask the Data Controller:

    1. access to your personal data (art. 15);
    2. rectification (art. 16);
    3. the cancellation (art. 17) of the same;
    4. the limitation of the treatment (art. 18);
    5. the transfer of personal data to another owner (art. 20);
    6. the interested party also has the right, if it is not possible to request the cancellation of the data, to oppose the treatment when this is justified by reasons relating to his particular situation (art. 21).

POSSIBILITY OF COMPLAINT TO THE GUARANTOR

Without prejudice to any other administrative and judicial appeal, if the data subject believes that the processing of data violates the provisions of EU Reg. 2016/679, the interested party has the right to lodge a complaint with the supervisory authority (Guarantor for the protection of personal data) pursuant to art. 15 letter f) of EU Reg. 2016/679.

NATURE OF THE DATA PROVISION AND CONSEQUENCES OF THE REFUSAL TO PROVIDE THE DATA

The communication of personal data is not an obligation, as you are free to provide your personal data, but it is necessary for purposes of navigation of the pages of the website. The user can deny consent and can revoke at any time a consent already provided (through the banner at the bottom of the page or the browser settings for cookies). However, denying consent may result in a reduced browsing experience on the site. Apart from that specified for navigation data, the communication of personal data is not an obligation, as you are free to provide your personal data in the dedicated areas on the site, but it is necessary to fulfill the purposes of the processing; the consequence of failure to provide personal data makes it impossible to use the various services offered by the Data Controller.

AUTOMATED DECISION-MAKING PROCESSES

There is no automated decision making process.

My Agile Privacy

This site uses technical and profiling cookies. 

You can accept, reject, or customize the cookies by clicking the desired buttons. 

By closing this notice, you will continue without accepting.