Punto Zero International s.r.l. with registered office in V.le F.lli Rosselli, 7 57023 – Cecina LI – Italy VAT IT01783770496 ( later described as “Holder”), as owner of the data processing, inform You under Article 13 D.Lgs. 30.6.2003 n. 196 ( later described as “Privacy Code”), and the Article 13 UE Regulation n. 2016/679 ( later described as “GDPR”) that Your data will be processed with the following modes and purposes:
1) Subject of the data processing and purposes This data processing sees as subject all the personal data, biographical and/or identifying, given from You at the moment to the conclusion of the contract for the services offered by the Holder. Moreover, further data may be automatically gathered and processed, such as technical data ( for example IP address, browser type, location data) and/or cookies ( please go to section “Cookie”). Your data is used for: a) Ensuring the access to the services You negotiated by contract and providing You with the concerning assistance (for example messaging service with the Hotel and/or the generic Customer Care services); b) Communicate our commercial initiatives (for example promotional and marketing material about new services and events) c) Conduct analysis activities and reports connected to the use of the negotiated services; The possible refusal to give your consent to the data processing for the unique “purposes of provisionof the service” – reported sub a) – will make it impossible to use the service itself. Your data will never be used for purposes other than those above indicated.
2) Processing mode
The processing of Your personal data is implemented through the operations indicated under the Article 4 of the Privacy Code and Article 4 n.2) GDPR and precisely: data gathering, registration, organization, conservation, consultation, elaboration, modification, selection, extraction, comparison, use, interconnection, block, communication, cancellation and destruction. Your personal data are subject to paper and electronic and/or automated processing. Data is gathered by the subjects indicated in point 4, under the indications of the relevant legislation, with particular attention to the security measures under the GDPR (art.32) for its processing through computer, manual and automated tools and with logics closely related to the purposes explained above in point 1, and anyway to ensure the data safety and confidentiality. The data processing is carried by the Holder and/or the controller and/or sub processor.
3) Retention period
For the purposes in point a) the Holder will retain the personal data for the necessary period to fulfil the above objectives, while complying with current laws, and in any case not over the legislative deadline under Article 2946 c.c. (10 years). For purposes of direct marketing and possible profiling- as in point b) and c) – personal data will be retained for a maximum period equal to the one provided for in the applicable rules, i.e. 24 and 12 months. Invoices, accounting documents and data concerning the commercial activities, will be retained, according to the law, for a maximum period of 10 months.
4) Entities data can be transmitted to Your data are available for the purposes shown in Article 1: a) To the employees and collaborators of the Holder in their quality of responsible and/or officer in charge and/or internal sub processors of the data processing b) Companies playing a role strictly connected and useful to the efficient operation – also technical – of the services offered by the Holder, like for example providers of the services of direct marketing and/or generally companies offering technical units to the provision of some service functions. c) Institutions and government authorities as required by law. The personal data will be retained on servers located in the European Union, subject to the Holder’s faculty to transfer its location. The personal data can be transferred towards Countries belonging to the European Union and towards third party countries outside of the European Union, exclusively under the purposes stated in point 1. In this case, we ensure that the transfer takes place in the accordance of the existing legislation and that an adequate level of protection for the data processing is guaranteed, based on an adequacy decision, on standard clauses defined by the European Commission or Binding Corporate Rules.
5) Rights of the data subject
As subject concerned, is entitled to exercise its rights under the Article 7 of the Privacy Code, and Article 15 and ss. GDPR, and precisely can: a) Obtain from the Holder, at any moment, information about the existence of his personal data, its origin, the purposes and processing mode, and when available, to obtain access to the personal data and to the information under Article 15 of the GDPR; b) Ask for the update, rectification, integration, cancellation, limitation of the data processing in the event that any of the following conditions under Article 18 of the GDPR is fulfilled, the anonymous transformation or the block off the personal data, processed infringed the law, including those in which it is not necessary the storage concerning the purposes the data has been gathered and processed for. c) Oppose, totally or partly, for legitimate reasons, to the data processing, albeit relevant to the goal of the gathering and processing of the personal data for the purposes of commercial information or to send advertising material or of direct sale, i.e. the completion of market research or business communication. Every user has also the right to withdraw his consent at any moment, without prejudice to the lawfulness of the data processing based on the consent given before the withdrawal. d) Receive the personal data, submitted knowingly and actively through the enjoyment of the service, in a structured format, customary and machine readable, and transmit it to another holder of the processing without obstacles. e) Lodge a complaint to the Responsible Authorities for the protection of personal data in Italy.
6) Procedures for the right exercise
You will be able at any moment to exercise Your rights sending a registered letter a.r to Punto Zero International s.r.l. V.le F.lli Rosselli, 7 57023 – Cecina LI – Italy
7) Holder, responsible and DPO Not concerning the list specified under Article 37 of the UE Regulation 2016/679, considering also the indications of the guideline WP243, the person in charge for the data protection has not been designated.
1) WHO GATHERS AND PROCESSES THE DATA
2) WHAT COOKIES ARE
Cookies are small text files that the websites visited by the users send to their terminals or devices, where they are memorized, to be again transmitted to the same websites during the next visits. Cookies (and/or similar technologies like for example SDK for the mobile world) can be permanently memorized (persistent cookies) on Your device or can have a variable duration; they can in fact be deleted when the user closes the browser or have a duration limited to the session (session cookie). Cookies can be installed by the Holder (first-party cookies) or by other websites and/or companies (third-party cookies). Cookies are used with several functions, as better specified below at point 3 of this reporting. For the marketing and profiling activities, personal data collected by cookies are processed for a maximum duration, respectively, of 24 and 12 months from the moment in which the data processing consent is given. Below you will find all the information about the cookies installed through the website and/or concerning applications, and the necessary indications about how to manage Your preferences about them.
3) WHICH COOKIES ARE SET ON THE WEBSITE
3.1. First-party cookies and concerning purposes The main purposes of the cookies installed by the Holder are: a) Technical, they are in fact used for purposes connected to the provision of the service and to enable or improve the browsing on the website of the Holder or memorize the search information. These cookies are essential to grant a correct functioning of the platform. b) Analytical, to gather statistical information about the use of the service by the users ( e.g number of visitors, visited pages…). These cookies are used to analyse the traffic on our pages anonymously, without memorizing personal data.
3.2. Third-party cookies and concerning purposes The main purposes of the cookies installed by third-parties are: a) Analytical:to gather statistical information about the use of the service by the users ( e.g number of visitors, visited pages…). These cookies are used to analyse the traffic on our pages anonymously, without memorizing personal data. Third-parties: Google, Youtube, Facebook b) Performance:with these cookies it is possible do develop and implement the service, improving Your browsing experience and the use of it. Third-parties: Google, Youtube, Facebook c) Profiling – marketing: we analyse Your online actions so we can provide You, through third parties, content and commercial offers in line with Your interests, also looking at your previous browsing experience. This information is managed separately from the identification data in the hands of the Holder. Third-parties: Google, Youtube, Facebook
The consent to the use of profiling cookies is given by the user clicking on the concerning approval button, positioned on the banner containing the short reporting, or manifesting in any other way, explicit and valid, the will to agree with the installation. The consent can be revoked at any time. Technical cookies don’t require consent, thus are automatically installed after the access to the website or service.
Cookies can be completely disabled on the browser using the concerning function required by the majority of browsing programs. It is good to know though that by disabling cookies, some of the functions of the website may not be used. The procedure to modify the settings and the cookies vary between browsers. If necessary, you can use the function of browsing guide or click on one of the following links to have direct access to the user handbook of the browser.