DATENSCHUTZERKLÄRUNG

Privacy

Privacy policy in compliance with Regulation (EU) 679/2016

 

In compliance with Regulation (EU) 2016/679 (hereinafter “GDPR”), the following describes how the personal data of users who consult the website https://www.parkhotelbrasilia.com/ (hereinafter “the Site”) are processed.

 

DATA CONTROLLER

The Data Controller is HNH Hospitality S.p.A. , with registered office in Mestre, Via Saragat n°1.

To exercise the rights set forth by the REGULATION (EU) 2016/679 (hereinafter “GDPR” or “Regulation”) or to request any clarification regarding the processing of personal data, the Controller can be contacted at: telephone (+39 041 5321630), e-mail privacy@hnh.it.

 

INFORMATION ON TYPES OF DATA PROCESSED

Browsing data

The information systems and software procedures relied upon to operate this web site acquire personal data as part of their standard functioning; the transmission of some personal data is an inherent feature of Internet communication protocols.

This data category includes the IP addresses and/or domain names of the computers and terminal equipment used by any user, the URI/URL (Uniform Resource Identifier/Locator) addresses of the requested resources, the time of such requests, the method used for submitting a given request to the server, returned file size, a numerical code relating to server response status (successfully performed, error, etc.), and other parameters related to the user’s operating system and computer environment.

Purposes and legal basis for the processing

(GDPR Art.13, paragraph 1, letter c)

These data are used to make sure the site is functioning properly and to extract statistical information (most visited pages, number of visitors in a time period or daily, geographical areas of origin, etc.). The data might be used to establish liability in case computer crimes are committed against the site (legitimate interest of the Data Controller).

 

Data recipients

(GDPR Art.13, paragraph 1, letters e, f)

Only persons authorized to process and subjects, who, handling data on behalf of the Controller, have been appointed in charge, can have access to personal data. Said subjects shall maintain secrecy and confidentiality, also in compliance with a specific internal regulation. Barring what is indicated regarding cookies, the data shall not be transferred to third countries.
Data storage period

(GDPR Art.13, paragraph 2, letter a)

With the exception of criminal investigation purposes, data are generally stored for the time required to guarantee proper site functioning.
Provision of personal data

(GDPR Art.13, paragraph 2, letter e)

The data are not provided by the Data Subject, rather they are automatically acquired by the site’s technological systems.

 

Contact form and signing up for the newsletter

The optional, explicit and voluntary sending of messages to the contact addresses, as well as the completion and sending of forms on this site, entails the acquisition and processing of the sender’s contact data, which is needed to respond, as well as all the personal data included in the communications and forms and the site browsing statistics.

 

Purposes and legal basis for the processing

(GDPR Art. 13, paragraph 1, letter c)

Contact data requested are processed for:

– responding to and/or contacting the Data Subject;

– sending periodic newsletters to keep the Subject updated on the controller’s news, initiatives and services, only with the specific, free and informed consent of the Data Subject (GDPR Art. 6, paragraph, letter a)

 

Data recipients

(GDPR Art. 13, paragraph 1, letters e,f)

Only persons authorized to process and subjects, who, handling data on behalf of the Controller, have been appointed in charge, can have access to personal data. Said subjects shall maintain secrecy and confidentiality, also in compliance with a specific internal regulation. Barring what is indicated regarding cookies, the data shall not be transferred to third countries.
Data storage period

(GDPR Art. 13, paragraph 2, letter a)

The data are stored for the time needed to respond to the message and, with regard to the newsletter, the data shall be stored for the entire period the Subject is registered for said service.
Provision of personal data

(GDPR Art. 13, paragraph 2, letter e)

Failure to provide mandatory data will result in the message not being sent. Not consenting to receiving the newsletter will make it impossible for the Controller to send such communications.

 

Cookies

For specific information, please consult the cookies policy: https://staticaws.fbwebprogram.com/fbcdn/jquery_plugins/fb-cookie-law/text/en.html

 

THE DATA SUBJECT’S RIGHTS

The Controller informs that the Data Subject has the right to request:

  • access to personal data and information (art. 15 of the GDPR);
  • the rectification or erasure of personal data (arts. 16 and 17 of the GDPR);
  • the restriction of processing the personal data (art. 18 of the GDPR).

 

 

Finally, the Data Subject may:

  • object to the processing of personal data according to the terms and limits set forth in art. 21 of the GDPR;
  • exercise the right to data portability (art. 20 of the GDPR).

 

With regard to processing based on consent (pursuant to article 6, paragraph 1, letter a), and article 9, paragraph 2, letter a) of the GDPR), the Data Subject has the right to revoke said consent at any time (without prejudice to the lawfulness of the processing based on consent given prior to revocation).

 

Finally, the Data Subject has the right to lodge a complaint with a supervisory authority (Data Protection Authority or another competent authority) if they deem the Regulation has been breached pursuant to Article 77 of the GDPR.