INFORMATION ON THE PROCESSING OF PERSONAL DATA
of the users visiting the websites of Palmaria Restaurant
Pursuant to Article 13 of the Italian Lgs. Decree 196/03 and EU Regulation 2016/679
This page contains a description of the policies for managing the website in regard to processing the personal data of the users who visit the site and their privacy. This information is provided pursuant to article 13 of Italian Legislative Decree no. 196/2003 – Laws concerning the Protection of Personal Data and the individuals who interact with the web services of Palmaria Restaurant, which is accessible by telematics means through the following web address:
which corresponds to the home page of the official website of Palmaria Restaurant on Via Giuseppe Garibaldi, 5 - 19025 Portovenere (SP)
The information provided does not concern other online websites, pages or services that can be accessed via hyperlinks on the above website but relate to resources outside the Palmaria Restaurant web domain.
Following access to this website, data pertaining to persons that are identified or identifiable may be processed. The “Data Controller” of the personal data collected following a visit to our website or any other data used for providing our services is Frontemare Srl, Via Leopardi, 8 – 20123 Milano. The Data Protection Coordinator is Mr. Massimo Bruno, who can be contacted at email@example.com.
PLACE WHERE DATA IS PROCESSED
Data processing pertaining to the web services of this website [(physically hosted by Aruba Spa (www.aruba.it)) is carried out at the aforementioned headquarters and said data is processed only by the technical personnel in charge of processing of the Data Processing Office, or by eventual persons in charge of processing who are entrusted to process occasional maintenance operations.
The personal data obtained from the users who submit hotel reservation requests or through informative material (informative notes, newsletters, registration, etc) is used only to carry out the services or assistance requested and is not transmitted to third parties, except in the following possible cases:
- Subjects who are authorized to have access to the data by law or through requests by the authorities;
CATEGORIES OF PROCESSED DATA
The information systems and software procedures relied upon to operate this web site acquire personal data as part of their standard functioning; the transmission of such data is an inherent feature of Internet communication protocols.
Such information is not collected in order to relate it to identified data subjects, however it might allow user identification per se after being processed and matched with data held by third parties.
This data category includes IP addresses and/or the domain names of the computers used by any user connecting with this web site, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of such requests, the method used for submitting a given request to the server, returned file size, a numerical code relating to server response status (successfully performed, error, etc.), and other parameters related to the user's operating system and computer environment.
These data are only used to extract anonymous statistical information on website use as well as to check its functioning; they are erased immediately after being processed. The data might be used to establish liability in case computer crimes are committed against the website; except for this circumstance, any data on web contacts is currently retained for no longer than seven days.
Data voluntarily provided by the user
Sending e-mail messages to the addresses mentioned on this website, which is done on the basis of a freely chosen, explicit, and voluntary option, entails acquisition of the sender's address, which is necessary in order to reply to any request, as well as of such additional personal data as is contained in the message(s).
Data will be retained only for registration request to send the newsletters or special offers and will not be disclosed to anyone.
Specific summary information notices will be shown and/or displayed on the pages that are used for providing services on demand.
The personal information regarding the individual who visited the website is not collected or used. The visitors remain anonymous. The only exception to this rule concerns the information for personal identification needed to fulfill the contractual obligations of reservations on behalf of the user.
In the event of reservations made through the website, the user must provide his name, address, telephone number and information regarding the payment processings and credit card used. Palmaria Restaurant will use said information only to process reservations and to send specific information, which is relevant to the confirmation of said, such as a receipt, the booking code and the conditions.
The information provided will not be used for marketing purposes and will not be sold, transmitted, given by contract, or sent to third parties an any way. In any event, the website administrator guarantees the use of scrupulous procedures in order to protect the navigational data and the use of particular precautions to protect the credit card data provided for on-line reservations.
Site visitors can register for our newsletter service. By registering, the user's e-mail address will automatically be included in a list of contacts to which e-mail messages will be sent. The newsletter will be containing periodic updates with commercial and promotional information relating to initiatives, events or promotions of the data controller.
To subscribe to the newsletter, you can use the registration forms on the site by entering your name and e-mail address. The information supplied with the registration form will be only used to sending our newsletter via e-mail and will not be disclosed to third parties..
PERIOD FOR DATA RETENTION - CRITERIA USED
According to the provisions set forth in art. 5 par. 1 lett. e) of the Regulation (EU) 2016/679, collected personal data shall be kept in a form which permits identification of data subjects for a period not exceeding the purposes for which the personal data were collected and subsequently processed.
Data retention periods depend on the purposes of the processing:
- purposes related to technical navigation data for the correct functioning of the website: retention only for the related session, after which the data are deleted;
- purpose of reply to info request/services supply request (up to 12 months for contact requests);
- newsletter, marketing or promotional communications in general (until withdrawal of consent);
COOKIES AND TRACKING TECHNOLOGIES USED
TRANSFERS OF PERSONAL DATA TO THIRD COUNTRIES
Personal data is not transferred to non-EU third countries, except for any cases described above where the controller provide appropriate safeguards. For transfers to the USA or others extra EU countries, in the absence of an adequacy decision pursuant to Article 45(3), or of appropriate safeguards pursuant to Article 46, it takes place on the basis of:
OPTIONAL DATA PROVISION
Subject to the specifications made with regard to navigation data, users are free to provide the personal data listed in the request forms of Palmaria Restaurant or referred to in contacting the hotel to request delivery of information materials and other communications. Failure to provide such data may entail the failure to be provided with the items requested.
Personal data is processed with automated means for no longer than is necessary to achieve the purposes for which it has been collected. Specific security measures are implemented to prevent the data from being lost, used unlawfully and/or inappropriately, and accessed without authorisation.
DATA SUBJECTS' RIGHTS
The data Controller is Frontemare Srl, Palmaria Restaurant. The Data Protection Coordinator is Mr. Massimo Bruno. You may contact them at any time to exercise your rights as provided for in Chapter III GDPR 679/2016, in particular, the right to obtain confirmation as to whether or not personal data concerning you exist and the logic applied to the processing, the right to ask for their integration, the right to object to their processing on legitimate ground, and the right to request rectification, updating, erasure (right to be forgotten) or blocking of data that have been processed unlawfully, the right to obtain a copy of the personal data being processed as well as the right to data portability, also by sending a written request to the following e-mail address: firstname.lastname@example.org.
RIGHT TO LODGE A COMPLAINT
If a data subject considers that the processing of personal data relating to him or her as performed via this website infringes the Regulation, he or she has the right to lodge a complaint with the Garante pursuant to Article 77 of the Regulation, or else to bring a judicial proceeding against the Garante pursuant to Article 79 of the R