Table of Contents
1. Data controller
2. Purposes of the treatment
3. Provision of personal data and legal basis
4. What data are processed?
5. Methods of data processing
6. To whom may the data collected be communicated?
7. What are the rights of data subjects?
8. Points of contact
1. Data controller
The data controller is VILLA AL RIFUGIO DI PASCARIELLO TERESA S.r.l., with registered office at Via Gaetano Infranzi, 5 – 84013 Cava dei Tirreni (SA), e-mail: email@example.com; Tel:+39089345097
2. Purpose of the tratment
1.By accessing and consulting this site, as well as by taking advantage of the services that are offered through the site to users, information may be collected and processed concerning users as identified or identifiable natural persons. If personal data are thus acquired, they will be processed, in accordance with current legislation on the protection of personal data, solely to pursue the following purposes:
a) purposes strictly related and instrumental to allow access and use of the site, its features and services requested;
b) for operational and management needs internal to the Owner and inherent to the services offered through the site, including the Blog service;
c) in a completely anonymous and aggregate form, for statistical purposes;
d) to fulfill any obligations provided for by law and European regulations;
e) to conclude and execute the contract for the purchase of goods offered on the site.
2.The data collected from users who use the site for the purposes indicated in the previous point could also be used for other purposes, but for each possible further processing will be requested from users an express and explicit manifestation of consent. In this way, the data collected from users may be used for the performance of further processing activities by the Data Controller, such as for direct marketing operations, only if the user freely and clearly consents to each further processing.
3. Provision of personal data and legal basis
1. The provision of personal data is necessary for the purposes referred to in Article 2, paragraph 1, as the legal basis for processing is:
in the cases referred to in points a), b) and c): the legitimate interest of the owner under Art. 6.f GDPR in the proper functioning of the website and the improvement of its functionality;
in the cases referred to in point d): the fulfillment of legal obligations provided to the owner under Art. 6.c GDPR;
in the cases referred to in points e) and f): the performance of the services requested by the user and the contractual buying and selling relationship pursuant to Art. 6.b GDPR.
Any refusal opposed to the processing of data in these cases may therefore prevent the performance of the services; as far as possible, the user will still be given the option to consult the site without providing any personal data, although in this case, certain functions or features of the site may be disabled.
Where provided, the provision of personal data for the purposes referred to in Art. 2, paragraph 2, is optional, as the legal basis for processing in this case is always the user’s consent, pursuant to Art. 6.a GDPR, informed, free and optional. In the absence of explicit consent, these activities will not be carried out without further consequences, in particular, the user will still be able to use the site and services for the purposes referred to in Art. 2, paragraph 1.
4. What data is processed?
Depending on the service rendered, personal data of different types may be processed, as specified in this article.
4.1 Browsing data
The computer systems and software procedures responsible for the operation of this site acquire, in the course of their normal
exercise, some personal data whose transmission is implicit in the navigation of the websites. This information is not collected to be associated with identified interested parties; however, by its very nature it could, through processing and association with data held by third parties, allow users to be identified. They include IP addresses or domain names of the computers used by users connecting to the site, URL addresses of the resources requested, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server and other parameters relating to the operating system and platform
used by the user.
The above data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct operation; they are deleted immediately after processing. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the site: except for this eventuality, at present the data on web contacts do not persist for more than seven days. Regarding cookies, please refer to Section 4.3 below.
4.2 Data provided voluntarily by the user(communications)
The optional, explicit and voluntary sending of communications by means of contact forms on the site on the page www.villaalrifugio.com or e-mail to the addresses indicated on this site, involves the subsequent acquisition of the data communicated by the user, including his e-mail address, and consent to receive any messages in response to his requests.
The personal data thus provided are used for the sole purpose of fulfilling or responding to the transmitted requests and are disclosed to third parties only if this is necessary for that purpose.
4.3 Cookies – General Information
Cookies are small text files that sites visited by the user send to the user’s computer or mobile device(usually to the browser), where they are stored and then transmitted back to the same sites the next time the same user visits. Thanks to cookies, a site can remember user preferences, for example: login, the language chosen, products selected in the shopping cart and display settings and more, so that they do not have to be indicated again when the user visits the site again.
In the course of browsing a site, the user may also receive cookies from different sites or web servers on his terminal (so-called “third-party” cookies); this happens because on the website visited there may be elements such as, for example, images, maps, sounds, specific links to web pages of other domains that reside on servers other than the one on which the requested page is located.
In other words, they are those cookies that are set by a website other than the one you are currently visiting.
Cookies are used to perform computer authentication, session tracking, and storage of specific information regarding users accessing the server, and are usually present in each user’s browser in very large numbers. Source: https://garanteprivacy.it
They may also contain a unique identification code that allows tracking of the user’s navigation within the site itself for statistical or advertising purposes.
Cookies consist of portions of code installed within the browser that assist the Owner in providing the service according to the purposes described.
Some of the purposes for which Cookies are installed may, in addition, require the User’s consent.
Cookies to save the User’s session and to perform other activities strictly necessary for its operation, such as in relation to traffic distribution.
Technical cookies, which do not require express consent for their use, also include:
– navigation or session cookies.
– Technical cookies for processing statistics. If used by the site operator on the number of users and site navigation.
– Functional cookies that allow navigation based on user choices (language, product selection, font, etc…).
Targeted advertising cookies, vice versa, which create user profiles and are used to send advertising messages, the user’s prior consent is required.
4.3.1 Duration of cookies
Some cookies (session cookies) remain active only until the browser is closed or the logout command is executed.
Other cookies “survive” when the browser is closed and are available on subsequent user visits.
These cookies are called persistent and their duration is set by the server when they are created.
In some cases an expiration date is set, in other cases the duration is unlimited.
4.3.2 General types of cookies used on the site
This site uses Technical Cookies to save the User’s session and to perform other activities strictly necessary for its operation, for example in relation to traffic distribution that cannot be deselected.
Also below are the types that can instead be both selected and deselected in the banner that will be proposed when you first access the site (by clicking on “Customize”). You can then change your preferences by clicking on the “blue colored button” at the bottom left of the screen.
Functional cookies: Functional cookies help perform certain functionalities(e.g., language) such as sharing website content on social media platforms, collecting feedback, and other third-party functionalities. By disabling them, certain features or services may be unavailable or may not function properly. In addition, the user may be required to enter information or preferences each time they visit the Website.
Targeted advertising cookies: cookies are used to present you with content, including advertising, that is more suitable for you. They can also be used to limit the times that advertising content is offered. They are not necessary, but they allow us to provide content closer to your interests.
4.3.3 List of cookies used in the site
First-party cookies (www.villaalrifugio.com), are directly managed by VILLA AL RIFUGIO DI PASCARIELLO TERESA S.r.l. – as described – without the help of third parties.
(Displaying content from other systems outside of www.villaalrifugio.com)
These systems are used by the site to provide a better service and browsing experience for the user by integrating interactive content, videos or any other material from third-party tools into the pages of the site. The services used are listed below:
|Technical Cookies||cookieyes-consent||First-party (www.villaalrifugio.com)||1 year|
|Functional cookies||cookie_notice_accepted||First-party (www.villaalrifugio.com)||1 month|
|Functional cookies||_GRECAPTCHA||Third-party (www.google.com)||6 months|
|Profiling cookies||__Secure-ENID||Third-party (www.google.com)||13 months|
|Analytical cookies||CONSENT||Third-party (www.google.com)||2 years|
4.3.4 Managing cookies
Users can decide whether or not to accept cookies using their browser settings. Attention: total or partial disabling of technical cookies may affect the use of site features reserved for registered users. On the contrary, the usability of public content is also possible by disabling cookies completely. Disabling “third-party” cookies does not affect navigability in any way. The setting can be defined specifically for different sites and web applications.
In addition, the best browsers allow you to define different settings for “proprietary” and “third-party” cookies.
As an example, in Firefox, through the menu Tools->Options->Privacy, you can access a control panel where you can define whether or not to accept different types of cookies and proceed to their removal. Below are links to the cookie management of the most commonly used browsers:
For mobile devices, users can disable cookies through specific features of the system used, for this we refer the user to consult the settings of the device used.
Consultation of the Blog and the news published in the section is left to the free and optional choice of the users; they are
processed only the data necessary for this purpose and no further profiling activity is carried out, except as specified above in relation to cookies. In the provision of the Blog service, various cookies are used, both technical and third-party profiling cookies, to create profiles related to the user used in order to send advertising messages in line with the preferences expressed: for more information on this and for a description of the cookies used on the site, please see section 4.3 above.
5. Methods of data processing
- Personal data are processed lawfully and fairly and used only for the purposes indicated in Article 2. The processing will take place by means of instruments suitable to guarantee the security and confidentiality of personal data and by partially automated instruments suitable to store, manage and transmit the data. Specific security measures are taken to prevent the loss of data and contain the risks of illegal or incorrect use and unauthorized access.
- Personal data will be retained for the time prescribed by law and, in any case, for the time strictly necessary to follow up on the activities for which they were collected and/or until the revocation of the consent given in the case of processing for the purposes referred to in Article 2, paragraph 2.
6. To whom may the data collected be communicated?
- Processing related to the web services of this site is handled only by technical personnel expressly assigned to the processing, internal and/or external to the Data Controller. The data acquired via web, or in any case deriving from web services, may be communicated to the technological and instrumental partners that the Data Controller uses to provide the services requested by users, always in compliance with the purposes indicated in art. 2. To this end, the individuals who will have access to personal data will be duly authorized to process them by the Data Controller and, if necessary, appointed as Data Processors, pursuant to Articles 28 and 29 of the GDPR.
- Data collected for the purposes set out above may also be communicated to subjects authorized for this purpose by provisions of the law and European regulations.
- A list of the subjects to whom the Data Controller communicates the personal data collected for the aforementioned purposes is available and may be consulted at the Data Controller’s offices and may be requested at the addresses indicated.
7. What are the rights of the data subjects?
- The interested party is the natural person, identified or identifiable, to whom the personal data subject to processing refer and, therefore, the user who accesses the site and who uses the services made available through the site itself.
- Each data subject is granted the right to access at any time the data concerning him/her processed by the Data Controller (right of access) in order to verify the correctness and lawfulness of the processing carried out. The interested party may also exercise all the rights recognized by the current legislation, national and European, on the protection of personal data: in particular, he/she may request at any time the correction and updating of incorrect or inaccurate data, the limitation of the processing carried out and the cancellation of the same (right to be forgotten), as well as to lodge a complaint with the Guarantor Authority for the protection of personal data.
- With reference to processing based on the consent of the data subject and carried out by automated means, the data subject may also request to receive data concerning him or her in a structured and commonly used format and to transmit them, if necessary, to another data controller (right to data portability).
- Each data subject is also granted the right to revoke the consent given at any time, without prejudice to the lawfulness of the processing carried out by the Data Controller prior to such revocation, as well as the possibility to object to the processing of data concerning him or her if it is carried out for direct marketing purposes by the Data Controller; in this case, his or her data will no longer be processed for such purposes, depending on the specific consent previously given, either by the Data Controller or by any third party (right to object).
8. Points of Contact
Any request regarding the processing of personal data and any communication relating to the exercise of their rights may be addressed to the Owner by sending a communication by e-mail, to the address firstname.lastname@example.org by mail to the operating headquarters of VILLA AL RIFUGIO DI PASCARIELLO TERESA S.r.l., Via Gaetano Infranzi, 5 – 84013 Cava dei Tirreni (SA