PRIVACY POLICY
1. NORMATIVE REFERENCES
Directive 95/46 / EC on the “protection of individuals with regard to the processing of personal data, as well as on the free movement of such data”.
Directive 2002/58 / EC on the “processing of personal data and the protection of privacy in the electronic communications sector”.
EU European Regulation 679/2016 – General Data Protection Regulation (GDPR).
2. DATA CONTROLLER
During the consultation of this site, data relating to identified or identifiable persons may be processed.
The Data Controller is:
Casa della Capra S.r.l.s
Via Pallanza 25, 28802 Mergozzo, Italy
IT 02516610033
e-mail: info@casadellacapra.com
website: https://www.casadellacapra.com/
3. PLACE OF TREATMENT
The processing connected to the web services of this site takes place on Wix.com Inc. servers located in different locations across Europe.
4. DATA COLLECTION
a. Technical data collection:
The use of the site by visitors, involves the full and implicit acceptance and respect of what is written in this document. The site, for technical and security reasons, and for statistical purposes, automatically collects information on accesses, (the information is not of an identifying character or classified as particular data), which are electronically stored and processed exclusively for the aforementioned purposes and for the reasonably necessary time.
b. Contact forms:
We inform you that personal data, which you may provide via this site, are processed exclusively for the management of your request and for the practices required by law. Some data, requested through the appropriate form, are essential to start the request itself and for the practices required by law. In this case you will not be asked to give any consent as the data that you send us will fall within the exempted cases in accordance with current legislation and with reference to Article 6 of Law 679/2016 (GDPR).
Optional consent: Your refusal to provide such data will make it impossible for us to process your request.
c. Booking Engine:
Through this site, visitors can use a “booking engine” to get a personalized quote and book by obtaining a direct confirmation. In case of reservation, some data are sent to this structure and stored in the integrated system. Consequently, the data controller and data processor of the company that owns the booking engine also contributes to the processing of stored data.
The company that owns the booking engine is: Slope S.r.l.
5. COOKIES
[cookie_declaration]
6. MANAGEMENT OF COOKIES
The data controller recalls that the total or partial disabling of cookies c.d. technicians can compromise the use of site features.
It is possible to selectively disable the action of Google Analytics by installing on your browser the opt-out component provided by Google. To disable the action of Google Analytics, please refer to the link below: https://tools.google.com/dlpage/gaoptout
However, you can decide whether or not to accept cookies by changing the security settings of the browser.
Chrome: https://support.google.com/chrome/answer/95647?hl=en
Firefox: https://support.mozilla.org/en-US/kb/clear-cookies-and-site-data-firefox
Microsoft Edge: https://support.microsoft.com/en-us/help/4027947/microsoft-edge-delete-cookies
Safari: http://support.apple.com/kb/HT1677?viewlocale=en_EN
Opera: http://help.opera.com/Windows/10.00/en/cookies.html
7. OPTIONAL DATA SUPPLY
We inform you that personal data, which you may provide via this site, are processed exclusively for the management of your request and for the practices required by law. Some data, requested through the appropriate form, are essential to start the request itself and for the practices required by law. In this case you will not be asked to give any consent as the data that you send us will fall within the exempted cases in accordance with current legislation and with reference to Article 6 of Law 679/2016 (GDPR).
Optional consent: Your refusal to provide such data will make it impossible for us to process your request.
8. METHOD OF TREATMENT
a. Data retention
The information relating to accesses on the site and personal data that users will communicate by filling out the contact form, will be stored on electronic media protected by password and will be treated in full confidentiality by the manager of our structure that will keep them strictly necessary, for the execution of the request. Any particular data are processed in compliance with the regulations in force and in particular with the law 679/2016 (GDPR).
b. Data protection
For access to the IT tools used during the collection, consultation and storage of data, the data controller and processor has put in place all the technical and organizational measures necessary to ensure an adequate level of security, avoiding the possibility of unauthorized disclosure and thus ensuring the confidentiality, integrity, availability of data as well as, in the event of a physical or technical incident, to ensure the ability to restore data in a short time.
In accordance with the art. 8 of REGULATION (EU) 2016/679, on this website, the services are offered exclusively to those who have reached the age of majority or for which (if minors under the age of 16) parents’ consent has been collected. If we discover that a minor has provided us with personal information without the permission of the parents or guardian, we will immediately delete this information.
9. SHARING, COMMUNICATION AND DISSEMINATION OF DATA
The data collected may be transferred or communicated to other companies, specifically identified, for activities strictly connected and instrumental to the operation of the service, such as the management of the site itself or its components. Personal data may be transmitted to third parties, but only and exclusively if this is necessary to comply with requests from the Judicial Authority or Public Security. No data deriving from the web service is disseminated.
10. USER RIGHTS
The User will have the right to exercise the rights referred to in art. 7 of the Privacy Code and art.15 GDPR.
In particular, the User has the right at any time to obtain from Casa della Capra S.r.l.s confirmation of the existence or not of personal data concerning him, even if not yet registered, and their communication in intelligible form.
The User also has the right to obtain confirmation: a) of the origin of personal data; b) of the purposes and methods of the processing; c) of the logic applied in case of treatment carried out with the aid of automated tools; d) of the identification details of the owner, of the managers and of the designated representative; e) of the subjects or categories of subjects to whom the personal data may be communicated or who can learn about them as appointed representative in the territory of the State, managers or agents.
The User also has the right to obtain: a) updating, rectification or, when interested, integration of data; b) the cancellation, transformation into anonymous form or blocking of data processed unlawfully, including data whose retention is unnecessary for the purposes for which the data were collected or subsequently processed; c) the attestation that the operations referred to in letters a) and b) have been brought to the attention, also as regards their content, of those to whom the data have been communicated or disseminated, except in the case where such fulfilment is prove impossible or involve a manifestly disproportionate use of the law with respect to the protected right. The User has the right to object, in whole or in part: a) for legitimate reasons, to the processing of personal data concerning him / her, even though they are relevant to the purpose of the collection; b) to the processing of personal data concerning him / her for the purpose of sending advertising or direct sales material or for carrying out market research or commercial communications (for example relating to newsletter services).
Where applicable, the User also has the rights referred to in Articles 16-21 GDPR (Right of rectification, right to be forgotten, right of limitation of treatment, right to the portability of contractual data and rough navigation, right of opposition), as well as the right of complaint to the Guarantor Authority.
How to exercise rights
We also wish to inform you that the European Regulation recognizes certain rights, including the right of access and rectification, or cancellation or limitation or opposition to processing, as well as the right to data portability, if and as applicable (articles to be 15 to 22 of EU Regulation No. 679 of 2016). It can also lodge a complaint with the supervisory authority, in accordance with the procedures established by current legislation. To exercise the rights referred to in the previous article, the User may, at any time, contact the company (Data Controller) by e-mail
11. CHANGES TO THESE PRIVACY POLICIES
The data controller periodically checks its privacy and security policy and, if necessary, revises it in relation to regulatory, organizational, or technological changes. In case of policy changes, the new version will be published on this page of the site.
12. CUSTOMER INFORMATION
Dear Guest, in accordance with current legislation on the protection of personal data (EU Regulation No. 679 of 2016), we wish to inform you that the processing of your personal data is carried out correctly and transparently, for lawful purposes and protecting your privacy and your rights. The treatments are also carried out with the help of IT tools for the following purposes:
1. to acquire and confirm your booking of accommodation services and ancillary services, and to provide the services requested. Since these are necessary treatments for the definition of the contractual agreement and for its subsequent implementation, its consent is not required, except in the case in which, so-called sensitive data are given. In case of refusal to provide personal data, we will not be able to confirm the booking or provide the requested services. The treatment will cease on his departure, but some of his personal data may or must continue to be processed for the purposes and with the methods indicated in the following points:
2. to fulfil the obligation set forth in the “Consolidated Law on Public Security Laws” (article 109 RD 18.6.1931 No. 773) which requires us to communicate to the Police Headquarters, for purposes of public security, the particulars of clients accommodated according to methods established by the Ministry of the Interior (Decree of 7 January 2013). The provision of data is mandatory and does not require its consent, and in case of refusal to provide it we will not be able to host it in our facility. The data acquired for this purpose are not stored by us unless you provide us with the consent to the conservation as foreseen in point 4;
3. to comply with current administrative, accounting and tax obligations. For these purposes, the processing is carried out without the need to acquire your consent. The data are processed by us and our representatives and are disclosed outside only in fulfilment of legal obligations. In case of refusal to provide the data necessary for the above-mentioned obligations, we will not be able to provide the requested services. The data acquired for these purposes are stored by us for the time provided for by the respective regulations (10 years, and even more in the case of tax assessments);
4. to speed up the registration procedures in case of subsequent stays at our facility. For this purpose, after obtaining its revocable consent at any time, your data will be kept for a maximum period of 10 years and will be used when you will be our guest again for the purposes referred to in the previous points;
5. to perform the function of receiving messages and telephone calls addressed to her during her stay. For this purpose, your consent is required. You can withdraw your consent at any time. The treatment will cease at its departure anyway;
6. to send you our promotional messages and updates on the rates and offers made. For this purpose, after obtaining your consent, your data will be kept for a maximum period of 10 years and will not be disclosed to third parties. You can withdraw your consent at any time;
7. for purposes of protection of persons, property, and company assets through a video surveillance system of some areas of the structure, identifiable by the presence of appropriate signs. For this treatment, your consent is not required, as it pursues our legitimate interest in protecting people and property with respect to possible aggressions, thefts, robberies, damage, acts of vandalism and for purposes of fire prevention and job security. The recorded images are deleted after 24 hours, except holidays or other cases of closure of the exercise, and in any case not more than a week. They are not the object of communication to third parties, except in cases where it is necessary to adhere to a specific investigation request by the judicial or judicial authorities.
We also wish to inform you that your data may be made accessible for the purposes set out in points 1 to 7:
a) to employees and collaborators of the Owner in their capacity as agents and / or managers and / or internal sub-managers of the processing;
b) companies that perform functions strictly connected and instrumental to the operations – including technical – of the services offered by the Data Controller, such as providers of direct marketing and customer care services, companies that provide archiving, administrative, payment and invoicing services, associated companies and / or in general companies that provide technical components for the provision of some service features
c) bodies and administrative and judicial authorities by virtue of legal obligations.
Personal data will be stored on servers located in the European Union, without prejudice to the Owner’s right to transfer the location. In this case, we make sure that this transfer takes place in compliance with current legislation and that an adequate level of personal data protection is guaranteed based on an adequacy decision, on standard clauses defined by the European Commission or on Binding Corporate Rules. We also wish to inform you that the European Regulation recognizes certain rights, including the right of access and rectification, or cancellation or limitation or opposition to processing, as well as the right to data portability, if and as applicable (articles to be 15 to 22 of EU Regulation No. 679 of 2016). It can also lodge a complaint with the supervisory authority, in accordance with the procedures established by current legislation.
Latest update: December 22nd 2023