Privacy Policy

Privacy Policy

Dear User,

Villa del Quar S.p.A., as Data Controller (hereinafter “Villa del Quar” or the “Data Controller”) considers privacy and protection of Personal Data one of the main objectives of its activity. This document has been drafted pursuant to art. 13 of EU Regulation 2016/679 (hereinafter: “Regulation”) in order to allow you to know our privacy policy; we therefore invite you before communicating any personal data to the Owner to read carefully this Privacy Policy because it contains important information on the protection of your personal data.

This Privacy Policy:

is intended for the site https://www.hotelvilladelquar.it/ (hereinafter the “Site”);

constitutes an integral part of the Site and the services we offer;

is provided pursuant to art. 13 of the Regulations to those who interact with the web services of the Site.

The processing of your personal data will be based on the principles of correctness, lawfulness, transparency, limitation of purposes and storage, minimization and accuracy, integrity and confidentiality, as well as the principle of accountability as per art. 5 of the Regulations. Your personal data will therefore be processed in accordance with the legislative provisions of the Regulation and the confidentiality obligations provided for therein.

By processing of personal data we mean any operation or set of operations, performed with or without the aid of automated processes and applied to personal data or sets of personal data, such as collection, recording, organization, structuring, storage, adaptation or modification, extraction, consultation, use, communication by transmission, dissemination or any other form of making available, comparison or interconnection, limitation, deletion or destruction.

INDEX

1. Data controller

2. Personal data subject to processing

a. Navigation data

b. Data provided voluntarily by the user

c. Third party data provided voluntarily by the user

3. Purpose of the treatment

4. Legal basis and mandatory or optional nature of the processing

5. Recipients of Personal Data

6. Transfer of Personal Data

7. Retention of Personal Data

8. Rights of the interested party

9. Changes

1. Data controller

The holder of the treatment is Villa del QUAR S.p.A. Via del Quar n. 12 – 37029 San Pietro in Cariano (VR) Tel. +39 0456800681 – info@hotelvilladelquar.it

2. Personal data subject to processing

Following the navigation of the Site, we inform you that Villa del Quar will process personal data that may consist of an identifier such as name, an identification number, an online identifier or one or more characteristic elements of his physical, physiological, psychic, economic, cultural or social identity suitable to make the person concerned identified or identifiable (hereinafter only “Personal Data”). The Personal Data processed through the Site are as follows:

a. Navigation Data

The computer systems and software procedures used to operate the Site acquire, during their normal operation, some Personal Data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified data subjects, but by its very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes IP addresses or domain names of the computers used by users who connect to the Site, URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and computer environment of the user. This data is used for the sole purpose of obtaining anonymous statistical information on the use of the Site and to check its correct functioning, to allow – given the architecture of the systems used – the correct provision of services, for security reasons and to ascertain responsibility in the event of hypothetical computer crimes against the Site or third parties; and are usually deleted after sixty days.

 

b. Data provided voluntarily by the user

The Site offers users the possibility to voluntarily provide personal information through, for example, the registration to contact forms, the request for services, information or quotes, the optional, explicit and voluntary sending of e-mails to the addresses indicated on the Site, etc.. This Privacy Policy is also intended for the processing of Personal Data provided voluntarily through the Site.

c. Third party data provided voluntarily by the user

In the use of certain services of the Site, there may be a processing of Personal Data of third parties sent by you. With respect to such hypotheses, you are the autonomous data controller, assuming all the obligations and responsibilities required by law. In this sense, you grant the widest indemnity on this point with respect to any dispute, claim, request for compensation for damages for processing, etc.. that may reach the Data Controller from third parties whose Personal Data have been processed through your use of the functions of the Site in violation of the applicable rules on the protection of Personal Data.

In any case, should the Data Controller provide or otherwise process Personal Data of third parties in the use of the Site, it warrants from now on – assuming all related responsibilities – that this particular processing hypothesis is based on a suitable legal basis pursuant to art. 6 of the Regulation legitimizing the processing of the data in question.

3. Purposes of the processing

Your Personal Data will be processed, with your consent where necessary, for the following purposes, where applicable:

a. to allow the provision of the services requested (e.g.: request for contact, a “Demo” or a quote, subscription to the Newsletter, request for information or subscription to training courses, request to send documentation or permission to download it from the Site, reporting abuse), as well as the navigation of the Site;

b. to receive specific requests addressed to the Owner;

c. fulfil any obligations provided for by current laws, regulations or Community legislation, or satisfy requests from the authorities;

d. statistical purposes, without it being possible to trace his identity;

e. carry out direct marketing via e-mail for products and services similar to those requested by you (including: demos, material or documentation downloadable from the Site), unless you expressly refuse to receive such communications, which you may express when requesting the services or on subsequent occasions.

4. Criteria of lawfulness and mandatory or optional nature of the treatment

The legal basis for the processing of Personal Data for the purposes referred to in section 3.a. and 3.b. is art. 6.1 letter b) of the Regulation (“[…] the processing is necessary for the execution of a contract to which the data subject is a party or for the execution of pre-contractual measures adopted at the request of the same”), as the processing is necessary for the provision of services or for the response to requests by the data subject. The provision of Personal Data for these purposes is optional, but failure to do so would make it impossible to activate the services requested or to respond to your requests.

The processing of your Personal Data referred to in section 3.c. represents a legitimate processing of personal data pursuant to art. 6.1 letter c) of the Regulation (“[…] the processing is necessary to fulfil a legal obligation to which the data controller is subject”).

Please note that the processing of your Personal Data referred to in section 3.d. is not performed on personal data and can therefore be freely carried out by the Data Controller.

The processing of your Personal Data for the purposes described in section 3.e. represents a legitimate treatment under the applicable legislation on the protection of personal data, which does not require your consent (art. 130 co. 4 d.lgs. 196/2003). You may object to the processing of your Personal Data for this purpose both when requesting the products and services available on the Site and in subsequent communications from the Owner.

5. Recipients of Personal Data

Your Personal Data may be shared, for the purposes set out in section 3 above, with:

a. subjects who typically act as data processors, i.e.: i) persons, companies or professional firms that provide assistance and advice to the Data Controller in administrative and legal matters, in relation to the provision of services; ii) subjects with whom it is necessary to interact for the provision of services (e.g. hosting providers); iii) or subjects delegated to carry out technical maintenance activities (including the maintenance of network equipment and electronic communications networks);

 b. persons, entities or authorities to whom it is mandatory to disclose your Personal Data pursuant to legal provisions or orders of the authorities or in case of reports to investigate complaints and identify the source of messages received from users;

c. persons authorized by the Data Controller to process Personal Data necessary to carry out activities strictly related to the provision of services, who are committed to confidentiality or have an adequate legal obligation of confidentiality (e.g. employees).

6. Transfer of Personal Data

The Data Controller does not intend to transfer your Personal Data outside the European Economic Area.

7. Retention of Personal Data

Personal Data processed for the purposes set forth in section 3.a. and 3.b. will be kept for the time strictly necessary to achieve those purposes. In any case, since the processing is carried out for the provision of services, the Owner will process Personal Data until the time allowed by Italian law to protect its interests (Art. 2946 c.c. and ss.).

The Personal Data processed for the purposes referred to in section 3.c. will be kept until the time required by the specific obligation or rule of applicable law.

Personal Data processed for the purposes set forth in section 3.e. will be processed until its opposition to such processing.

8. Rights of data subjects

Pursuant to Articles 15 et seq. of the Regulations, you have the right to ask the Data Controller, at any time, for access to your Personal Data, their correction or cancellation or to oppose their processing in accordance with Article 21 of the Regulations, you have the right to request the limitation of processing in the cases provided for by Article 18 of the Regulations, as well as to obtain in a structured format, in common use and readable by automatic device the data concerning you, in the cases provided for by Article 20 of the Regulations.

In any case, you are always entitled to lodge a complaint with the competent Control Authority (Guarantor for the Protection of Personal Data), pursuant to art. 77 of the Regulation, if you believe that the processing of your Personal Data is contrary to the regulations in force.

9. Amendments

The Owner may modify or simply update this Site Privacy Policy, in part or in full, also due to changes in the laws and regulations that govern this matter and protect its rights. Such changes and updates to the Privacy Policy will be notified to users on the home page of the Site. We therefore invite you to visit this section regularly in order to be aware of the most recent and updated version of this Privacy Policy so that you are always up to date on the information we collect and the use we make of it.