Privacy Policy

Privacy Policy Art. 13 EU Regulation 679/2016

Personal data provided by the user in an optional, explicit and voluntary way are used only by Hotel Villa delle Fate – Cimone & Partners S.r.l. in Sestola (Modena – Italy), Via Piscina, 2– 41029, F.C. anda VAT number 03843810361 – as Data Controller of the website in order to process any requests made (so, for example, when requesting information or explanations by calling the numbers indicated on the website, filling out the contact form or writing to the email addresses present or by making a reservation by telephone or e-mail at the addresses and numbers on the website. We remind you that for the processing of hotel guests’ data refer to the specific privacy policy).  

WHAT ARE THE DATA THAT ARE PROCESSED ON THE WEBSITE? 

During their normal operation, the IT systems and software procedures used to operate this website acquire some personal data whose transmission is implicit in the use of Internet communication protocols. This is information that is not collected to be associated with identified interested parties, but by its very nature could be, through processing and association with data held by third parties, allow users to be identified. This category of data includes the IP addresses or domain names of the computers used by users who connect to the website, the addresses in URI (Uniform Resource Identifier) notation of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numeric code indicating the status of the response given by the server (success, error, etc.) and other parameters relating to the operating system and the user’s computer environment. 

 These data are used for the sole purpose of obtaining anonymous statistical information on the use of the website and to check its correct functioning and are deleted immediately after processing. The data could be used to ascertain responsibility in the event of any computer crimes against the website.

The personal data that may be requested in addition to those that the user could spontaneously indicate during contacts with the Data Controller are: Name, email address for the contact form. 

If the booking of the stay is made directly from the website, further personal data may be requested and reference may be made to the specific information on the booking platform managed by the Vertical Booking platform.  

Vertical Booking s.r.l VAT number IT02657150161 based in Piazza Pontida, 7 – 24122 Bergamo (BG), Italia. 

The complete suite includes Booking Engine, Synchro Channel Manager, Metasearch Manager, CRO (Central Reservation Office), GDS Connectivity and Representation, Marketing and Intelligence Tools and Mobile App (iOs / Android). The Vertical Booking platform collects and stores the personal data of the booking subjects who make the booking from the various distribution channels with which Vertical Booking is connected.  

The quantity and type of data of the bookers received by the indirect channels are not under the control of the Vertical Booking platform. The Vertical Booking platform collects and stores the credit card data associated with the booking according to the PCI-DSS guidelines to which you are referred for further details. (Https://www.pcisecuritystandards.org/). In the event that the customer has requested a connection with a hotel management system (PMS), Vertical Booking transfers the data relating to the booker and booking to the hotel management through a programmatic interface. The Vertical Booking platform stores the data relating to the profile (name, surname, email address, username and password) with which users connect to the platform’s back office

WHAT ABOUT COOKIES?  

The website uses various types of cookies described and manageable with regards to preferences and authorizations for processing in the specific cookie policy. 

NATURE OF PROVIDING PERSONAL DATA ON THE WEBSITE 

With the exception of the navigation data, necessary to carry out the IT and telematic protocols, the provision of personal data by users is free and optional. 

However, failure to provide the data will make it impossible to proceed with requests forwarded or that the user intends to forward. 

HOW WE TREAT THE DATA AND WITH WHICH SECURITY MEASURES  

Personal data are processed with electronic tools and not only for the time strictly necessary to achieve the purposes for which they were collected. Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access.  

The personal data provided by users may be disclosed to third parties for the sole purposes indicated in this policy and are not disclosed.

The data are processed and resident in Italy and on any servers within the EU. The data related to cookies as well as the data of the guests of the structure can be transferred outside the EU. For these transfers, the specifications provided 

for in articles 44-45-46-47 EU Reg. 679/2016. More information can be requested from the Data Controller. 

The collected data will not be disclosed or communicated to third parties without the express consent of the interested party, without prejudice to any requests from the competent authorities, as established by law.

The data are not subject to profiling and or processed with automated systems  

Any data provided as indicated above are kept only for the time necessary for the requests and / or the information requested. 

VERSION OF THE PRIVACY POLICY 

Considering the current implementation and activation status of the full applicability of EU Regulation 679/2016 as well as any changes related to online activities carried out by the study, this information may be subject to periodic reviews. 

This policy is revised on 22/05/2020.  

La presente informativa è valida unicamente per il presente sito web 

This policy is valid only for this website. The links on the site that link to external websites have specific policies and are not directly connected to Hotel Villa delle Fate – Cimone & Partners S.r.l. 

WHAT ARE THE RIGHTS PROTECTED BY THE EU REG.679/2016? 

Pursuant to articles 15-16-17-18-19-20-21-22 EU Regulation 679/2016, all subjects to whom the personal data refer, possibly collected in direct communications with the study as indicated in the policy have the right at any time: 

• to obtain the correction or cancellation of the date or the limitation of the treatment concerning him/her; 
• to oppose the treatment; 
•  to data portability;
• to withdraw consent; 
• to lodge a complaint with the supervisory authority (Garante Privacy).