On this page, we explain how we process the personal data of users of our site in accordance with Regulation (EU) 2016/679 (GDPR).
Grand Hotel Due Golfi - Via Nastro Azzurro, 1 - 80061 Sant'Agata (NA) Italy, firstname.lastname@example.org
The types of personal data that this website collects, directly or through third parties, include: cookies, usage data, email address, first name, last name, phone number, address, country, province, password, ZIP/postal code, and city.
Personal data may be freely provided by the user, or collected automatically when using this website.
Failure to provide certain Personal Data may make it impossible for this website to provide its services.
Users are responsible for any personal data of third parties obtained, published, or shared through this website, and confirm that they have the third party's consent to provide the data to the owner.
In addition to the data controller subjects involved in the organization of the site (administrative, commercial, marketing, legal, system administrators) or external subjects (such as suppliers of third party technical services, postal couriers, hosting providers, IT companies, communication agencies) may have access to some categories of data and may be appointed, if necessary, as data processors by the data controller. The updated list of those with access to data can be requested from the data controller at any time.
Data concerning the user is collected to allow the owner to provide services, as well as for the following purposes: commenting on content, contacting the user, handling payments, managing support and contact requests, managing contacts and sending messages, interaction with live chat platforms, interaction with external social networks and platforms, advertising, registration and authentication, access to third party services' accounts, remarketing and behavioral targeting, analytics, displaying content from external platforms, and commercial affiliation.
The types of personal data used for each purpose are outlined in each specific section of this document.
Data is used to provide the user with the services requested and for additional purposes for which the user has given consent.
In these cases, data is being processing on the legal premise of fulfilling a contract or executing pre-contractual measures undertaken at the request of the party concerned.
To do so, the user's data will be stored and processed for the time necessary to complete the processing activities (for example, registration data will be stored until the account is closed, taking into account the technical time required), keeping in mind that once this deadline has passed, the Data Controller will store the user's data until the legal deadline established to fulfill the administrative, accounting, and tax obligations required by current legislation.
In these cases, the user is obligated to provide personal data, and refusal will make it impossible for the user to take advantage of the services offered by the site and, in particular, to conclude the purchase contract through the site.
In these cases, the legal basis for processing and storage is the consent of the interested party, who has the right to withdraw consent at any time.
For these purposes, the user's data will be retained for up to 24 months following the last contact with the Data Controller, for example the initial sales communications sent by the Data Controller.
In these cases, the user is not obligated to provide personal data.
In these cases, the legal basis for storage and processing is the consent of the interested party, who has the right to withdraw consent at any time.
For these purposes, user data will be deleted no later than 12 months from the date of collection.
In these cases, the user is not obligated to provide personal data.
Personal Data is collected for the following purposes and using the following services:
These services allow this website to access personal data from your account with a third party service and perform actions with it.
These services are not activated automatically, but require explicit authorization by the User.
This service allows this website to connect with the user's account on the Facebook social network, provided by Facebook, Inc.
Permissions asked: Email.
This service allows this website to connect with the user's account on the Twitter social network, provided by Twitter, Inc.
These services make it possible to manage a database of email contacts, phone contacts, or any other contact information to communicate with the user.
These services may also collect data concerning the date and time when the message was viewed by the user, as well as when the user interacted with the message by undertaking actions such as clicking on links included in the message.
Mailchimp is an email address management and message sending service provided by Mailchimp, Inc.
Personal data collected: Email address.
The user registers by filling out the registration form and providing personal data directly to this website.
Personal data collected: address, city, country, email address, first name, last name, password, phone number, and ZIP/postal code.
The personal data collected are used to provide the user with services or to sell goods, including payment and possible delivery. The personal data collected to complete payment may include the credit card or the bank account used for directs transfers, or any other means of payment. The specific types of data collected by this website depends on the payment system used.
Users may exercise certain rights with regarding their personal data processed and stored by the Data Controller and Owner.
Users can oppose the processing and storage of their personal data without providing any reasons when their data is used for direct marketing purposes. To find out if the Owner processes and stores data for direct marketing purposes, users can refer to the respective sections of this document.
To exercise their rights, users can direct a request to the contact details of the data controller or owner indicated here. Requests can be made free of charge and processed by the Owner as soon as possible, at most a month.
Personal data is processed at the operational headquarters of the data controller and in any other location where the parties involved in processing and storage are located. For more information, contact the data controller or owner.
Personal data may be transferred to a country other than the one in which users are located. To obtain further information on the processing site, users can refer to the section concerning the processing of personal data.
Personal data may be transferred outside the national territory to countries located in the European Union or outside the European Union, for example to the United States.
Data transfers follow the guidelines of the European Commission on the adequacy of the protection offered by the EU-US shield regime (the so-called "Privacy Shield").
Users' rights under the Privacy Shield are described in an updated form on the US Department of Commerce website.
To obtain further information on the processing site, the user can refer to the section concerning the processing of personal data.
With reference to transfers outside the European Union to countries not considered adequate by the European Commission, the data controller and owner will adopt appropriate security measures to protect personal data.
Users have the right to request information regarding the privacy guarantees adopted for the transfer of personal data, and instructions on how to obtain a copy of personal data or the place where they were made available.
The user's personal data may be used for legal purposes by the data controller, in a court of law, or in the preparation of possible legal action arising from improper use of this website or related services.
The user declares knowledge that the data controller may be required to reveal personal data upon request of public authorities.
For operation and maintenance purposes, this website and any third party services used by it may collect system logs, which are files that record the interactions and that may also contain personal data, such as the user IP address.
More details concerning the collection or processing of Personal Data may be requested from the Data Controller at any time. Please see the contact information at the beginning of this document.