Information sheet pursuant to Section 13, Legislative Decree 196/2003
As regards your personal data processed by CASTIGLION DEL BOSCO HOTEL SRL A SOCIO UNICO pursuant to Sections 7-13 of Legislative Decree 196/2003 (the so-called Data Protection Code, hereinafter "D.P.C."), please be informed that:
1. Type of data processed
The following personal data will be processed:
1.1. I.P. address, credit card number and personal details (for example: name and surname, date of birth, address, telephone numbers and email address). No sensitive data will be processed.
2. Purposes of the data processing
2.1. Main purposes of the processing
The personal data listed in point 1.1. are processed for the purpose of Online Booking Service registration on the www.castigliondelbosco.com website, thus enabling you to use this service, to receive any related messages and, more generally speaking, to meet the administrative and operating requirements associated with the provision of the service in question, as well as to comply with legal requirements;
Your I.P. address will be processed for site security purposes.
2.2. Secondary purposes of the processing
The personal data listed in point 1.1. are also processed in order to conduct studies, statistical and market research, for sending invitations to attend events and/or similar activities, as well as marketing and product/service placement information by email, ordinary post, text message, photo message and video message, fax, and other means of communication, and for interactive advertising messages;
3. Data processing methods
(a) Your data will be processed using the operations or set of operations indicated by Section 4, paragraph 1, lett. A) of the D.P.C.: collection, recording, organization, keeping, interrogation, elaboration, modification, selection, retrieval, comparison, utilization, interconnection, blocking, communication, erasure and destruction of data;
(b) the operations may be carried out with or without the help of electronic or automated means;
(c) the processing will be carried out by the data controller and/or persons in charge of the processing;
4. Provision of data and consequences of refusal
4.1. The provision of the personal data listed in point 1.1. is strictly necessary for the purposes of carrying out the activities listed in point 2.1.; therefore, should the data subject refuse to provide said personal data, it will be impossible to carry out the activities listed in point 2.1. and, as a result, to use the Online Booking Service;
4.2. the provision of the personal data listed in point 1.1. is optional as regards the secondary purposes listed in point 2.2.; therefore, should the data subject refuse to provide said data for the purposes listed in point 2.2., this will have no effect on the use of the Online Booking Service;
5. Data communication
The persons in charge of the processing may become acquainted with your personal data and it may be communicated, for the purposes listed in points 2.1. and 2.2., to employees of CASTIGLION DEL BOSCO HOTEL SRL A SOCIO UNICO, to partners, professionals and external consultants entrusted with carrying out administrative, legal and techniques services on behalf of CASTIGLION DEL BOSCO HOTEL SRL A SOCIO UNICO, as well as to subsidiaries and/or partners of the latter, and to all those parties to which communication is necessary for the purposes indicated in points 2.1. and 2.2.;
7. Data disclosure
Your personal data will not be disclosed publically;
8. Data transfer abroad
Your personal data will be transferred to Switzerland (Data Protection Authority authorization to transfer data to Switzerland published in Official Gazette No. 275 of 26 November 2001 - Ordinary Supplement No. 250), where it will be processed by Positioner SA, Lugano, Centro Monda 3, 6528 Camorino, as the data processor, entrusted with the technical management of the www.castiglionedelbosco.com website.
9. Data subject’s rights
Section 7 of the D.P.C. entitles the data subject to exercise specific rights, including the right to obtain confirmation from the data controller as to whether or not personal data concerning him/her exist and communication of such data in intelligible form; the data subject has the right to be informed of the source of the personal data, the purposes and methods of the processing, the logic applied to the processing, the identification of data controller and parties to whom the data may be communicated; the data subject also has the right to obtain updating, rectification or integration of the data, and erasure, anonymisation or blocking of data that have been processed unlawfully; the data subject has the right to object, for legitimate reasons, to the processing of the data;
10. Specific authorizations
You expressly authorize CASTIGLION DEL BOSCO HOTEL SRL A SOCIO UNICO to:
- process and use the data for the purposes listed in points 2.1. and 2.2. (if you do not wish your data to be processed for the purposes listed in point 2.2., please check the following box: );
- receive from CASTIGLION DEL BOSCO HOTEL SRL A SOCIO UNICO, as well as from its partners and other carefully selected companies, invitations to events, special occasions, commercial offers and information by email, fax, ordinary post, text message, photo message, video message, or other means of communication (if you do not wish to benefit from this service, please check the following box: );
11. Data controller
The data controller is CASTIGLION DEL BOSCO HOTEL SRL A SOCIO UNICO, with registered offices at Lungarno Guicciardini 1, 50125 Firenze, Italy; if you wish to know the names of the data processors or wish to exercise your rights under Section 7 D.P.C., please send a specific written request by ordinary post to “CASTIGLION DEL BOSCO HOTEL SRL A SOCIO UNICO, Ufficio Privacy, Lungarno Guicciardini 2, 50125 Firenze (FI), Italy”.