INFORMATION ON THE PROCESSING OF PERSONAL DATA
of the users visiting the blog “Discover Portovenere”
Pursuant to Article 13 of the EU Regulation GDPR 2016/679
This page contains a description of the policies for managing the website in regards to processing the personal data of the users who visit the site and their privacy. This information is provided pursuant to article 13 of Italian Legislative Decree no. 196/2003 and GDPR 679/2016 – Laws concerning the Protection of Personal Data and the individuals who interact with the blog “Discover Portovenere”, which is accessible by telematics means through the following web address: discoverportovenere.com, which corresponds to the blog of Grand Hotel Portovenere on Via Giuseppe Garibaldi, 5 – 19025 Portovenere (SP).
This informative note is provided only for the aforementioned website and not for other websites eventually accessed by the user through links.
Following access to this website, data pertaining to persons that are identified or identifiable may be processed. The “Data Controller” of the personal data collected following a visit to our website or any other data used for providing our services is Frontemare Srl, Via del Carroccio n. 16 – 20123 Milano.
PLACE WHERE DATA IS PROCESSED
Data processing pertaining to the web services of this website [(physically hosted in USA by Blue Host provider (www.bluehost.com)] is carried out at the aforementioned headquarters and said data is processed only by the technical personnel in charge of processing of the Data Processing Office, or by eventual persons in charge of processing who are entrusted to process occasional maintenance operations.
The personal data obtained from the users who submit hotel reservation requests or through informative material (informative notes, newsletters, registration, etc) is used only to carry out the services or assistance requested and is not transmitted to third parties, except in the following possible cases:
• Subjects who are authorized to have access to the data by law or through requests by the authorities
CATEGORIES OF PROCESSED DATA
The information systems and software procedures relied upon to operate this web site acquire personal data as part of their standard functioning; the transmission of such data is an inherent feature of Internet communication protocols.
Such information is not collected in order to relate it to identified data subjects, however it might allow user identification per se after being processed and matched with data held by third parties.
This data category includes IP addresses and/or the domain names of the computers used by any user connecting with this web site, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of such requests, the method used for submitting a given request to the server, returned file size, a numerical code relating to server response status (successfully performed, error, etc.), and other parameters related to the user’s operating system and computer environment.
These data are only used to extract anonymous statistical information on website use as well as to check its functioning; they are erased immediately after being processed. The data might be used to establish liability in case computer crimes are committed against the website; except for this circumstance, any data on web contacts is currently retained for no longer than seven days.
Data voluntarily provided by the user
Sending e-mail messages to the addresses mentioned on this website, which is done on the basis of a freely chosen, explicit, and voluntary option, entails acquisition of the sender’s address, which is necessary in order to reply to any request, as well as of such additional personal data as is contained in the message(s).
Data will be retained only for registration request to send the newsletters or special offers, and will not be disclosed to anyone.
The personal information regarding the individual who visited the website is not collected or used. The visitors remain anonymous. The only exception to this rule concerns the information for personal identification needed to fulfill the contractual obligations of reservations on behalf of the user.
PERIOD FOR DATA RETENTION – CRITERIA USED
According to the provisions set forth in art. 5 par. 1 lett. e) of the Regulation (EU) 2016/679, collected personal data shall be kept in a form which permits identification of data subjects for a period not exceeding the purposes for which the personal data were collected and subsequently processed.
Data retention periods depend on the purposes of the processing:
• purposes related to technical navigation data for the correct functioning of the website: retention only for the related session, after which the data are deleted;
• newsletter, marketing or promotional communications in general (24 months – until withdrawal of consent);
In this website we are applied cookies technologies for different purposes, including computer technology authentication or to monitor sessions.
Description of the cookie mechanisms adopted:
• Cookie implanted in the user/contracting party’s terminal directly (that will not be used for other purposes) such as session cookies used for customisation cookie (for example, the choice of the browsing language); these cookie remain active only for the duration of the session.
• Cookie used to statistically analyse accesses/site visits (the so-called “analytic” cookie) that are used for statistical purposes, and to collect aggregate information without the possibility of tracing back to the identification of the individual user personal computer. In these cases, since current legislation requires that, when using analytic cookie, the user is given clear and adequate instructions to easily oppose implementation of such (including any mechanisms to make the cookies anonymous), we give instructions on how to disabled installed cookies below. The duration of analytic technical cookie is averagely of 30 minutes.
Media – If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser. When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
How to modify settings on the cookies
Most browsers allow to clear cookies from your computer hard drive, block acceptance of cookies or receive a warning before a cookie is stored.
Therefore, to remove cookies we encourage you to follow the instructions on the pages of the various browsers:
Fire fox: https://support.mozilla.org/it/kb/Gestione%20dei%20cookie
Microsoft Edge: https://privacy.microsoft.com/it-IT/windows-10-microsoft-edge-and-privacy
Third-party cookies are code parts set by a website different than the website you are currently browsing.
This involves the transmission of cookies from third parties. Management of information collected from “third parties” is governed by the relative information notices to which we ask you to refer. If you block or erase cookies, it may not be possible to reset previously specified preferences or customised settings, and our capacity to customize the user experience will be limited.
More google analytics privacy policies available on http://www.google.com/policies/technologies/ads/
Our website uses Google Analytics, a web analysis service from Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, hereinafter referred to as “Google“. Google Analytics employs so-called “cookies“, text files that are stored to your computer in order to facilitate an analysis of your use of the site. The information generated by these cookies, such as time, place and frequency of your visits to our site, including your IP address, is transmitted to Google’s location in the US and stored there. We use Google Analytics with an IP anonymization feature on our website. In doing so, Google abbreviates and thereby anonymizes your IP address before transferring it from member states of the European Union or signatory states to the Agreement on the European Economic Area. Google will use this information to evaluate your usage of our site, to compile reports on website activity for us, and to provide other services related to website- and internet usage. Google may also transfer this information to third parties if this is required by law or to the extent this data is processed by third parties on Google´s behalf. Google states that it will in never associate your IP address with other data held by Google. You can prevent cookies from being installed by adjusting the settings on your browser software accordingly. You should be aware, however, that by doing so you may not be able to make full use of all the functions of our website.
Nevertheless, if you block or erase cookies, it may not be possible to reset previously specified preferences or customised settings, and our capacity to customize the user experience will be limited. More google analytics privacy policies available on http://www.google.com/policies/technologies/ads/.
Personal data is processed with automated means for no longer than is necessary to achieve the purposes for which it has been collected. Specific security measures are implemented to prevent the data from being lost, used unlawfully and/or inappropriately, and accessed without authorisation.
DATA SUBJECTS’ RIGHTS
The data Controller is Frontemare Srl, Grand Hotel Portovenere. The Data Protection Officier is Mr. Massimo Bruno. You may contact them at any time to exercise your rights as provided for in Chapter III GDPR 679/2016, in particular, the right to obtain confirmation as to whether or not personal data concerning you exist and the logic applied to the processing, the right to ask for their integration, the right to object to their processing on legitimate ground, and the right to request rectification, updating, erasure (right to be forgotten) or blocking of data that have been processed unlawfully, the right to obtain a copy of the personal data being processed as well as the right to data portability, also by sending a written request to the following e-mail address:
RIGHT TO LODGE A COMPLAINT
If a data subject considers that the processing of personal data relating to him or her as performed via this website infringes the Regulation, he or she has the right to lodge a complaint with the Garante pursuant to Article 77 of the Regulation, or else to bring a judicial proceeding against the Garante pursuant to Article 79 of the Regulation.