Privacy e cookie Policy

INFORMATION MADE PURSUANT TO ART. 13-14 OF THE GDPR (GENERAL DATA PROTECTION REGULATION) 2016/679

 

Effective Date: August 2020

 

This Privacy Statement applies to https://villacollinaverde.it/ owned and operated by Villa Collina Verde B&B and Appartments (priv.) .

This Privacy Statement describes how we collect and use the information, which may include personal data you provide on our website https://villacollinaverde.it/. It also describes the choices available to you regarding our use of your personal data and how you can access and update this data.

Protection of personal data is a very important issue for us. Therefore, the processing of personal data of a data subject, for instance of names, postal or e-mail addresses and phone numbers, is carried out in accordance with the applicable European and national legislation.

If data processing is necessary, but there is no legal basis for such processing, we generally request a consent from the data subject.

 

Definitions

 

The data protection statement is based on the terms, which the European legislative and regulatory authority uses in the EU General Data Protection Regulation (hereinafter called GDPR). Our data protection statement aims to be easy to read and to understand by general public as well as by our guests or business partners. To guarantee this we shall first explain the terms used.

 

We use in this data protections statement following terminology:

 

Personal data means any information relating to an identified or identifiable natural person (‘data subject’). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

 

Data subject means any identified or identifiable natural person whose personal data is processed by the party responsible for the processing.

 

Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

 

Restriction of processing means the marking of stored personal data with the aim of limiting their processing in the future.

 

Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.

 

Pseudonymisation means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.

 

Controller or the party responsible for the processing means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

 

Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

 

Recipient means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients.

 

Third party means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.

 

Consent of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

 

Controller

Villa Collina Verde B&B and Appartments (priv.)

Via Cornedo 41-B

39053 Cornedo

Bolzano, Italy

 

Processor

Zaytsev Alexander
info@villacollinaverde.it
39053
Via Cornedo, 41b
Cornedo — Bolzano
+39 348 2589106

 

Data Collection

 

The types of personal data that we collect include:

 

  • Your first name, last name, email address, phone number and home address;
  • Credit card details (type of card, credit card number, name on card, expiration date and security code);
  • Guest stay data, including date of arrival and departure, special requests made, observations about your service preferences (including room preferences, facilities, or any other services used);
  • Data you provide regarding your marketing preferences or in the course of participating in surveys, contests, or promotional offers;

 

You may always choose what personal data (if any) you want to provide to us. However, if you choose not to provide certain details, some of your transactions with us may be impacted.

 

Data We Collect Automatically

 

When using our website, we also collect information automatically, some of which may be personal data. This includes data such as language settings, IP address, location, device settings, device OS, log information, time of usage, URL requested, status report, user agent (information about the browser version), operating system, result (viewer or booker), browsing history, user Booking ID, and type of data viewed. We may also collect data automatically through cookies. For information on how we use cookies, read below our privacy statement.

The source of the usage data is our analytics tracking system. This usage data may be processed for the purposes of analyzing the use of the website and services. The legal basis for this processing is the obtained consent and our legitimate interests, namely monitoring and improving our website and services.

 

Purpose of the data processing

 

The temporary storage of the IP address by the system is necessary to allow delivery of the website to the computer of the user. To do this, the user’s IP address must be kept for the duration of the session. Storage in log files is only to ensure the functionality of the website. In addition, the data is used to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context. For these purposes, our legitimate interest lies in the processing of data according to Art.6 Paragraph 1 lit.f DSGVO.

 

Duration of storage

 

The data will be deleted as soon as it is no longer necessary to achieve the purpose of its collection. In the case of collecting the data for providing the website, this is the case when the respective session is completed. In the case of storing the data in log files, this is the case after no more than 60 days.

 

Opposition and removal possibility

 

The collection of the data for the provision of the website and the storage of the data in log files is essential for the operation of the website. Therefore, there is no possibility of contradiction on the part of the user.

 

Processing Purposes

 

We use your personal data for the following purposes:

 

• A. Reservations: We use your personal data to complete and administer your online reservation.

 

• B. Customer Service: We use your personal data to provide customer service.

 

• C. Marketing Activities: We also use your data for marketing activities, as permitted by law. Where we use your personal data for direct marketing purposes (e.g. commercial newsletters and marketing communications on new products and services or other offers we think may be of interest to you), we include an unsubscribe link that you can use if you do not want us to send messages in the future.

 

• D. Other Communications: There may be other times when we contact you by email, mail, phone, or texting, depending on the contact data you share with us. There could be a number of reasons for this:

 

◦ a. We may need to respond to and handle requests you’ve made.

◦ b. If you haven’t finalized a reservation online, we may email you a reminder to continue with your reservation. We believe this additional service is useful to you because it allows you to carry on with a reservation without having to search for the accommodation again or filling in all the reservation details from scratch.

◦ c. When you use our services, we may send you a questionnaire or invite you to provide a review about your experience with our website. We believe this additional service is useful to you and to us, as we will be able to improve our website based on your feedback.

 

• E. Analytics, Improvements, and Research: We use personal data to conduct research and analysis. We may involve a third party to do this on our behalf. We may share or disclose the results of such research (including to third-parties) in anonymous, aggregated form. We use your personal data for analytical purposes to improve our services, enhance the user experience, and improve the functionality and quality of our online travel services.

 

• F. Security, Fraud Detection, and Prevention: We use the information, which may include personal data, in order to prevent fraud and other illegal or infringing activities. We also use this information to investigate and detect fraud. We can use personal data for risk assessment and security purposes, including the authentication of users. For these purposes, personal data may be shared with third parties, such as law enforcement authorities as permitted by applicable law and external advisers.

 

• G. Legal and Compliance: In certain cases, we need to use the information provided, which may include personal data, to handle and resolve legal disputes or complaints, for regulatory investigations and compliance, or to enforce agreement(s), or to comply with lawful requests from law enforcement insofar as it is required by law.

If we use automated means to process personal data which produces legal effects or significantly affects you, we will implement suitable measures to safeguard your rights and freedoms, including the right to obtain human intervention.

 

Legal Bases

 

Insofar as we obtain the consent of the data subject for processing of personal data, Art. 6 para. 1 lit. a EU General Data Protection Regulation (GDPR) as the legal basis for the processing of personal data. In the processing of personal data required for the performance of a contract of which the data subject is a party, Art. 6 (1) (b) GDPR serves as the legal basis. This also applies to processing operations required to carry out pre-contractual measures. Insofar as it is necessary to process personal data in order to fulfill a legal obligation to which our company is subject, Art. 6 (1) (c) GDPR serves as the legal basis. In the event that vital interests of the data subject or any other natural person require the processing of personal data, Art.6 ar. 1 lit.d DSGVO as legal basis. Is the processing for the protection of a legitimate interest of our company or a Third parties are required and the interests, fundamental rights and fundamental freedoms of the person concerned do not outweigh the former interest, Art. 6 (1) (f) DSGVO serves as the legal basis for the processing.

 

• In view of purposes A and B, we rely on the performance of a contract: The use of your data may be necessary to perform the contract that you have with us. For example, if you use our services to make an online reservation, we will use your data to carry out our obligation to complete and administer that reservation under the contract that we have with you.

 

• In view of purposes C – G, we rely on its legitimate interests: We use your data for our legitimate interests, such as providing you with the best appropriate content for the website, emails, and newsletters to improve and promote our products, services, and the content on our website, as well as for administrative, fraud detection, and legal purposes. When using personal data to serve our legitimate interests, we will always balance your rights and interests in the protection of your information against our rights and interests.

 

• In respect of purpose G, we also rely, where applicable, on our obligation to comply with applicable law.

 

• Where needed under applicable law, we will obtain your consent prior to processing your personal data for direct marketing purposes.

 

If needed in accordance with applicable law, we will ask for your consent. You can withdraw your consent anytime by contacting us at any of the addresses at the end of this Privacy Statement.

If you want to object to the processing set out under C-F and there’s no opt-out mechanism available to you directly (e.g. in your account settings), to the extent applicable, please contact info@villacollinaverde.it

 

Data Sharing

 

• Booking.com: We’ve teamed up with Booking.com B.V., located at Herengracht 597, 1017 CE Amsterdam, Netherlands (www.booking.com) (hereafter Booking.com) to offer you our online reservation services. While we provide the content to this website and you make a reservation directly with us, the reservations might be processed through Booking.com also. The information you enter into this website will therefore also be shared with Booking.com and its affiliates. This information may include personal data including your name, your contact details, your payment details, the names of guests traveling with you, and any preferences you specified when making a booking.
To find out more about the Booking.com corporate family, visit About Booking.com.

If you have questions about the processing of your personal data by Booking.com, contact dataprotectionoffice@booking.com.

 

• Third-party service providers: We use service providers to process your personal data strictly on our behalf. This processing would be for purposes as included in this Privacy Statement, such as facilitating reservation payments, sending out marketing material, or for analytical support services. These service providers are bound by confidentiality clauses and are not allowed to use your personal data for their own purposes or any other purpose.

 

Providing your personal data to others

 

– We may disclose your personal data to any member of Villa Collina Verde insofar as reasonably necessary for the purposes, and on the legal bases, set out in this policy.

 

– We may disclose your personal data to our insurers and/or professional advisers insofar as reasonably necessary for the purposes of obtaining or maintaining insurance coverage, managing risks, obtaining professional advice, or the establishment, exercise or defense of legal claims, whether in court proceedings or in an administrative or out-of-court procedure.

 

– We may disclose your personal data, that may include your name, address, telephone number, email address, profile pictures, gender, date of birth, relationship status, interests and hobbies, educational details and employment details to our suppliers or subcontractors at Google, Facebook, Instagram, YouTube services insofar as reasonably necessary for ensuring the effective use of their services.

 

– Financial transactions relating to our website and services may be handled by our possible payment and booking services providers. We will share transaction data with our payment and booking services providers only to the extent necessary for the purposes of processing your payments, refunding such payments and dealing with complaints and queries relating to such payments and refunds. You can find information about the payment services providers’ privacy policies and practices at their respective website – https://www.paypal.com/

 

– In addition to the specific disclosures of personal data we may disclose your personal data where such disclosure is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person. We may also disclose your personal data where such disclosure is necessary for the establishment, exercise or defense of legal claims, whether in court proceedings or in an administrative or out-of-court procedure.

 

• Competent authorities: We disclose personal data to law enforcement and other governmental authorities insofar as it is required by law or is strictly necessary for the prevention, detection or prosecution of criminal acts and fraud.

 

International Data Transfers

 

The transmission of personal data as described in this Privacy Statement may include overseas transfers of personal data to countries whose data protection laws are not as comprehensive as those of the countries within the European Union. Where required by European law, we shall only transfer personal data to recipients offering an adequate level of data protection. In these situations, we make contractual arrangements to ensure that your personal data is still protected in line with European standards.

The hosting facilities for our website are situated in Europe, provided by https://it.godaddy.com/

You acknowledge that personal data that you submit for publication through our website or services may be available, via the internet, around the world. We cannot prevent the use (or misuse) of such personal data by others.

 

Security

We use appropriate business systems and procedures to protect and safeguard information including personal data. We also use security procedures, technical, and physical restrictions for accessing and using the personal data on our servers. Only authorized personnel are permitted to access personal data in the course of their work.

Nevertheless, for instance internet-based data transfer can principally bear gaps in the security, and therefore absolute protection cannot be guaranteed. For this reason, any data subject is free to communicate personal data to us in an alternative way, for instance by telephone.

 

Data Retention

 

We will retain your information, which may include personal data, for as long as we deem it necessary to provide services to you, comply with applicable laws, resolve disputes with any parties, and otherwise as necessary to allow us to conduct our business, including to detect and prevent fraud or other illegal activities. All personal data we retain will be subject to this Privacy Statement. If you have a question about a specific retention period for certain types of personal data we process about you, contact us using the contact details included below.

 

Your Choices and Rights

 

Your principal rights under data protection law are:

 

  • the right to access;
  • the right to rectification;
  • the right to erasure;
  • the right to restrict processing;
  • the right to object to processing;
  • the right to data portability;
  • the right to complain to a supervisory authority; and
  •  the right to withdraw consent.

 

We want you to be in control of how your personal data is used by us.

You can do this in the following ways:

 

• You can ask us for a copy of the personal data we hold about you;

• You can inform us of any changes to your personal data, or you can ask us to correct any of the personal data we hold about you;

• In certain situations, you can ask us to erase, block, or restrict the processing of the personal data we hold about you, or object to particular ways in which we are using your personal data.

However, there are exclusions of the right to erasure. The general exclusions include where processing is necessary: for exercising the right of freedom of expression and information; for compliance with a legal obligation; or for the establishment, exercise or defense of legal claims.

In some circumstances you have the right to restrict the processing of your personal data. Those circumstances are: you contest the accuracy of the personal data; processing is unlawful but you oppose erasure; we no longer need the personal data for the purposes of our processing, but you require personal data for the establishment, exercise or defense of legal claims; and you have objected to processing, pending the verification of that objection. Where processing has been restricted on this basis, we may continue to store your personal data. However, we will only otherwise process it: with your consent; for the establishment, exercise or defense of legal claims; for the protection of the rights of another natural or legal person; or for reasons of important public interest.

• You have the right to object to our processing of your personal data on grounds relating to your particular situation, but only to the extent that the legal basis for the processing is that the processing is necessary for: the performance of a task carried out in the public interest or in the exercise of any official authority vested in us; or the purposes of the legitimate interests pursued by us or by a third party. If you make such an objection, we will cease to process the personal information unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is for the establishment, exercise or defense of legal claims.

• You have the right to object to our processing of your personal data for direct marketing purposes (including profiling for direct marketing purposes). If you make such an objection, we will cease to process your personal data for this purpose.

• You have the right to object to our processing of your personal data for scientific or historical research purposes or statistical purposes on grounds relating to your particular situation, unless the processing is necessary for the performance of a task carried out for reasons of public interest.

• To the extent that the legal basis for our processing of your personal data is:

 

(a) consent; or

(b) that the processing is necessary for the performance of a contract to which you are party or in order to take steps at your request prior to entering into a contract,

 

and such processing is carried out by automated means, you have the right to receive your personal data from us in a structured, commonly used and machine-readable format. However, this right does not apply where it would adversely affect the rights and freedoms of others.

 

If you consider that our processing of your personal information infringes data protection laws, you have a legal right to lodge a complaint with a supervisory authority responsible for data protection. You may do so in the EU member state of your habitual residence, your place of work or the place of the alleged infringement.

 

To the extent that the legal basis for our processing of your personal information is consent, you have the right to withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing before the withdrawal.

 

You may exercise any of your rights in relation to your personal data by written notice to us.

We rely on you to ensure that your personal data is complete, accurate, and current. Be sure to inform us as soon as possible regarding any changes to or inaccuracies in your personal data by contacting info@villacollinaverde.it. We will handle your request in accordance with the applicable law.

 

Questions or Complaints

 

If you have questions or concerns about our processing of your personal data, or if you want to exercise any of the rights you have under this notice, you are welcome to contact us at info@villacollinaverde.it. You may also contact your local data protection authority with questions and complaints.

 

Changes to the Notice

 

Just as our business changes constantly, this Privacy Statement may also change for time to time. If you want to see changes made to this Privacy Statement from time to time, we invite you to access this Privacy Statement to see the changes. If we make material changes or changes that will have an impact on you (e.g. when we start processing your personal data for purpose other than those set out above), we will contact you prior to starting that processing.

 

 

COOKIE POLICY

 

We will ask you to consent to our use of cookies in accordance with the terms of this policy when you first visit our website. By using our website and agreeing to this policy, you consent to our use of cookies in accordance with the terms of this policy.

 

What Are Cookies

 

As is common practice with almost all professional websites this site uses cookies, which are tiny files that are downloaded to your computer, to improve your experience. This page describes what information they gather, how we use it and why we sometimes need to store these cookies. We will also share how you can prevent these cookies from being stored however this may downgrade or ‘break’ certain elements of the sites functionality.

 

Many cookies contain so called cookie ID, which is a unique identifier of the cookie. Cookie ID consists of a string of characters through which websites and servers can trace back the actual web browser, on which the cookie is stored. This allows the visited web pages and servers to distinguish the individual browser of the data subject from other web browsers that contain other cookies. A specific web browser can be recognized and identified by the unique cookie ID. The purpose of this information is to automatically recognize you and to facilitate your navigation, when you visit the website again with the same device.

 

How We Use Cookies

 

We use cookies for a variety of reasons detailed below. Unfortunately in most cases there are no industry standard options for disabling cookies without completely disabling the functionality and features they add to this site. It is recommended that you leave on all cookies if you are not sure whether you need them or not in case they are used to provide a service that you use.

 

Disabling Cookies

 

You can prevent the setting of cookies by adjusting the settings on your browser (see your browser Help for how to do this). Be aware that disabling cookies will affect the functionality of this and many other websites that you visit. Disabling cookies will usually result in also disabling certain functionality and features of the this site. Therefore it is recommended that you do not disable cookies.

The consent or rejection of cookies – also for web tracking – can be set by changing the settings of your web browser. You can configure your web browser so that it blocks cookies generally, or you will be warned in advance when a new cookie is about to be stored. In this case, however, the functionality of the website may be impaired (for example when placing orders). Your browser also offers a function to delete cookies (for instance by choosing “Clear browsing data”. This is possible in all common web browsers. Further information can be found in the user manual or in the settings of your browser.

 

Collection of general data and information

 

The website https://villacollinaverde.it/ collects a number of general data and information each time the website is accessed by data subject or an automated system. This general data and information is stored in the log files of the server. Following data can be collected:

 

– browser types and versions used

– operating system used by the accessing computer

– website from which an accessing system gets to our website (so called referrers)

– sub-websites, which are accessed via an accessing system on our website

– date and time of access to our website

– web protocol address (IP address)

– Internet service provider of the accessing system

– other similar data and information, which is used to protect our information technology systems against possible attacks.

 

This information is needed in order:

 

– to deliver the contents of our website correctly

– to optimize the content of our website as well as the advertising for it

– to ensure long-term functionality of our information technology systems and of the technology on our website

– to provide law enforcement authorities with necessary information related to criminal prosecution in case of a cyberattack.

 

This anonymously collected data and information is therefore evaluated by us on the one hand statistically, and on the other hand to increase data protection and data security, and last but not least to ensure the best possible level of protection for the personal data processed by us. The anonymous data of the server log files are stored separately from all personal data provided by the data subject.

 

Routine deletion and blocking of personal data

 

The controller processes (in this connection also: stores) the personal data of the data subject only for the period necessary to achieve the purpose of the storage or,

if the processing is required by the European legislative and regulatory authorities, or laid down in another law or regulation to which the controller is liable.

 

If the purpose of the storage ceases to apply, or if a storage period prescribed by the European directives and regulations or by any other relevant legislator expires, the personal data will be routinely blocked or deleted in accordance with the statutory provisions.

 

Rights of the data subject

 

Right to confirmation: Every data subject shall have the right to obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed.

If a data subject wishes to make use of this right of confirmation, he/she can contact the controller at any time.

Right of access by the data subject: Any data subject affected by the processing of personal data shall have the right at any time and free of charge to obtain from the controller information concerning the personal data stored about him or her and to get a copy of such information. Furthermore, the European legislative and regulatory authorities have granted to the data subject rights on the following information:

– the purposes of the processing

– the categories of personal data concerned

– the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations.

– where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period

– the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing

– the right to lodge a complaint with a supervisory authority

– where the personal data are not collected from the data subject, any available information as to their source

– the existence of automated decision-making, including profiling, referred to in the GDPR, Article 22 (1) and (4) and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.

 

Further, the data subject has also right of access to information, whether personal data are transferred to a third country or to an international organisation. If that is the case, the data subject shall have the right to be informed of the appropriate safeguards relating to the transfer.

When the data subject wishes to make use of this right of access, he or she can at any time contact the data processing controller.

 

Right to rectification: Every data subject shall have the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her. Further, taking into account the purposes of the processing, the data subject shall also have the right to have incomplete personal data completed, including by means of providing a supplementary statement.

 

If the data subject wishes to make use of this right of rectification, he or she can at any time contact the data processing controller.

 

Right to erasure (right to be forgotten): Every data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay, where one of the following grounds applies and data processing is not necessary:

– The personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed.

– The data subject withdraws consent on which the processing is based according to GDPR, point (a) of Article 6(1), or point (a) of Article 9(2), and where there is no other legal ground for the processing.

– The data subject objects to the processing pursuant to GDPR, Article 21(1) and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Article 21(2).

– The personal data have been unlawfully processed.

– The personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject.

– The personal data have been collected in relation to the offer of information society services referred to in GDPR, Article 8(1).

If one of the abovementioned reasons applies and the data subject would like to demand erasure of his or her personal data, which have been stored by Villa Collina Verde B&B and Appartments, he or she can at any time contact the controller. The request of the data subject will be fulfilled promptly.

 

If the personal data have been made public by Villa Collina Verde B&B and Appartments and if our company as controller is obliged pursuant to GDPR, article 17, paragraph 1 to erase the personal data, our company, Villa Collina Verde B&B and Appartments, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform other controllers which process the disclosed personal data that the data subject has requested from these other data controllers the erasure of all links to such personal data or of copies or replications of such personal data. This paragraph shall not apply if processing is necessary. The controller will then case-by-case make the necessary arrangements.

 

Right to restriction of processing: Each data subject affected by the processing of personal data shall have the right to request from the controller restriction of processing where one of the following condition applies:

 

– The accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data.

– The processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead.

– The controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defence of legal claims.

– The data subject has objected to processing pursuant to GDPR, Article 21(1) and the verification is pending, whether the legitimate grounds of the controller override those of the data subject.

 

If one of the abovementioned reasons is present and the data subject would like to request restriction of his or her personal data, which have been stored by the Villa Collina Verde B&B and Appartments he or she can at any time contact the controller. The restriction of processing will be effectuated without delay.

 

Right to data portability: Each data subject affected by the processing of personal data shall have the right to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format. He or she has also the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, where the processing is based on consent pursuant to GDPR, point (a) of Article 6(1) or point (a) of Article 9(2) or on a contract pursuant to point (b) of Article 6(1) and the processing is carried out by automated means. Right of data portability shall not apply to processing necessary for the performance of a task to be carried out in the public interest or in the exercise of official authority delegated to the controller.

In exercising his or her right to data portability pursuant to GDPR, Article 20, paragraph 1, the data subject shall have the right to have the personal data transmitted directly from one controller to another, where technically feasible and provided that this right shall not adversely affect the rights and freedoms of others.

In order to enforce the right to data portability the data subject can at any time contact the controller.

 

Right to object: Each data subject affected by the processing of personal data shall have the right to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her which is based on GDPR, point (e) or (f) of Article 6(1). This also applies to profiling based on those provisions.

In case of an objection our company, Villa Collina Verde B&B and Appartments, shall no longer process the personal data, unless we can show compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or the processing serves the purposes of establishment, exercise or defence of legal claims.

Where personal data are processed by our company, Villa Collina Verde B&B and Appartments, for direct marketing purposes, the data subject shall have the right to object at any time to processing of personal data concerning him or her for such marketing. This includes also profiling to the extent that it is related to such direct marketing.

Where the data subject submits an objection to Villa Collina Verde B&B and Appartments against processing for direct marketing purposes, the personal data shall no longer be processed for such purposes by Villa Collina Verde B&B and Appartments.

 

In order to exercise the right to object, the data subject may directly contact the controller. In the context of the use of information society services, and notwithstanding Directive 2002/58/EC, the data subject may exercise his or her right to object by automated means using technical specifications.

 

Automated individual decision-making, including profiling: Each data subject affected by the processing of personal data shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects on him or her, or in a similar manner significantly affects him or her. The aforementioned right shall not apply, if the decision is necessary for entering into, or performance of, a contract between the data subject and a data controller;

is authorised by Union or Member State law to which the controller is subject, and this legislation lays down suitable measures to safeguard the rights, freedoms and legitimate interests of the data subject; or is based on explicit consent of the data subject

If the decision to enter into, or to perform, a contract between the data subject and the controller is required, or if the decision is made with the explicit consent of the data subject, our company, Villa Collina Verde B&B and Appartments, shall implement suitable measures to safeguard the data subject’s rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the controller, to express his or her point of view and to contest the decision.

If the data subject wishes to assert the right of automated individual decision-making, he or she can contact the controller at any time.

 

Right to revoke the declaration of consent: Each data subject affected by the processing of personal data shall have the right to withdraw his or her consent at any time.

If the data subject wishes to make use of the right to revoke the declaration of consent, he or she can contact the controller at any time.

 

Data protection statement concerning the use of Google Analytics

 

This website uses Google Analytics, a web analysis service of Google Inc, (1600 Amphitheatre Parkway Mountain View, CA 94043, USA; “Google”). The use includes the “Universal Analytics” operating mode. This facilitates the assignment of data, sessions and interactions across several devices to a pseudonymous user ID and thus the analysis of a user’s activities across devices.

Google Analytics uses “cookies”, which are text files placed on your computer, to allow the website operator to analyze how users use the site. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there.

 

Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. The IP address transmitted by your browser in the context of Google Analytics is not merged with other Google data. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide the website operator with other services related to website and Internet use.

Our legitimate interest in data processing also lies in these purposes. The legal basis for the use of Google Analytics is § 15 para. 3 TMG and Art. 6 para. 1 lit. f GDPR. The data sent by us and linked to cookies, user-identifiers (e.g. User-IDs) or advertising-identifiers are automatically deleted after 14 months. Data whose retention period has been reached is automatically deleted once a month. For more information on terms of use and data protection, please visit https://marketingplatform.google.com/about/analytics/terms/us/

https://policies.google.com/privacy?hl=en

 

You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the Browser Add-on https://tools.google.com/dlpage/gaoptout?hl=en . Opt-out cookies prevent the future collection of your data when you visit this website. To prevent Universal Analytics from collecting data across several devices, you must opt-out on all systems used.

 

Use of Facebook social plugins

 

Our websites use social plugins of the social network facebook.com that is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA. The plugins are indicated by the Facebook logo/icon.

 

When you call up a website that is part of our internet presence and that contains such a plugin, your browser establishes a direct connection with the servers of Facebook. The contents of the plugins are transmitted directly from Facebook to your browser and then used to incorporate them into the website.

Through the integration of the plugins Facebook receives information that you have called up the corresponding page of our website on the Internet. If you are logged into Facebook, it can assign the visit to your Facebook account. If you interact with the plugins, e.g. if you use the button “like”, the corresponding information will be transferred from your browser directly to Facebook and stored there. The purpose and extent of data collection, the further processing and use of data by Facebook, as well as your rights in this regard and the possible settings by which you can protect your privacy, are to be found in data protection guidelines of Facebook. If you do not want Facebook to collect information about you via our website, you must log out of Facebook before visiting our websites on the internet. You can find the link to the Facebook Privacy Policy here:

https://www.facebook.com/policy.php

 

Use of Google Maps

Our websites use Google Maps for presentation of maps and for creation of driving directions. Google Maps is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. By using this website you declare that you agree that Google, its representative, or any third-party, will record, process and use the data which is automatically collected or which you yourself have entered. The terms of use for Google Maps can be read under: https://www.google.com/intl/en-US_US/help/terms_maps/

 

Use of YouTube

Our website uses plugins from the Google-powered YouTube page. Site operator is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. If you visit villacollinaverde.it, you will be connected to the servers of YouTube. The Youtube server will know which of our pages you visited. If you’re logged into your YouTube account, YouTube will allow you to associate your surfing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account. For more information on how to handle user data, please visit the https://www.youtube.com/static?template=terms.

 

Use of Instagram

We use plugins from the social network instagram.com, which is operated by Instagram LLC, 1601 Willow Rd, Menlo Park CA 94025 USA (“Instagram”).

When you open villacollinaverde.it, your browser establishes a direct connection with the servers of Instagram. The contents of the plugins are transmitted directly from Instagram to your browser and then used to incorporate them into the website.

Through the integration of the plugins Instagram receives information that you have called up the corresponding page of our website on the Internet.

If you are logged into Instagram, it can assign the visit to your Instagram account. If you interact with the plugins,  the corresponding information will be transferred from your browser directly to Instagram and stored there. The purpose and extent of data collection, the further processing and use of data by Instagram, as well as your rights in this regard and the possible settings by which you can protect your privacy, are to be found in data protection guidelines of Instagram. If you do not want Instagram to collect information about you via our website, you must log out of Instagram before visiting our websites on the internet.

The link to the Instagram Privacy Policy can be found here: https://help.instagram.com/519522125107875 .

 

Managing cookies

Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. You can however obtain up-to-date information about blocking and deleting cookies via these links:

 

https://support.google.com/chrome/answer/95647?hl=en%20(Chrome);

https://support.mozilla.org/en-US/kb/enhanced-tracking-protection-firefox-desktop? (Firefox);

https://www.opera.com/help/tutorials/security/cookies/ (Opera);

https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies (Internet Explorer);

 

https://support.apple.com/it-it/guide/safari/sfri11471/mac (Safari);

https://support.microsoft.com/it-it/help/4468242/microsoft-edge-browsing-data-and-privacy (Edge).

 

Name and address of the controller:

 

Party responsible for the processing of personal data for the purposes of the European Union General Data Protection Regulation (GDPR), or of other applicable data protection laws in the Member States of the European Union, and of other provisions relating to protection of personal data, is Villa Collina Verde B&B and Appartments (priv.)

Via Cornedo 41-B 39053 Cornedo Bolzano, Italy

Phone: +39 348 258 91 06

Email: info@villacollinaverde.it