Privacy

Information on the treatment of data as per (EU) Regulation 679/2016 

Pursuant to (EU) regulation 679/2016 (hereinafter “GDPR”), the following describes the data processing methods used for users who consult the website www.quidhotelvenice.com (hereinafter “the Site”).

 DATA CONTROLLER

The Data Controller is HNH Hospitality S.p.A., with registered headquarters in Mestre, at Via Saragat no. 1.

To avail of the rights recognised by (EU) REGULATION 679/2016 (hereinafter “GDPR” or “Regulations”) or to ask for any clarification regarding the processing of their personal data, it is possible to contact the Data Controller at: telephone (+39 041 5321630), e-mail privacy@hnh.it.

 INFORMATION ON THE TYPE OF DATA PROCESSED

Browsing data

During their normal operation, the computer systems and software procedures for the function of the Site acquire some personal data the transmission of which is implicit in the use of Internet communication protocols.

IP addresses or computer and terminal domain names used by users, URI/URL  (Uniform Resource Identifier/Locator) format of the resources requested, the time of the request, the method used to submit the request to the server, the dimension of the file obtained as a response, the numerical code indicating the response from the server (success, error, etc.) other parameters regarding the OS and the IT environment of the user. 

Purpose of data processing and legal basis for same

(GDPR Art.13, paragraph 1, lett. c)

These data are used to check the correct operation of the website and to obtain statistics (most visited page, number of visitors per time period or day, geographic area of origin, etc.). Data may also be used to ascertain responsibility in case of hypothetical cyber crime against the Site (legitimate interests of the Controller).

 

Scope of Communication

(GDPR Art.13, paragraph 1, lett. e, f)

Only persons authorised for processing and subjects who, processing data on behalf of the Controller and who have been identified as Processors will be able to access personal data. These subjects are bound by the obligation of confidentiality, including on the basis of specific internal regulations. Without prejudice to that stated with regard to cookies, data will not be transferred to third countries.
Data retention period

(GDPR Art.13, paragraph 2, lett. a)

Unless required by investigation in case of offences, data are generally retained for the time strictly necessary to guarantee the regular operation of the site.
Provision

(GDPR Art.13, paragraph 2, lett. e)

Data are not provided by the data subject but are acquired automatically by the technological systems on the site.

 Contact form and newsletter registration

Optional, explicit and voluntary sending of messages to the contact address as well as completing and forwarding the forms on the Site involve the acquisition and processing of the sender’s contact data, which are needed to answer, as well as all personal data included in the communications and forms, and also Site browsing data. 

Purpose of data processing and legal basis for same

(GDPR Art. 13, paragraph 1, lett. c)

Contact data are requested and processed in order to:

– provide a reply and/or contact the data subject;

– send regular newsletters to keep the data subject updated on news and services provided by the Data Controller, only with the specific, free and informed consent of the data subject (GDPR Art. 6, paragraph, lett. a)

 

Scope of Communication

(GDPR Art. 13, paragraph 1, lett. e,f)

Only persons authorised for processing and subjects who, processing data on behalf of the Controller and who have been identified as Processors will be able to access personal data. These subjects are bound by the obligation of confidentiality, including on the basis of specific internal regulations. Without prejudice to that stated with regard to cookies, data will not be transferred to third countries.

 

Data retention period

(GDPR Art. 13, paragraph 2, lett. a)

Data are retained for the time strictly necessary to answer a message and with regard to the newsletter, data will be retained for the whole period in which the data subject is registered for this service.
Provision

(GDPR Art. 13, paragraph 2, lett. e)

Failure to provide obligatory data will lead to the impossibility to send the message. Failure to consent to the sending of the newsletter will make it impossible for the Data Controller to send out this communication.

 Cookies

For specific information, please see the cookie policy: https://staticaws.fbwebprogram.com/fbcdn/jquery_plugins/fb-cookie-law/text/it.html

 DATA SUBJECT’S RIGHTS

The Data Controller informs you that the data subject has the right to ask for:

  • access to personal data and information (art. 15 of the GDPR);
  • correction or deletion of same (articles 16 and 17 of the GDPR);
  • limits to processing personal data (art. 18 of the GDPR).

Data subjects may also:

  • oppose treatment of their personal data under the conditions and within the limits as per art. 21 of the GDPR;
  • exercise the right to data portability (art. 20 GDPR).

 

As far as concerns the processing operations based on consent (pursuant to Article 6, paragraph 1, letter a), and article 9, paragraph 2, letter a) of the GDPR), we inform you that the data subject has the right to revoke this consent at any time (without prejudice to the lawfulness of processing based on the consent given before revocation of same).

 

Please note that the data subject, if they believe processing to be in breach of the Regulations, has the right to submit a complaint to a control authority (Privacy Authority or another competent authority pursuant to article 77 and following of the GDPR.