B&T S.p.A. has always paid particular attention to the protection of personal data. With this policy (which is provided in compliance with the so-called GDPR, namely (EU) Regulation 2016/679, hereinafter the “Regulation” or “GDPR”) B&T S.p.A. describes the methods of processing personal data of users (“Data Subjects”) who consult and use this website, accessible at www.dorelanhotel.com (“Website”). It does not concern any other sites or external online services that may be reached through links on the Website.
- What data do we process?
- How long do we process data?
- Why do we process data?
- On what legal basis do we process data?
- Who processes data?
- Who are the recipients of the data?
- What rights is the data subject entitled to?
- WHAT DATA DO WE PROCESS?
- Navigation data
- Data provided by the user
User can send us optional, explicit and voluntary communications by using the contact forms on the Website or by writing an email to the addresses indicated on the Website itself: this involves the subsequent acquisition of the data communicated by the user including the email address and the provision of the consent to receive replies to the requests, obtain follow-up to any request of appointment, or to be contacted by persons appointed by the Data Controller.
- Cookies and other tracking systems
- HOW LONG DO WE PROCESS DATA?
- deletes the navigation data (paragraph 1.1) immediately after processing as data are used only to obtain anonymous statistical information on the use of the website and to check its correct operation. The data could be used to ascertain responsibility if there are any computer crimes against the website: except for this possibility, the data on web contacts do not persist for more than seven days;
- stores the data provided by the user (paragraph 1.2) for the time required to fulfil the request and as permitted by current legislation;
- WHY DO WE PROCESS DATA?
Purpose of data processing is:
- for paragraph 1.1, Navigation data, make the website accessible and secure;
- for paragraph 1.2, Data provided by the user, fulfil or follow up data subject’s requests;
- for paragraph 1.3, Cookies and other tracking systems, make the Website usable and functional for technical cookies and improve and optimise it for profiling cookies.
- ON WHAT LEGAL BASIS DO WE PROCESS DATA?
Legal basis is:
- for paragraph 1.1, Navigation data, the legitimate interest of the Data Controller;
- for paragraph 1.2, Data provided by the user, the provision of the services requested by the Data subject;
- for paragraph 1.3, Cookies and other tracking systems, the legitimate interest for technical cookies and consent for any profiling cookies.
- WHO PROCESSES DATA? AND HOW TO CONTACT IT?
The Data Controller is B&T S.p.A. (Tax and VAT no. 00903510402), with headquarters in Via Due Ponti no. 9, 47120, Forlì (FC) Italy, email firstname.lastname@example.org, Certified email (PEC) email@example.com, tel. +39 0543/1917400, fax +39 0543/1917420 (“Data Controller”).
- DATA RECIPIENTS
The personal data collected are processed by the Data Controller’s staff, on the basis of specific instructions given regarding the purposes and methods of data processing.
The data processors appointed by the Data Controller are also recipients of the data collected following your visiting the Website. The relevant list can be requested from the Data Controller using the contact data referred to in section A (“Data Controller”).
- RIGHTS OF DATA SUBJECTS
B&T S.p.A. guarantees that all data subjects will be able to exercise at any time the rights provided under the GDPR in relation to the data processing activities carried out. Namely, each and every data subject has:
- right of access, i.e. find out whether or not the Data Controller process your personal data and if it does, access them in full or even obtain a copy (art. 15 of the GDPR);
- right to rectification of inaccurate personal data or their integration if incomplete (art. 16 of the GDPR);
- right to erasure of personal data (right to be forgotten) in the cases under art. 17 of the GDPR;
- right of limitation of data processing in the cases under art. 18 of the GDPR;
- data portability, i.e. request and receive the personal data concerning you and processed by the Data Controller in a structured, commonly used and machine-readable format and request to transmit those data to another controller without hindrance from the controller to which the personal data have been provided (art. 20 of the GDPR);
- right to object to the processing of data for direct marketing purposes (art. 21 of the GDPR).
These rights can be exercised by notifying the Data Controller (whose contact details are indicated in paragraph 5 of this section).
Moreover, any data subjects who believe that the processing of their personal data through this website breaches the Regulation provisions, have the right to lodge a complaint with the supervisory authority (for Italy, the Italian Data Protection Authority: www.garanteprivacy.it), under art. 77 of the GDPR, or the right to an effective judicial remedy against a controller or processor (art. 79 of the GDPR).