Privacy
Information document pursuant to article 13 of EU Reg. 2016/679 (GDPR) – Information on the processing of personal data collected from the interested party.
In compliance with the provisions of EU Reg. 2016/679 (European Regulation for the protection of personal data) we provide the necessary information regarding the processing of personal data provided.
Definitions: the art. 4 of EU Reg. 2016/679 defines “personal data” any information concerning an identified or identifiable natural person (“concerned”); an identifiable natural person can be identified, either directly or indirectly, with particular reference to an identifier such as a name, an identification number, location data, an online ID or one or more characteristic elements of his physical identity, physiological, genetic, psychological, economic, cultural or social.
SPECIFIC INFORMATION
-
HOLDER OF THE TREATMENT
pursuant to art. 4 of EU Reg. 2016/679, is EUROVACANZE SRL with offices in Via Maja n. 74, Zip Code 30028 City Bibione (VE), [email protected] with exclusive reference to the role of owner of the business called “Agenzia Eurovacanze”.
-
PURPOSE OF TREATMENT
The personal data provided will be processed for the following purposes:
- navigation on this website.
- compilation of data collection form for contact request with sending of the requested information.
- filling out the data collection form to receive newsletters or promotional communications in general via e-mail.
- compilation of data collection form for accommodation booking.
-
LEGAL BASIS OF THE TREATMENT
The legal basis applicable to the processing of your personal data for the purposes indicated is:
- consent (Article 6 paragraph 1 letter a)), as the legal basis of the processing.
- execution of pre-contractual measures (art. 6 paragraph 1 letter b)), as the legal basis of the processing.
- execution of pre-contractual measures/execution of the contract (art. 6 paragraph 1 letter b)) and legal obligations (art. 6 paragraph 1 letter c)) as legal bases for the processing.
-
RECIPIENTS OR CATEGORIES OF DATA RECIPIENTS
The personal data provided will be communicated to recipients who will process the data as managers (Article 28 of EU Reg. 2016/679) and/or as natural persons acting under the authority of the Data Controller and the Manager and who operate as employees or collaborators with specific appointments as authorized to process (art. 29 of EU Reg. 2016/679), for the purposes listed above in point 2.
By way of non-exhaustive example, the data will be communicated to:
- subjects that provide services for the management of the information system used by the Data Controller and the related telecommunications networks, including e-mail and website management.
- professionals and consultants in the field of assistance and consultancy relationships.
- competent authorities for the fulfillment of legal obligations and/or provisions of public bodies, upon request.
- companies or credit institutions that offer online payment services.
The subjects belonging to the aforementioned categories perform the function of data processing manager, or operate in total autonomy as separate data controllers.
The list of data processors is constantly updated and available at the registered office of the data controller.
Any further communication will take place only with your explicit consent, in accordance with and within the limits of the GDPR.
Your data, object of the treatment, will not be disclosed.
-
DATA TRANSFER TO A THIRD COUNTRY AND/OR AN INTERNATIONAL ORGANIZATION AND WARRANTIES
Personal data is stored on servers located within the European Union.
In any case, it is understood that the Data Controller, if necessary, will have the right to move the servers even outside the EU.
In this case, the Data Controller ensures from now on that the transfer of data outside the EU will take place in compliance with the applicable legal provisions, subject to the stipulation of the standard contractual clauses envisaged by the European Commission and the user will be informed.
-
DATA RETENTION PERIOD OR CRITERIA FOR DETERMINING THE PERIOD
The processing will be carried out in an automated and manual form, with methods and tools aimed at guaranteeing maximum security and confidentiality, by the Data Controller and/or by persons specifically authorized to do so.
In compliance with the provisions of the art. 5 paragraph 1 letter. e) of EU Regulation 2016/679, the personal data collected will be stored in a form that allows the identification of the interested parties for a period of time not exceeding the achievement of the purposes for which the personal data are processed. The storage of personal data provided depends on the purpose of the processing (the timing has been determined on the basis of criteria on which the interested party can receive information by writing an email to [email protected] ):
- navigation on this website: see the provisions of the cookie policy.
- contact request: maximum 2 years.
- receipt of newsletters or promotional communications generally via e-mail: until the user requests cancellation and in any case no later than 5 years.
- accommodation reservation and possible possibility of online payment: for the minimum period required by law in relation to the accounting/tax regime adopted by the Owner and in any case no later than the following 10 years, in order to verify any pending issues including the documents accounting (e.g. invoices).
-
RIGHTS OF INTERESTED PARTIES
The interested party may assert their rights as expressed by EU Regulation 2016/679 by contacting the Data Controller, sending an email to [email protected] or writing to the Data Controller’s office indicated above.
The interested party has the right, at any time, to ask the Data Controller:
- access to your personal data (art. 15);
- rectification (art. 16);
- the cancellation (art. 17) of the same;
- the limitation of the treatment (art. 18);
- the transfer of personal data to another owner (art. 20);
- the interested party also has the right, if it is not possible to request the cancellation of the data, to oppose the treatment when this is justified by reasons relating to his particular situation (art. 21).
-
POSSIBILITY OF COMPLAINT TO THE GUARANTOR
Without prejudice to any other administrative and judicial appeal, if the data subject believes that the processing of data violates the provisions of EU Reg. 2016/679, the interested party has the right to lodge a complaint with the supervisory authority (Guarantor for the protection of personal data) pursuant to art. 15 letter f) of EU Reg. 2016/679.
-
NATURE OF THE DATA PROVISION AND CONSEQUENCES OF THE REFUSAL TO PROVIDE THE DATA
The communication of personal data is not an obligation, as you are free to provide your personal data, but it is necessary for purposes of navigation of the pages of the website. The user can deny consent and can revoke at any time a consent already provided (through the banner at the bottom of the page or the browser settings for cookies). However, denying consent may result in a reduced browsing experience on the site. Apart from that specified for navigation data, the communication of personal data is not an obligation, as you are free to provide your personal data in the dedicated areas on the site, but it is necessary to fulfill the purposes of the processing; the consequence of failure to provide personal data makes it impossible to use the various services offered by the Data Controller.
-
AUTOMATED DECISION-MAKING PROCESSES
There is no automated decision making process.