SUBSCRIPTION TO THE NEWSLETTER OF GRAND HOTEL DEI CESARI ANZIO
The GRAND HOTEL DEI CESARI ANZIO SRL, with registered office in Via Mantova, 3 – 00042 – Anzio, Roma, Italia, VAT registration number | Tax code 11711751005 ( later described as “Holder”), as owner of the data processing, inform You under Article 13 D.Lgs. 30.6.2003 n. 196 ( later described as “Privacy Code”), and the Article 13 UE Regulamentation n. 2016/679 ( later described as “GDPR”) that Your data will be processed with the following modes and purposes:
1) Subject of the data processing and purposes
This data processing sees as subject the email address given by You at the moment of the subscription to the Newsletter service and the possible further personal data, biographical and/or identifying data, inserted during the registration.
Identifying and computer personal data, gathered by those concerned, undergoing processing, are directly used to fulfil the request of sending the newsletter and concerning subscription to the mailing list, concerning informative messages and commercial and marketing communication related to the activity of the Holder, in the complete respect of the principles of lawfulness and correctness of the legal provisions.
Your data will never be used for purposes other than those above explained.
2) Processing mode
The processing of Your personal data is implemented through the operations indicated under the Article 4 of the Privacy Code and Article 4 n.2) GDPR and precisely: data gathering, registration, organization, conservation, consultation, elaboration, modification, selection, extraction, comparison, use, interconnection, block, communication, cancellation and destruction. Your personal data are subject to paper and electronic and/or automated processing.
Data is gathered by the subjects indicated in point 4, under the indications of the relevant legislation, with particular attention to the security measures under the GDPR (art.32) for its processing through computer, manual and automated tools and with logics closely related to the purposes explained above in point 1, and anyway to ensure the data safety and confidentiality.
The data processing is carried by the Holder and/or the controller and/or sub processor.
3) Retention period
The data provided will be retained only for the period of activity of the service.
4) Entities data can be transmitted to
Your data are available for the purposes shown in Article 1:
a) To the employees and collaborators of the Holder in their quality of responsible and/or officer in charge and/or internal sub processors of the data processing.
b) Companies playing a role strictly connected and useful to the efficient operation – also technical – of the services offered by the Holder, like for example providers of the services of direct marketing and/or generally companies offering technical units to the provision of some service functions.
The personal data will be retained on servers located in the European Union, subject to the Holder’s faculty to transfer its location. The personal data can be transferred towards Countries belonging to the European Union and towards third party countries outside of the European Union, exclusively under the purposes stated in point 1.
In this case, we ensure that the transfer takes place in the accordance of the existing legislation and that an adequate level of protection for the data processing is guaranteed, based on an adequacy decision, on standard clauses defined by the European Commission or Binding Corporate Rules.
5) Rights of the data subject
As subject concerned, is entitled to exercise its rights under the Article 7 of the Privacy Code, and Article 15 and ss. GDPR, and precisely can:
a) Obtain from the Holder, at any moment, information about the existence of his personal data, its origin, the purposes and processing mode, and when available, to obtain access to the personal data and to the information under Article 15 of the GDPR;
b) Ask for the update, rectification, integration, cancellation, limitation of the data processing in the event that any of the following conditions under Article 18 of the GDPR is fulfilled, the anonymous transformation or the block off the personal data, processed infringed the law, including those in which it is not necessary the storage concerning the purposes the data has been gathered and processed for.
c) Oppose, totally or partly, for legitimate reasons, to the data processing, albeit relevant to the goal of the gathering and processing of the personal data for the purposes of commercial information or to send advertising material or of direct sale, i.e. the completion of market research or business communication.
Every user has also the right to withdraw his consent at any moment, without prejudice to the lawfulness of the data processing based on the consent given before the withdrawal.
d) Receive our own personal data, submitted knowingly and actively through the enjoyment of the service, in a structured format, customary and machine readable, and transmit it to another holder of the processing without obstacles. Lodge a complaint to the Responsible Authorities for the protection of personal data in Italy.
6) Procedures for the rights exercise
You will be able at any moment to exercise Your rights sending a registered letter to GRAND HOTEL DEI CESARI ANZIO SRL i.e a certified e-mail to the address email@example.com.
7) Holder, responsible, DPO
Not concerning the list specified under Article 37 of the UE Regulation 2016/679, considering also the indications of the guideline WP243, the person in charge for the data protection has not been designated.