Updated on 30.11.2020
This page describes how to manage the site www.lecasettedimalfa.com with reference to the processing of personal data of users who consult it. This is an information notice for the processing of personal data also made pursuant to art. 13 of EU Regulation 679/2016 (hereinafter also GDPR) for users of our website services provided via the internet. The information is not valid for other websites that may be consulted through our links.
Personal Data (or Data)
Personally identifiable information (PII) is data that allows the direct identification of the data subject. According to the definition used by the National Institute of Standards and Technology (NIST), these data include:
• name and surname
• home address
• email address
• national identification number
• passport or identity card number
• IP address (when linked to other data)
• vehicle registration number
• license number
• face, fingerprint or handwriting
• credit card numbers
• digital identity
• date of birth
• birth place
• telephone number
• account name or nickname
• location and mobility data (GPS).
Data subject to special processing (sensitive data)Article 9 of the GDPR establishes a general prohibition on processing certain types of data, namely those that reveal:
• racial or ethnic origin;
• political opinions;
• religious or philosophical beliefs;
• trade union membership;
• genetic data;
• biometric data intended to uniquely identify a natural person (for example, a group of photographs uploaded online, or in airports where the individual's image is scanned to identify him);
• health data (even a simple injury to a hand);
• data relating to the sexual life or sexual orientation of the person;
• judicial data (reveal the existence of criminal measures susceptible to registration in the
criminal record, or the quality of suspect or accused).
Usage DataThis is the information collected automatically by the site (and by third-party applications that this site uses), including: the IP addresses or domain names of the computers used by the user who connects to the site, the addresses in URI notation (Uniform Resource Identifier), the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numeric code indicating the status of the response from the server (successful, error, etc.), the country of origin, the characteristics of the browser and the operating system used by the visitor, the various temporal connotations of the visit (for example the time spent on each page) and the details of the itinerary followed within the Application, with particular reference to the sequence of pages consulted, to the parameters relating to the operating system and the user's IT environment.
InterestedThe natural person to whom the personal data refer.
Data Controller (or Owner)The natural person, legal person, public administration and any other body, association or organization which is responsible, even jointly with another owner, for decisions regarding the purposes, methods of processing personal data and the tools used, including the profile of the security, in relation to the operation and use of this site. The data controller, unless otherwise specified, is the owner of this site.
Personal data managementThe set of hardware and software tools through which the personal data of users are collected.
Types of data collected
Personal data is entered voluntarily by the user, or collected automatically while browsing this site.
This site does not collect data subject to special treatment: any request for access to people with wheelchairs does not mean automatic identification of the person with a motor disability. Booking a stay is not equivalent to automatic identification of the person with a motor disability. In any case, in the user profiling there is no field that shows any identifiable motor disability of the user.
Failure by the user to provide some personal data may prevent the site from providing its services.
The user assumes responsibility for the personal data of third parties published or shared through this site and guarantees to have the right to communicate or disseminate them, freeing the owner from any liability to third parties.
The owner processes the personal data of users by adopting appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of personal data. The processing is carried out using IT and / or telematic tools, with organizational and logical methods strictly related to the purposes indicated. In addition to the owner, in some cases, categories of employees involved in the organization of the site (administrative, commercial, marketing, legal, system administrators) or external subjects (such as third party technical service providers, postal couriers) may have access to the data. hosting providers, IT companies, communication agencies) also appointed, if necessary, as data processors by the owner. The updated list of managers can always be requested from the data controller.
The treatments connected to the web services of this site take place at the registered office of the company or at the domiciles of the directors or their collaborators; the related data are contained and processed in the IT systems provided to the administrators or their collaborators. The data is handled exclusively by technical personnel who may be in charge of processing, or by persons in charge of any maintenance interventions.
Purpose of processing the collected data
User data is collected to allow the owner to provide its services: contact the user, payment management, fulfillment of legal obligations, exercise of legal rights, statistics.
Furthermore, having acquired the explicit consent of the user, the owner may process the data for the purpose of defining individual and group profiles (profiling activities) as well as for marketing purposes, such as communication, e-mail, sms, information and / or updates on products and services, as well as on initiatives or events organized, including any invitations to said initiatives or events.
The computer systems and procedures used to operate this website acquire, during their normal operation, some information that is not collected to be associated with identified interested parties, but which by their very nature could, through processing and association with data held. by third parties, allow users to be identified. This information is used for the sole purpose of obtaining some anonymous statistics on the use of the site and to check its correct functioning and is deleted immediately after processing. The information could be used to ascertain responsibility in the event of hypothetical computer crimes against the site. The optional, explicit and voluntary sending of e-mails to the addresses indicated on this site entails the subsequent acquisition of the sender's address, necessary to respond to requests, as well as any other personal data included in the message. No personal data of users is acquired by the site in this regard. We also do not carry out analysis of the habits and consumption choices of users.
Defense in court
The user's personal data may be used by the owner in court or in the stages leading to its eventual establishment for the defense against abuse by the user in the use of this site or the services connected to it. The user declares to be aware that the owner may be required to disclose the data at the request of the public authorities.
System log and maintenance
For needs related to operation and maintenance, the site, the hardware used by Malfavacanze s.r.l. and any third party services used may collect system logs, which are files that record interactions and which may also contain personal data, such as the user's IP address.
Information not contained in this policy
More information in relation to the processing of personal data may be requested at any time to the data controller using the contact information.
Exercise of rights by users
The subjects to whom the personal data refer have the right at any time to obtain confirmation of the existence or otherwise of the same from the data controller, to know its content and origin, to verify its accuracy or request its integration , the cancellation, updating, rectification, transformation into anonymous form or blocking of personal data processed in violation of the law, as well as to oppose in any case, for legitimate reasons, to their processing. Requests should be addressed to the data controller.
This Application does not support "Do Not Track" requests. To find out if the third-party services support them, the user is invited to consult the respective privacy policies.