THE RENEWAL OF ACCOMMODATION AND CAFÉ STRUCTURE
Information note pursuant to article 13 of EU Regulation 2016/679 - article 13 of Legislative Decree 196/2003 (Personal data protection code) and subsequent amendments.
Last updated April 2021.
In application of the European Regulation n. 679 of 2016 of Legislative Decree no. 196 of 2003 relating to the protection of personal data, we inform you that the data controller is Katia Gambetta, owner and owner of the B&B.
Personal data are processed in full compliance with EU Regulation 679/2016 and Legislative Decree 196/2003 and subsequent amendments.
The data provided will be used for the sole purpose of following up on your requests and the proposals of the B&B, and may be disclosed to third parties only if this is necessary for this purpose, or with your explicit consent.
The data will be processed by personnel appointed by the Data Controller with procedures, technical and IT tools suitable for protecting the confidentiality and security of the data of the interested party and consists in their collection, registration, organization, storage, consultation, processing, modification. , selection, extraction, comparison, use, interconnection, blocking, communication, cancellation, destruction of the same including the combination of two or more of the aforementioned activities.
The data will be kept for the time strictly necessary to provide the interested party with the requested services and will in any case be deleted following the request of the interested party, without prejudice to further conservation obligations established by law.
The data of the interested party will not be disclosed.
As part of its activity and for the purposes indicated above, the Data Controller may make use of services rendered by third parties who operate on behalf of the Data Controller and according to his instructions, as data processors.
These are suppliers, commercial and production partners, intermediaries, technical consultants and other similar subjects who collaborate with our organization to fulfill the contractual commitments undertaken with you; subjects who provide a service strictly and necessarily connected to the activity of the Data Controller such as tax consultants, banks, shippers, insurance companies, public and private entities, also in relation to inspections or verifications; subjects who can access the data by virtue of legal provisions.
The data may also be communicated to all those subjects authorized by law to collect them (eg provincial companies for health services, financial administration, etc.).
The interested party may request a complete and updated list of the persons appointed as data processors by contacting the contact indicated below.
Rights of the interested party
Right of access (Article 15 of the GDPR). Right of the interested party to obtain access to their data and to lodge a complaint with the supervisory authority.
Right of rectification (Article 16 of the GDPR). Right of the interested party to obtain from the Data Controller the correction of inaccurate personal data concerning him.
Right to cancellation (right to be forgotten) (Article 17 of the GDPR). The interested party has the right to obtain from the Data Controller the deletion of personal data concerning him without undue delay.
Right to limitation of processing (Article 18 of the GDPR). Right of the interested party to obtain a limitation of the data processing.
Notification obligation (Article 19 of the GDPR). The Data Controller communicates to each of the recipients to whom the personal data have been transmitted any corrections or cancellations or limitations of the processing carried out pursuant to art. 16; 17; 18.
Right to data portability (Article 20 of the GDPR). The interested party has the right to receive the personal data concerning him provided to the Data Controller and has the right to transmit such data to another data controller without impediments by the Data Controller.
Right to object (Article 21 GDPR). Right of the interested party to oppose the processing of his personal data.
Profiling (Article 22 of the GDPR). The interested party has the right not to be subjected to a decision based solely on automated processing, including profiling or which significantly affects his person.
The Data Controller is Katia Gambetta.
Art. 7 - Right to access personal data and other rights
The interested party has the right to obtain confirmation of the existence or not of personal data concerning him, even if not yet recorded, and their communication in an intelligible form.
The interested party has the right to obtain the indication:
a) the origin of the personal data;
b) the purposes and methods of the processing;
c) of the logic applied in case of treatment carried out with the aid of electronic instruments;
d) the identity of the owner, manager and the representative appointed under article 5, paragraph 2;
e) the subjects or categories of subjects to whom the personal data may be communicated or who can learn about them as appointed representative in the territory of the State, managers or agents.
The interested party has the right to obtain:
a) updating, rectification or, when interested, integration of data;
b) the cancellation, transformation into anonymous form or blocking of data processed in violation of the law, including data which need not be kept for the purposes for which the data were collected or subsequently processed;
c) the attestation that the operations referred to in letters a) and b) have been brought to the attention, also as regards their content, of those to whom the data have been communicated or disseminated, except in the case in which this fulfillment is proves impossible or involves the use of means that are manifestly disproportionate to the protected right.
The interested party has the right to object, in whole or in part:
a) for legitimate reasons, to the processing of personal data concerning him, even if pertinent to the purpose of the collection;
b) to the processing of personal data concerning him for the purpose of sending advertising or direct sales material or for carrying out market research or commercial communication.
The person responsible for the protection of personal data is Katia Gambetta.
Owner and manager of the processing of personal data
Pursuant to art. 28 of Legislative Decree 196/2003:
The Data Controller of personal data: Katia Gambetta.
The person in charge of the processing of personal data: Katia Gambetta.
Registered office: Via Silvio Pellico 11, Cervo (IM) 18010.
Links to other sites
We take no responsibility for the privacy policies of linked sites and therefore encourage you to learn about them.
We do not intend to collect personal information from any individual under the age of 16. If you are under 16, you shouldn't make an online booking or any inquiries, but ask a parent to do it for you.
Questions or concerns
At any time you believe that the Data Controller has not followed the aforementioned policy, we invite you to let us know by sending an email to firstname.lastname@example.org and we will try to do our best to identify and solve any problem.
You can also write to us at Katia Gambetta, Via Silvio Pellico 11, Cervo (IM) 18010.