PERSONAL DATA PROCESSING STATEMENT
ACCORDING TO ART. 13 ITALIAN LEGISLATIVE DECREE 196/2003
In accordance with article 13 of Italian Legislative Decree no. 196/2003, we provide you with the following information:
- The personal data that you have provided or has been acquired through the www.grandhotelgardone.it sites will be processed in accordance with the principles of correct conduct, lawfulness, transparency and protection of your privacy and rights.
- This personal data will be processed for the purposes of fulfilling legal and contractual requirements and those deriving from the task assigned by the party concerned, that is, to fulfil the specific requests of the user, communicated through the Contacts section or through subscription to the Newsletter.
- The personal data may also be used for the purposes of sending information and advertising material or for commercial communications regarding new products or updates and news on existing products.
- Processing may also be carried out with the assistance of electronic instruments, using methods appropriate to ensuring the security and confidentiality of the data.
- Providing the data is required for the purposes indicated in point 2. Complete or partial refusal to provide us with your personal data or authorisation for processing may mean that it is impossible to fulfil your requests.
- Consent to data processing is optional for the purposes indicated in point 3 and refusal to provide us with authorisation for such processing cannot make it impossible to fulfil your requests.
- Personal data classified as sensitive, that is, data that may be used to reveal racial and ethnic origins, religious, philosophical or general convictions, political opinions, membership of parties, trade unions and associations or organisations with a religious, philosophical, political or union character, as well as personal data that may be used to reveal state of health or sexual activity, may also be processed, solely with the express written consent of the party concerned and authorisation from the Personal Data Protection Authority (art. 26 Italian Legislative Decree no. 196/2003), in accordance with the methods and for the purposes indicated above. This type of data will be processed solely in cases where the user decides to communicate them on their own initiative through the "Jobs and Career" section with an application to work at Carel. Providing this data is optional, and refusing to provide us with authorisation for this processing cannot result in complete or partial failure in performance of the contract, that is, failure to perform the assigned task.
- The Personal Data Controller is Grand Hotel Srl, Via Zanardelli 84, 25083 Gardone Riviera (BS).
- You may contact the Data Controller or Supervisor to exercise your rights, as envisaged by article 7 of Italian Legislative Decree no. 196/2003.
Art. 7 - Right to access personal data and other rights
1. The party concerned has the right to obtain confirmation about the presence or absence of personal data that concerns them, even if not yet recorded, and their disclosure in intelligible form. |
a) the updating of, correction of or, where this is of interest, addition to data; |
COOKIE MANAGEMENT ON THIS SITE
This page describes the methods for managing the cookies on this site.
This statement is also provided pursuant to art. 13 of Italian Legislative Decree no. 196/2003 - Personal Data Protection Act for those who use Grand Hotel Srl's web services, accessible remotely starting from the address:
www.grandhotelgardone.it
The statement is provided only for the websites and portals of the Grand Hotel Srl and not for any other websites that the user may consult using links.
The statement derives from the Recommendation no. 2/2001 adopted by the European Authorities, in the Group formed by art. 29 of the Directive no. 95/46/EC about personal data protection, on May 17th 2001, to find out some minimum requirements for the on-line collection of personal data and, in particular, methods, times and nature of the information that the owners of data processing must give the users when they connect to web pages, independently of the purposes of such connection.
This privacy policy also incorporates the instructions issued by the Personal Data Protection Authority with the Order of 8 May 2014 (Published in Italian Official Gazette no. 126 of 3 June 2014) regarding simplified methods for providing the statement and obtaining consent for the use of cookies.
THE DATA "CONTROLLER"
While surfing this site, data concerning identified or identified individuals can be processed.
The data processing "Controller" is Grand Hotel Srl, based in Via Zanardelli 84, 25083 Gardone Riviera (BS).
DATA PROCESSING LOCATION
Processing connected to the web services of this site occurs at the aforementioned offices of the Company and its branches solely by staff appointed for processing, or by any staff appointed for occasional maintenance operations and any individuals who are "Appointed for External Processing" through a dedicated document.
No data deriving from the web service is communicated or disclosed.
The personal data provided by users who submit requests for the delivery of information (CD-ROMs, publications, newsletters, answers to queries, etc.) is used solely for the purpose of performing the service requested and is communicated to third parties only in the event that this is necessary to the same end (shipping and delivery services).
TYPES OF DATA PROCESSED
Navigation data:
The IT systems and software procedures used to operate this website acquire, during their regular operation, some personal data whose transmission is implied in the use of Internet communication protocols.
All this information is not gathered to be directly associated with identified individuals, but, due to their nature, could allow an identification of the users through processing and association with data held by third parties.
This category of data includes IP addresses or the domain names of the computers of the users connecting to the site, the URI (Uniform Resource Identifier) addresses of the required resources, the time of the request, the method used to submit the request to the server, the size of the file obtained as a reply, the numeric code on the status of the reply sent by the server (ok, error, etc.) and other parameters linked with the user's OS and computer processing environment.
These data items are used only to get anonymous statistic information about the use of the site and to check its correct operation. All data are immediately deleted after processing. Data could be used to ascertain responsibilities in case of hypothetical computer processing violations. Currently, no data item about web contacts is kept for longer than seven days.
Data provided voluntarily by the user:
The voluntary sending, express and optional sending of e-mail messages to the addresses or forms to complete contained in this site involves the following acquisition of the sender's address, required to reply to any request, as well as all the other personal data entered in the message or forms.
Synthetic information specifications shall be progressively written or displayed in the pages of the site dedicated to special optional services.
COOKIES
Cookies are small strings of text that sites visited by the user send to their terminal (usually to the browser), where they are stored in order to be sent back to the same sites on the next visit by the same user. When navigating a site, users may also receive cookies sent by other sites or web servers (so-called "third parties") on their terminal, which may contain some elements (e.g. images, maps, sounds, specific links to pages on other domains) present on the site that they are visiting.
Cookies, usually present in users' browsers in great number and at times also with characteristics of great persistence over time, are used for various purposes: electronic authentication, session monitoring, storage of information on specific configurations concerning users who access the server, etc.
In order to regulate such devices correctly, it is necessary to distinguish them, provided that there are no technical characteristics that differentiate one from another, precisely on the basis of the aims pursued by their users (Privacy Order Authority 8 May 2014, no. 229).
In the Order concerning cookies, the Personal Data Protection Authority provides the following definitions:
Technical cookies:
Technical cookies are those used solely for the purpose of "effecting the transmission of a communication on an electronic communications network, either to the extent strictly necessary for the supplier of a service by the information company explicitly requested by the subscriber or by the user to provide such service" (see art. 122, paragraph 1, of the Act).
They are not used for other purposes and are normally installed directly by the owner of the website or the webmaster. They can be subdivided into browsing or session cookies, which ensure normal navigation and use of the website (permitting, for example, a purchase or authentication to access reserved areas); analytics cookies, treated as technical cookies where used directly by the webmaster to collect information, in aggregate form, on the number of users and how they visit the site; functional cookies, which allow the user to navigate according to a series of selected criteria (e.g. language, products selected for purchase) in order to improve the service provided to them.
The prior consent of users is not required to install such cookies, though the obligation remains to provide the statement pursuant to art. 13 of the Act, which the webmaster, should they only use such instruments, may provide in the manner that they deem most suitable.
Profiling cookies:
Profiling cookies are intended to create profiles in relation to the user and are used for the purpose of sending advertising messages in line with the preferences demonstrated by the user through their browsing behaviour. In light of the particularly invasive character that these instruments can have in relation to the private sphere of users, European and Italian regulations require that the user must be adequately informed regarding their use and thus express their legitimate consent.
They are referred to in art. 122 of the Act, which states that "archiving of information in the terminal device of a contracting party or of a user or access to previously archived information are permitted solely on condition that the contracting party or user has expressed their consent after being informed with the simplified methods indicated in article 13, paragraph 3" (art. 122, paragraph 1, of the Act).
In light of the preliminary considerations and the classifications quoted above, we state that our site uses the following cookies, divided according to the aims pursued:
- So-called essential cookies: they belong to the category of technical cookies and are those that permit the actual operation of the web pages. It is possible to deactivate these cookies, but it should be made clear that in their absence the operation and navigation of the pages of this site would in effect be impossible.
- Optimisation cookies: these too are technical cookies, and they comprise those cookies used for the purpose of collecting statistical information, collected in aggregate form. They have the sole purpose of improving the performance of the site itself. One example of optimisation cookies is those used to identify the most visited pages of the site and allow the site owner to organise the layout in order to assist consultation. Also belonging to this classification are those third-party cookies that perform the same function (e.g. Google Analytics and similar, solely in the case that anonymous data is processed in aggregate form).
- Third-party cookies: these comprise all cookies that are not received directly from the site of the owner, but from sites managed by other companies or bodies. Our site uses the "social plug-ins" for Facebook, Twitter, Google+. These are components of the page visited generated directly by the aforementioned sites and integrated in the page of the host site. The social plug-ins are used for the purposes of enabling the sharing of content on various social networking sites.
The presence of these plug-ins results in the transmission of cookies from and to all the sites managed by third parties. The management of the information collected by "third parties" is governed by the corresponding statements; please refer to these.
Our site also uses Google Analytics to analyse the aggregate data relative to user engagement on our site.
Here is a list of the Google Analytic’s cookie we use:
Cookie Name |
Description |
__utma |
Used to distinguish users and sessions. The cookie is created when the javascript library executes and no existing __utma cookies exists. The cookie is updated every time data is sent to Google Analytics. |
__utmt |
Used to throttle request rate. |
__utmb |
Used to determine new sessions/visits. The cookie is created when the javascript library executes and no existing __utmb cookies exists. The cookie is updated every time data is sent to Google Analytics. |
__utmc |
Not used in ga.js. Set for interoperability with urchin.js. Historically, this cookie operated in conjunction with the __utmbcookie to determine whether the user was in a new session/visit. |
__utmz |
Stores the traffic source or campaign that explains how the user reached your site. The cookie is created when the javascript library executes and is updated every time data is sent to Google Analytics. |
__utmv |
Used to store visitor-level custom variable data. This cookie is created when a developer uses the _setCustomVar method with a visitor level custom variable. This cookie was also used for the deprecated _setVar method. The cookie is updated every time data is sent to Google Analytics. |
Moreover we use these other cookie for Google Maps:
NID
PREF
SAPISID
SID
SSID
The banner that opens upon initial entry to the web page permits access to the screen for managing the various cookies used, through which the user can prevent the use of optional cookies. The predetermined settings can always be modified.
As per the obligation established by the Personal Data Protection Authority with the Order of 8 May 2014, no. 229, the choices made regarding cookie management must of necessity be stored through a technical cookie. This cookie saves the user's choices for a maximum of 365 days.
Cookies are not used to transmit personal information, nor are any type of so-called persistent cookies used, that is, systems for tracking users.
The use of so-called session cookies (which are not stored persistently on the user's computer and disappear when the browser is closed) is strictly linked to the transmission of session identification data (comprising random numbers generated by the server) required for secure and efficient browsing of the site.
The so-called session cookies used on this site prevent recourse to other computer processing techniques potentially detrimental to the confidentiality of users's navigation and do not permit the acquisition of the user's personal identification data.
LINKS TO CONNECTED SITES AND/OR SITES WITH CONNECTED FUNCTIONALITY
Since the Grand Hotel Srl. site uses cookies from third parties, specifically Facebook, Twitter, Google+, Google Maps and Google Analytics, links to their respective Privacy Policies are provided below in compliance with the requirements of the Personal Data Protection Authority.
Google Analytics, Google+ & Maps: https://www.google.it/intl/it/policies/privacy/
http://www.google.it/intl/it/policies/technologies/cookies/
http://www.google.it/intl/it/policies/technologies/managing/
Twitter: https://twitter.com/privacy?lang=it
Facebook: https://it-it.facebook.com/privacy/explanation
https://it-it.facebook.com/help/cookies/?ref=sitefooter
PROCESSING METHODS
Personal data are processed with automated instruments for the time strictly necessary to reach the linked purpose.
Special safety measures have been adopted to prevent data loss, misuse or non-allowed use and unauthorized access.
GUIDED PROCEDURE FOR DISABLING
COOKIES ON YOUR COMPUTER
Microsoft Internet Explorer
http://windows.microsoft.com/en-us/windows-vista/block-or-allow-cookies
Google Chrome
https://support.google.com/chrome/bin/answer.py?hl=en&answer=95647&p=cpn_cookies
Mozilla Firefox
http://support.mozilla.org/en-US/kb/Enabling%20and%20disabling%20cookies
Apple Safari
http://docs.info.apple.com/article.html?path=Safari/5.0/en/9277.html