This page highlights the security policies on personal data that the company GOTRIPHOLIDAYS di Gotrip Hotels s.r.l. implements for users who consult the website, and more generally for data subjects who interact with our company for various reasons.
This is a statement that is provided pursuant to art. 13 of the General Regulation for the Protection of Personal Data EU 2016/679 (hereinafter referred to as GDPR – General Data Protection Regulation) in particular for those who interact with the web services of the company GOTRIPHOLIDAYS di Gotrip Hotels s.r.l. accessible by internet starting from the address: https://www.gotripholidays.it.
The information refers only to the website of the company GOTRIPHOLIDAYS di Gotrip Hotels s.r.l. and not also for other websites that may be consulted by the user via links.
The information is also based on Recommendation n. 2/2001 that the European authorities for the protection of personal data, gathered in the Group established by the art. 29 of the directive n. 95/46 / EC, adopted May 17, 2001 to identify some minimum requirements for the collection of personal data online, and, in particular, the methods, timing and nature of the information that the data controllers must provide to users when they connect to web pages, regardless of the purpose of the connection.
Owner And Manager Of Treatment
- According to the art. 4 point 7 of the RGPD 2016/679, the data controller of the Site is the company GOTRIPHOLIDAYS di Gotrip Hotels s.r.l. Via degli aldobrandeschi 295, 00163 – Rome, Italy – T 39.06.84025059 P. Iva 15490761002 – email: firstname.lastname@example.org.
- According to the art. 28 of the GDPR 2016/679, the external data processor and system administrator for the management of the company’s website is GOTRIPHOLIDAYS di Gotrip Hotels s.r.l. Via degli aldobrandeschi 295, 00163 – Rome, Italy – T 39.06.84025059 P. Iva 15490761002 – email: email@example.com.
- According to the art. 28 of the GDPR 2016/679 Responsible for the marketing activities of the site and the newsletter is the company GOTRIPHOLIDAYS di Gotrip Hotels s.r.l. Via degli aldobrandeschi 295, 00163 – Rome, Italy – T 39.06.84025059 P. Iva 15490761002 – email: firstname.lastname@example.org.
- Place of data processing
The processing operations connected to the web services of this site take place at the headquarters of the data controller and the data processors, and are only handled by technical personnel of the service in charge of processing.
The personal data provided by users who request dispatch of informative material are used for the sole purpose of performing the service or provision requested while some data acquisition forms provide for the possibility of communicating the personal data of the interested party to service providers to comply with to the contract and provide the services requested.
Types Of Data Processed
Navigation data The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified interested parties, but by their very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes the IP addresses or domain names of the computers used by users connecting to the site, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numeric code indicating the status of the response given by the server (success, error, etc.) and other parameters relating to the operating system and the user’s IT environment. This data is used only to obtain anonymous statistical information on the use of the site and to check its correct functioning and is deleted immediately after processing. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the site: except for this eventuality, the data on web contacts do not persist for more than thirty days.
Data provided voluntarily by the user
The optional, explicit and voluntary sending of electronic mail to the addresses indicated on this site entails the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data included in the message.
The services on this website are not intended for minors. We do not knowingly collect minor data, including Personal Data.
If we become aware of having collected the personal data of a child, we will immediately cancel them, unless we are obliged by law to keep such data. The User is requested to contact us if he believes that the company has incorrectly or unintentionally collected information on a minor.
Method Of Treatment
Personal data is processed by automated tools for the time necessary to achieve the purposes for which it was collected. Specific security measures are observed to prevent the loss of data, illicit or incorrect use and unauthorized access.
Purpose And Legal Basis And Nature Of The Provision
The Personal Data you provide through the Site will be processed by the data controller for the following purposes:
- a) purposes related to the execution of a contract of which the interested party is a party or to the execution of pre-contractual measures adopted at your request (eg: booking, adherence to special offers, etc.). Consent Not necessary;
- b) purposes linked to the sending of promotional and commercial material via email following voluntary registration of the company’s newsletter. Requires the explicit consent of the interested party or the exercise of soft spam;
The data processed by us may include special categories of personal data as defined in Article 9 of the GDPR 2016/679 or personal data concerning health or religion (food allergies, services for the disabled, menus related to religion, etc. .) voluntarily provided by you in the Notes fields of the booking form.
The data in question will be processed guaranteeing appropriate security measures limited to the data and operations indispensable to fulfill even pre-contractual obligations that the company assumes in its sector of activity, in order to provide specific goods, services or services requested by the interested party.
According to the art. 9 of GDPR 2016/679, however, we will always ask for explicit authorization to process personal data as we cannot know in advance if the interested party will voluntarily enter personal data in the acquisition forms, data that fall into the category in question.
The data controller will process the personal data of the interested parties for the time strictly necessary to achieve the purposes indicated in this information notice. By way of non-exhaustive example, the company will process the Personal Data for the newsletter service until the interested party decides to unsubscribe from the service by simply clicking in the received email.
Without prejudice to the above, the data controller will process your Personal Data up to the time permitted by Italian law to protect his interests (Art. 2947 (1) (3) c.c.). More information about the retention period of Personal Data and the criteria used to determine this period can be requested by writing to email@example.com.
Rights Of Interested Parties
The subjects to whom the personal data refer have the right at any time to obtain confirmation of the existence of the same data and to know its content and origin, verify its accuracy or request its integration or updating, or the rectification (Art. 15 – 22 GDPR 2016/679). According to the articles in question we have the right to request cancellation, transformation into anonymous form or blocking of data processed in violation of the law, and to oppose in any case, for legitimate reasons, to their treatment. In accordance with Chapter III of the GDPR 2016/679, the interested party has the right to request at any time, access to his / her Personal Data, the rectification or cancellation of the same or to oppose their treatment, the limitation of treatment and obtaining in a structured format, commonly used and readable by an automatic device, the data concerning him also has the right to oppose the profiling and to propose a complaint to the Control Authority. The interested party also has the right to revoke the consent at any time without affecting the lawfulness of the processing based on the consent given before the revocation. For the complete and exhaustive list of the rights exercisable by the interested party, please refer to art. 15-22 of the GDPR 2016/679. Requests should be sent by e-mail to the address: firstname.lastname@example.org.