Data Subjects: Visitors to the hotelsaligari.com portal

Data Controller

The Data Controller, pursuant to the Law, is AWU SRL (VIA MARIO COPES, 397, 23020 – VERCEIA (SO) IT, VAT No. 01087130140, contactable at the following details: e-mail info@hotelsaligari.com, phone 034339100) in the person of its pro tempore legal representative.

AWU SRL, as Data Controller of your personal data, pursuant to and for the purposes of EU Regulation 2016/679 (hereinafter “GDPR”), hereby informs you that the aforementioned legislation provides for the protection of data subjects with regard to the processing of personal data and that such processing will be carried out in accordance with the principles of fairness, lawfulness, transparency and protection of your confidentiality and rights.

Your personal data will be processed in compliance with the legislative provisions of the aforementioned regulation and the confidentiality obligations therein.

Purposes and Legal Basis

Your data will be used for the following purposes:

–Browsing Data
The IT systems and software procedures responsible for the operation of this website acquire, during their normal operation, certain personal data whose transmission is implicit in the use of Internet communication protocols.

This category of data includes IP addresses or domain names of the computers and terminals used by users, URI/URL (Uniform Resource Identifier/Locator) addresses of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the server’s response (successful, error, etc.), and other parameters relating to the user’s operating system and IT environment.

Such data, necessary for the use of web services, are also processed for the purpose of:

-obtaining statistical information on the use of services (most visited pages, number of visitors by time slot or day, geographical areas of origin, etc.);

– monitoring the proper functioning of the services offered.

Browsing data are not retained for more than seven days (except in cases where judicial authorities need to ascertain crimes).

Personal data will be retained for the time necessary to ensure the performance of the requested service and, subsequently, for the period required by law or applicable regulations.

–Personal data voluntarily provided by the user (first name, last name, company, email, phone) through the contact form will be processed exclusively for the purpose of responding to the data subject’s request for information.

-Personal data are processed for the management of room bookings, including the collection, recording and handling of booking requests, confirmation of availability, organization of the stay, and fulfillment of related contractual and administrative obligations.
For the above purposes, personal data may be disclosed to external parties, Scidoo Hotel Software Innovation, as Data Processor pursuant to Art. 28 of Regulation (EU) 2016/679, which provides services instrumental to booking management, in compliance with the instructions given by the Data Controller. Personal data will be retained for the time strictly necessary to perform the requested service and, subsequently, for the period required by current legislation or for the protection of the Data Controller’s rights.

-The data provided will not be used for marketing or profiling purposes without the prior and explicit consent of the data subject.
The legal basis for such processing is the data subject’s consent, expressed by selecting the appropriate box accepting the terms and conditions before submitting the form. Personal data voluntarily provided by the user to receive information will be retained until consent is withdrawn.

–Use of cookies and similar technologies.

Please refer to the cookie policy in the footer of the website.

Categories of Data Recipients

Your data will be processed solely by personnel expressly authorized by the Data Controller and, in particular, by the following categories of authorized personnel:

– internal operators responsible for managing the web portal;

– any technical staff assigned to examine and respond to user information requests.

Disclosure

Your data may be disclosed to external parties for the proper management of the relationship and in particular to the following categories of

Recipients, including all duly appointed Data Processors:

– web service providers for the management and maintenance of the platform.

Dissemination

Your personal data will not be disseminated in any way.

Transfer of Data to Third Countries
Your personal data may also be transferred, limited to the purposes indicated above, to the following countries:

–EU countries;

–United States.

Should it become necessary to transfer personal data to countries located outside the EEA, such transfer will take place in compliance with the limits and conditions set out in Articles 44 et seq. of EU Regulation 2016/679.

Processing Methods

The processing of the Personal Data indicated above will be carried out by the Data Controller using automated or manual means.

Rights of the Data Subject – EU Reg. 2016/679: Arts. 15, 16, 17, 18, 19, 20, 21, 22

1. The data subject has the right to obtain confirmation of the existence or otherwise of personal data concerning them, even if not yet recorded,

to receive such data in an intelligible form and to lodge a complaint with the Supervisory Authority.

2. The data subject has the right to obtain information regarding:

• the origin of the personal data;
• the purposes and methods of processing;
• the logic applied in the event of processing carried out with the aid of electronic instruments;
• the identification details of the Data Controller, Data Processors and the designated representative pursuant to Article 5(2);
• the entities or categories of entities to whom personal data may be disclosed or who may become aware of them as
• designated representatives in the State’s territory, Data Processors or persons in charge.

3. The data subject has the right to obtain:

• the updating, rectification or, where interested, integration of data;
• the erasure, anonymization or blocking of data processed unlawfully, including data whose retention is unnecessary for the purposes for which the data were collected or subsequently processed;
• certification that the operations referred to in letters a) and b) have been notified, including as regards their content, to those to whom the data were disclosed or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared to the protected right;
• data portability.

4. The data subject has the right to object, in whole or in part:

• for legitimate reasons to the processing of personal data concerning them, even if relevant to the purpose of collection;
• to the processing of personal data concerning them for the purpose of sending advertising material, direct sales, market research or commercial communication.

Amendments to this Policy

The Data Controller may change, modify, add or remove any part of this Privacy Policy.