1) TYPES OF INFORMATION COLLECTED
Below, there are the activities you can carry out on the site and from which the Company can obtain your data, in particular when: A) CONTACT THE DATA CONTROLLER FOR QUESTIONS OR FOR RESERVATIONS OF VISITS In the event you intend to ask questions about the services offered or book a visit at Sassi San Cristoforo, you could Lill in the contact form or use any of the emails with links published on the pages of the website www.sassisancristoforo.com. Sassi San Cristoforo, as Data Controller, informs you that if you intend to Lind out more on the services offered, Sassi San Cristoforo will be able to obtain your email address as well as your name, surname and telephone number which will be processed for the sole purpose of being able to provide you an exhaustive answer regarding questions and/or observations you have posed.
2) PURPOSE OF THE TREATMENT
All information collected is processed by the Data Controller: • To answer your questions; • To book a visit. Your data will be processed using manual tools as well as IT tools, by inserting them into databases, and lists suitable for storing, managing and transmitting data, for the purposes and within the limits necessary for the pursuit of the aforementioned aims. Your data will be exclusively processed by persons authorised for processing. Sassi San Cristoforo does not carry out automated decision-making processes.
3) NATURE OF DATA PROVISION AND CONSEQUENCES OF REFUSAL
Providing personal data is optional for each of the purposes indicated in point 2, however, failure to provide them will make it impossible to satisfy your requests.
4) SCOPE OF COMMUNICATION – TRANSFER AND DISSEMINATION OF DATA
Your personal data may be communicated to third parties, expressly appointed as Data Processors, always for the pursuit of the purposes indicated and within the limits established by the relevant regulation. The data may be accessed (for the purpose of assistance to the site, applications, the IT network and connectivity) by our appointed technicians or external consultants also appointed as data processors. Finally, they may be communicated to the subjects entitled to access in compliance with the law, regulations, and community regulations. In any case, the personal data provided will not be disseminated.
5) SECURITY OF YOUR PERSONAL DATA
To protect personal data from unauthorised access, disclosure and modiLication, we have implemented, from a technical point of view, protection systems and related security measures that guarantee the protection of such data. These security measures are adapted from time to time to achieve a high level of security each time. However, keep in mind that despite our best efforts, no security measures are perfect or impenetrable. Moreover, in order to help us maintain a high level of security, we ask you to keep your username and password and not disclose them to third parties.
6) RIGHTS OF THE INTERESTED PARTY
We inform you that the European Regulation in art. 15 and following grants you the rights below:
• Of access, i.e. the possibility of obtaining conLirmation as to whether or not a processing is underway and to obtain information regarding: its purpose, categories of personal data in question, recipients of the data, in particular if third countries, the retention period where possible and the methods of their treatment,
• Of correction and integration of data,
• Of cancellation, whenever the data are not necessary to the purposes, or if you decide to revoke your consent, or oppose the processing, or in the event the data were unlawfully processed;
• Of limitation of processing in the event that the accuracy of personal data is contested for the period necessary to carry out the related checks, or the processing is unlawful, or if the data controller no longer needs your data, you request them to be kept for judicial purposes;
• Of transfer of data to another owner, if the processing takes place by automated means or is based on consent;
• To oppose the processing of personal data in the presence of justiLied reasons, or in the event that they are used for sending advertising material, direct marketing or for carrying out market surveys;
• To lodge a complaint with the authorities. If you decide to exercise the rights described above or in the event of a violation of personal data, you can contact the data controller at the following email address: firstname.lastname@example.org.
7) DATA RETENTION
The Data Controller retains and processes personal data for the time necessary to fulLil the purposes mentioned, in particular for promotional activities, the data are kept for 24 months and then updated and deleted if necessary. The data collected to answer your questions will not be stored.
8) IF YOU ARE UNDER 16
Our websites refer to a general audience and are not aimed at minors. We do not knowingly collect personal data from users who are considered minors according to the laws of their country.
9) THE DATA CONTROLLER
The Data Controller of personal data is Sassi San Cristoforo, based in Via Via Pastura 10, 12052 Neive (CN), if you intend to obtain information relating to the protection of personal data or report violations regarding personal data, you can write to the aforementioned email address.