Information note in accordance with Article 13 of the 2016/679 EU Regulation - Article 13 of Legislative Decree 196/2003 (Protection of personal data)
We wish to inform you that, in compliance with Regulation (EU) no. 679 of 2016 and Legislative Decree no. 196 of 2003 on the protection of personal data, the Data controller is Hotel Palazzo Delle Stelline di G.S.A. S.r.l. - Corso Magenta, 61 - 20123 Milano, PI 06250840151 (hereinafter the "Controller").
Personal data is processed in full compliance with Regulation (EU) 679/2016 and Legislative Decree 196/2003.
We will use the data you (hereinafter the "Data subject") provide to us only to respond to your requests. Your data may be disclosed to third parties only when necessary for that purpose, or after obtaining the data subject's explicit consent.
Data will be processed, by personnel appointed by the Controller, using procedures, technical means and IT tools that are capable of protecting the confidentiality and security of the data subject's data. Processing includes the collection, recording, organisation, storage, consultation, processing, alteration, selection, retrieval, alignment, use, interconnection, restriction, disclosure, dissemination, erasure, destruction of data; it may involve a combination of two or more of the above operations.
Data will be kept for the time strictly necessary to provide the services requested by the Data subject and will in any case be erased if requested by the Data subject, subject to any data retention obligations envisaged by law. The data subject's data will not be disseminated.
As part of its activities and for the purposes indicated above, the Controller may use third party service providers, operating on behalf of and as per the instructions of the Controller, as data processors. These are suppliers, commercial and production partners, intermediaries, technical consultants, physicians and other similar entities who cooperate with our organization to fulfil the contractual commitments with you; entities who provide a service strictly and necessarily linked to the Controller's business such as tax consultants, banks, shipping companies, insurance companies, public and private entities, also for inspections or audits; entities that can access the data in accordance with the provisions of law.
Data may be also disclosed to all entities authorised by law to collect them (e.g. provincial health services authorities, tax authorities, etc.)
The Data subject may request a complete and up-to-date list of the entities appointed as data processors via the contact details provided below.
Data may be transferred within the European Union, where the Controller or its suppliers and collaborators have establishments or servers. Data will not be transferred outside the European Union.
Rights of the data subject:
- Right of access (art. 15 GDPR). Right of access by the data subject to access his or her data and to lodge a complaint with a supervisory authority;
- Right to rectification (art. 16 GDPR). Right of the data subject to obtain from the controller the rectification of inaccurate personal data concerning him or her;
- Right to erasure (‘right to be forgotten’) (art. 17 GDPR). The data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay;
- Right to restriction of processing (art. 18 GDPR). Right of the data subject to obtain from the controller restriction of processing;
- Notification obligation (art. 19 GDPR). The controller shall communicate any rectification or erasure of personal data or restriction of processing carried out in accordance with articles 16, 17 and 18 to each recipient to whom the personal data have been disclosed;
- Right to data portability (art. 20 GDPR). The data subject shall have the right to receive the personal data concerning him or her, which he or she has provided to a controller, and the right to transmit those data to another controller without hindrance from the controller;
- Right to object (art. 21 GDPR). Right of the data subject to object to the processing of his or her personal data;
- Profiling (art. 22 of the GDPR). The data subject shall have the right not to be subject to a decision based solely on automated processing, including profiling, which significantly affects him or her.
The contact details of the Data controller are: Hotel Palazzo Delle Stelline di G.S.A. S.r.l. - Corso Magenta, 61 - 20123 Milano, telephone number +39 02/48.18.431, fax number +39 02/184.108.40.206 and email firstname.lastname@example.org
Cookies are short pieces of text (letters and/or numbers) that enable the web server to store information on the client (the browser) to be reused during the visit to the website (session cookies) or subsequently, even after many days (persistent cookies). Cookies are stored, according to user preferences from a single browser on the specific device being used (computer, tablet, smart phone). Similar technologies can be used to gather information on user behaviour and on service use.
Subsequently, this document will refer to the cookies and all similar technologies by simply using the term "cookie".
Type of cookies
We can identify several categories of cookies based on their features and use:
- Absolutely necessary cookies. These cookies are essential for the proper operation of our website and are used to manage the login and access to features unique to the website, in general to accelerate, improve and customize the level of service to users. The duration of the cookies is strictly limited to either the working session (they are deleted when the browser is closed), or of a longer duration, designed to recognize the visitor's computer. Their deactivation may compromise the use of services accessible by logging in, while the public part of the website is normally used.
- Analysis and performance cookies. These cookies are used to collect and analyse traffic and to use the website anonymously. Even without identifying the user, these cookies can, by way of example, detect if the same user returns to the website at different times. Moreover, they are used to monitor the system and improve performance and usability. The cookies can be deactivated without any loss of functionality.
- Profiling cookies. These are persistent cookies used to identify (anonymously or otherwise) user preferences and improve the browsing experience or to send advertising messages in accordance with the preferences shown by the user during web browsing.
Cookies from the site visited ("owner") or by websites maintained by other organisations ("third party") may be received when visiting a website. An example of this is the presence of "social plugins" (i.e. Facebook, Twitter, Google+) that are aimed at sharing contents on the social networks. The presence of these plugins involves the transmission of cookies to and from all websites operated by third parties. The management of the information collected by "third parties" shall be governed by the relevant information to which we ask the user to refer.
Management of cookies
By using the settings in the browser, the user can decide whether or not to accept the cookies.
Warning: Disabling all or part of the technical cookies may compromise the use of the features of the website reserved for registered users. On the contrary, the usability of public content is also possible by completely disabling the cookies.
The disabling of "third party" cookies does not compromise browsing in any way. The settings can be specifically defined for different websites and web applications. Moreover, the better browsers enable to define different settings for "owner" and "third party" cookies.
By way of example, when using the Tools-> Options -> Privacy menu in Firefox, a control panel is accessed where the user can specify whether or not to accept the different types of cookies and remove them.
This site uses
Google and Facebook Advertising Cookies (remarketing, segmentation and targeting)
To ensure greater transparency and convenience, for each of these websites, we give the user the web address of the information note, the methods to manage these cookies or to delete them as well as to deny consent to the installation of the cookies:
Tripadvisor – travel portal (profiling): CLICK HERE
Powr.io – weather service (profiling): CLICK HERE
Sharethis.com – content sharing (profiling): CLICK HERE
Holidaycheck.it – web services (statistics and profiling): CLICK HERE
Trivago.it - travel portal (profiling): CLICK HERE
Youtube.com – multimedia content (profiling): CLICK HERE
Google.com – web services (statistics and profiling): CLICK HERE
Google Analytics – web services (statistics and profiling): CLICK HERE
Facebook.com – social (profiling): CLICK HERE
Yandex.ru – web services (profiling): CLICK HERE
Ilmeteo.it – weather service (profiling): CLICK HERE
Moreover, if it particularly difficult to identify all third parties, especially for the profiling of your preferences, we report the following links: