.svg)
.svg)
the best rate guaranteed
book now10
9,2
8,3
10
9,2
8,3
10
9,2
8,3
Privacy & Cookie Policy
we are at your disposal
Book on our official website and save up to 20% discount with breakfast included!
The purpose of this document is to inform the natural person (hereinafter “Data Subject”) about the processing of his/her personal data (hereinafter “Personal Data”) collected by the data controller, M.L. S.R.L., with registered office in Via Boscovich 21, 20124, Milano (MI), Tax Code/VAT No. 05884810960, e-mail address info@hotelbolzano.it, (hereinafter “Data Controller”), via the website www.hotelbolzano.it (hereinafter “Application”).
Changes and updates will be effective as soon as they are published on the Application. In case of non-acceptance of the changes made to the Privacy Policy, the Data Subject shall stop using this Application and may ask the Data Controller to delete his/her Personal Data.
Categories of Personal Data processed
The Data Controller processes the following types of Personal Data voluntarily provided by the Data Subject:
- Contact Data: first name, last name, address, e-mail address, phone number, pictures, authentication credentials, any further information sent by the Data Subject, etc.
- Fiscal and payment Data: tax code, VAT number, credit card data, bank account details, etc.
- Data on the employment relationship: data entered in the curriculum vitae, data on spouse or children, social security data, etc.
- Special Data: Personal Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership, as well as genetic data, biometric data intended to uniquely identify the natural person, data concerning health or sex life or sexual orientation, collected with the consent of the Data Subject. The Data Subject may withdraw consent at any time
- Judicial Data: Personal Data related to criminal convictions, offences or security measures, collected with the consent of the data subject. The Data Subject may withdraw consent at any time.
The Data Controller processes the following types of Personal Data collected automatically:
- Technical Data: Personal Data produced by devices, applications, tools and protocols such as, for example, information about the device used, IP addresses, browser type, type of Internet provider (ISP). Such Personal Data may leave traces which, combined with unique identifiers and other information received by the servers, can be used to create profiles of individuals
- Usage Data: such as, for example, pages visited, number of clicks, actions taken, duration of sessions, etc.
- Data relating to the exact location of the Data Subject: for example, geolocation data that precisely identifies the location of the Data Subject, which may be collected via the satellite network (e.g. GPS) and other means, collected with the consent of the Data Subject. The Data Subject may withdraw consent at any time.
If the Data Subject decides not to provide Personal Data for which there is a legal or contractual obligation, or if such data is a necessary requirement for the conclusion of the contract with the Data Controller, it will be impossible for the Data Controller to establish or continue any relationship with the Data Subject.
The Data Subject who communicates Personal Data of third parties to the Data Controller is directly and exclusively liable for their origin, collection, processing, communication or divulgation.
Cookies and similar technologies
L'Applicazione usa cookie, web beacon, identificatori univoci e altre analoghe tecnologie per raccogliere Dati Personali dell’Interessato sulle pagine, sui collegamenti visitati e sulle altre azioni che si eseguono quando l’Interessato utilizza l’Applicazione. Essi vengono memorizzati per essere poi trasmessi alla successiva visita dell'Interessato.
The Application uses cookies, web beacons, univocal identifiers and other similar technologies to collect the Data Subject's Personal Data on visited pages and links and other actions performed during the use of the Application. This data is stored and then used the next time the interested party browses the Application.
Legal basis and purpose of data processing
The processing of Personal Data is necessary:
- for the performance of the contract with the Data Subject and especially:
- fulfillment of any obligation arising from the pre-contractual or contractual relationship with the Data Subject
- registration and authentication of the Data Subject: to allow the Data Subject to register in the Application, to access it and to be identified in it, also via external platforms
- support and contact with the Data Subject: to answer the Data Subject's requests
- management of payment: to manage payments by credit card, bank transfer or other methods
- for legal obligations and especially:
- the fulfilment of any obligation provided for by the applicable norms, laws and regulations, in particular, on tax and fiscal matters
- for the legitimate interest of the Data Controller, for:
- marketing purposes by e-mail of products and/or services of the Data Controller to directly sell the Data Controller's products or services using the email provided by the Data Subject in the context of the sale of a product or service similar to the one being sold
- management, optimization and monitoring of the technical infrastructure: to identify and solve any technical issue, to improve the performance of the Application, to manage and organize the information in a computer system (e.g. server, database, etc.)
- security and anti-fraud: to guarantee the security of the Data Controller’s assets, infrastructures and networks
- anonymous data based statistics: in order to carry out statistical analysis on aggregated and anonymous data in order to analyze behaviors of the Data Subject to improve products and/or services provided by the Data Controller and better meet the expectations of the Data Subject
- on the basis the Data Subject's consent, for:
- profiling the Data Subject for marketing purposes: to provide the Data Subject with information on the Data Controller's products and/or services through automated processing designed to collect personal information to predict or assess the Data Subject's preferences or behaviors
- retargeting and remarketing: to reach with a customized advertisement the Data Subject who has already visited or shown interest in the products and/or services offered by the Application using his Personal Data. The Data Subject may opt-out by visiting the Network Advertising Initiative page
- marketing purposes of the Data Controller’s products and/or services: to send information or commercial and/or promotional materials, to perform direct sales activities of the Data Controller’s products and/or services or to conduct market research with automated and traditional methods
- marketing purposes of third-party products and/or services: to send information or commercial and/or promotional materials of third parties, to carry out direct sales activities or to perform market research of their products and/or services with automated and traditional methods
- communication of Personal Data for third party marketing purposes: to communicate Personal Data to third parties operating in the della ricettività, so that they can use it to send information or commercial and/or promotional materials or to carry out direct sales activities of their products and/or services or to carry out market research with automated and traditional methods
- detection of the exact location of the Data Subject: to detect the presence of the Data Subject, to control logins, times and presence of the Data Subject in a specific place, etc.
On the basis of the legitimate interest of the Data Controllerowner, the application allows interactions with external web platforms or social networks whose processing of personal data is governed by their respective privacy policies to which please refer. The interactions and information acquired by this Application are in any case subject to the privacy settings that the Data Subject has chosen on such platforms or social networks. Such information - in the absence of specific consent to processing for other purposes - is used exclusively to allow the use of the Application and to provide the information and services requested.The Data Subject's Personal Data may also be used by the Data Controller to protect itself in judicial proceedings before the competent courts.Data processing methods and receivers of Personal DataThe processing of Personal Data is performed via paper-based and computer tools with methods of organization and logics strictly related to the specified purposes and through the adoption of appropriate security measures.Personal Data are processed exclusively by:
- persons authorized by the Data Controller to process Personal Data who have committed themselves to confidentiality or have an appropriate legal obligation of confidentiality;
- subjects that operate independently as separate data controllers or by subjects designated as data processors by the Data Controller in order to carry out all the processing activities necessary to pursue the purposes set out in this policy (for example, business partners, consultants, IT companies, service providers, hosting providers);
- subjects or bodies to whom it is mandatory to communicate Personal Data by law or by order of the authorities.
The subjects listed above are required to use appropriate measures and guarantees to protect Personal Data and may only access data necessary to perform their duties.Personal Data will not be indiscriminately shared in any way.PlacePersonal Data will not be transferred outside the territory of the European Economic Area (EEA).Personal Data storage periodPersonal Data will be stored for the period of time that is required to fulfill the purposes for which it was collected. In particular:
- or purposes related to the execution of the contract between the Data Controller and the Data Subject, will be stored for the entire duration of the contractual relationship and, after termination, for the ordinary prescription period of 10 years. In the event of legal disputes, for the entire duration of such disputes, until the time limit for appeals has expired
- for purposes related to legitimate interests of the Data Controller, they will be stored until the fulfilment of such interest
- in compliance with legal obligations, by order of an authority and for legal protection, they shall be stored according to the relevant timeframes provided for by such obligations, regulations and, in any case, until the expiry of the prescriptive term provided for by the rules in force
- for purposes based on the consent of the Data Subject, they will be stored until the consent is revoked. For marketing purposes for a period not exceeding 24 months.
At the end of the conservation period, all Personal Data will be deleted or stored in a form that does not allow the identification of the Data Subject.Rights of the Data SubjectData Subjects may exercise specific rights regarding the Personal Data processed by the Data Controller. In particular, the Data Subject has the right to:
- be informed about the processing of their Personal Data
- withdraw consent at any time
- restrict the processing of his or her Personal Data
- object to the processing of their Personal Data
- access their Personal Data
- verify and request the rectification of their Personal Data
- restrict the processing of their Personal Data
- obtain the erasure of their Personal Data
- transfer their Personal Data to another data controller
- file a complaint with the Personal Data protection supervisory authority and/or take legal action.
In order to use their rights, Data Subjects may send a request to the following e-mail address info@hotelbolzano.it. Requests will be immediately treated by the Data Controller and processed as soon as possible, in any case within 30 days.
Last update: 02/04/2021
Personal Data collected by the Application
The Data Controller shall collect the following categories of Personal Data:
- Contact information, credentials, contents: for example biographical data, e-mail address or postal address or other contact details, password and security information used for authentication and access to the account, personal interests and preferences and any other personal contents, etc.
- Personal Data from Social Media: the Users may share with the Application Data communicated to social media. The User can monitor Personal Data which the Application may have access to when granting access to its social media accounts and through the privacy settings of the relevant social media website. By way of connecting accounts managed by social media to the Application and by way of authorizing the Data Controller to have access to its Personal Data, the User gives its consent to the acquisition, processing and retention of Data provided by the same social media, in accordance with this Privacy Policy.
Any failure of the User to provide Personal Data may prevent this Application to provide its services.
The User takes any responsibility regarding Personal Data of third parties published or shared through this Application and the User ensures to be entitled to communicate or release them, holding the Data Controller harmless from any liability toward third parties.
Whether the processing of Personal Data is based on the consent of the User, he can revoke it at any time.
- Technical Data: the computer system and the software procedures functional to this Application may acquire, in the course of their ordinary activity, any Personal Data, whose communication is implicit in the use of internet communication protocols. Such information is not collected to be associated with identified third parties, however, due to the nature of these Data, the same Data may identify Users, in the Processing and through the association, with Data held by third parties. This category includes IP addresses or domain names used by Users who connect to the Application, addresses of Uniform Resource Identifier (URI) of the requested resources, time of the request, method used submitting the request to the server, size of the file obtained, etc.
- Usage Data: Data may be collected relating to the use of the Application by the User, such as the pages visited, the actions performed, the features and services used by the User.
- Geolocation Data: the Application may collect location Data, which may be accurate or inaccurate. The precise location Data may consist in GNSS Data (Global Navigation Satellite System, such as GPS), as well as in Data which identify the nearest repeater, Wi-Fi hotspots and bluetooth, communicated when you enable products or features based on the location.
This Application uses cookies, web beacons, unique identifiers and any other similar technologies to collect Data regarding pages, visited links and other actions, which you may perform while using our Services. They are stored for being communicated back to the same websites at the next visit of the User.
The Data subject may read the complete Cookie Policy at the following address: /cookie-policy.
Purposes of the processing
Collected Data may be used for the following purposes:
- support and contact with the User
- statistics using only anonymous data communicating Data to Google Inc, www.google.com/privacy
Personal Data processing methods
The Processing of Personal Data is performed with IT and/or digital tools, with methods of organizations and with logics strictly related to the indicated purposes.
In certain cases, subjects other than the Data Controller which are involved in the organization of the Application may access to Data in the assistance of the management of the Application and of the activity or in the assurance of the performance of services to the User.
These subjects may be appointed, if necessary, as Data Processors by the Data Controller, may access to Personal Data of the Users whenever required and shall be contractually obliged to keep them confidential.
The updated list of Data Processors may be requested via email at the email address ( info@hotelbolzano.it ).
Legal basis for the processing
The Data Controller processes Personal Data regarding the User whether one of the following applies:
- the User has given consent for one or more specific purposes;
- Processing is necessary for the performance of a contract with the User and/or for the performance of pre-contractual measures;
- Processing is necessary to comply with a legal obligation to which the Data Controller is subject;
- Processing is necessary for the performance of a task carried out in the public interest or for the exercise of public authority vested in the Data Controller;
- Processing is necessary for the purposes of the legitimate interest pursued by the Data Controller or by a third party.
It is always possible to ask the Data Controller to clarify the concrete legal basis of each processing.
Place
Personal Data are processed in the operative offices of the Data Controller and in any other place in which the parties involved in the Data processing are located. For further information, you may contact the Data Controller at the following email address ( info@hotelbolzano.it ).
Personal Data may be transferred to Countries outside the EU: USA.
With respect to these Countries, an adequacy decision by the European Commission exists or, in the absence of such decision, it is possible to request further information to the Data Controller regarding any adopted appropriate safeguards as well as the means to obtain a copy of Data or the exact location where they have been stored.
Security of processing
The Data Processing is performed with adequate methods and tools to ensure the security and confidentiality of the relevant Data, since the Data Controller has implemented appropriate technical and organizational measures which ensure, in a provable way, that the performance of the Processing is compliant with the applicable law.
