top of page

PRIVACY POLICY

Data subjects: users of the site www.hoteldiana.com, hereinafter referred to as ‘The Site’.

Data controller: Palomba Corporation srl P.I./C.F. 03077881211 - NA-542902 vicolo San Abbondio 10 80045 Pompei (NA) - Italy - mail info@pompeihotel.com - PEC hoteldiana@pec.pompeihotel.com

Hereinafter referred to as owner

 

Mail reference: info@pompeihotel.com

 

As the Data Controller of your personal data pursuant to and for the purposes of EU Regulation 2016/679, the Privacy Code as amended by Legislative Decree 101/18 and the provisions and guidelines of the Supervisory Authorities, we hereby inform you that the aforementioned legislation provides for the protection of persons with regard to the processing of personal data and that such processing will be based on the principles of correctness, lawfulness and transparency and the protection of your privacy and your rights. The information and personal data provided by you or otherwise acquired in the context of the use of the site will be processed in accordance with the legal provisions of the aforementioned legislation and the confidentiality obligations provided for therein.

The Data Protection Officer (DPO) is the owner with the email reference.

Type of data processed

Navigation data

The computer systems and software procedures used to operate the application acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.

This information is not collected in order to be associated with identified interested parties, but by its very nature could, through processing and association with data held by third parties, allow users to be identified. This category includes IP addresses, or the domain names used by users connecting to the site, the URI (Uniform Resource Identifier) notation addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained, etc.

This data is used for the sole purpose of obtaining anonymous and aggregate statistical information on the use of the site and to check its correct operation, and resides permanently on third party servers (hosting providers). The data could be used to ascertain responsibility in the event of hypothetical computer crimes to the detriment of the site.

Cookies

The website uses only necessary cookies, with the purpose of improving the functioning of the system and guaranteeing its security; you always have the possibility to view the Cookie Policy, containing all the modalities for manifesting and denying consent.

Consent to the use of cookies is given at the beginning of your browsing experience by activating or leaving deactivated with a simple tick the individual unwanted cookies (opt-in) listed in the brief information in the specific banner

 With regard to the optional provision of consent, more information about the cookies on the site is provided in the cookie policy document, which is also accessible from the short information notice.

MODALITIES OF THE PROCESSING FOR WHICH THE DATA ARE INTENDED

Personal data are subject to electronic processing.

Processing shall in any case be based on the principles of correctness, lawfulness and transparency and shall be carried out with the aid of tools and procedures that avoid the risk of loss, unauthorised access, unlawful use and dissemination.

ACCESS TO DATA

Personal data may be accessible, for the purposes indicated

- to employees, collaborators and administrators of the Controller, in their capacity as persons authorised to process the data;

- third party companies or other entities that perform outsourcing activities on behalf of the Controller, in their capacity as Data Processors.

The list of Data Processors is constantly updated and is available by writing to the reference email.

DATA COMMUNICATION AND TRANSFER

Without the need for express consent - art. 6 lett. b) and c) GDPR - the Data Controller may communicate personal data, for the purposes set out, to: Inspection Bodies, Judicial Authorities, Commercial Information Companies, Credit Insurance Companies, as well as to those subjects to whom communication is compulsory by law. These subjects will process the data in their capacity as autonomous Data Controllers.

Your data is transferred outside the European Union.

The hosting provider of the website is Wix.com Ltd., a company based in Israel, which is deemed by the European Commission to offer an adequate level of protection of the Personal Information of residents of EU Member States. However, we inform you that the transfer of your data outside the European Union may involve possible risks for the protection of your data.
 

RIGHTS OF THE DATA SUBJECT

In relation to the processing of personal data you have the right:

-to be informed of: data and location of the Data Controller; the purposes and methods of processing; data and location of the Data Processor;

-to obtain, from the Data Controller or the Data Processor, without delay

1) confirmation as to whether or not personal data relating to him are being processed and communication in an intelligible form of such data and their source, as well as of the purposes on which the processing is based

2) the erasure of personal data concerning him/her, when: i) the data are no longer necessary in relation to the purposes for which they were collected, ii) the data have been processed unlawfully, iii) the data subject has objected to the processing and there is no overriding legitimate reason to proceed with the processing, iv) the controller is under a legal obligation to erase the data;

3) updating, rectification or, where interested therein, integration of the data

4) certification to the effect that the operations as per 2) and 3) above have been notified, as also related to their contents, to the entities to whom or which the data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected;

- to object, on grounds relating to his particular situation, to the processing of personal data concerning him, pursuant to Article 6(1)(e) or (f);

- to object to the processing of personal data concerning him/her for direct marketing purposes;

- to lodge a complaint with a supervisory authority;

- to receive in a structured, machine-readable format the personal data concerning him/her and to transmit such data to another Data Controller without hindrance from the Data Controller to whom he/she originally provided them. When exercising his/her rights regarding data portability, the data subject has the right to obtain the direct transmission of personal data from one Controller to another, if technically feasible;

- not to be subjected to a decision based solely on automated processing, including profiling, which produces legal effects concerning him/her or is likely to affect him/her in a similar significant way.

The Controller shall provide a copy of the personal data being processed; in the event of further copies requested by the data subject, the Controller may charge a fee based on the administrative costs actually incurred

Methods of exercising rights

You may exercise your rights at any time by sending to the attention of the Data Controller

- a registered letter with advice of receipt to the address below.

- an e-mail to the reference address.
 

bottom of page