Privacy Policy

Dear User, we would like to inform you that, in order to carry out its relations with its visitors, Villa Sargiano collects data relating to them, acquired through the website www.villasargiano.it or even verbally, either directly or through third parties, which qualify as "personal data" under Legislative Decree no. 196/2003 and EU Regulation 2016/679. These regulations stipulate that whoever processes personal data is obliged to inform the person concerned about what data is being processed and about certain elements qualifying the processing, which must always be carried out correctly, lawfully and transparently, protecting your privacy and your rights. Therefore, pursuant to art. 13 of Legislative Decree 196/2003, we provide you with the following information:

Nature of the data processed - If you register as our user, we will process your personal and fiscal data, as well as data of an economic nature that is necessary for the conduct of the relationship between you and us. Generally, we do not process any sensitive or judicial data, but should it become necessary to process such data, we will request your consent in advance.

Purposes of data processing - In the event of your registration, your personal data will always be processed with your consent in order to carry out the services you have requested, for the achievement of the purposes set out above, and in relation to contractual requirements and the consequent fulfilment of legal and fiscal obligations, as well as to enable the effective management of financial, commercial and administrative relations. Your data will be processed for the entire duration of the relationship and also subsequently, for the fulfilment of legal obligations and for administrative and commercial purposes.

Method of processing - Your data is processed using appropriate tools and procedures to ensure its security and confidentiality, and may be processed both through our website and through other electronic means, and sometimes even on paper.

Navigation data - Log files: the computer systems and applications dedicated to the operation of the website www.villasargiano.it, in the course of their normal operation, some data (the transmission of which is implicit in the use of Internet communication protocols) not associated with directly identifiable users. The data collected include the IP addresses and domain names of the computers used by users connecting to the site, the URI (Uniform Resource Identifier) notation addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters concerning the operating system and the IT environment used by the User. These data are processed, for the time strictly necessary, for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its regular operation.

Data provided voluntarily by the user - If you voluntarily and explicitly send e-mails to the addresses indicated in the various access channels of the site www.villasargiano.it. and if you fill in the "forms" (masks) specifically provided for this purpose, we will acquire your e-mail address and other data necessary to respond to your requests and/or provide the service you request. Specific summary information can be found or displayed on the pages of the site set up for particular services on request.

Cookies - The www.villasargiano.it website does not use in any way computer techniques for the direct acquisition of personal data identifying the user or systems for user profiling. The so-called technical session cookies, once the connection to the site is terminated, are not stored. Our computer systems use: cookies for the transmission of information of a personal nature, and no persistent cookies.

Obligation or faculty to provide data and consequences of refusal - As regards the data that we are obliged to know, in order to fulfil the obligations provided for by laws, EU regulations and national legislation, or provisions issued by Authorities empowered to do so by law and by supervisory and control bodies, failure to provide such data on your part will make it impossible to establish or continue the relationship, to the extent that such data are necessary for the performance of the same. As regards the data that we are not obliged to know, failure to obtain them will be evaluated by us on a case-by-case basis, and will determine the consequent decisions in relation to the importance for us of the data requested but not provided by you.

Disclosure and dissemination - The information we collect from our members is not "disclosed", by which we mean the disclosure of such information to unspecified persons in any way, including by making it available or consulting it. On the other hand, your personal data may be "communicated" by us, by which we mean giving them to one or more specific persons, in the following terms: a) to subjects entrusted within our structure with the processing of data, and in particular to the employees of our administrative offices; b) to subjects who can access the data by virtue of provisions of the law, or EU regulations, within the limits provided for by the law; c) to subjects who need access to the data for purposes ancillary to the relationship in place, within the limits strictly necessary to perform the ancillary tasks entrusted to them (e.g. credit institutions and forwarding agents); d) to our consultants, to the extent necessary to carry out their duties, subject to our letter of appointment imposing the duty of confidentiality and security in the processing of data; e) to other external parties in their capacity as organisers and partners in institutional activities relating to courses, meetings, congresses, and any other event in which you request to participate through the website www.villasargiano.it

The rights of the data subject - As a data subject, you may exercise the following rights vis-à-vis us a) obtain confirmation of the existence of personal data concerning you, even if not yet registered, and communication in an intelligible form of the same data and their origin, as well as, the purposes and methods of processing and the logic applied in case of processing carried out with electronic instruments; b) obtain the cancellation, transformation into anonymous form, or blocking of data whose storage is not necessary in relation to the purposes for which the data were collected and processed; c) obtain the updating, rectification and integration of their data; d) oppose, in whole or in part, for legitimate reasons, the processing of data concerning you, even if pertinent to the purpose of collection. We also remind you that in any case you are always entitled to lodge a complaint with the Italian Data Protection Authority, i.e. the Garante per la protezione dei dati personali.

The Data Controller for the processing of your personal data is Villa Sargiano Immobiliare Paradisino sas di Angiolini Loretta & C with registered office in Arezzo via po, 45 and Locazione Turistica in via Padre Stanislao Doppioni, 37 - 52100 Arezzo. In order to exercise your rights, you may at any time contact the Data Protection Manager appointed by us, Angiolini Loretta, who can be contacted at the following e-mail address: villasargiano@gmail.com

This page is visible by means of a link at the bottom of all the pages of the Site in accordance with Article 13 GDPR and in compliance with the simplified modalities for the information and acquisition of consent for the use of cookies published in the Official Gazette no. 126 of 3 June 2014 and its register of provisions no. 229 of 8 May 2014.

Special booking functions: We are connected to an integrated system. Hotel.BB: We cooperate with Trippete S.r.l., located at Corso delle Province 30, 95127 Catania, Italy (www.hotel.bb) (henceforth Hotel.BB) to offer you an online booking service. We provide the content of the site and the bookings are made with us, while the management of the bookings themselves is the responsibility of Hotel.BB. The information you enter on this site will therefore be shared with Hotel.BB and its affiliates and may include your name, contact details, payment details, the name of guests travelling with you and any preferences expressed during the booking process. Below is the relevant information specific to this section. This privacy policy applies to https://www.hbb.bz/pagebooking.php?lang=it&ID=ODEwLWQ3ZjA2ZQ&HBBID=bd3c6b0be7a3fd7e60da5dd5bcf1ea8b(http://www.villasargiano.com e http://www.villasargiano.it) owned and managed by Villa Sargiano Immobiliare Paradisino sas di Angiolini Loretta & C. This privacy policy describes how we collect and use information, including personal data, that you provide on our site: https://www.hbb.bz/pagebooking.php?lang=it&ID=ODEwLWQ3ZjA2ZQ&HBBID=bd3c6b0be7a3fd7e60da5dd5bcf1ea8b(http://www.villasargiano.com). The notice also describes the choices you have regarding the use of your personal data, how you can access them and how to change them.

Data Controller: Villa Sargiano - Immobiliare Paradisino sas di Angiolini Loretta & C. in liq. Registered office Via po, 45 Arezzo Tourist rental in Via Padre Stanislao Doppioni 37, Sargiano - 52100 Arezzo (Arezzo) Italy P. Iva / C.F.: 01422690519 Owner's email address: villasargiano@gmail.com

Data Collection Among the Personal Data collected by this Web Site, either independently or through third parties, are: Cookies; Your first and last name, e-mail address, telephone number and home address; Credit card details (card type and number, name on card, expiry date and CVC code);

Information on your stays, including arrival and departure dates, special requests and your preferences on services (preference on rooms, services or other);

Information you provide about your marketing preferences or when participating in surveys, competitions or promotional offers;

Personal Data may be freely provided by the User or, in the case of User Data, automatically collected during the use of this Web Site.

You can also choose which personal information you wish to provide to us. If you choose not to provide certain details, however, this may affect some of your transactions.

Any use of Cookies - or of other tracking tools - by this Website or by the owners of third party services used by this Website, unless otherwise specified, is for the purpose of providing the Service requested by the User, in addition to the further purposes described in this document and in the Cookie Policy, if available.

The User assumes responsibility for the Personal Data of third parties obtained, published or shared through this Website and warrants that he/she has the right to communicate or disseminate them, releasing the Owner from any liability towards third parties.

Information we collect automatically

When you use our site, we automatically collect information, some of which may be personal data. For example: language settings, IP address, location, device settings, device operating system, log-in information, time of use, requested URL, status report, user agents (such as browser version information), browsing history, outcome (visit or booking), user booking code, type of information viewed. We may also collect data automatically through cookies. For more information on how we use cookies, click here.

Treatment modes

The Controller takes appropriate security measures to prevent unauthorised access, disclosure, modification or destruction of Personal Data.

The processing is carried out using computer and/or telematic instruments, with organisational methods and logics strictly related to the purposes indicated. In addition to the Data Controller, in some cases, other subjects involved in the organisation of this Web Site (administrative, commercial, marketing, legal, system administrators) or external subjects (such as third party technical service providers, postal couriers, hosting providers, IT companies, communication agencies) also appointed, if necessary, Data Processors by the Data Controller may have access to the Data. The updated list of Data Processors can always be requested from the Data Controller.

Purposes of collection We use your personal data for the following purposes:
  1. Bookings: we use your personal data to complete and manage your online booking.
  2. Customer support: we use your personal data to provide you with customer support
  3. Reviews: we may use your contact details to invite you by e-mail to leave a review after your stay. This can help other travellers choose their ideal accommodation. If you submit a review, it may be published on our website.
  4. Marketing activities: we also use your data for marketing activities as permitted by law. When we use your personal information for direct marketing purposes, e.g. commercial newsletters and marketing communications about new products and services, or offers that we think may be of interest to you, we will include an unsubscribe link, which you can use if you no longer wish to receive such messages in the future.
  5. Other communications: there may be other occasions when we will contact you by e-mail, post, telephone or text message, depending on the contact details you have given us. We may contact you for the following reasons:
  6. We may have to reply to or handle a request you have sent.
  7. If you have not completed an online booking, we may send you an e-mail with an invitation to finish the booking. We believe this is a useful additional service that allows you to go ahead with a booking without having to search for accommodation again or re-enter your booking details.
  8. When you use our services, we may send you a questionnaire or invite you to provide a review about your experience with our site. We believe this additional service is as useful to you as it is to us, as it allows us to improve our site based on your feedback.
  9. Statistics, improvements and research. We use personal data to conduct research and analysis and may involve a third party to do so. We may share the results of such research, including with third parties, in an anonymous and aggregate form. We use your personal data for statistical purposes, to improve our services, to enhance your user experience and to increase the functionality and quality of our online travel services.
  10. Security, fraud detection and prevention: we use information, including personal data, to prevent fraud and other illegal activities. We also use this information to investigate and detect fraud. We may use personal information for risk assessment and security purposes, for example through user authentication. For these purposes, personal information may be shared with third parties, such as the police or external consultants, in accordance with applicable law.
  11. Legal and Compliance Purposes: in certain instances, we may use the information you provide (including personal data) to manage and resolve legal disputes or litigation, for government investigations and compliance audits, or to enforce contracts or comply with requests made by law enforcement agencies, as required by law.

If we use automated means to process personal data that produce legal effects or have a significant effect on you, we will implement the necessary measures to safeguard your rights and freedoms, including the right to obtain human intervention.

The User Data is collected to enable the Data Controller to provide its Services, as well as for the following purposes: Access to accounts on third-party services, Interaction with social networks and external platforms, Remarketing and behavioral targeting, Transfer of Data outside the EU, Hosting and backend infrastructure, Backup storage and management, Statistics, Registration and authentication, Interaction with live chat platforms, Location-based interactions, Payment management, Displaying content from external platforms, Protection from SPAM, Tag management, Contacting the User, Platform and hosting services, Contact management and message sending, Management of User databases, Infrastructure monitoring and Heat mapping and session logging.

To obtain further detailed information on the purposes of the processing and the Personal Data concretely relevant for each purpose, the User may refer to the relevant sections of this document.

Details of Personal Data Processing

Personal Data are collected for the following purposes and using the following services:

Facebook permissions required by this WebsiteThis Website may require certain Facebook permissions that allow it to perform actions with the User's Facebook account and collect information, including Personal Data, from it. This service enables this Website to connect with the User's account on the social network Facebook, provided by Facebook Inc.For more information on the following permissions, please refer to the documentation of Facebook permits  and privacy policy di Facebook

Access to accounts on third-party services

These types of services allow this Website to take Data from your accounts on third-party services and perform actions with them. These services are not activated automatically, but require the express authorisation of the User.

Login to Facebook account (this website)

This service enables this Website to connect with the User's account on the social network Facebook, provided by Facebook, Inc. Required permissions: Access to private data and City. Place of processing: United States - Privacy Policy.

Access to Stripe account (Stripe Inc)

This service allows this Website to connect with the User's account on Stripe, provided by Stripe, Inc. Personal Data collected: various types of Data as specified by the privacy policy of the service. Place of processing: United States - Privacy Policy.

Contacting the User Contact form (this Web Site)

The User, by filling in the contact form with his/her Data, consents to the use of such Data to respond to requests for information, quotes, or any other nature indicated in the header of the form. Personal Data collected: postcode, city, tax code, surname, date of birth, email, address, country, name, fax number, telephone number, VAT number, province, company name, sex, state and various types of Data.

Mailing list or newsletter (this website)

By registering for the mailing list or newsletter, the User's email address is automatically added to a list of contacts to whom email messages containing information, including information of a commercial and promotional nature, relating to this Web Site may be sent. The User's email address may also be added to this list as a result of registering on this Web Site or after making a purchase.

Personal data collected: postcode, city, surname, Cookie, date of birth, Usage data, email, address, country, name, telephone number, province, company name, gender, website and state.

Payment Management

Payment processing services allow this Web Site to process payments by credit card, wire transfer or other means. The data used for payment is collected directly by the operator of the payment service requested without being processed in any way by this Web Site.Some of these services may also allow for the scheduled sending of messages to the User, such as emails containing invoices or notifications regarding payment.

Gestpay Banca Sella (Banca Sella S.p.A.) Gestpay is a payment service provided by Banca Sella S.p.A.Personal Data collected: various types of Data as specified in the service's privacy policy.Place of processing: Italy -

Privacy Policy.

MyBank UniCredit (UniCredit S.p.A) - MyBank is a payment service provided by UniCredit S.p.A.Personal Data collected: various types of Data as specified by the privacy policy of the service.Place of processing: Italy -

Privacy Policy.

PayPal (Paypal) - PayPal is a payment service provided by PayPal Inc., which allows the User to make online payments.Personal Data collected: various types of Data as specified in the service's privacy policy.Stripe (Stripe Inc) - Stripe is a payment service provided by Stripe Inc.Personal Data collected: various types of Data as specified by the service's privacy policy.Place of processing: United States -

Privacy Policy.

Heat mapping and session recording

Heat mapping services are used to identify which areas of a page are subject to cursor or mouse clicks in order to detect which areas attract the most interest. These services make it possible to monitor and analyse traffic data and serve to keep track of user behaviour. Some of these services may record sessions and make them available for later viewing.

Smartlook (Smartsupp.com, s.r.o.) - Smartlook is a heat mapping and session recording service provided by Smartsupp.com, s.r.o.Personal Data collected: Cookies, Usage Data and various types of Data as specified by the privacy policy of the service.Place of processing: Czech Republic

Privacy Policy

Hosting and backend infrastructure

These types of services have the function of hosting Data and files that allow this Website to function, enable its distribution and provide a ready-to-use infrastructure to deliver specific functionalities of this Website. Some of these services operate through servers located geographically in different locations, making it difficult to determine the exact location where Personal Data is stored.

ArubaCloud (Aruba S.p.A.) - ArubaCloud is a hosting service provided by Aruba S.p.A.Personal Data collected: various types of Data as specified by the privacy policy of the service.Place of processing: Italy -

Privacy Policy

Interaction with live chat platforms

This type of service allows the User to interact with live chat platforms, operated by third parties, directly from the pages of this Website. This allows the User to contact the support service of this Website or this Website to contact the User while he/she is browsing its pages. In the event that a service for interacting with live chat platforms is installed, it is possible that, even if Users do not use the service, it may collect Usage Data relating to the pages on which it is installed. In addition, live chat conversations may be recorded.

Facebook Messenger Customer Chat (Facebook, Inc.) - Facebook Messenger Customer Chat is an interaction service with the Facebook Messenger live chat platform, provided by Facebook, Inc.Personal data collected: Cookies, Usage data and About me. Place of processing: United States

Privacy Policy.

Widget di Tawk.to (tawk.to ltd.) - The Tawk.to Widget is a service for interacting with the Tawk.to live chat platform, provided by tawk.to ltd.Personal data collected: Cookies and Usage data.Place of processing: United Kingdom -

Privacy Policy.

Infrastructure monitoring

This type of service allows this Website to monitor the use and behaviour of its components, in order to allow the improvement of its performance and functionalities, maintenance or troubleshooting. The Personal Data processed depend on the features and mode of implementation of these services, which by their nature filter the activity of this Website.

Uptime Robot (Buzpark Bilisim Tarim Urunleri Sanayi Tic. Ltd. Sti.) . Uptime Robot is a monitoring service provided by Buzpark Bilisim Tarim Urunleri Sanayi Tic. Ltd. Sti.Personal Data collected: various types of Data as specified by the privacy policy of the service.Place of processing: Turkey -

Privacy Policy

Remarketing e behavioral targeting

This type of service enables this Website and its partners to communicate, optimise and serve advertisements based on the User's past use of this Website. This activity is carried out by tracking Usage Data and the use of Cookies, which information is transferred to the partners to whom the remarketing and behavioral targeting activity is linked.In addition to the opt-out possibilities offered by the services below, the User can opt out of receiving cookies from a third-party service by visiting the opt-out del Network Advertising Initiative.

AdWords Remarketing (Google Inc.) - AdWords Remarketing is a remarketing and behavioral targeting service provided by Google Inc. that links the activity of this Website with the Adwords advertising network and the Doubleclick cookie.Personal Data Collected: Cookie and Usage Data.Place of Processing: United States - United States

Privacy Policy – Opt Out.

Facebook Remarketing (Facebook, Inc.) - Facebook Remarketing is a remarketing and behavioral targeting service provided by Facebook, Inc. that connects the activity of this Website with the advertising network Facebook.Personal data collected: Cookies and Usage data.Place of processing: United States -

Privacy Policy – Opt Out.

Remarketing with Google Analytics for display advertising (Google Inc.) - Google Analytics for display advertising is a remarketing and behavioral targeting service provided by Google Inc. that links the tracking activity performed by Google Analytics and its Cookie with the Adwords advertising network and the Doubleclick Cookie.Personal Data collected: Cookie and Usage Data.Place of processing: United States - United States.

Privacy Policy – Opt Out.

Facebook Custom Audience (Facebook, Inc.) - Facebook Custom Audience is a remarketing and behavioral targeting service provided by Facebook, Inc. that connects the activity of this Website with the Facebook advertising network.Personal data collected: Cookies and email.Place of processing: United States -

Privacy Policy – Opt Out

Statistics

The services contained in this section allow the Data Controller to monitor and analyse traffic data and serve to keep track of the User's behaviour.

Estensione Display Advertisers Google Analytics (Google Inc.) - Google Analytics on this Website may use Google's interest-based advertising, third-party audience data and information from the DoubleClick cookie to extend statistics with demographic data, interest and data on interactions with advertisements.Personal Data Collected: Cookies and Usage Data.Place of Processing: United States -

Privacy Policy – Opt Out.

User ID extension for Google Analytics (Google Inc.) - Google Analytics on this Website uses a feature called User ID. This allows for a more accurate tracking of Users by assigning each User a unique ID for various sessions and devices, but in a way that does not allow Google to personally identify an individual or permanently identify a specific device.The User ID extension also allows you to connect Data from Google Analytics with other User Data collected by this Website.The Opt Out link provided below allows you to disable tracking for the device you are using, but does not exclude further tracking activities performed by the Data Controller. To deactivate these as well, please contact the owner via the contact email address.Personal Data Collected: Cookies.Place of Processing: United States -

Privacy Policy – Opt Out.

Facebook Analytics for Apps (Facebook, Inc.) - Facebook Analytics for Apps is a statistics service provided by Facebook, Inc.Personal Data collected: Usage Data and various types of Data as specified by the privacy policy of the service.Place of processing: United States -

Privacy Policy.

Google Analytics (Google Inc.) - Google Analytics is a web analytics service provided by Google Inc. ("Google"). Google uses the Personal Data collected in order to track and examine the use of this Website, compile reports and share them with other services developed by Google. Google may use the Personal Data to contextualise and personalise ads on its advertising network. Personal Data collected: Cookies and Usage Data.Place of processing: United States -

Privacy Policy – Opt Out.

Facebook Ads Conversion Monitoring (Facebook, Inc.) - Facebook Ads conversion tracking is a statistics service provided by Facebook, Inc. that links data from the Facebook ad network with actions taken within this website.Personal Data Collected: Cookies and Usage Data.Place of Processing: United States -

Privacy Policy.

Conversion monitoring by Google AdWords (Google Inc.) - Google AdWords conversion tracking is a statistics service provided by Google Inc. that links data from the Google AdWords ad network with the actions performed within this website.Personal data collected: Cookie and Usage Data.Place of processing: United States -

Privacy Policy.

Wordpress Stat (Automattic Inc.) - Wordpress Stats is a statistics service provided by Automattic Inc.Personal Data Collected: Cookies and Usage Data.Place of Processing: United States -

Privacy Policy

Transfer of Data outside the EU - The Controller may transfer Personal Data collected within the EU to third countries (i.e., all countries outside the EU) only in accordance with a specific legal basis. Therefore, such transfers of Data are carried out in accordance with one of the legal bases described below. The User may request information from the Controller regarding the applicable legal basis concretely applicable to each individual service. Other legal basis for the transfer of Data to third countries (this Website)When no other legal basis is applicable, Personal Data may be transferred from the EU to third countries only under one of the following conditions the transfer is necessary to perform a contract concluded between the User and the Controller or pre-contractual measures taken at the request of the User;the transfer is necessary to conclude or perform a contract entered into in the interest of the User by the Controller and another natural or legal person;the transfer is necessary for reasons of public interest; * the transfer is necessary to ascertain, exercise or defend a legal claim;the transfer is necessary to protect the vital interests of the Data Subject or other persons, when the Data Subject is physically or legally incapable of giving consent. In such cases, the Controller shall inform the User of the legal basis applicable to the actual transfer via this Website.

Personal data collected: various types of Data. - Transfer of Data from the EU and/or Switzerland to the United States on the basis of the Privacy Shield (this Website)When this is the legal basis, the transfer of Personal Data from the EU or Switzerland to the United States takes place on the basis of the EU-US or Switzerland-US Privacy Shield agreement.In particular, Personal Data is transferred to entities that have self-certified under the Privacy Shield and therefore guarantee an adequate level of protection for the Data transferred. The services affected by the transfer of Data are listed in the respective sections of this document. Among them, those adhering to the Privacy Shield can be identified by consulting the relevant privacy policy or by checking the status of their enrolment in the official Privacy Shield list.Users' rights under the Privacy Shield are described in an up-to-date form on the website of the U.S. Department of Commerce.The transfer of Personal Data from the EU or Switzerland to the U.S. to entities that are not (any longer) enrolled in the Privacy Shield is only permissible under another valid legal basis. Users may request information from the Controller regarding such legal bases.

Personal data collected: various types of Data. - Transfer of Data to countries that guarantee European standards (this Website)When this is the legal basis, the transfer of Personal Data from the EU to third countries takes place on the basis of an adequacy decision adopted by the European Commission. The European Commission adopts adequacy decisions with respect to individual third countries that it deems to ensure a level of protection of Personal Data comparable to that provided by European legislation on the protection of Personal Data. The User can view the updated list of adequacy decisions on the European Commission's website.Personal Data collected: various types of Data.Transfer to third countries based on consent (this Website)When this is the legal basis, the transfer of Personal Data from the EU to third countries takes place only when the User has expressly consented to such transfer after having been informed of the risks due to the absence of an adequacy decision and of the adequate safeguards adopted. In such cases, the Controller informs the Users and collects their consent through this Website.Personal Data collected: various types of Data.Transfer to third countries on the basis of standard contractual clauses (this Website)When this is the legal basis, the transfer of Personal Data from the EU to third countries takes place on the basis of standard Personal Data protection clauses adopted by the European Commission.In such cases, the recipients of the Data have agreed to process the Personal Data in accordance with the levels of protection provided by the legislation. Users may request further information by contacting the Controller at the contact details indicated in this document.

Analysis of User Data and forecasts ('profiling') - The Owner may process usage data collected through this Website to create or update user profiles. This type of processing allows the Data Controller to assess the User's choices, preferences and behaviour for the purposes specified in the respective sections of this document.User profiles may also be created using automated tools, such as algorithms, which may also be offered by third parties. To find out more about profiling activity, the User can refer to the respective sections of this document.The User has the right to object to such profiling activity at any time. To find out more about the User's rights and how to exercise them, the User may refer to the section of this document on Users' rights.

Personal data collected through sources other than the User - The Owner of this Website may have legitimately collected Personal Data relating to the User without the User's involvement, drawing on sources provided by third parties, in accordance with the legal bases described in the section on the legal bases for processing. If the Owner has collected Personal Data in this way, the User may find specific information regarding the sources in the respective sections of this document or by contacting the Owner.

Push notifications - This Website may send push notifications to the User.

Automated decision-making processes - When a decision which may produce legal effects for the User or which may affect the User in a similarly significant way is made exclusively by technological means and without human intervention, automated decision-making occurs. Within the scope of the purposes described in this document, this Website may use the User's Personal Data to make decisions based wholly or partly on automated processes. This Website makes use of automated decision-making processes to the extent that it is necessary to conclude or perform a contract between the User and the Controller or, if required by law, with the prior consent of the User.Automated decisions depend on technological tools provided by the Controller or by third parties and are generally based on algorithms that meet predefined criteria. The logic behind automated decision-making processes aims to:

  • enable or improve decision-making;
  • ensure fair and impartial treatment of Users;
  • reduce potential harm resulting from human error, personal bias or other similar circumstances that could lead to discrimination or imbalance in the treatment of individuals;
    reduce the risk of non-performance of obligations under a contract by the User
To obtain further information on the purposes, any third party services and the specific logic of the automated decision-making processes adopted by this Website, the User may refer to the respective sections of this document. Effects of automated decision-making processes and rights of the Users subject to themUsers subject to this type of processing may exercise specific rights aimed at preventing or limiting the potential effects of automated decision-making processes. In particular, Users have the right to: receive an explanation of any decision taken as a result of an automated decision-making process and express an opinion on it; contest the decision by asking the Controller to reconsider it or adopt a new decision on a different basis; request and obtain human intervention in the processing by the Controller. For further information on Users' rights and their exercise, the User may refer to the section of this document on Users' rights.

Legal Principles

With regard to purposes A and B, we rely on the performance of a contract: the use of your data may be necessary in order to implement the contract you have with us. For example, if you use our services to make an online booking, we will use your information to perform our obligation to complete and manage your booking under the contract between us.For purposes C-H, we rely on legitimate interests: we use your information for our legitimate interests, for example to provide you with the most appropriate content on our site, emails and newsletters, in order to improve and promote our products, services and content on the site. We may also use your information for administrative, legal or fraud detection purposes. When we use personal information for our legitimate interests, we will always balance your rights and interests regarding the protection of your personal information against our rights and interests.As far as the purpose H is concerned, we also rely, where possible, on our obligation to comply with applicable law.Where necessary and in accordance with applicable law, we will obtain your consent before processing your personal information for direct marketing purposes. Where necessary and in accordance with applicable law, we will ask for your consent, which you can remove at any time by contacting us at the addresses mentioned at the end of this notice.If you do not wish to consent to the processing of your data in the manner described in purposes C-F, but there is no system for withdrawing consent (e.g. via your browser settings), as far as possible, please contact  villasargiano@gmail.com

Place

The Data are processed at the Data Controller's premises and in any other place where the parties involved in the processing are located. For further information, please contact the Data Controller.The User's Personal Data may be transferred to a country other than the one where the User is located. The User has the right to obtain information about the legal basis for the transfer of Data outside the European Union or to an international organisation under public international law or consisting of two or more countries, such as the United Nations, as well as about the security measures taken by the Controller to protect the Data. If one of the above transfers takes place, the User may refer to the respective sections of this document or request information from the Controller by contacting it at the contact details given at the beginning of this document.

Conservation period

Personal Data collected for purposes related to the performance of a contract between the Controller and the User will be retained until the performance of such contract is completed.Personal Data collected for purposes related to the legitimate interest of the Controller will be retained until such interest is satisfied. The User may obtain further information about the legitimate interest pursued by the Controller in the relevant sections of this document or by contacting the Controller.When the processing is based on the User's consent, the Controller may keep the Personal Data longer until such consent is revoked. Moreover, the Controller may be obliged to keep the Personal Data for a longer period in compliance with a legal obligation or by order of an authority. Therefore, after the expiration of this period, the right of access, deletion, rectification and the right to Data portability can no longer be exercised.

Data Sharing

Hotel.BB: We cooperate with Trippete S.r.l., based in Corso delle Province 30, 95127 Catania, Italy (www.hotel.bb) (henceforth Hotel.BB) to offer you an online booking service. We provide the content of the site and the bookings are made with us, while the management of the bookings themselves is the responsibility of Hotel.BB. The information that you enter on this site will therefore be shared with Hotel.BB and its affiliates and may include your name, contact details, payment details, the name of guests travelling with you and any preferences expressed during the booking process.Hotel.BB will send you a booking confirmation, an email prior to your arrival and information about the area and our property. Hotel.BB also provides international customer support from its offices every day, 24 hours a day, in more than 20 languages. Sharing your details with Hotel.BB's global customer support team will enable them to respond to you should you need help. Hotel.BB may use your information for technical, analytical and marketing purposes as described in the Hotel.BB Privacy Policy.

Privacy di Hotel.BB. Therefore, your information may also be shared with other companies that are part of Trippete for the purpose of analysis, to provide you with offers concerning the world of travel that may be of interest to you and to provide you with a personalised service. If required by law, Hotel.BB will ask for your consent. Should your data be transferred to a country outside the European Economic Area, Hotel.BB will make contractual arrangements to ensure that your personal information is protected in accordance with European legislation. If you have any questions concerning the processing of your personal data by Hotel.BB, please contact privacy@hotel.bb

Other service providers: We use service companies to manage your data on our behalf. This management is for the purposes described in this policy, for example processing of booking payments and sending marketing material for supporting analytical purposes. These service providers are bound by confidentiality agreements and do not have permission to use your personal information for other purposes.Law Enforcement: We share personal information with law enforcement and other government authorities when required by law or when absolutely necessary for the detection, prevention, or prosecution of fraud or crime.International Data Transfer

The transfer of personal data as described in this notice may involve the international transfer of information to countries whose data protection laws are not as detailed as those within the European Union. Where required by European law, we will only transfer personal data to entities that offer an adequate level of data protection. In these situations, we will make contractual arrangements to ensure that your personal data is protected in accordance with European standards. You can request a copy of these agreements using the contact details below.

Security

Hotel.BB relies on special procedures to prevent unauthorised access to data as well as its misuse. We use appropriate industry systems and procedures to safeguard the personal data you provide to us. We also rely on security procedures and technical and physical restrictions to prevent access to and use of the personal data held on our servers. Only authorised personnel may access personal data in the course of their work.

Your choices and rights

We want you to have control over how we use your personal data. You can do this in the following ways: you can ask us for a copy of the personal information we hold about you; you can inform us of any changes to your personal information or you can ask us to correct any of the information we hold about you; in specific situations, you can ask us to delete, block or limit the processing of the personal information we hold about you, or object to particular ways in which we are using your personal information; and in specific situations, you can also ask us to send the personal information we hold about you to a third party. Where we use your personal information with your consent, you may ask us to withdraw that consent at any time and in the manner provided by applicable law. Furthermore, where we process your personal information on the basis of legitimate interests or the public interest, you have the right to object to the use of your personal information at any time, in the manner provided by law. We rely on you to ensure that your personal data is complete, accurate and up-to-date. Notify us promptly of any changes or inaccuracies in your personal information by contacting villasargiano@gmail.com We will handle your request in accordance with applicable law.

li contattando villasargiano@gmail.com Gestiremo la tua richiesta secondo la normativa vigente. 

Details on the right to object

When Personal Data are processed in the public interest, in the exercise of public authority vested in the Controller or in pursuit of a legitimate interest of the Controller, Users have the right to object to the processing on grounds relating to their particular situation.Users are reminded that if their Data are processed for direct marketing purposes, they may object to the processing without providing any reasons. To find out whether the Controller processes Data for direct marketing purposes, Users may refer to the respective sections of this document.

How to exercise rights

In order to exercise their rights, Users may address a request to the contact details of the Controller indicated in this document. Requests are filed free of charge and processed by the Controller as quickly as possible, in any case within one month.

Cookie Policy

This Website makes use of Cookies. To find out more and to read the detailed information, the User can consult the Cookie Policy 

Further information on treatment

Defence in court

The User's Personal Data may be used by the Data Controller in legal proceedings or in the preparatory stages of such proceedings in order to defend against abuses in the use of this Web Site or related Services by the User.The User declares that he/she is aware that the Data Controller may be obliged to disclose the Data by order of public authorities.

Specific information

At the User's request, in addition to the information contained in this privacy policy, this Website may provide the User with additional and contextual information regarding specific Services, or the collection and processing of Personal Data.

System logs and maintenance

System logs and maintenanceFor operation and maintenance purposes, this Website and any third-party services used by it may collect system logs, i.e. files that record interactions and which may also contain Personal Data, such as the User's IP address.

Information not contained in this policy

Further information in connection with the processing of Personal Data may be requested at any time from the Data Controller using the contact details.

Changes to this privacy policy

The Data Controller reserves the right to make changes to this privacy policy at any time by informing Users on this page. Therefore, please consult this page regularly, taking as reference the date of last modification indicated at the bottom. If you do not accept the changes made to this privacy policy, you must cease using this Website and you may request the Data Controller to remove your Personal Data. Unless otherwise specified, the previous privacy policy will continue to apply to Personal Data collected up to that point.

Definitions and legal references

Personal Data (or Data)

Personal data is any information that, directly or indirectly, even in conjunction with any other information, including a personal identification number, makes a natural person identified or identifiable.

Usage Data

This is information collected automatically through this website (including by third party applications integrated into this website), including: IP addresses or domain names of the computers used by the User who connects to this Website, URI (Uniform Resource Identifier) notation addresses, the time of the request, the method used to forward the request to the server, the size of the file obtained in response, the numerical code indicating the status of the server response (successful, error, etc.), the country of origin, the characteristics of the browser and operating system used by the visitor, the various time connotations of the visit (e.g. time spent on each page) and details of the itinerary followed by the User. ), the country of origin, the characteristics of the browser and operating system used by the visitor, the various temporal connotations of the visit (e.g. the time spent on each page) and details of the itinerary followed by the User. ), the country of origin, the characteristics of the browser and the operating system used by the visitor, the various temporal connotations of the visit (e.g. the time spent on each page) and the details of the itinerary followed within the Application, with particular reference to the sequence of pages consulted, the parameters relating to the operating system and the User's IT environment.

User

The individual using this Website who, unless otherwise specified, is the Data Subject.

Interested

The natural person to whom the Personal Data refer.

Processor (or Manager)

La persona fisica, giuridica, la pubblica amministrazione e qualsiasi altro ente che tratta dati personali per conto del Titolare, secondo quanto esposto nella presente privacy policy. 

Titolare del Trattamento (o Titolare)

The natural person, legal entity, public administration and any other entity that processes personal data on behalf of the Controller, as set out in this privacy policy.

This Website (or this Application)

The hardware or software tool by which Users' Personal Data are collected and processed.

Service

The Service provided by this Website as defined in the relevant terms (if any) on this site/application.

Unione Europea (o UE)

Unless otherwise specified, any reference to the European Union in this document shall be deemed to extend to all current member states of the European Union and the European Economic Area.  

Cookie

Small portion of data stored within the User's device.

About me

Provides access to the 'About Me' section of the profile.

Legal references

This Privacy Policy is drafted on the basis of multiple legislative orders, including Articles 13 and 14 of Regulation (EU) 2016/679. Unless otherwise specified, this privacy policy relates exclusively to this Website.

This page is visible by means of a link at the bottom of all the pages of the Site in accordance with Article 13 GDPR and in compliance with the simplified modalities for the information and acquisition of consent for the use of cookies published in the Official Gazette no. 126 of 3 June 2014 and its register of provisions no. 229 of 8 May 2014.

Read the global policy on the use of cookies and similar technologies here