Privacy Policy

Home » Privacy Policy

EXTENDED INFORMATION NOTICE ON THE PROCESSING OF PERSONAL DATA

RESIDENCE ONDA MARE pays the utmost attention to the confidentiality, protection, and security of personal data relating to the individuals it comes into contact with.

Users of this site are therefore invited to preliminarily visit all sections of this document, which describes the management methods of the site regarding the processing of personal data of the individuals who consult it.

This document also serves as an information notice pursuant to Art. 13 of EU Regulation 2016/679 (hereinafter “Regulation” or “GDPR“) and applicable national legislation regarding the processing of personal data (Legislative Decree 196/2003 as amended), for all those who interact with the web services of the site accessible electronically at the address www.residenceondamare.it.

This notice is provided and valid only for this site and not for other websites that may be consulted by the user via links present on the site. RESIDENCE ONDA MARE has no control over these sites or the procedures they apply for data privacy; therefore, we suggest consulting the privacy policies of all entities you come into contact with before communicating personal information.

DATA CONTROLLER

The Data Controller is RESIDENCE ONDA MARE DI PANDOLFINI ROBERTO S.A.S. with registered office in VIA ABRUZZI 87 – 48015 CERVIA (RA) – ITALY – VAT ID: 02700870393 – e-mail: Info@Residenceondamare.It.

TYPES OF DATA PROCESSED AND PURPOSES OF PROCESSING

Data provided voluntarily by the user

Personal data (e.g., name, surname, telephone, e-mail address, etc.) are requested from the user only if they wish to get in touch or make use of the services offered on this site. In such cases, the user is provided with appropriate information and, where necessary, invited to provide their consent. The processing of data provided by the user will take place in compliance with the purposes and methods indicated in this notice and the specific notices made available from time to time.

CONTACTS AND INFORMATION REQUESTS

Data provided directly by the data subject through the use of contact channels on the website or by filling out and sending contact forms.

The explicit and voluntary sending of messages to contact addresses or filling out forms in the dedicated section involves the acquisition of the sender’s contact data, as well as all personal data included in the communications.

These data are processed for the following purposes and in compliance with the relevant legal bases for processing, for a storage period no longer than necessary for the purposes for which they were collected and processed.

Type of data processed: name, e-mail, subject, and message.
Purposes of processing:
- Management of the request sent by the user;
- Provision of the requested service (e.g., quotes, information requests, etc.);
Legal Basis:
- Processing is necessary to respond to requests; for the execution of pre-contractual or contractual measures adopted at the request of the data subject.

LIVE CHAT – INSTANT MESSAGING SYSTEM

Data provided directly by the data subject through the use of the live chat service on the website.

The WhatsApp platform is used to manage the live chat service; data are transferred to the service provider for the delivery of the service itself. Processing takes place in the manner specified by the service’s privacy policy: Whatsapp privacy policy.

The use of the live chat system involves the acquisition of user data, as well as all personal data included in the communications/conversations.

Type of data processed: personal data transmitted via the live chat system.
Purposes of processing:
- Management of the request sent by the user;
- Provision of the requested service (e.g., support, quotes, information requests, etc.);
Legal Basis:
- Processing is necessary to respond to requests; for the execution of pre-contractual or contractual measures adopted at the request of the data subject. For data transmitted using the live chat system (answering visitor questions or solving their problems), it is not necessary to collect visitor consent.

REQUEST YOUR QUOTE

Data provided directly by the data subject by filling out and sending the form for determining or requesting a quote for a specific stay. By accessing this section, it is possible to request the availability of the facility for a stay.

The data are processed for the following purposes and in compliance with the relevant legal bases for processing, for a storage period no longer than necessary for the purposes for which they were collected and processed.

Type of data processed: name, surname, e-mail, telephone, address, city, zip code, nation, additional information.
Purposes of processing:
- Management of the request sent by the user;
- Provision of the requested service (e.g., checking availability, quotes, information requests, etc.);
- With the acquisition of consent, sending commercial information also via email to propose stays, conduct customer satisfaction surveys, market research, and promotional activities in general.
Legal Basis:
- Processing is necessary to respond to requests; for the execution of pre-contractual or contractual measures adopted at the request of the data subject;
- Consent of the data subject – Opt-out: Possibility to revoke consent in every newsletter communication or by writing to the Controller.

The Baddy platform is used to manage this service; data are transferred to the solution manager, Zucchetti Hospitality Srl – a Zucchetti Group company.

NEWSLETTER AND COMMERCIAL COMMUNICATIONS

Data provided directly by the data subject by filling out and sending the Newsletter subscription form.

Subscription to the Newsletter on this site is optional, explicit, and voluntary; this activity involves the acquisition of the sender’s contact data.

Type of data processed: E-mail address, name, surname, country.
Purposes of processing: commercial proposal and marketing activities such as:
- Sending Newsletters in case of registration for the relative service; sending commercial information also via email to propose stays, conduct customer satisfaction surveys, market research, and promotional activities in general.
Legal Basis: consent of the data subject – Opt-out: Possibility to revoke consent in every newsletter communication or by writing to the Controller.

The MailUp platform is used to manage the newsletter; data are transferred to the service provider for the delivery of the service itself. Processing takes place in the manner specified by the service’s privacy policy: MailUP DPA.

Unsubscribing from the Service

To stop receiving the Newsletter, simply click the “Unsubscribe” / “Disinscriviti” button at the bottom of each Newsletter e-mail or send a communication to the contact e-mail address: Info@Residenceondamare.It.

ADDITIONAL PURPOSES

Legitimate Interest:

Contractual purposes connected and instrumental to the establishment and management of relationships with customers and/or suppliers, such as the acquisition of information preliminary to the eventual conclusion of a contract;
Fulfilling obligations provided for by State laws, regulations, and community legislation, or provisions issued by authorities legitimate by law and by supervisory or control bodies (e.g., tax, accounting, administrative, etc.);
The exercise of the Controller’s rights in court and the management of any litigation.

Statistics:

Collection of data and information in exclusively aggregate and anonymous form to verify the correct functioning of the site and to improve the online shop and the platform. None of this information is related to the natural person-user of the site and does not allow for identification in any way.

Security:

Collection of data and information to protect the security of the site and users (spam filters, firewalls, virus detection) and to prevent or expose fraud or abuse to the detriment of the website.

Data, including domain names of computers used by users connecting to the site, URI (Uniform Resource Identifier) addresses of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters related to the user’s operating system and IT environment, are recorded automatically and may eventually include personal data (IP address) which could be used, in accordance with current laws, to block attempts to damage the site itself or other users, or otherwise harmful activities or crimes. Such data are never used for user identification or profiling and are deleted periodically.

Cookies

Cookies are small text strings that sites visited by the user send to their terminal (usually the browser), where they are stored to be retransmitted to the same sites at the next visit by the same user. For further details, please refer to the site’s Cookie policy.

MANDATORY OR OPTIONAL NATURE OF DATA PROVISION

The user is free to decide whether or not to provide their personal data through this website and/or connected services. Failure to provide data, as indicated case by case in the notices provided to the user, may make it impossible to provide the requested service. The strict mandatory nature of any requested information is marked with a symbol (*).

Any refusal to communicate certain data marked as mandatory makes it impossible to pursue the main purpose of the specific collection: such refusal could, for example, make it impossible for the Controller to conclude the contract or provide other services available on the site.

The provision of additional data, other than those marked as essential (such as, for example, the indication of the country), is instead optional and does not involve any consequence regarding the pursuit of the main purpose of the collection.

METHODS OF PROCESSING AND DATA STORAGE

The processing of personal data will always be based on principles of correctness, lawfulness, transparency, and protection of confidentiality through technical and organizational security measures to guarantee an adequate level of protection. Unless otherwise specified, the processing of personal data will take place for the entire period during which the data subject uses this website and the services provided through it. In case of revocation of consent, personal data will be kept by the Controller to prove the fulfillment of its obligations until the statute of limitations.

SHARING WEBSITE CONTENT THROUGH SOCIAL NETWORKS

Through the RESIDENCE ONDA MARE website, it is possible to share content through Social Networks. The user is free to decide if and which content to share on one or more social networks (Facebook, Instagram, etc.). In this case, we inform you that no personal data of the user is acquired by RESIDENCE ONDA MARE, and the user is invited to check their account settings on the social network to identify data acquired by external platforms. Below are the links for privacy indications for interactions with social networks and external platforms:

RECIPIENTS AND DATA TRANSFER

Personal data will be processed by personnel in charge of the development and management of the website who are authorized to process them for the achievement of the previously indicated purposes and who have committed to confidentiality or have received an adequate legal obligation of confidentiality. Personal data will be processed by entities appointed as Data Processors as they process data on behalf of the Controller (e.g., hosting providers, platform providers for calculation and quote services, or entities delegated to carry out technical maintenance, etc.).

Personal data may be shared with:

Third parties with whom the Controller has ongoing contractual relationships concerning services functional to the performance of the activity;
Professionals, companies, or professional firms providing assistance and consultancy in accounting, administrative, legal, tax, financial, and credit recovery matters, etc.

The complete list of appointed external processors is available at the Controller’s office.

Data may be communicated, even without consent, to all inspection bodies responsible for checks and controls, such as the Revenue Agency, ministerial bodies, and competent authorities, local authorities, and tax commissions, upon their express request. Personal data are not intended for publication or dissemination.

Data will be processed by the Controller in Italy, within the territory of the European Union and the European Economic Area. If for technical, organizational, and/or operational reasons it becomes necessary to use entities located outside the EU or EEA, the Controller will ensure that processing complies with applicable legislation through adequate guarantees (Adequacy decisions, Standard Contractual Clauses, etc.).

RIGHTS OF THE DATA SUBJECTS

Articles 15 et seq. of EU GDPR 2016/679 grant data subjects specific rights.

In particular, the right to obtain confirmation of the existence of personal data, access to personal data and the rectification or deletion of the same, or the limitation of processing concerning them, or to object to their processing, in addition to the right to data portability.

Furthermore, data subjects have the right to obtain the revocation of consent at any time without affecting the lawfulness of processing based on consent given before revocation, the transformation into anonymous form, or the blocking of data processed in violation of the law.

The exercise of these rights is not subject to any time constraint and can be carried out free of charge by contacting the Controller at the references provided at the beginning of this notice via ordinary mail and/or e-mail.

Data subjects who believe that the processing of personal data relating to them carried out through this site occurs in violation of the Regulation have the right to lodge a complaint with a supervisory authority (for Italy: Garante per la protezione dei dati personali www.garanteprivacy.it), as provided for by Art. 77 of the Regulation, or to take appropriate legal action (Art. 79 of the Regulation).