Privacy
ABOUT THE NOTIFICATION
These pages describe the management methods practiced by the site in question regarding the processing of personal data of its users.
In compliance with article 13 of the Legislative Decree nr. 196/2003 – Personal data protection code, this information leaflet is made available to those interacting with the web services of the VALE BEACH & SPA S.r.l., hotel services provider for the Miramare Suites in Sestri Levante, which can be accessed electronically at the following web site:
miramaresuites.it
The leaflet only relates to the website of the Miramare Suites of Sestri Levante, and not any other websites that may be visited by the user via links.
The information leaflet is also in accordance with Recommendation nr. 2/2001, which the European authorities restated as a Group founded by article 29 of directive nr. 95/46/EC for the protection of personal data and which was adopted on 17th May 2001 to identify some minimum prerequisites for the online gathering of personal data and, in particular the methods, times and nature of the information that the owners of the processing must provide to users when they visit websites, regardless of the aims of said visit.
THE "OWNER" OF THE PROCESSING
In compliance with article 28 of the Legislative Decree 196/2003, the owner of the personal data processing is VALE BEACH & SPA S.r.l., legally registered in Viale Rimembranza, 45 16039 Sestri Levante - Genova, Italy via their legal representative, Tel +39 0185 1636 801- email: info@miramaresesuites.it
The company will provide the updated list of the Processing Managers, both within and outside the company, if required.
THE "MANAGER" OF THE PROCESSING
In compliance with article 29 of the Legislative Decree 196/2003, the Manager of the processing and the Systems Administrator for the management of the website www.miramaresuites.it and the online booking platform www.blastnessbooking.com within the same site is the BLASTNESS S.r.l. company legally registered in P.zza J.F. Kennedy 27, 19125 La Spezia (SP), Tel. 0187 599737- Fax 0187 020349 – email: info@blastness.com.
DATA PROCESSING SITE
The processing linked to the web services of this site occurs at the premises of the owner and the outside processing manager.
No data made available from the web service may be communicated by the two companies to third parties unless strictly relevant to the aim of the processing or imposed by laws or regulations.
The data provided voluntarily on the site for online bookings or to manage the newsletter is recorded within the database of the BLASTNESS S.r.l., company owner of the hotel reservation engine (www.blastnessbooking.com) used by the site http://www.miramaresestrilevante.com, and responsible for the management of all personal data linked to the website in question.
The BLASTNESS company which manages the website for the Hotel Miramare in Sestri Levante provides the data acquired from the site to the VALE BEACH & SPA S.r.l. company, which owns the processing.
AIMS OF THE PROCESSING
The personal data supplied voluntarily and optionally by users sending requests to receive information on the hotel’s services (prices, availability of the rooms and convention rooms, etc.), register for the newsletter, make online bookings or simply send employment requests by sending CVs in electronic form, are used only for completing the service requested and are not communicated to third parties unless imposed by legal obligations or where strictly relevant and necessary for fulfilling the requirements.
In particular, the personal data provided voluntarily by interested parties will be gathered through telematics means directly and/or through delegated third parties (companies for email services, companies for hosting the websites) for the following purposes:
- to check the availability of the bedrooms required using anonymous information entered such as the date of arrival, number of nights, number of adults and children;
- to allow the users to make and confirm the booking, providing credit card data as guarantee;
- to use the credit card issued as guarantee for the possible debit of any penalty in the event of cancellation beyond the term allowed for the right to annul the confirmation of the booking, or in the event of non-arrival of guests on the agreed date (no show procedure);
- to promote commercial activities via email in compliance with comma 4 of article 130 of the Legislative Decree 196/2003;
- to provide answers on our hotel services (room availability, prices, convention rooms, catering, etc.);
- to register for the newsletter in order to receive regular communications of a commercial or advertising nature;
- to evaluate any CVs sent that are compatible with open internal positions;
- anonymous statistics (to evaluate the number of accesses, etc.);
- to fulfil the current obligations of an administrative, accounting and tax nature, as well as for complying with laws and regulations.
The data processed by us may include data of a sensitive nature as defined by comma d of article 4 of the Legislative Decree 196/2003 or rather "personal data allowing the disclosure of racial or ethnic origin, religious, philosophical or other beliefs, political opinions, membership of parties, trade unions, associations or organizations of a religious, philosophical, political or trade-unionist character, as well as personal data disclosing health and sex life" provided by you voluntarily in the notes field of the booking form, as instrumental in providing our services (food allergies, people with disabilities, information on health, etc.).
The data in question will be processed in compliance with the general authorization of the Guarantor for the protection of personal data Nr 5 issued, limited to the data and the essential operations required to fulfil the obligations, including the pre-contractual ones, that the hotel undertakes in their sector of activity, in order to provide specific goods or services required by the data subject.
In accordance with article 26 of the Legislative Decree 196/2003, any data of a sensitive nature will be processed by us with the maximum confidentiality and will not be distributed.
CV MANAGEMENT
The Hotel Nazionale S.r.l. company reserves the right to evaluate CVs received for vacancies within the hotel either current or which may become available in the near future.
Any CVs considered "of interest" will be kept for up to a year and will be treated with complete respect to the minimum security measures in compliance with articles 33, 34 and 35 of Legislative Decree 196/2003.
Nonetheless, all candidates are asked to respect the following rules in transmitting their CVs in electronic form:
- to draw up their CV in the European format;
- to transmit their CV in pdf form;
- to avoid including sensitive data in the CV (regarding, in particular, the state of health, and religious, philosophical or political beliefs) that are not relevant to the job offer;
- to give their permission to the processing of sensitive data regarding the establishment of a work relationship (for example, belonging to protected categories).
It will be the responsibility of the Company to supply a suitable information report in compliance with article 13 of Legislative Decree 196/2003, during any eventual interviews with candidates.
The purpose of the processing method connected to the management of CVs, will affect activities strictly referring to the evaluation, recruitment or selection of personnel, with objectives of collaboration, short-term or long-term employment, apprenticeships, or rather to allow the chosen candidate to prepare their degree thesis on our Premises.
COMMUNICATION AND DISTRIBUTION OF DATA
Within the VALE BEACH & SPA S.r.l. company, all personal data acquired by the website www.miramaresuites.it may be processed exclusively by personnel officially appointed and trained in matters of confidentiality and security of personal data.
The personal data of interested parties, should this be necessary, can be communicated to:
- the BLASTNESS S.r.l. company in their role of external processing manager;
- public offices and organizations for the function of obligations of law and/or contracts;
- credit recovery companies and banking institutes for the management of collection and payments resulting from the fulfilment of the stay;
- eventual consultants and external companies commissioned specially to carry out tax and contribution consultation activities on our behalf;
- collaborators of companies providing services when the communication is necessary for the use by the party interested in the hotel’s services;
TYPE OF DATA PROCESSED
Navigation data - The software applications used for the functioning of this website acquire, during their normal application, some personal data whose transmission is implied in the ambit of the normal IP internal communication protocol.
This information has not been gathered to be directly identified to the interested parties, but which by their very nature could, through subsequent elaboration and correlations with data kept by third parties (providers), permit the identification of the users.
This category of data includes IP addresses or the dominion names of computers used by visitors to the site, the date and time of the request, URI (Uniform Resource Identifier) addresses of the resources requested, the size of the file obtained in answer from the server, the numerical code indicating the state of the reply given by the server (OK, error, etc.), and other parameters regarding the operative system and the informatics environment of the user.
This data is used exclusively to gather anonymous statistical information regarding the use of the site and to control the correct functioning of it and is cancelled immediately after processing. This data could also be used to check responsibility in the event of hypothetical informatics crimes against the site; notwithstanding this eventuality, the data regarding web contacts is available for no longer than seven days.
Data provided voluntarily by the user - The optional, specific and voluntary sending of emails to the addresses indicated on this site, includes the subsequent acquirement of the sender’s address, necessary for replying, as well as any other personal data included in the email.
PROCESSING METHODS
All personal data is processed in paper form and/or with automated tools only for the time strictly necessary for carrying out the aims for which it has been gathered. Specific security measures are observed to prevent the loss of data, illegal or incorrect use and unauthorized access.
RIGHTS OF THE INTERESTED PARTIES
The subjects to whom the personal data belongs, have the right at any time to obtain the confirmation of the existence, or non-existence, of said data and to be informed of the contents and origin, check the accuracy, or ask for the completion, updating or correction thereof (article 7 of Legislative Decree nr. 196/2003). In compliance with the same article, is the subject has the right to ask for the cancellation, transformation to anonymous form or the block of the data processed in violation of the law, as well as opposition in any case, for legitimate reasons, of the processing. Requests should be made to the VALE BEACH & SPA S.r.l. company, owner of the personal data processing.
Below are the full rights of the data subject.
- Art. 7 – Right to access Personal Data and Other Rights
- A data subject shall have the right to obtain confirmation as to whether or not personal data concerning him exists, regardless of their being already recorded, and communication of such data in intelligible form.
- A data subject has the right to be informed:
- of the source of the personal data;
- of the purposes and methods of the processing;
- of the logic applied to the processing, if the latter is carried out with the help of electronic means;
- of the identification data concerning data controller, data processors and the representative designated as per Section 5(2);
- of the entities or categories of entity to whom the personal data may be communicated and who may obtain said data in their capacity as designated representative(s) for the State’s territory, data processor(s) or person(s) in charge of the processing.
- A data subject shall have the right to obtain:
- updating, rectification or, where interested therein, integration of the data;
- erasure, anonymization or blocking of data that has been processed unlawfully, including data whose retention is unnecessary for the purposes for which they have been collected or subsequently processed;
- certification to the effect that the operations as per letters a) and b) have been notified, as also related to their contents, to the entities to whom or which the data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected.
- The data subject has the right to object, in whole or in part:
- on legitimate grounds, to the processing of personal data concerning him/her, even though this is relevant to the purpose of the collection;
- to the processing of personal data concerning him/her, where it is carried out for the purpose of sending advertising materials or direct selling or for the performance of market or commercial communication surveys.
- test