Privacy – Personal Data Protection Policy
In compliance with Italian Legislative Decree N° 196 dated 30 June 2003, so-called data protection law, Codice in materia di protezione dei Dati personali, HotelSeeker.it™ hereby informs its Visitors, Users and Clients that:
Pursuant to the provisions of art. 28 of the foregoing law, the data controller is:
Hotel Seeker S.r.l., with sole stakeholder, as duly registered with the Economic and Administrative Index (R.E.A.), N° 2002329, Tax and VAT number 08090640965, and with registered offices at Via Fabio Filzi 2, 20124 Milan.
Pursuant to the provisions of art. 29, the data processor is:
The Data Processor – Data Protection Officer
Hotel Seeker S.r.l., with sole stakeholder
Via Fabio Filzi 2 – 20124 Milan
E-mail address: firstname.lastname@example.org
The personal data of Visitors, Users and Clients are collected from the information they put on registration and data collection forms, both of which are available online at https://www.hotelseeker.it. Said registration and data collection forms differ based on who registers on the website https://www.hotelseeker.it and the sort of service being offered. The company may also collect data from direct contact with Visitors, Users and Clients using specific forms and by entering into agreements.
How Data is Used
The data controller will use personal data in compliance with current rules, laws and regulations. Personal data are processed both electronically and on paper depending on specific purposes and, in any case, in a manner that ensures the personal data are kept confidential and safe. The data controller will use personal data both itself and through other people acting as a data processor or someone the data controller has authorized thereto.
Purpose in Using Personal Data
Upon obtaining their permission, the personal data of Visitors, Users and Clients may be used, in compliance with the principles of transparent, ethical and correct usage, so that the company can supply the services offered on the website https://www.hotelseeker.it. Personal data may be used in order to send Visitors, Users and Clients advertisements and information about the services the company offers. The data may also be used so that the company can supply professional services. The data are processed using electronic and IT systems, on paper and using digital media tools directly by the data controller company itself, a duly appointed data processor, third parties, as authorized by the data controller, or by third party companies that provide services and that have been duly appointed or commissioned to do so. No data collected on the website https://www.hotelseeker.it are disseminated outside the company except to supply the services offered on the website.
Supply of Data
The supply of data by Visitors, Users and Clients is voluntary. However, if failure Visitors, Users and Clients refuse to provide their personal data the data controller will not be able to supply the services they are seeking.
Disclosure of Personal Data to Third Parties
The personal data Visitors, Users and Clients provide the company with will only be disclosed to third parties to ensure the company can actually provide the services on the website https://www.hotelseeker.it. As such, personal data may be disclosed to third parties that use the services supplied by the data controller with the sole aim to supply the services offered to Visitors, Users and Clients. In such cases, responsibility for using the data lies solely with the foregoing third parties and, as such, the data controller shall not be held liable for the way such third parties use the personal data.
Data Retention Period
The personal data retention period is restricted by the purposes for which the data is collected and in order for the company to be able to supply the services it offers on the website https://www.hotelseeker.it. Personal data will be used until data subjects ask for their data to be cancelled, which they may do by specifically filing a request thereto with the data controller.
In compliance with art. 31 of the foregoing data protection law, the data controller undertakes to take all the most suitable steps – as assessed based on the knowledge acquired and on technical innovation, the nature of the personal data to be used and how the data is to be used – to reduce any risks of destroying or losing, even accidently, such personal data in order to ensure Visitors, Users and Clients are safeguarded as well as is possible.
Transfer of Personal Data to Third Party Countries
With specific reference to the transfer of personal data, to data backup and protection of data provided to the company, and without prejudice to the provisions of art. 43 of the Italian data protection law, personal data may only be transferred in order to fulfill the contractual and pre-contractual undertakings between the company and data subjects.
Rights of Data Subjects Under Art. 7 of The Data Protection Law
Pursuant to art. 7 of the data protection law, data subjects may exercise their rights with the data controller. In particular, according to said art. 7, data subjects may obtain confirmation from the data controller whether or not it has their personal data, even if such personal data has not yet been recorded, and ask for such data to be provided to them in an intelligible manner. Data subjects are entitled to know: a) the amount of personal data that is held about them; b) what the date will be used for and how; c) how the data is processed if electronic data processing equipment is used; d) the identification information about the data controller, data processor and the appointed representative, pursuant to article 5, paragraph 2; e) the people or category of people personal data can be disclosed to or that may come to know about the data in acting as a representative, processor or authorized officer. Data subjects are entitled to obtain: a) updates, changes or, when they are interested, insertion of additional information; b) cancellation, anonymous transformation or blockage of personal data that has been used in breach of the law, including any data that need not be retained, relating to the purposes for which the data were collected or subsequently used; c) representation that the operations, including the content thereof, pursuant to letters a) and b), have been divulged to those people whose personal data have been disclosed or disseminated, except in the event it is impossible to fulfill the commitment or it implies using systems that are manifestly excessive in relation to the right being safeguarded. Data subjects are entitled to oppose, wholly or partially: a) and for legitimate reasons, the processing of their personal data, even if the data are necessary to reach the goal for which the personal data are collected; b) the processing of their personal data if such processing is aimed at sending them advertisements, contacting them for direct sales or to carry out market research or commercial communication endeavors.