PRIVACY POLICY
This page describes how to manage this website with reference to the processing of personal data of users who consult it. The processing of data is carried out in compliance with the criteria set by the European regulation on the protection of personal data, Reg. 2016/679 / EU and any other national legislative text, provision or authorization of the competent Authority connected to the same. According to the law, the treatment must be based on principles of correctness, lawfulness and transparency and protection of your privacy and your rights.
The information is provided only for this site and not for other websites that may be consulted by the user through links.
THE HOLDER OF THE TREATMENT
Following consultation of this site, data relating to identified or identifiable persons may be processed. The holder of their treatment is Nicolò Basso, owner of Bed and Breakfast Re Lear di Basso Nicolò, Vicolo Volto San Luca 19 – 37122 Verona (VR) tel .: 3456779007 e-mail: relearbb@gmail.com.
DATA PROCESSING PLACE and COMMUNICATION
The processing operations connected to the web services of this site take place at the aforementioned offices of the Company and are carried out by the Company’s personnel and / or by external agents of duly appointed maintenance and updating operations. No data deriving from the web service is communicated or disseminated.
The personal data provided by users who submit requests for services, services or information are used only to perform the service or provision requested or to provide the requested information and are communicated to third parties duly appointed only in the case in which this is necessary end.
TYPES OF DATA PROCESSED
Navigation data
The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
This is information that is not collected to be associated with identified interested parties, but which by their very nature could, through processing and association with data held by third parties, allow users to be identified.
This category of data includes IP addresses or domain names of the computers used by users connecting to the site, the addresses in the Uniform Resource Identifier (URI) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (success, error, etc.) and other parameters relating to the operating system and the user’s computer environment.
This data, in this site are used only to obtain anonymous statistical information on the use of the site and to check its correct functioning. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the site. For these data, it is not necessary to request consent for the aforementioned purpose.
Data provided voluntarily by the user
The optional, explicit and voluntary sending of emails to the addresses indicated on this site or filling in the form of the specific sections with the required and optional fields, involves the subsequent acquisition of information and the sender’s address, necessary to respond to requests for services and / or information. For these data, it is not necessary to request consent for the aforementioned purpose.
Cookies
No personal data of users is acquired by the site in this regard.
We do not use cookies to transmit information of a personal nature, nor are used c.d. persistent cookies of any kind, or systems for tracking users. The use of c.d. session cookies (which are not stored permanently on the user’s computer and disappear when the browser is closed) is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to allow safe browsing and efficient site.
I c.d. session cookies used on this site avoid the use of other technologies that could compromise the privacy of users’ browsing and do not allow the acquisition of personal identification data.
OPTIONALITY OF DATA SUPPLY
Apart from that specified for navigation data, the user is free to provide personal data for the request for services and / or information. Failure to provide such data may make it impossible to obtain what has been requested.
METHOD OF TREATMENT
Personal data are processed by the owner and by duly appointed managers for the correct fulfillment of the purposes indicated by electronic means and paper files, as well as by the use of security measures to ensure the confidentiality of personal data and to avoid undue access to subjects unauthorized. The data controller does not use automated processes, including profiling, to achieve the purposes set out in this statement.
TERMS OF TRETTING
The Data Controller will process personal data for the time necessary to fulfill the aforementioned purposes and in any case for no more than 2 years from the acquisition of data for the purposes of processing.
RIGHTS OF THE INTERESTED
Pursuant to articles 15 – 22 GDPR, the interested party has the right to ask the data controller to access your personal data or to correct or cancel them or limit the processing that concerns them, or has the right to object to their treatment, in addition to the right to request data portability.
The request can be made by e-mail or by fax or registered with the subject: “request by the interested party” specifying in the request the right that the person wants to exercise (cancellation, rectification, portability, oblivion), together with a valid address e-mail / pec to which the reply should be sent.
The data controller or, anyone appointed by the same, will proceed to satisfy the request within 30 days from the date of receipt. If the answer is complex, the time could be extended to a further 30 days, upon timely communication to the same interested party.
If it deems it appropriate to assert its rights, it has the right to lodge a complaint with the competent supervisory authority, corresponding to the National Privacy Guarantor, located in Palazzo Monte Citorio 121, Rome.
AGREEMENT FOR co-titolarity OF REG. EU 2016/679
BETWEEN
Bed & Breakfast RE LEAR of Nicolò Basso with registered office in Vicolo Volto San Luca 19, 37122, Verona – C.F./P.I. BSSNCL89C06F861H – 04190990236 – legally represented by Nicolò Basso born in Negrar on 06/03/1989 and resident in Vicolo Volto San Luca 19, 37122 Verona – C.F. BSSNCL89C06F861H
IS
GILT SRLS with registered office in Vicolo Ghiacciaia 6, 37122 Verona – C.F./P.I. 04483120236 – legally represented by Nicolò Basso born in Negrar on 06/03/1989 and resident in Vicolo Volto San Luca 19, 37122 Verona – C.F. BSSNCL89C06F861H
IS
GIULIA SARTORI with registered office in Vicolo Volto San Luca 18, 37122, Verona – C.F./P.I. SRTGLI88R47E349X – 04056750237 – legally represented by GIULIA SARTORI born in ISOLA DELLA SCALA on 10/07/1988 and resident in Vicolo Ghiacciaia 6, 37122 Verona – C.F. SRTGLI88R47E349X
GIVEN THAT
1) B & B RE LEAR of Nicolò Basso, the company GILT Srls and the tourist lease Castelvecchio Rooms of GIULIA SARTORI are three receptive activities in particular related to the sector of landlords;
2) B & B RE LEAR has purchased a web domain necessary to make reservations or request information; of the data collected through the site can also use GILT SRLS and the tourist rental Castelvecchio Rooms of GIULIA SARTORI;
3) B & B RE LEAR has an email address (relearbb@gmail.com) used for reservations, quotes and / or agreements related to arrivals and departures. Subsequently, the bookings are sorted between the three activities depending on the availability of the room;
4) B & B RE LEAR of Nicolò Basso, the company GILT Srls and the tourist rental Castelvecchio Rooms GIULIA SARTORI; as part of the activities above, they treat, both in paper and electronic means, personal data concerning the same subjects (natural persons) ), for which they jointly establish the purposes of the processing;
5) The types of data processed are: personal (name, surname, tax code, residence, telephone contact, e-mail address). Any particular data (possible disability, intolerance / allergies) may be processed for the performance of the activity but will not be subject to consent as it is data made manifestly public by the interested party (Article 9.2 letter e) GDPR).
Having said this, the following is established:
1) In processing personal data of individuals, the Parties will abide by the principles (Art 5. – Chapter II – EU Reg 2016/679) and the provisions of EU Reg. 2016/679 implementing all the measures necessary to ensure their protection and acting both as data controllers (Article 26 – EU Reg 2016/679);
2) B & B RE LEAR of Nicolò Basso, the company GILT Srls and the tourist rental Castelvecchio Rooms GIULIA SARTORI agree that each Party is responsible for: protecting the rights of the interested parties, through compliance with privacy legislation and compliance with the 2016 European Regulations / 679 of Legislative Decree 196/2003 as amended by Legislative Decree 101/2018 and any other provision of the Guarantor;
3) In order to improve transparency, each of the three parties must inform the interested parties, as required by Articles 13 and 14 – EU Reg. 2016/679, explaining the co-ownership established in this agreement;
4) The parties are aware of having to collect, at the time of registration, each for their own competence, any consents where necessary for specific purposes other than the main one;
5) Any interested party to whom an informative report will be cited in which the data is co-owned, may also contact the co-owners, directly, at the following address: relearbb@gmail.com to request more information about the agreement, the means and purposes of the processing and to exercise their rights;
6) The data archive (both paper and electronic) is made at the headquarters of the B & B RE LEAR in Vicolo Volto San Luca, 19. Through this agreement all parties are authorized to access the documents or information necessary for the performance of own activities;
7) The Parties undertake to keep the data for the only time necessary to exercise the purposes for which they were collected and in any case for no more than ten years for the contractual purpose, no later than 7 days for the data required to perform the check- in and no later than 2 for marketing purposes (where it is carried out);
8) All personal data that will be processed by the Parties, in implementation of this agreement, must be considered as confidential information and must be used only in relation to the purposes of this agreement;
9) With regard to manual processing, the Parties guarantee to store data in premises accessible only to authorized parties;
10) The Parties guarantee not to communicate the personal data that will be in possession to subjects other than those provided for in the informative note and possibly to communicate them for the sole purpose expressly provided for. The dissemination / disclosure will take place within the limits set by the information and only after specific information and consent;
11) In the case of an interested party communicating the will to correct or delete their data, the Parties undertake to comply promptly with this request, informing each other;
12) This agreement remains valid as long as the relationships mentioned in the introduction subsist and until a possible revision of the agreement itself (in case it becomes necessary for the performance of any tasks and / or responsibilities of the Parties). The Parties undertake an annual check on the existence of the requirements of joint ownership.
This agreement, including the premises, is binding on the parties, who approve it by signing.
Verona, 27/08/2018
Bed & Breakfast Re Lear by Nicolò Basso – Gilt Srl SEMPLIFICATA – Holiday Rentals Castelvecchio Rooms GIULIA SARTORI
Subject: Information on the processing of personal data pursuant to art. 13 Reg. 2016/679 / EU.
Dear Customer,
This is to inform you that the processing of your personal data is carried out at our company. The processing is carried out in compliance with the criteria set by the European regulation on the protection of personal data, Reg. 2016/679 / EU (hereinafter GDPR) and any other national legislation, provision or authorization of the competent Authority at the same connected. According to the law, the treatment must be based on principles of correctness, lawfulness and transparency and protection of your privacy and your rights.
1) The data controller is Gilt Srls, in person of its legal representative pro tempore, with registered office in Vicolo Ghiacciaia, 6 – 37122 Verona (VR) tel .: 3456779007 e-mail: relearbb@gmail.com.
2) The data collected compulsorily for the completion of the contract, will be collected without the need for your express consent (according to article 6.1 letter b), G.D.P.R.), are used for the following purposes:
a) Fulfillment of pre-contractual, contractual, tax or accounting obligations arising from the relationship with you in place, and fulfill the obligations established by law, regulation, community legislation or Authority and for the management of business relationships to the extent necessary to best perform the service required;
b) depending on the payment, personal credit card data will be requested;
c) Depending on the room reservation service and the provision of related services (eg breakfast), they may be aware of particular data such as, for example, allergies, intolerances and state of health;
The consent will instead be necessary and expressed for the optional purposes such as (legal basis of the treatment that can be found in Article 6.1 letter f) G.D.P.R., legitimate interest of the data controller):
d) sending information and promotional material relating to our area of expertise, or use of communications purely made for customer loyalty through automated tools (e-mail, fax) and also through traditional methods of contact, such as paper mail and / or operator calls.
3) Methods: personal data are processed by the owner and by duly appointed persons for the correct fulfillment of the purposes indicated in point 2) through electronic tools and paper files, as well as by using security measures to ensure data privacy personal data and to avoid undue access to unauthorized parties. The data controller does not use automated processes, including profiling, to achieve the purposes set out in this statement.
4) Communication: personal data may be communicated to external parties duly appointed who carry out activities on behalf of the data controller such as by way of example: accountant, credit institutes and related external professionals.
Communication to third countries outside the U.E is not foreseen and diffusion is not foreseen (eg social networks, websites etc.).
5) The Data Controller will process personal data for the time necessary to fulfill the aforementioned purposes and specifically: according to point 2 a) no later than 10 years from the termination of the relationship, for the purposes referred to in point 2 b) c ) within 7 days from the date of check out, and 2 years for the purposes referred to in point 2 d) unless tacit renewal of the existing relationship.
6) The interested party has the right to ask the data controller to access your personal data or to correct or cancel the data or limit the processing that concerns them, or has the right to object to their treatment, in addition to the right to request the portability of the data themselves.
The request can be made by e-mail or by fax or registered with the subject: “request by the interested party” specifying in the request the right that the person wants to exercise (cancellation, rectification, portability, oblivion), together with a valid address e-mail / pec to which the reply should be sent.
The data controller or, anyone appointed by the same, will proceed to satisfy the request within 30 days from the date of receipt. If the answer is complex, the time could be extended to a further 30 days, upon timely communication to the same interested party.
If it deems it appropriate to assert its rights, it has the right to lodge a complaint with the competent supervisory authority, corresponding to the National Privacy Guarantor, located in Palazzo Monte Citorio 121, Rome.
7) Co-controllers of the treatment are B & B Re Lear of Nicolò Basso, in person of the legal representative pro tempore, with headquarters in Vicolo Volto San Luca, 19 – 37122 Verona (VR) and tourist rental Castelvecchio Rooms of Giulia Sartori, in person of the legal representative pro tempore, based in Vicolo Volto San Luca 18 – 37122 Verona (VR). Contact details, for both: relearbb@gmail.com. We specify that, pursuant to art. 14 of Reg. 2016/679 / EU, your data can be obtained from the data of the co-owner and / or other collaborator appointed by the co-owner or by Gilt Srls.
INFORMATION NOTE TECHNICAL COOKIES AND SESSION
The discipline relating to the use of c.d. “cookies” and other similar tools (web beacons / web bugs, clear GIFs, etc.) in the terminals (personal computers, notebooks, tablet PCs, smartphones, etc.) used by users, has recently been changed as a result of the implementation of Directive 2009/136 which amended the “e-Privacy” Directive (2002/58 / EC) and the provision “Identification of simplified procedures for the disclosure and acquisition of consent for the use of cookies – 8 May 2014 “.
Cookies are small text files that send to your terminal (usually the browser), where they are stored before being re-transmitted to the same sites at the next visit of the same user. Cookies are used to perform computer authentication, session monitoring and storage of specific information regarding users accessing the server and are usually present in the browser of each user in very large numbers.
The cookies on the www.relear.it domain:
They allow you to navigate efficiently from one page to another of the website.
They store the username and preferences entered.
They allow you to avoid entering the same information (such as username and password) several times during and the visit.
They measure the use of services by Users, to optimize the browsing experience and the services themselves.
They present targeted advertising information based on the interests and behavior expressed by the User during navigation.
These features are divided into several categories:
1. Technical cookies
2. Analytical cookies
Below are the types of cookies used on the www.relear.it website:
1. Technical cookies
They are necessary for the proper functioning of some areas of the site and include persistent cookies and session cookies. In the absence of such cookies, the site or some parts of it may not work properly. Therefore, they are always used, regardless of user preferences.
2. Analytical cookies
They are used to gather information on the use of the site.
The Owner uses this information for statistical analysis, to improve the site and simplify its use, as well as monitor its proper functioning.
This type of cookie collect information in an aggregate and anonymous manner on the activity of users who navigate the domain www.relear.it.
These cookies are installed directly by the owner and since they are used for functional and analytical purposes (“cookie analytics”) their installation does not require the express consent but only the communication of the existence of such tools.
How to disable technical and analytical cookies?
It is reiterated that for this type of cookie consent must not be explicit. They can be blocked as indicated in the following paragraphs but this operation may prevent you from using some parts of the site.
Pursuant to art.12 and following of the G.D.P.R you can object to the rescue of this type of cookie in the following ways.
The operating modes as well as the options for restricting or blocking cookies can be adjusted by changing the settings of your internet browser.
The majority of Internet browsers are initially set to accept cookies automatically, but the user can change these settings to block cookies or to be alerted whenever cookies are sent to his device.
There are several ways to manage cookies, for this purpose refer to the instruction manual or the help screen of your browser to check how to adjust or change the settings of the same.
The user is enabled, in fact, to change the default configuration and disable cookies (ie block them permanently), setting the highest level of protection. Below is the path to follow to manage cookies from the following browsers:
If the user uses different devices to view and access the Sites (for example, computers, smartphones, tablets, etc.), he must ensure that each browser on each device is adjusted to reflect their cookie preferences. To delete cookies from the Internet browser of your smartphone / tablet it is necessary to refer to the user manual of the device.
Internet Explorer -https: //support.microsoft.com/en-us/help/17442/windows-internet-explorer-delete-manage-cookies
Safari – https://support.apple.com/kb/PH19219?locale=en_US&viewlocale=en_US
Chrome – https://support.google.com/chrome/answer/95647?hl=it-IT&hlrm=fr&hlrm=en
Firefox – http://support.mozilla.org/it-IT/kb/enable-and-disable-cookies-website-preferences
Ad preferences management
Rules for the deactivation of Behavioral Advertising
Add-on to disable Google Analytics
(GUARANTEED TECHNICAL INDICATIONS)
http://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/3585077
Information and consent for the use of cookies
Frequently asked questions
1. What are cookies?
Cookies are small text files that the sites visited by users send to their terminals, where they are stored before being re-transmitted to the same sites on the next visit. Cookies of the c.d. “third parties” are, however, set by a website other than the one the user is visiting. This is because on each site there may be elements (images, maps, sounds, specific links to web pages of other domains, etc.) that reside on servers other than the site visited.
2. What are cookies for?
Cookies are used for different purposes: execution of computer authentication, monitoring of sessions, storage of information on specific configurations regarding users accessing the server, storing preferences, etc.
3. What are “technical” cookies?
These cookies are used to make browsing or provide a service requested by the user. They are not used for other purposes and are normally installed directly by the owner of the website.
Without the use of these cookies, some operations could not be carried out or would be more complex and / or less secure, such as the home banking activities (display of the statement, bank transfers, bill payment, etc.), for which cookies, which allow you to maintain and maintain the user’s identification during the session, are essential.
4. Are analytics cookies “technical” cookies?
No. The Guarantor (see provision of 8 May 2014) has specified that they can be assimilated to technical cookies only if used for the purpose of optimizing the site directly from the owner of the site, which can collect information in aggregate form on the number of users and how they visit the site. Under these conditions, the same rules apply to analytics cookies, in terms of information and consent, provided for technical cookies.
5. What are “profiling” cookies?
These are the cookies used to track the user’s browsing on the web and create profiles on his tastes, habits, choices, etc. With these cookies, advertising messages can be transmitted to the user’s terminal in line with the preferences already expressed by the same user in the online navigation.
6. Is the user’s consent required for the installation of cookies on his terminal?
It depends on the purposes for which cookies are used and, therefore, if they are “technical” or “profiling” cookies.
For the installation of technical cookies, users’ consent is not required, whereas it is necessary to provide information (article 13 of the Privacy Code). Profiling cookies, on the other hand, can only be installed on the user’s terminal if they have given their consent after being informed in a simplified manner.
7. How should the site owner provide the simplified information and request consent to the use of profiling cookies?
As established by the Guarantor in the provision indicated in question no. 4, the information must be set on two levels.
When the user accesses a website (on the home page or on any other page), he must immediately display a banner containing a first “short” notice, the request for consent to the use of cookies and a link to access to a more “extended” information. On this page, the user can find more detailed information on cookies and choose which specific cookies to authorize.
8. How should the banner be created?
The banner must be large enough to partially cover the content of the web page that the user is visiting. It must be able to be eliminated only through an active intervention of the user, that is through the selection of an element contained in the page below.
9. What indications must the banner contain?
The banner must specify that the site uses profiling cookies, possibly also “third parties”, which allow you to send advertising messages in line with the user’s preferences.
It must contain the link to the extended information and the indication that, through that link, it is possible to refuse consent to the installation of any cookies.
It must be specified that if the user chooses to continue “skipping” the banner, he consents to the use of cookies.
10. How can the acquisition of consent through the use of the banner be documented?
To keep track of the acquired consent, the site owner can make use of a specific technical cookie, a system that is not particularly invasive and that does not require further consent.
In the presence of such “documentation”, it is not necessary that the brief information is re-proposed at the second visit of the user on the site, without prejudice to the possibility for the latter to deny consent and / or modify, at any time and in a manner easy, their options, for example through access to the extended information, which must then be linkable from each page of the site.
11. The online consent to the use of cookies can only be requested through the use of the banner?
No. The owners of the sites always have the possibility to resort to different methods from the one identified by the Guarantor in the above-mentioned provision, provided that the chosen methods present all the validity requirements of the consent required by law.
12. The obligation to use the banner also weighs on the owners of sites that use only technical cookies?
No. In this case, the site owner can provide information to users in the manner he considers most appropriate, for example, also by inserting the relevant information in the privacy policy indicated on the site.
13. What should the “extended” information indicate?
It must contain all the elements required by law, analytically describe the characteristics and purposes of cookies installed by the site and allow the user to select / deselect individual cookies.
It must include the updated link to the information and consent forms of the third parties with which the owner has entered into agreements for the installation of cookies through their site.
Finally, it must recall the possibility for the user to express his options on cookies also through the settings of the browser used.
14. Who is required to provide the information and to request consent for the use of cookies?
The owner of the website that installs profiling cookies.
For third-party cookies installed through the site, the obligations of disclosure and consent are burdens on third parties, but the site owner, as a technical intermediary between these and users, is required to include updated links in the “extended” information to the information and consent forms of the third parties themselves.
15. The use of cookies must be notified to the Guarantor?
Profiling cookies, which usually persist over time, are subject to the notification obligation, while cookies that have different purposes and fall within the category of technical cookies, should not be notified to the Guarantor.
16. When do the measures prescribed by the Guarantor take effect with the provision of 8 May 2014?
The Guarantor has provided for a transitional period of one year from the publication of the provision in the Official Gazette to allow interested parties to comply. This period will end on 2 June 2015.