1. This section contains information regarding the management of Sette Angeli Rooms user’s data.
2. This information is also valid for the purposes of art. 13 of Legislative Decree no. 196/2003, Code regarding the protection of personal data and for the purposes of Article 13 of EU Regulation no. 2016/679, concerning the protection of individuals with regard to the processing of personal data and the free movement of such data, for individuals who interact with Sette Angeli Rooms and can be reached at the address corresponding to the initial page:
3. The information is provided only for www.setteangelirooms.com and not for other websites that may be viewed by the user through links contained therein.
4. The purpose of this document is to provide indications on the methods, timing, and nature of the information that the data controllers must provide to the users when connecting to the web pages of www.setteangelirooms.com, regardless of the purpose of the connection, according to the Italian and European legislation.
5. This disclosure can be subject to changes on account of the introduction of new regulations in this regard, therefore the user is invited to periodically check this page.
6. If the user is under the age of 16, in accordance with article 8, c.1 EU regulation 2016/679, he/she must legitimize his / her consent through the authorization of his / her parents or guardians.
II – DATA PROCESSING
1 – Data controller
1. The data controller is the individual, legal entity, public authority, the service or other bodies that, individually or in conjunction with others, defines the purposes and means of the processing of personal data. The data controller also deals with safety aspects.
2. Regarding the current website, the data controller is Mr Francesco Fantini, administrator of Effeffe srl – Via Nazionale, 31 – 50123 Firenze – ITALY – P.IVA 05977550481. For any clarification or to exercise their rights, the users can contact Mr Francesco Fantini at the following email address: firstname.lastname@example.org
2 – Data processor
1. The data processor is an individual, legal entity, public authority, service or another body that processes personal data on behalf of the controller.
2. In accordance with article 28 of EU Regulation no. 2016/679, on the appointment of the data controller, the data processor of the Sette Angeli Rooms website is: Mr Francesco Fantini.
3 – Data processing location
1. The data processing generated by the use of the website www.setteangelirooms.com takes place at Via Nazionale, 31 – 50123 Firenze – Italy.
2. If necessary, the data related to the newsletter service can be processed by the data processor or by other entities appointed by it for this purpose at the corresponding headquarters.
III – COOKIES
1 – Types of Cookies
2. A cookie consists of a reduced set of data transferred to the user’s browser from a web server and can only be read by the server that made the transfer. This is not executable code and does not transmit viruses.
3. Cookies do not record any personal information and the identifiable information will not be stored. The saving of some (or all) cookies can also be prevented. However, in this case, the use of the site and the services offered could be compromised. To proceed without changing the cookie related options, simply continue browsing.
The following are the types of cookies used by the site:
2 – Technical Cookies
1. There are many technologies used to store information on the user’s computer, which are then collected by the sites. Among these the best known and most used is HTML cookies. They are used for browsing and to facilitate access and use of the site by the user. They are necessary for the transmission of communications on the electronic network to the supplier to provide the service requested by the customer.
2. The settings to manage or deactivate cookies may vary depending on the Internet browser used. In any case, the user can manage or request the general deactivation or cancellation of cookies, modifying the settings of their internet browser. Such deactivation can slow down or prevent access to some parts of the site.
3. The use of technical cookies allows the safe and efficient use of the site.
4. Cookies that are inserted in the browser and retransmitted by Google Analytics or the service of statistics of bloggers or similar are considered technical only if used in order to optimize the site directly from the owner of the site, which can collect information in aggregate form about the number of users and on how they visit the site. Under these conditions, the same rules are applied for analytics cookies , in terms of information and consent, provided for technical cookies.
5. In terms of duration, we can distinguish temporary session cookies that are automatically deleted at the end of the browsing session (they are used to identify the user and thus avoid the log-in to each page visited) and the permanent ones that remain active in the PC until expiry or cancellation by the user.
6. Session cookies can be installed to allow access and to stay in the reserved area of the web portal as an authenticated user.
7. They are not stored permanently but only for the duration of the navigation until the browser is closed and they disappear. Their use is strictly limited to the transmission of session identifiers consisting of random numbers generated by the server necessary to allow the safe and efficient exploration of the site.
3 – Third-party cookies
1. In relation to the origin, we distinguish the cookies sent to the browser directly from the site you are visiting and those of third parties sent to the computer from other sites and not from the one you are visiting.
2. Permanent cookies are often third-party cookies.
3. Most third-party cookies consist of tracking cookies used to identify online behavior, understand the interests and then customize advertisements for users.
4. Third-party analytical cookies can be installed. They are sent from the domains of the aforementioned third parties external to the site.
5. Third-party analytical cookies are used to detect information on users’ behavior on www.setteangelirooms.com. The survey is carried out anonymously, in order to monitor the performance and improve the usability of the site. The third-party profiling cookies are used to create profiles related to users, in order to propose advertising messages in line with the choices expressed by the users themselves.
6. The use of these cookies is regulated by the rules established by the third parties themselves, therefore, users are invited to read the privacy policies and directions published on their web pages in order to manage or disable cookies.
7. Third party cookies used by this website
This website allow the registration of third party cookies on the device connected (computer, smartphone or tablet). Utilized service are:
Google Analytics is a web analysis service provided by Google Inc. (“Google”). Google uses personal data that are collected from cookies (usage data) to track and analyze the usage of the website, create reports and share them with other Google’s services. Google may use personal data to contextualize and personalize ads of its advertising network. Personal data collected: Cookies and usage data.
You can disable this service (opt out) at the following link:
These cookies allow YouTube to gather information about using YouTube-hosted videos
Third party website
If the website contained links to other web site that have their own Privacy notice. These Privacy notices can be different from those adopted by this website, so it assumes no liability.
4 – Profiling cookies
1. Profiling cookies are those that create profiles related to the user and are used to send advertising messages in line with the preferences expressed by the same in the context of surfing the net.
2. When these types of cookies are used, the user must give explicit consent.
3. Article 22 of EU Regulation 2016/679 and Article 122 of the Code on data protection will apply.
IV – PROCESSED DATA
1 – Data processing mode
1. Like all websites, this site also makes use of log files in which information collected in an automated manner is stored during user visits. The information collected could be the following:
– internet protocol (IP) address;
– browser type and parameters of the device used to connect to the site;
– name of the Internet service provider (ISP);
– date and time of visit;
– web page of origin of the visitor (referral) and exit page;
– possibly the number of clicks.
2. Said information is processed in an automated form and collected in an exclusively aggregated form in order to verify the correct functioning of the site, and for security reasons. This information will be processed according to the legitimate interests of the holder.
3. For security purposes (spam filters, firewalls, virus detection), the automatically recorded data may possibly also include personal data such as IP address, which could be used, in accordance with applicable laws, in order to block attempts at damage to the site itself or to damage other users, or in any case harmful activities or constituting a crime. Such data are never used for the identification or profiling of the user, but only for the protection of the site and its users, such information will be treated according to the legitimate interests of the owner.
5. The information that users of the site intend to make public through the services and tools made available to them, are provided by the user knowingly and voluntarily, exempting this site from any liability regarding any violation of laws. It is up to the user to verify that they have permission to enter personal data of third parties or contents protected by national and international standards.
2 – Purposes of data processing
1. The data collected by the site during its operation is used for the purposes indicated above and for the following purposes:
User data is collected to allow the holder to provide his services, such as:
– Registration to the site (where required) to be able to use the related services.
– Subscription to specific services (eg Newsletter) managed independently or with the collaboration of third parties.
– Management of requests (Eg sent with the completion of a Contact form – Information request).
– Payment transactions (where provided).
– Statistics (also through tools provided by third parties).
– Interaction with social networks.
– Interaction with external platforms.
2. Data retention will be carried out for the strictly necessary period to achieve the said purpose and in any case for not longer than necessary for the purposes for which it was collected or processed.
3. The data used for security purposes (to block attempts to damage the site) are kept for the time strictly necessary to achieve the previously indicated purpose.
3 – Data provided by the user
1. As addressed above, the optional, explicit and voluntary sending of e-mails to the addresses indicated on this website entails the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data included in the message.
2. Specific summary information will be progressively reported or displayed on pages of the site prepared for particular services on request.
4 – Support in configuring your browser
1. The user can manage cookies also through the settings of his browser. However, deleting cookies from the browser may remove the preferences that have been set for the site.
2. For further information and support, you can also visit the specific help page of the web browser you are using:
– Internet Explorer: https://windows.microsoft.com/en-us/windows-vista/block-or-allow-cookies
– Firefox: https://support.mozilla.org/en-us/kb/enable-and-disable-cookies-website-preferences
– Safari: https://www.apple.com/legal/privacy/it/
– Chrome: https://support.google.com/accounts/answer/61416?hl=it
– Opera: https://www.opera.com/help/tutorials/security/cookies/
5 – Social Network Plugin
2. The collection and use of information obtained by means of the plugin are governed by the respective privacy policies of the social networks, to which reference is made:
V. USER RIGHTS
1. The art. 13, c. 2 of EU Regulation 2016/679 lists the user’s rights.
2. The Sette Angeli Rooms website therefore intends to inform the user of the presence of:
– the right of the interested party to ask the holder for access to personal data (Article 15 of the EU Regulation), their updating (Article 7, paragraph 3, letter a) of the Legislative Decree 196/2003, the rectification (Article 16 of the EU Regulation), integration (Article 7, paragraph 3, letter a) of the Legislative Decree 196/2003) or the limitation of processing that concerns it (Article 18 of the EU Regulation) or to oppose, for legitimate reasons, to their processing (Article 21 EU Regulation), in addition to the right to data portability (Article 20 EU Regulation);
– the right to request cancellation (Article 17 of the EU Regulation), the transformation into anonymous form or blocking of processed data in violation of the law, including those whose retention is unnecessary for the purposes for which the data have been collected or subsequently processed (Article 7, paragraph 3, letter b) of Legislative Decree 196/2003;
– the right to obtain the statement that the operations of updating, rectification, integration of data, cancellation, blocking of data, transformation have been made known to, also as regards to their content, of those to whom the data have been communicated or disseminated, except in the case where such fulfillment proves impossible or involves a use of means disproportionate to the protected right (Article 7, paragraph 3, letter c) of Legislative Decree no. 196/2003;
3. The requests may be addressed to the data controller, without formalities or, otherwise, using the model provided by the Personal Data Protection Authority, or by sending an email to: email@example.com
4. If the treatment is based on art. 6, paragraph 1, lett. a) – express consent to the use – or on art. 9, paragraph 2, lett. a) – express consent to the use of genetic, biometric and health-related data revealing religious beliefs, philosophical or union membership, revealing racial or ethnic origin, political opinions – the user has the right to revoke the consent at any time without prejudice to the lawfulness of the treatment based on the consent given prior to the revocation.
5. Likewise, in case of violation of the law, the user has the right to lodge a complaint to the Personal Data Protection Authority, as the authority responsible for monitoring the processing in the Italian State.
6. For a more in-depth examination of the rights that are incumbent upon the user, see articles 15 and ss. of the 2016/67 EU Regulation and the art. 7 of Legislative Decree no. 196/2003.
VI – DATA TRANSFER TO NON-EU COUNTRIES
1. This site may share some of the data collected with services located outside the European Union. In particular with Google, Facebook and Microsoft (LinkedIn) through social plugins and the Google Analytics service. The transfer is authorized and strictly regulated by Article 45, paragraph 1 of EU Regulation 2016/679, for which no further consent is required. The companies mentioned above guarantee they’re joining the Privacy Shield.
2. Data will never be transferred to third countries that do not comply with the conditions set out in Article 45 and social security of the EU Regulation.
VII. PROVIDED DATA SECURITY
1. This site processes the data of users in a lawful and correct manner, adopting appropriate security measures to prevent unauthorized access, disclosure, modification or unauthorized destruction of data. Processing is carried out using IT and/or telematic tools, with organizational arrangements and with strictly related logic to the mentioned purposes.
2. In addition to the owner, in some cases, categories of employees involved in the organization of the site (administrative, commercial, marketing, legal, system administrators) may have access to the data i.e. external subjects (as suppliers of third party technical services, postal service couriers, hosting providers, IT companies, communication agencies).
VIII. CHANGES TO THIS DOCUMENT
2. This document might be subject to changes or updates. Users are invited to periodically consult this page to keep up to date with the latest legal news.
3. Previous versions of the document will still be available on this page.
4. The document was updated on 25/05/2018 to comply with the relevant regulations, and especially in compliance with EU Regulation 2016/679.