Privacy

Disclosure on the processing of personal data - GDPR 1.0

HOTEL BLUMEN SRL, with registered office Via Giuseppe Mazzini Bologna, 40137 (Bologna) (hereinafter referred to as  "Controller”“Privacy Code”“GDPR") that your data will be processed on the site hotelblumen.it with the following methods and purposes:

1. Subject of the data processing

The subject-matter of the processing is the personal, identifying and non-sensitive data (by way of example, but not limited to: name, surname, company name, address, telephone, e-mail - hereinafter referred to as  "personal data”“data") that the Data Controller processes as it is communicated by you when registering for the hotelblumen.it website, when taking part in opinion and approval surveys, filling in forms on the Website, subscribing to events organised by the Data Controller, online support or generic requests and requests to subscribe to mailing lists for the sending of newsletters. 

2. Purpose of data processing

Your personal data will be processed in the following ways:

  1. A) Without your express consent (Article 24, letters (a), (b), and (c) of the Privacy Code and Article 6, letters (b) and (e) of the GDPR) for the following service purposes:
  1. B) Only with your specific and distinct consent (articles 23 and 130 of the Privacy Code and article 7 of the GDPR), for the following Other Purposes:

3. Processing methods

The processing of personal data is carried out by means of the operations indicated in art. 4 Privacy Code and art. 4 no. 2) GDPR and specifically: collection, recording, organisation, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data. Your personal data is processed both in hard copy and electronically and/or automatically through the use of a website hosted on the Cloud or server managed by the company ENGINE LAB srls in Italy or another country, European or otherwise. The Data Controller will process the personal data for the time necessary to fulfill the aforementioned purposes and in any case for no more than 10 years from the termination of the relationship for service purposes and no later than 2 years from the collection of data for the marketing purposes.

4. Security

The Data Controller has taken various security measures to protect your data against the risk of loss, misuse or alteration. In particular: adopted the measures referred to in articles 32-34 of the Privacy Code and art. 32 GDPR and secure data transmission protocols known as HTTPS;

5. Access to the data

Your data may be made accessible for the purposes referred to in art. 2.A) and 2.B):

6. Data communication

Your data will not be disclosed without your consent.

Without your express consent (ex art. 24 letters. a), b), and d) of the Privacy Code and art. 6 letters. b) and c) of the GDPR), the Data Controller can instead communicate your data for the purposes referred to in art. 2.A) to Supervisory Bodies, Judicial Authorities as well as to all other subjects to whom the communication is obligatory by law for the fulfilment of the aforesaid purposes. 

The site may track navigation data for Keyword Advertising activities with re-marketing functions without the same data identifying the person concerned in any way.

7. Data transfer

The management and storage of personal data will take place in Europe, using servers located in Italy (or another country) belonging to the Data Controller and/or third party companies appointed and duly named as Data Processors.

8. Nature of data provision and consequences of refusal to respond

The provision of data for the purposes referred to in Article 2.A) is mandatory. Without them, we will not be able to guarantee you registration to the Site or the Services of art. 2.A).

The provision of data for the purposes referred to in Article 2.B) is, instead, optional. You can therefore decide not to provide any data or to subsequently deny the possibility of processing data already provided: in this case, you will not receive invitations to events, newsletters, opinion polls and promotions via e-mail. In any case you will continue to be entitled to the Services referred to in art. 2.A). 

9. Rights of the concerned party

As a data subject, you have the rights pursuant to Art. 7 Privacy Code and art. 15 GDPR and more specifically:

Where applicable, you also have the rights referred to in articles 16-21 of the GDPR (Right to rectification, right to erasure, right to restrict processing, right to data portability, right to objection), as well as the right to lodge a complaint with a Supervisory Authority.

10. Methods for Exercising Rights

You can exercise your rights at any time by sending:

11. Minors

This Website and the Data Controller's Services are NOT intended for children under the age of 18 and the Data Controller does NOT knowingly collect personal information about minors. In the event that information on minors is involuntarily recorded, the Data Controller shall promptly delete it, at the request of users.

12. Data Controller, data processor and those responsible for processing

The Data Controller is HOTEL BLUMEN SRL with registered office in Via Giuseppe Mazzini Bologna, 40137 (Bologna) .

External data processors are, respectively, Google Llc, who can also process your data autonomously in their capacity as autonomous data controllers for the purposes of their own information.

The updated list of those responsible for and in charge of the data processing is kept at the Data Controller's head office.

13. Changes to this Disclosure Statement

This Disclosure may be subject to change. We therefore recommend that you regularly check this Statement and refer to the latest version.

Book +39.051 344672 info@hotelblumen.it