Privacy Policy – English

PRIVACY POLICY – www.agriturismomontacuto.com

Dear User,

this information is provided by Antico Bordo di Montacuto in compliance with the provisions of Regulation 679/2016 (GDPR) on the protection of personal data in order to describe how the personal data of users consulting this website are processed.

Indeed, during the consultation of the website www.agriturismomontacuto.com (“Site”), information may be collected about users that constitutes personal data within the meaning of the GDPR. This information is provided exclusively for the Site and does not concern any other external sites that may be reached by the user via links on the latter.

DATA CONTROLLER

The data controller in accordance with the laws in force is: Antico Bordo di Montacuto S.S. Società Agricola – P. IVA 01580290532, with registered office in Loc. Montacuto – Pari 58045 Civitella Paganico – Grosseto Italy, contactable by email at info@agriturismomontacuto.com.

DATA CONTROLLER

The web hosting (Kreita Srls, Via Salvio Giuliano, 520146 Milano – P.Iva: 12192670961), is appointed as data controller, processing the data on behalf of the owner. The web hosting, being located in the European Economic Area, acts in accordance with European standards.

TYPES OF DATA PROCESSED

Navigation data

The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.

This information is not collected in order to be associated with identified interested parties, but by its very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes the domain names of the computers used by users who connect to the site, the URI (Uniform Resource Identifier) notation addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user’s operating system and computer environment. This data is used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct operation.

For security purposes (anti-spam filters, firewalls, virus detection), automatically recorded data may possibly also include personal data such as the IP address, which could be used, in accordance with the relevant laws in force, in order to block attempts to damage the site itself or to cause damage to other users, or in any case harmful or criminal activities. Such data are never used for user identification or profiling, but only for the purpose of protecting the site and its users.

Furthermore, the Data Controller informs you that the data you provide are processed using IT tools and procedures, for the following purposes

• Managing and improving site navigation (see also Cookie Policy);
• Explicit request via the contact form present within the pages of the site;
• Technical management of navigation (see also Cookie Policy)

Some data may be processed for the exclusive purpose of technical/informatics management of the web service, by the Controller’s technological partners. In any case, the data will never be disseminated.

The data provided by you may only be made known to personnel and collaborators of the Data Controller and possibly to companies (web hosting) that process data in outsourcing on behalf of the Data Controller, in any case for the sole purpose of completing the activities you have requested.

Data provided by the user

This is data voluntarily provided by the user when requesting information via the contact form on the “Contacts” page. In particular, the following categories of personal data may be processed:

• First name;
• Surname;
• Email address;
• Telephone number;
• Date of Arrival;
• Departure Date;
• Number of Guests;
• Message (meaning the content of the message filled in by the user at the time of the contact request).

DATA PROVIDED BY THE USER ON THE BOOKING PAGE
This is data voluntarily provided by the user when booking one of our flats through the portal provided by the “Krossbooking.com” website.

This data is provided by the user when filling in the booking form for one of our flats. In particular, the following categories of personal data may be processed

• First name;
• Surname;
• Email;
• Check-in / Check-out Date
• Room type;
• Number of persons;
• Other information;
• Any requests;

This data is provided voluntarily by the User when requesting the service and will be used exclusively for the provision of the service requested and processed only for the time necessary to provide the service.

The data collected within the booking platform will not be provided to third parties, except in the case of a legitimate request by a judicial authority and only in the cases provided for by law. The data may, however, be provided to third parties if this is necessary for the provision of a specific service requested by the User, or for tax purposes or to perform security checks or site optimisation (For further information – KrossBooking Privacy Policy).

METHODS OF PROCESSING

Personal data are processed by automated tools and not for the time strictly necessary to achieve the purposes for which they were collected, see below. The personal data provided by users may be disclosed to employees and collaborators who provide accessory or instrumental services to the company’s activities, appointed as Data Processors pursuant to Article 28 of the GDPR. No other communication of data to third parties will be made, except in the case of requests by the Judicial or Public Security Authorities. The data collected will not be disseminated under any circumstances.

DATA RETENTION PERIOD

Customer data will be kept for the time strictly necessary to achieve the purposes for which they were collected. Data acquired automatically by the system (Art. 4, lett. B)) will be kept for a maximum of 31 days from the moment of their acquisition.

PLACE OF PROCESSING

The data collected by the website are processed at the Data Controller’s premises and at the web hosting datacenter. The web hosting (Kreita Srls, Via Salvio Giuliano, 5 – 20146 Milano – P.Iva: 12192670961), which is responsible for processing the data, processing the data on behalf of the Data Controller, is located in the European Economic Area and acts in accordance with European standards.

RIGHTS OF DATA SUBJECTS

The persons to whom the personal data refer have the right to

• request and obtain information regarding the processing of personal data and a copy of such personal data; for data processed by automated systems, it is possible to request the transfer of such data to another data controller;
• request and obtain the amendment and/or correction of personal data deemed inaccurate or incomplete
• request and obtain the deletion – and/or limitation of the processing – of personal data if such data or information are not necessary – or are no longer necessary – for the purposes above
• request and obtain the interruption of any processing of personal data for direct marketing purposes. Pursuant to Regulation No. 679/2016, the user has the possibility to lodge complaints with the Data Protection Authority. Requests should be addressed: by e-mail, to: info@agriturismomontacuto.com.