Privacy Policy

Our commitment to the protection of personal data

Privacy policy according to Legislative Decree n. 196 of 30th June 2003 and the European Regulation for the Protection of Personal Data n. 2016/679, (GDPR) and subsequent amendments.

The EU Regulation 2016/679 (GDPR, General Data Protection Regulation) provides for the protection of persons and other subjects with regard to the processing of personal data which must be based on the principles of fairness, lawfulness, transparency and protection of privacy and rights.
Dear User, 
on this page you will find information on how we manage your personal data through our site. Confidentiality, protection and security of data processed are particularly important, therefore Soc. F.I.M.M. di Bassi Giorgio & C. S.N.C. – Hotel Tiffany Resort pays the utmost attention to the protection of your personal data.
For that very reason, when collecting, processing and storing personal data we comply with all legal requirements, in particular the provisions of the EU Data Protection Regulation (European General Data Protection Regulation 2016/679 also known as GDPR) and all applicable data protection regulations.

This privacy policy applies only to the online activities of this website and is valid for visitors/users of the website. It doesn't apply to information collected through channels other than this website. 
The purpose of the privacy policy is to provide maximum transparency regarding the information the site collects and how it is used.

1- DATA CONTROLLER

The data controller is Soc. F.I.M.M. di Bassi Giorgio & C. S.N.C. – Hotel Tiffany Resort (hereinafter called “Hotel Tiffany”) in the person of its pro-tempore legal representative, with registered office in Valverde di Cesenatico (FC), Via Modigliani, 25, 47042, phone number +39(0)547 86387, P. IVA/C.F.: 00745450403. Please note that you can send any questions or requests concerning your personal data and respect for privacy by writing to info@hotel-tiffany.it ; phone number +39(0)547 86387

2- LEGAL BASIS FOR PROCESSING

This site processes data on the basis of:

• Fulfillment of legal obligations
• Execution of contractual/pre-contractual measures
• Legitimate interest
• Consent

3- PURPOSE OF PROCESSING

Data are processed for the following purposes: 

• A - To contact you, manage and acknowledge your request sento through the form in the Request Information or made by phone or e-mail
• B - To manage requests related to bookings through the Book Now/Booking section
• C - To send newsletters about news and events promoted by Hotel Tiffany
• D – To manage social buttons (FB, G+) in order to promote the hotel's activities

Personal data will be processed according to the services offered. Within the scope of these purposes, the processing also concerns data relating to subscriptions and registrations to the portals necessary for the proper management of the services.

3.1- Site navigation, data collected and purposes of processing
By using or consulting this site, visitors and users declare that they are at least 18 years of age, explicitly approve this privacy policy and consent to the processing of their personal data in the manner and for the purposes listed below. The categories of data that may be collected within the site are as follows:

• Common personal data (e.g. first name, last name, e-mail address, phone number, address of residence/domicile, tax/bank details, etc.) 
• Special/sensitive personal data (e.g. health data, food intolerance, disability, etc.). 
  
  

Purpose A: when you fill in the form and send us your data or when you contact us by phone or e-mail we collect the personal information you provide. Data provision is optional, you may not provide it and you may withdraw the consent you have already given at any time. However, the provision of personal data is necessary for the performance of the service as well as for processing your enquiry.

Purpose B: users who wish to book their stay are redirected to an external portal where they can finalize their request.

Finalità C: esprimendo il proprio consenso, l’utente ha la possibilità di ricevere newsletter inerenti ai servizi offerti dalla struttura nonché informazioni inerenti alle attività ed eventi promossi da Hotel Tiffany.

Purpose C: by expressing his/her consent, a user can receive newsletters relating to the services offered by the hotel as well as information about activities and events promoted by Hotel Tiffany.

Purpose D: by clicking on the Facebook and Google+ social buttons a user is redirected to external portals showing the activities carried out by Hotel Tiffany.

With regard to data processed upon consent, you have the right to withdraw your consent without prejudice to the lawfulness of the processing carried out prior to the revocation. 

3.2 - Third party data: if you have to provide for any reason, personal data of third parties, you must ensure that the individuals involved are aware and adequately informed of this policy and have consented to its processing.

3.3 - Data of minors: if you are under 18 years of age you may not provide us with any personal data and in any case we won't be responsible for any false statements you provide. If we become aware of the existence of untrue statements we will proceed with the immediate deletion of any personal data acquired.

3.4 - Automatically collected data: data collected through services are technical data such as IP address, browser type, information about your computer, data about the current (approximate) location of the tool you are using, data collected using cookies or similar technologies. You can enable/disable location services at any time by accessing your browser and/or device settings.
For further information, please visit the Cookies section. We inform you that your personal data won't be processed by means of an automated decision-making process and won't be subject to profiling.

4- CONSENT

When you provide us with personal information, you express your consent to its use only for the purposes stated in this policy. We will ask you to state that you have read this policy. 
If after giving consent you change your mind, you can withdraw your consent at any time by contacting the Data Controller.

4.1 - Particular/Sensitive Data
In the event that the User/Customer communicates, via contact forms, portals, by phone or e-mail particular categories of data (e.g. data related to health, food intolerance, disability, etc.) pursuant to Article 9 of Regulation (EU) 2016/679, such statements represent a free, specific, informed manifestation of will and an unequivocal positive action by which the User/Customer manifests his/her explicit consent for the personal data concerning him/her to be processed by the Data Controller.

5- METHODS OF PROCESSING

The processing of personal data is carried out by acquiring the documents in printed or electronic form, using computer and manual methods that guarantee their confidentiality and security. To this end, data processing is carried out by constantly applying technical and organizational security measures to protect against risks of loss, illegal or incorrect use and any unauthorized access. Data are processed by Hotel Tiffany solely for the purposes requested.

5.1- Provision of data 
Users are free to provide their data (e.g., via request forms, contact sections, etc.), however, failure to provide the data necessary to render the service may result in the impossibility of obtaining what was requested.

6- DATA RETENTION PERIOD 

The storage of personal data will take place in printed or electronic form in compliance with your privacy and the applicable law. Data provided as part of a request for information will be stored until the request is fulfilled, while data entered on requests for quotations and reservations will be stored for 5 years. The data provided to give consent will be kept until the consent is withdrawn.
In order to ensure fair and transparent processing, the data provided by the user will be kept as long as necessary for the provision of the requested service and archived until the expiration of the statute of limitations prescribed by law. Data are also retained to handle any disputes, including in cooperation with the authorities.

6.1 - Data protection
Data are collected as indicated by the reference legislation, with particular regard to the security measures provided by the GDPR (art. 32) for their processing by means of computer, manual and automated tools and with logic that guarantee the security and confidentiality of the data.

7- DISCLOSURE OF INFORMATION

We may disclose your personal information if we are required to do so by law or if you violate our Terms of Service, to entities engaged and instructed by the Data Controller and to expressly designated external data processors working on behalf of the Data Controller.
By way of example, data may be processed by:

• collaborators authorized by the Data Controller;
• third parties in a contractual or conventional relationship with the Data Controller;
• duly appointed data processors;
• parties who collaborate with the Data Controller as independent Data Controllers;
• system administrator;
• external technical-informatics assistance and/or consulting companies;
• e-mail providers;
• to all those subjects - including public authorities, public bodies, supervisory and control bodies who have access to the data by virtue of provisions of the law, regulations or EU law within the limits provided for by such regulations;
• companies that perform functions closely related and instrumental to the services available on the website;
• companies that are part of or related to Hotel Tiffany;
• entities and administrative and judicial authorities under legal obligations.

The data are not subject to disclosure.
In any case, you may request a list of external data processors from the Data Controller.

7.1 - Third party services
After leaving our website and in the event you are redirected to a third party website or application, you're no longer subject to our privacy policy or our website's terms of service.

8- USER RIGHTS

Pursuant to European Regulation 679/2016 (GDPR) and national legislation, the User may, in the manner and within the limits provided by the current legislation, exercise the following rights (articles 15 to 22 of EU Reg. 679/2016):

• request confirmation of the existence of personal data concerning the applicant (right of access);
• know their origin;
• receive intelligible communication of it;
• to be informed about logic, methods and purposes of processing;
• request the updating, rectification, limitation, integration, cancellation, anonymization, blocking of data processed in violation of the law, including those no longer necessary for the purposes for which they were collected;
• in cases of consent-based processing, to receive at the sole cost of any support, all data provided to the data controller, in structured, machine-readable form and in a format commonly used by an electronic device;
• the right to file a complaint with the supervisory authority (Italian privacy authority https://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/4535524);
• as well as, more generally, to exercise all the rights accorded to it by current legal provisions.

Requests can be addressed to the following address: info@hotel-tiffany.it ; phone number +39(0)547 86387

9- DATA TRANSFER

The Data Controller won't transfer your personal data to a third country or international organization. If it becomes necessary to transfer your personal data outside the EU, it will be transferred with reference to an adequacy decision adopted by the European Commission or under the EU-US Privacy Shield agreement; data may also be transferred to countries without an adequacy decision but with adequate safeguards such as the EU Standard Contractual Clauses EU SCC.

10- INTERACTION WITH SOCIAL NETWORKS AND EXTERNAL PLATFORMS

In this website there are interactions with social networks: Facebook and G+.
To analyze site traffic data and to monitor user behavior, the website is connected to Google Analytics.

Google Analytics (Google Inc.). Google Analytics is a web analytics service provided by Google Inc. ("Google"). Google uses personal data collected for the purpose of tracking and examining the use of this application, compiling reports and sharing them with other services developed by Google. Google may use personal data to contextualize and personalize ads in its advertising network. Personal Data collected : Cookies and Usage Data.
Place of processing : USA - Privacy Policy- Opt Out

For more detailed information, please refer to the Cookies section of this website.

11- CHANGES TO THIS PRIVACY POLICY

We reserve the right to change this privacy policy at any time. 
Changes and clarifications will take effect immediately after they are posted on the website. If we make material changes to this policy, we will notify you in this section, which will be updated so that you can be aware of. In order to check for changes and modifications, we recommend to check this policy periodically.