In the following chapters you will find information about how your personal data are treated. Your data may be collected during your navigation on our website or as a consequence of the services that we provide you. In order to take advantage of all the services offered by our website, it is necessary for us to collect and treat your personal data. The treatment of your personal data may consist in collecting, organising, storing, analysing, interpreting, modifying, selecting, comparing, using, connecting, blocking, communicating, cancelling and destructing data. The treatment of your personal data follows the principles of lawfulness and correctness, in compliance with the current law and EU Regulation 2016/679 of the European Parliament and Council. With this privacy notice, we like to inform you about the data we collect, why the collection is necessary, and also of your rights in connection with the treatment of your data.
Owner of the Treatment
The Owner of the Treatment of your personal data on this website site is Hotel Martha with legal offices at Harrasserstraße 11, 39031 Reischach/Bruneck, Italy, VAT ID IT00742820210.
For more information, please contact us using the following addresses:
Tel +39 0474 410902 – Fax +39 0474 414761
Purposes of the treatment
We treats your data for the following purposes:
Type of treatment
Your personal data are treated manually, but also electronically, mainly through the use of automated processes, depending on the objectives. In this case, we specifically use databases and computerised platforms that may be managed by both us and third parties. Each type of treatment guarantees the respect and the confidentiality of the data treated. We store such data and general information in the database and in the servers as logfiles. In order to provide you with a unique navigation experience, we need to collect some technical data that are necessary for the correct operation of the website:
The legal basis for this type of treatment is article 6 of the GDPR. By accessing the website, computerised systems and management software automatically and indirectly collect and/or manage this number of data and information.
At first, the collection of these data in anonymous format is static. However, later on the data are treated to ensure a high level of protection and safety for any data that we collect.
Period of data conservation
In compliance with current laws, the owner of the treatment has defined different periods of data conservation depending on their usage:
1.) As far as handling and answering your questions about products and activities, your personal data will be stored for a period of time strictly necessary for processing your request.
2.) As far as managing activities connected with the navigation through our website, your personal data will be stored for a period of time strictly necessary to satisfy your requests.
3.) As far as internal management and operational activities (for example time of conservation of invoices, administration, and tax information), your personal data will be treated for a period of time in line with the legal requirements for the specific purpose.
4.) As far as the handling of disputes and litigations, your personal data will be stored for the whole time strictly necessary for pursuing such matters, and in any case not beyond the applicable prescription limits.
Collaboration with third parties
When we work with our suppliers and use third-party services, we make sure that they are contractually obliged to apply the same privacy/safety standards that we apply, and that such standards are also followed. Such third parties, who act as owners of the treatment of the personal data, guarantee that the data received are not stored and used for purposes other than the contractually agreed. Within the framework of these technical agreements, the mail addresses made available to them are encrypted using technologies such as “hashing”, so that any other parties are unable to obtain the original addresses.
It may happen that we need to transfer your data to third parties in Non-European Countries (EEC). The EEC (European Economic Area) consists of the countries of the European Union, plus Switzerland, Iceland, Lichtenstein and Norway. These countries guarantee the same safety standards for the treatment of personal data. This transfer of the data may be necessary if the servers (meaning the physical locations where the data are stored) or if the premises of our suppliers are in countries outside the EEC area. Should we be forced to transfer your data to a country outside the European Economic Area (EEC), it is our responsibility to ensure that they are treated with appropriate safety standards.
Disclosure of your data
In principle, the personal data are not forwarded. Only in some specific cases, personal data may be disclosed to the following suppliers:
We treat personal data collected on the website using computerised processes. Personal data are protected by Secure Socket Layer (SSL) encryption. This technology protects the user from the risk of unintentional disclosure of personal data when using an unprotected connection.
The user is notified when accessing a protected connection by a padlock icon. By clicking the padlock icon, the user can then make sure that the SSL certificate is valid and up to date.
Should you decide to contact us using the contact form on our website, you will be asked to enter some personal data. This enables us to process your query. This is also the reason why the corresponding fields of the contact form are marked with an asterisk, or in any another way, as mandatory fields. The entering of personal or sensitive data other than those marked as mandatory will be at your discretion. Failure to enter, even in part, the mandatory information marked with an asterisk or similar character may result in the impossibility for us to answer your requests or deliver the requested services. The forwarding of requests using the contact form constitutes your implicit acceptance of the treatment of your personal data. The data that you transmit are treated and stored for a period of time strictly necessary for the processing of your request.
We also use referrer measurement to record data such as advertising medium/partner or marketing campaign the website visitors used to access the contact form. This enables us to evaluate the success and performance of certain advertising measures accordingly and, if necessary, optimize them.
The forwarding of a newsletter containing commercial information complies with your previous consent or with the existing legal requirements. Our newsletter contains information of our company activities, our services, offers and news (for example, new communication platforms, suggestions, travel recommendations and offers, offers that are complementary to your travels, vouchers, competitions, and indications on how to participate to the blog). These communications may also be sent by our commercial partners. The frequency of our newsletter depends on the topics. In any case, before sending our newsletters, we make sure that we have received your preliminary consent through a system called Double Opt-in, in accordance with the provisions of art. 6, paragraph 1, letter b) of the GDPR. The recipient’s details may be transmitted to our technical partners for the newsletter sending. This collaboration is regulated by a personal data treatment sub-owner contract, as required by the GDPR. In compliance with current regulations, it is our duty to monitor and store the received consent for the newsletter. For this purpose, we store your subscription and confirmation of willingness to accept the newsletter. The personal data that you forward to us on such occasion are only used for the personalisation and heading of the newsletter. The subscription can be cancelled at any time in the newsletter itself. The period of conservation of the data is equal to the period of use of the service and the subscription itself.
Profiling is any type of automated personal data processing activity that consists in using the information to assess, analyse and predict certain aspects of a natural person. For this type of marketing activities we signed agreements with third parties.
The affected person’s rights may be exercised by the same, and/or by a named person, by sending a written request with acknowledgement of receipt or e-mail to the owner of the treatment. The affected person has the right to obtain a copy of the data in our possession, which will be made available in accordance with the terms of current regulations.
In specific cases, we do reserve the right to store some information for legal purposes (for example in case of suspected fraud, or breach of the general terms and conditions). Should you believe that your rights have been violated, you can contact the relevant data protection authorities or take legal action.
Below we are summarizing the rights of an affected person:
Place of the data treatment
The treatment of the personal data that you have transmitted is mainly happening within our working structures, in the departments where the individual responsible for such treatment is located. The agreed contractual activities will only take place in an EU or EEC country.
Any transfers, in part or in full, of the contracted services to a different country shall be subjected to the approval of the customer, and can only take place if the data guarantee and safety conditions do agree with art. 44 and subsequent of the GDPR.
For further information, please contact us at the addresses indicated in the “Copyright” section.
that the SSL certificate is valid and up to date.