Buchen

Privacy

Privacy Policy (art. 13 General Data Protection Regulation GDPR)


The treatments related to the web services of the site / portal take place at the headquarters of the aforementioned company and are only handled by the technical staff of the office authorized to process (eg Internet area), or by any external managers (outsourcers) for the performance of occasional or periodic technical operations (eg database maintenance).

The owner of the processing of the aforementioned data considers the "privacy" of its users to be of fundamental importance and ensures that the processing of personal data through its website is carried out in compliance with fundamental rights and freedoms, as well as the dignity of the data subject; with particular reference to confidentiality, personal identity and the right to protection of personal data. In this regard, the data controller has adopted and implemented a Privacy Policy for everything related to the management of the site in relation to the processing of personal data of users.
Please read the following Privacy Policy and check it periodically carefully in order to check for any updates or revisions that may become necessary. The data controller informs that the personal data (hereinafter "Data") supplied by you, or otherwise acquired as a result of or when browsing our site / portal, may be processed in compliance with the European Regulation 2016/679 (GDPR).


Definition of "personal data"

For the purposes of this Policy, "personal data" - as better specified in Article 4 of the GDPR - means "any information concerning an identified or identifiable natural person; an identifiable natural person can be identified, either directly or indirectly, with particular reference to an identifier such as a name, an identification number, location data, an online ID or one or more characteristic elements of his physical identity, physiological, genetic, psychological, economic, cultural or social;
This Privacy Policy applies to personal data collected through the website and / or portal of the Data Controller and / or e-mail boxes of the Company. This does not apply to personal data collected on an "off-line" basis, except in cases where such personal data are combined with other personal data collected by the Data Controller of your online data. Furthermore, this does not apply to other websites owned by third parties, which can be accessed through hypertext links, due to the fact that the Data Controller does not manage and does not control the content of such sites.
The following personal data may be collected by the Data Controller, via their website and / or portal: name, surname, address, e-mail address, information grouped solely for statistical purposes during the site consultation process and / or portal, other information voluntarily provided by the user through the online registration procedures or the completion of appropriate fields, forms, information aimed at improving and facilitating the navigation of the site.


Methods of data processing

Users can access different sections of the website without releasing any personal information. The Data Controller of your data processes and collects personal data online through its website and / or portal or other e-mail address of the Company; these treatments are carried out, mainly automated, in the following ways:

1) Data released voluntarily by users
The Data Controller of your data collects personal information and other data that are entered in the registration forms or released in the form fields of the website and / or portal, as well as forwarded to the Company by e-mail. Such data may concern information necessary to provide the services requested by the interested party (eg Newsletter) and / or to contact the interested party (name, postal address, e-mail address, telephone number, user ID and password), or even the date of birth, professional credentials, hobbies and interests of the user.

2) Browsing data collected through the use of electronic tools
The computer systems and software procedures used to operate the Data Controller's website acquire, during their normal use, a series of personal information whose transmission is implicit in the use of Internet communication protocols (for example, the IP address of the user or the domain name of the computer used to access the website, the URL of the requested resources, the time of the request or the time of the session, the method used to submit the query to the server, the size of the files received in response to the request, the numeric code concerning the status of the response given by the server and other type of information regarding the operating system and the user's IT environment). The website and / or web portal of the Data Controller of your data uses technologies such as cookies or similar for the purpose of collecting and / or transmitting personal data of users. The Data Controller of your data uses these technologies exclusively for the purpose of obtaining statistical information on the use of the site and / or web portal (eg total number of visitors on the sites, number of visitors per single web page, name of the source domain of the visitors' internet service provider). In particular, the use of session cookies (those that are removed from the user's computer when the browser is closed) is strictly limited to the transmission of information related to the user's session, of fundamental importance for safe and efficient navigation of the user. website and / or portal. Furthermore, the use of such session cookies strictly excludes the use of other technologies that could compromise the privacy of the users and does not allow the acquisition of personal identification data.


Details on the processing of personal data

The Data concerning the User is collected to allow the Owner to provide its services, as well as for the following purposes: Analytics, Contacting the User, Interaction with social networks and external platforms, Registration and authentication, Social Applications, Payment management, Interaction with support and feedback platforms, Infrastructure monitoring, Traffic optimization and distribution, Interaction with live chat platforms, Remarketing and Behavioral Targeting, Address management and sending of email messages, Displaying content from external platforms, Affiliation commercial and Heat mapping. The types of Personal Data used for each purpose are indicated in the specific sections of this document.


Purposes of processing the collected data

Personal Data may be collected for the following purposes and using one or more of the following services:

- Social Applications
- Interaction with social networks and external platforms
- Contact the user, chat and feedback
- Traffic optimization and distribution, infrastructure monitoring
- Remarketing and Behavioral Targeting
- Statistics
- Display of content from external platforms
- Registration and authentication


Purpose of the collection

The data controller of the aforementioned data collects the personal data of its users necessary to implement the authorization, authorization and personalization of access to the various areas and related contents of the Company's website / portal. Furthermore, the owner of the aforementioned data processing acquires the data necessary to execute the contractual obligations assumed towards customers and deriving from booking operations. The execution of these obligations necessarily entails that these data have access to the employees of the Mediawest operational and commercial functions, as well as the employees of third-party service companies. The data controller of the aforementioned data uses personal data collected on-line in order to offer products and services, check the system of authorized accesses to monitor data security, evaluate job submissions submitted by candidates (CV); only on specific request of the interested party, by means of an online registration form, the owner of the aforementioned data processing submits offers of a commercial nature and promotes marketing initiatives through his own "Newsletter". The owner of the aforementioned data processing, as the "Data Controller" of the related processing, informs that the data referred to in the subject will be processed and used exclusively for the purposes outlined in this Privacy Policy.

Personal data collected by filling in the forms on the website / web portal of the data controller mentioned above are processed in order to:

allow access to services provided by the site / portal
be able to contact you at your request to provide you with the specific information and assistance you need for which you have requested our intervention.
with your specific express consent, for the sending of commercial information both with automated methods (eg email, fax, sms, mms etc.) and not automatically (eg postal mail, telephone with operator etc.)) in relation to products and services of companies and / or business partners,
with your express allowed to carry out, through electronic means, profiling activities, analysis of purchasing decisions and market research in order to improve the offer of services and commercial information.
This request may be supplemented by additional information.


Communication and / or disclosure of personal data

Personal data will be accessible to the organs and employees of the data controller above, formally appointed as Data Processors or Data Processors. The use and transmission of personal data by external individuals and organizations acting on behalf of the data controller of the aforementioned data are governed by contracts that provide for an adequate level of protection of personal data. These subjects are appointed External Managers. Users' personal data will be used and released by the data controller mentioned above exclusively to individuals and organizations working on their own behalf, in accordance with this Privacy Policy and as expressly provided for by current legislation. Furthermore, the owner of the aforementioned data processing manages the information contained on his / her web site / portal in collaboration with other service providers and web agencies, from whom he may receive personal data relating to users of such information. These online partnerships are governed by specific contracts that require an adequate level of protection of personal data processed. In some other cases, the owner of the aforementioned data processing may also be required to release the personal data of users of its website / portal, in execution of contractual obligations, in compliance with current legislation or to satisfy the request for services by concerned; this information release activity can take place in the following cases:

- When online users have authorized the release of information;
- When the data controller of the aforementioned data needs to communicate information about users to offer services and satisfy the request of an online user;
- When the data controller of the aforementioned data needs to communicate information to its partners who perform services for online users;
- When the data controller of the aforementioned data is kept, by order of the judicial authorities, to release information about users, or in accordance with local or international law, regulation or mandate

Furthermore, additional circumstances may arise, if for example the data controller of the aforementioned data decides, for commercial reasons, to carry out sales, mergers or acquisitions of capital. As part of these reorganization activities, personal data may be shared with current or potential buyers. In these circumstances, the data controller of the aforementioned data will obtain written guarantees that the personal data will be processed with an adequate level of protection and, in any case, in compliance with current legislation. Except for cases explicitly permitted by law, or provided for in this Privacy Policy, personal data will not be communicated or shared without the consent of the user concerned. The data controller of the aforementioned data will not transfer, for consideration or free of charge, the personal data of its users of websites to unauthorized third parties.


Protection of personal data

In accordance with the principle of minimization of treatment established in art. 5 GDPR, The owner of the above mentioned data processing guarantees that the processing by electronic means is carried out minimizing the use of personal data and identification data, limiting their use to the cases in which they are strictly necessary for the achievement of the goals for the which have been collected. The data controller of the aforementioned data also guarantees the adoption and compliance with specific security measures to prevent data loss, possible illicit or incorrect use of the same and unauthorized access. User data will be stored by the data controller for a maximum of two years from the last interaction with the user and up to any cancellation order by the data subject, including data that is not required to be kept in relation for the purposes for which they were collected, in compliance with the rights set out in articles 15 - 21 of the GDPR and to be implemented in the manner described in the following paragraph "Your Rights". It is the responsibility of each individual user in charge to guarantee and verify the ownership and custody of their passwords and the corresponding access codes to web resources.


Consent to the processing of personal data

The data controller of the aforementioned data processes the data of its users / customers only with the consent of the same. However, if the user does not consent to the processing of data or requests the deletion of their data, it will not be possible to access the reserved areas of the Company's website / portal.


Optional provision of data

Apart from that specified for navigation data, the user has the right to provide or not the personal data contained in the request forms and / or registration of the website / web portal of the data controller mentioned above. Failure to provide such data may make it impossible to obtain what has been requested. For completeness, it should be noted that in some cases (not subject to the ordinary management of this site) the Authority can request news and information pursuant to art. 58 GDPR, for the purpose of monitoring the processing of personal data. In these cases the answer is mandatory under penalty of administrative sanction.


Right of access to personal data and other rights

Users of the website / web portal can always contact the owner to assert their rights as provided for in articles 15 to 21 of the GDPR on the basis of which:

- The interested party has the right to obtain confirmation of whether or not personal data processing is being processed and in this case to obtain access to personal data and the following information:
a) the purposes of the processing;
b) the categories of personal data in question;
c)the recipients or categories of recipients to whom the personal data have been or will be communicated, in particular if recipients of third countries or international organizations;
d) where possible, the retention period of the personal data provided or, if not possible, the criteria used to determine this period;
e)the existence of the right of the interested party to request the data controller to rectify or delete personal data or limit the processing of personal data concerning him or to oppose their treatment;
f) the right to lodge a complaint with a supervisory authority;
g) if the data are not collected from the data subject, all information available on their origin;
h) the existence of an automated decision-making process, including the profiling referred to in Article 22 (1) and 4 GDPR, and, at least in such cases, significant information on the logic used, as well as the importance and expected consequences of this treatment for the interested party.

- The interested party has the right to obtain:
• updating, rectification or, when interested, integration of data
• the deletion of data concerning him for the reasons specifically provided for by art. 17 GDPR
(right to be forgotten), the transformation into anonymous form or blocking of data processed in violation of the law, including those that do not need to be kept for the purposes for which the data were or subsequently processed;
The owner of the processing of your data, in the event that the personal data have been made public and is obliged to delete them at the request of the interested party, shall take reasonable steps, including technical ones, to inform those who are processing personal data of the request of the is interested in canceling any link, copy or reproduction of his personal data, except in the case in which this fulfillment proves impossible or involves a use of means manifestly disproportionate to the protected right. Interested party has the right to object, pursuant to art. 21 GDPR, in whole or in part:
• for reasons connected with his particular situation to the processing of personal data concerning him, even if pertinent to the purpose of the collection. The data controller refrains from further processing personal data unless he demonstrates the existence of binding legitimate reasons to proceed with the processing that prevail over the interests, rights and freedoms of the data subject or for the assessment, exercise or the defense of a right in court.
• to the processing of personal data concerning him for the purpose of sending advertising or direct sales material or for carrying out market research or commercial communication.

In compliance with these provisions, and in addition to the other rights specified herein, the owner of the aforementioned data processing provides the users of their website / portal the following possibilities:
no collection of personal data: The user can choose not to provide personal data online to the data controller of the aforementioned data deciding not to insert or release personal information in the registration forms or in the form fields of the web, or in this case not using any personalized service among those available on the Company's website / portal. Some of the content and / or services of the site / portal are offered exclusively to users who release personal information or who use personalized services.
limitations on the use and communication of personal data for different purposes: Access to certain sections of content and / or services of the website of the data controller mentioned above may require the user's consent to use and release personal data in order to implement the list of contacts and / or to identify and offer additional services and promotions considered interesting for the user. Users may limit the further processing of such information by verifying or choosing the options to be set at the time the data is entered.

Furthermore, the information provided after the first registration can be modified or canceled by changing the settings previously entered in the registration form on the website / web portal of the data controller mentioned above, by accessing the "Newsletter" section on the home page. It is also possible for users to access their personal data, issued and stored on-line and, where permitted, it is also possible to update and modify personal data online.



Cookies


The “cookie” technology is used to obtain information on the experience gained on the website / web portal and to allow the operation of some services that require the user to be identified in the various pages.


What are cookies?

A "cookie" constitutes information sent by a server to a browser and allows the server to collect information from the browser and vice versa. The cookie will help the website / web portal to recognize your device if the site / portal is visited again. Cookies serve many functions. For example, they can help us remember your username and your preferences, analyze the performance of our website or even allow us to recommend content that we think may be of interest to you.

Our cookies are normally anonymous and can not be linked to the user's personal data. First party cookies are associated with the domain name of the page you are visiting and allow you to identify the person by cross-referencing our database, they can only be assigned upon explicit request by users and in order to allow their immediate identification for access restricted areas of the website, without users having to manually enter the login and password. The user's identity is never, in any case, included directly in the cookie and can not be intercepted.

Every time you access the website / web portal, regardless of the presence or absence of a cookie, we register the type of browser, the operating system and the host together with the source URL of the visitor, as well as the information on the requested page. This data can, therefore, be used in aggregate and anonymous form to perform statistical analysis on the use of the website.


Types of cookies

The cookies used on the website / web portal are divided into 4 types:

- Technical cookies
- Performance and functionality cookies
- Statistical cookies
- Profiling cookies


Technical Cookies
Necessary for navigation within the site / portal and the use of some of its functions (eg timing of the display of some pages in cd mode "pop-up", etc.).

Performance and functionality cookies
The performance cookies collect anonymous information on the pages visited by users. They are used to track the most searched pages and are useful for improving links between pages and for determining the reason for possible error messages. Functionality cookies also memorize the choices made by the user in order to improve navigation and your online experience.

Statistical cookies
Provided and managed by third parties to statistically analyze accesses to the site / portal. The information is collected only in anonymous and aggregate form and no personal data of the users is stored. You can decide not to use these cookies by following the information in the section Purpose of processing the collected data.

Profiling cookies
Provided and managed by third parties to generate specific advertising messages based on the browsing habits and interests of individual users. These cookies do not, however, use sensitive user data. "The storage of information in the terminal equipment of a contractor or a user or access to information already stored is only permitted on condition that the contractor or the user has given his consent after being informed by simplified procedures referred to in Article 13, paragraph 3 "(Article 122, paragraph 1, of the Code). See section Purposes of processing the collected data.


Browser settings (art.122, paragraph 2, of the privacy code and Cookie Law - Directive 2009/136 EC)

The functionality of cookies can be deactivated through the appropriate page made available by EDAA (European Interactive Digital Advertising Alliance) http://www.youronlinechoices.com/it/, or by acting on the settings related to the privacy of your browser. Without prejudice to the foregoing, it is necessary to note that the deactivation of cookies may affect the correct functioning of certain sections of the Website / portal. Each browser manages cookies differently. To disable them, follow the instructions of your browser at the address www.allaboutcookies.org.


What happens to cookies that have been downloaded in the past?

We will read or write cookies solely based on the level of preference indicated in the cookie setting tool. Cookies present before changing your settings will remain on your computer and you can remove them using your browser settings.


Can we know if our users open our emails?

Our emails can contain a "web beacon pixel" that can let us know if our emails have been read and can check if you have clicked on the links contained in the email. We may use this information for various purposes, including determining which of our emails are of greater interest among users and ask if users who do not open our emails wish to continue receiving them. The pixels will be deleted when you delete the email. From that moment on we will not be able to obtain any data, but we will keep the data already in our possession.


Changes to the Privacy Policy

The Privacy Policy of the owner of the aforementioned data processing can be updated and / or modified also in order to incorporate and / or comply with national, EU, international regulations or to adapt to technological innovations. The updates and / or changes that will be made to this Privacy Policy will be shown on this web page, and made constantly visible through the existing hypertext link in the Company website / portal, so that interested parties can be fully informed about the use that is made of personal data provided through the website / web portal of the data controller above. It is recommended to read this Policy every time you visit a website / web portal of the data controller mentioned above.

Offerte speciali