Privacy policy

Privacy information for the processing of personal data according to EU Regulation No. 2016/679 (GDPR).

Under this regulation, we wish to inform visitors of the website about the use of data entered and cookies used by the site itself. This information is also provided in accordance with Recommendation No. 2/2001 adopted by the Working Group established by Article 29 of Directive No. 95/46/EC. This applies to the website hoteltigullio.com and is not valid for other web pages and links that may be present on the website owned by the data controller.

Mr. Perrone Gianluca, owner of “Hotel Tigullio”, with its registered office at Via Matteotti 1– 161033 Lavagna (GE), Italy (“Controller“), as the data controller, informs you pursuant to Article 13 of Legislative Decree 30.06.2003 No. 196 (“Privacy Code“) and Article 13 of EU Regulation No. 2016/679 (“GDPR“) that your personal data collected on the website https://www.hoteltigullio.com/ (“Site“), connected to the request (“Request“) for information sent to Hotel Tigullio through the “Contact Us” form (“Form“), will be processed in the manner and for the purposes described below.

Subject of the processing

The Controller processes personal, identification and non-sensitive data (for example, but not limited to, name, surname, company name, address, telephone, email – hereinafter, “personal data” or “data“) communicated by you when filling out/sending the Form via the Site or provided by you through participation in opinion polls, online clarification requests, and newsletter subscriptions.

Purposes and methods of processing

For data acquired through cookies, please refer to the dedicated section. For information acquired through the contact form, we inform you that the data provided will be used exclusively to follow up on the proposed request. Any further purpose will be the subject of dedicated information and specific and separate consent.

In particular, only with your specific and distinct consent (articles 23 and 130 Privacy Code and Article 7 GDPR), the Controller will process your personal data to send you email surveys and newsletters about events, services, and products offered.

Data processing is carried out primarily electronically, but paper processing is not excluded.

Data retention period

Data acquired via the web will be stored for the time strictly necessary to follow up on the requests made or for the specific purposes stated. In accordance with Article 5(1)(e) of the EU Reg. 2016/679, personal data collected will nevertheless be stored in a form that allows identification of the data subjects for no longer than is necessary for the purposes for which the personal data are processed. At any time, you may revoke your consent, under Article 7, paragraph 3 of the Regulation. The revocation of consent does not affect the lawfulness of processing based on consent before its revocation.

At any time, you may revoke your consent, under Article 7, paragraph 3 of the Regulation. The revocation of consent does not affect the lawfulness of processing based on consent before its revocation.

Security

The Controller has adopted appropriate security measures to protect your data against the risk of loss, misuse, or alteration.

Access to data

Your data may be made accessible for the purposes set out in Article 2:

• 2: to employees and collaborators of the Controller, in their capacity as persons in charge and/or internal managers of the processing and/or system administrators;
• to third-party companies or other entities (website provider, hardware and software support technicians, professional firms, etc.) that perform outsourcing activities on behalf of the Controller, in their capacity as data processors.

Your data will not be disseminated.

Data processing location

Your data will be processed by the Data Controller at its registered office and operational headquarters.

Data communication

Without your express consent (ex Art. 24 letters a), b), d) Privacy Code and Art. 6 letters b) and c) GDPR), the Controller may communicate your data to supervisory bodies, judicial authorities, and all other entities to whom communication is mandatory by law for the fulfillment of work purposes. However, it is ensured that your personal data will never be made public on the owner’s website.

Data transfer

The Data Controller will not transfer your personal data to third countries outside the European Union.

Data subject rights

As data subjects, you have the rights under Art. 7 Privacy Code and Art. 15 GDPR, specifically the rights to:

• i. obtain confirmation of the existence of personal data concerning you, even if not yet recorded, and their communication in intelligible form;
• ii. obtain information on: a) the origin of the personal data; b) the purposes and methods of processing; c) the logic applied in case of processing carried out with the aid of electronic means; d) the identification details of the controller, the processors and the designated representative under Article 5, paragraph 2 Privacy Code and Article 3, paragraph 1, GDPR; e) the entities or categories of entities to whom the personal data may be communicated or who can learn about them as appointed representative in the State, managers or agents;
• iii. obtain: a) updates, rectification or, when interested, integration of data; b) cancellation, transformation into anonymous form or blocking of data processed unlawfully, including data whose retention is unnecessary for the purposes for which the data were collected or subsequently processed; c) certification that the operations as per letters a) and b) have been notified, also regarding their content, to those to whom the data were communicated or disseminated, except in the case where this fulfillment proves impossible or involves a use of means manifestly disproportionate to the protected right;
• iv. object, in whole or in part: a) for legitimate reasons to the processing of personal data concerning you, even though they are relevant to the collection purpose; b) to the processing of personal data concerning you for the purpose of sending advertising materials or direct selling or for carrying out market research or commercial communication, through the use of automated calling systems without the intervention of an operator, by email and/or through traditional marketing methods by telephone and/or mail.

Where applicable, you also have the rights under Articles 16-21 GDPR (Right of rectification, right to be forgotten, right to processing limitation, right to data portability, right to object), as well as the right to lodge a complaint with the Supervisory Authority.

How to exercise the rights of the data subject

You may exercise your rights at any time by sending:

• a registered letter with return receipt to the business address stated at the beginning;
• an email to the address info(at)hoteltigullio.com

Minors

This Site and the Owner’s Services are not intended for children under 18 years of age, and the Owner does not intentionally collect personal information from minors on the site hoteltigullio.com. If information about minors were inadvertently recorded, the Owner will delete it promptly, upon users’ request.

Data controller, manager and agents

The Data Controller / Manager of data processing (pursuant to Articles 4, 24, 28 of Reg. EU 2016/679) is “Hotel Tigullio,” in the person of Mr. Perrone Gianluca, with the business located at Via Matteotti 1– 161033 Lavagna (GE), Italy.

An updated list of managers and persons in charge of processing is kept at the Data Controller’s office.

Changes to this information

This Information may change. Therefore, it is recommended to regularly check this Information on hoteltigullio.com and refer to the most recent version.

Thank you for reading to the end, and happy browsing!

HOTEL TIGULLIO DI PERRONE GIANLUCA & C. S.A.S.
P.IVA: 02574740995
C.F.: 02574740995
SEDE LEGALE: VIA MATTEOTTI, 1 (16033) LAVAGNA (GE) ITALIA