This page describes the website’s management modalities in regards to personal data treatment of its users.
It is an informative document in compliance with art. 13 of the Decree n. 196/2003 – Personal data protection Code for internet users of the website:
This policy concerns only this specific website and not any further website visited by the user through web links.
The Policy is inspired also by the Recommendation n. 2/2001 that the European Authorities for the personal data protection, united in the Group established in art. 29 of the Directive n. 95/46/CE, have received on 17 May 2001 to establish the minimum requisites necessary for personal data on-line collection and, specifically, the modalities, time and type of the information that holders must give to the users each time these connect to their web pages, regardless the reasons of their connection.
THE “HOLDER” OF THE DATA TREATMENT
Following every access of this web site, personal data related to identified or identifiable persons may be treated.
The “holder” of their treatment is Garden Hotel Spa, with offices in: Via Custoza 2 – Siena
DATA TREATMENT CENTRE
Processing of all web services’ data regarding this website all take place at the aforementioned office and are at the disposal of only of the office’s technical staff, or of eventual technicians specifically appointed during occasional maintenance operations.
No data obtained from the web service is communicated nor published.
Personal data given by users who ask for informative materials (forms, CD-ROMs, newsletters, annual reports, questions’ answers, actions and provisions) is used only to accomplish the requested service and are communicated to a third party only in necessary cases.
TYPOLOGY OF THE TREATED DATA
Computer system and software procedures regarding the correct functioning of this website, acquire, during their normal tasks, personal data which transmission is implied in the use of internet communication protocols.
This information is not collected to be directly associated to identifiable persons but, due to their nature and through re-elaborations and connection with third party data, might allow the identification of single users.
In this data category we find IP addresses, or the domain names of the computer used by the users connected to the website, the URI (Uniform Resource Identifier) addresses of the required resources, the time of the request, the method used, the answer’s file dimension, the numeric code of the server’s reply state, the code indicating the server’s reply state (received, error, etc.) and further parameters related to the user’s operating system and computer environment.
This data is used only to obtain anonymous statistics related to the website use and to control its correct functioning and are therefore immediately cancelled after they have been elaborated. Data might be used for determining eventual computer violations of the website: beside this possibility, data regarding web accesses are not kept for more than seven days.
Data provided on the user’s voluntary basis
The optional, clear and voluntary forward of emails at the addresses given on this website, involves the later acquisition of the sender’s address, necessary to reply as well as other further personal data included in the letter.
Specific informative summery notes will be gradually implemented or visualised in the web site’s pages which have been prepared for specific services available upon request.
No users’ personal data will be obtained by the website.
The use of c.d. session cookies (which are not persistently memorised on the user’s computer and which are deleted with the closing of the browser) is strictly limited to the transition of the session’s tracking-number (given by random numbers generated by the server itself) necessary to allow a safe and efficient browsing of the site.
C.d. session cookies used by this website, avoid the use of other computer techniques which might be potentially damaging for the user’s browsing privacy and they furthermore, do not allow personal data capture.
OPTIONAL DATA PROVISION
Besides what is specified for the browsing data, the user is free to provide personal data required in the information forms or specified when contacting our office for further information.
The lack of their provision may determine the impossibility of obtaining the required information.
To be thorough, we must state that in special cases (non ordinary website management activity) the Authorities may ask for news and information in compliance with art. 157 of the Decree m. 196/2003, for personal data treatment control activities. In these cases we must provide such data, to not receive an administrative fine.
Personal data will be treated with automatic systems only for the time necessary to carry out the tasks for which they have been collected.
Specific safety dispositions are followed so as to prevent data loss, illegal or incorrect uses or non authorised accesses.
DATA SUBJECTS’ RIGHTS
Persons who hold personal data have the right, in every moment, to obtain the confirmation of the existence or not of such data and to know their content and origin, to verify their correctness or demand their integration, update or eventual rectification (art. 7 of the Decree n. 196/2003).
In compliance with the same article, people have the right to demand the cancellation, transformation into anonymous form or the complete stop of their personal data processing, in violation with the law dispositions, as well as to take position, in any legitimate case, against their complete processing.
Requests must be forwarded to: email@example.com