We undertake to protect the privacy of our users in accordance with article 13 of Legal Decree 196/2003, “Code regarding the protection of personal data” (Privacy Code) and by article 13, paragraph 1 of EU Regulation 2016/679 relating to the protection of physical persons with regard to the processing of personal data (GDPR).
In compliance with the above-mentioned legislation, such processing is characterised by the principles of correctness, lawfulness and transparency, and by the protection of your confidentiality and your rights.
What are Cookies
Cookies are small text files used to improve website navigation. Thanks to cookies, navigation preferences can be stored by your browser, such as the language spoken, display options, etc.
Cookies are used to facilitate the use of online content; they are saved to the device used and they can be read only by the website that created them.
The site of the Hotel Cardedu uses the following cookies:
These cookies are essential to allowing you to browse the site and fully make use of its features. The cookies used are strictly necessary to the website’s technical operation and navigability, and cookies to save preferences in order to optimize their use (for example language preferences). Without cookies, some features may not be available or may not function properly.
Performance Cookies (third party)
This site uses Google Analytics service, provided by Google Inc. to collect statistical information about the site with a clear intention to improve its performance and usability.
All information collected by these cookies are aggregated in an anonymous form and are only used to improve the functionality of the site.
Profiling Cookies (third party)
Some cookies can also be used to show special offers in line with the preferences shown during navigation, with the aim of improving the user’s experience and conditions of purchase.
The cookies we use for profiling do not collect information that would personally identify the user browsing the pages of the site.
The information obtained can identify only the browser and it cannot in any way identify the user.
How it works: a few pages on the site include a remarketing code that allows to read and configure the browser cookie to determine the type of ad that the user will see on the basis of the data relating to their visit to the site.
The remarketing lists thus created are stored in the Google servers where all the cookie IDs associated with interests are stored.
More information about the remarketing tool is available at this link: https://support.google.com/adwordspolicy/answer/143465?hl=en&ref_topic=3123080&rd=1
Social Network Cookies (third-party)
These types of cookies are managed by different companies belonging to individual Social Networks, each responsible for their own cookies.
Using the links below you can find more information about the privacy policies posted:
Declaration of consent
To agree to data processing and the use of all cookies just leave this notice by closing the associated page, continue navigating the site or click on any of its elements. To refuse consent or otherwise configure the Cookies settings, follow the instructions contained in the following section.
Managing cookies in the browser
All the major browsers allow you to change the settings to manage cookies. You can choose to: enable storing cookies, completely block cookies, decide on a case by case basis which cookies to accept.
These settings vary depending on the browser used. Below are the links to the information pages of the most popular ones:
If you decide to set your browser to block cookies from this site, please note that some features may not be available, and access to some sections will be limited.
The website owner https://www.hotelcardedu.com may process some of your personal data (such as e-mail address, etc.) to inform you about site news and offers. Each user mayat any moment choose to delete their registration to these newsletter services by simply clicking on the appropriate link in any communication sent.
The data you supply via the website’s methods, namely: the contact form, the newsletter, the booking engine, the official email provided in the website, will be processed in order to carry out a booking and an information or availability request on the site https://www.hotelcardedu.com.
Except for navigation data, users are free to provide the prompted personal data, however failure to do so may make it impossible to provide the services requested.
Content and services are provided only to those who allow the processing of personal data. Data processing is done through the use of automated tools, including third parties, manually and according to methods that ensure the outmost safety and confidentiality.
The rights to use the data collected are not transferred to third parties nor are their disclosed or transferred abroad.
Data can be processed electronically or on paper.
Specific security measures are taken to prevent illicit or incorrect and unauthorized access to data. Please note, however, that communications via email on the internet could pass through several countries before being delivered to the recipients. The Hotel Cardedu can not be held responsible for any unauthorized access or loss of personal information outside of its control.
The data will be disclosed only to the extent necessary to execute the contract or booking requests you made. Data will not be disclosed for any other purpose.
Soc. su Scusorgiu di Cabras& C.sas, Loc. su Scusorgiu 08040 Cardedu – email firstname.lastname@example.org
At any time you may exercise your rights towards the data controller, under Article 7 of Legislative Decree n. 196/ 2003 and Article 15 of GDPR that for your convenience is included at the bottom of the page.
a) Minors (article 8 GDPR)
The website and the services of the Controller are not intended for minors below 16 years of age, and the Controller does not intentionally collect personal information regarding minors. The processing of the personal data of minors is legal if the minor is at least 16 years of age. If the minor is less than 16 years of age, such processing is only legal if and to the extent that such consent is provided or authorised by the holder of parental responsibility.
If information regarding minors is involuntarily registered, the Controller will delete this information as soon as possible.
The site uses a booking system that is essential to check availability and allow an estimate of the requested services. The booking system is accessed by logging into the domain booking.myguestcare.com.This domain is connected to the Google Analytics Site https://www.hotelcardedu.com and uses the same cookies already approved by the user to navigate the site https://www.hotelcardedu.com.
LEGISLATIVE DECREE 196/2003
Section 7 – Right to Access Personal Data and Other Rights
1. A data subject shall have the right to obtain confirmation as to whether or not personal data concerning him exist, regardless of their being already recorded, and communication of such data in intelligible form.
2. A data subject shall have the right to be informed:
a) of the source of the personal data;
b) of the purposes and methods of the processing;
c) of the logic applied to the processing, if the latter is carried out with the help of electronic means;
d) of the identification data concerning data controller, data processors and the representative designated as per Section 5(2);
e) of the entities or categories of entity to whom or which the personal data may be communicated and who or which may get to know said data in their capacity as designated representative(s) in the State’s territory, data processor(s) or person(s) in charge of the processing.
3. A data subject shall have the right to obtain
a) updating, rectification or, where interested therein, integration of the data;
b) erasure, anonymization or blocking of data that have been processed unlawfully, including data whose retention is unnecessary for the purposes for which they have been collected or subsequently processed;
c) certification to the effect that the operations as per letters a) and b) have been notified, as also related to their contents, to the entities to whom or which the data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected.
4. A data subject shall have the right to object, in whole or in part,
a) on legitimate grounds, to the processing of personal data concerning him/her, even though they are relevant to the purpose of the collection;
b) to the processing of personal data concerning him/her, where it is carried out for the purpose of sending advertising materials or direct selling or else for the performance of market or commercial communication surveys.
EU Regulation 2016/679 (GDPR)
Article 15 – Right of access by the data subject
1. The data subject has the right to obtain from the data controller confirmation of whether the data subject’s personal data is being processed, and, if applicable, to obtain access to their personal data and the following information:
a) the purposes of processing;
b) the categories of personal data in question;
c) the recipients or categories of recipients to whom personal data has been or will be communicated, especially if these recipients are in third countries or international organisations;
d) where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
e) the existence of the right to request from the data controller rectification or deletion of personal data, or restriction of the processing of personal data concerning the data subject, or to object to such processing;
f) the right to lodge a complaint with a monitoring authority
g) where the personal data is not collected from the data subject, any available information regarding the origin of the data;
h) the existence of automated decision-making processes, including profiling, referred to in article 22, paragraphs 1 and 4, and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject
The data subject also has rights as detailed in articles 16 to 21 of the GDPR (the right to rectification, the right to deletion/the right to be forgotten, the right to restriction of processing, the right to the portability of data, the right to object) as well as the right to lodge complaints with the Guarantor Authority.
MEANS OF EXERCISING RIGHTS
The request can be communicated via registered letter, telefax or electronic mail to Loc. su Scusorgiu 08040 Cardedu tel. fax +39 0782 769198 – email: email@example.com