Find your Apartment for your vacations...


  1. Home
  2. Privacy
Privacy

PRIVACY INFORMATION - RESERVATION/BOOKING ENGINE

Information document pursuant to article 13 of EU Reg. 2016/679 (GDPR) - Information on the processing of personal data collected from the interested party.

In compliance with the provisions of EU Reg. 2016/679 (European Regulation for the protection of personal data) we provide the necessary information regarding the processing of personal data provided.

Definitions: the art. 4 of EU Reg. 2016/679 defines "personal data" any information concerning an identified or identifiable natural person ("concerned"); an identifiable natural person can be identified, either directly or indirectly, with particular reference to an identifier such as a name, an identification number, location data, an online ID or one or more characteristic elements of his physical identity, physiological, genetic, psychological, economic, cultural or social.

  1. HOLDER OF THE TREATMENT

    pursuant to art. 4 of EU Reg. 2016/679, is Arena Immobiliare Turistica di Sica Francesco Unipersonale with offices in Via Adriatica n. 46, Zip Code 33054 City Lignano Sabbiadoro (UD), info@agenziaarena.it with exclusive reference to the role of owner of the business called “Agenzia Arena”.

  2. PURPOSE OF TREATMENT

    The personal data provided will be processed for the following purposes:

    • to acquire and confirm your booking of accommodation and ancillary services and to provide the requested services. Since this processing is necessary for the definition of the contractual agreement and for its subsequent implementation, the provision of data is mandatory. If you refuse to provide your personal data, we will not be able to confirm your booking or provide you with the services you have requested. The processing will cease after your departure, but some of your personal data may or must continue to be processed for the purposes and in the manner indicated in the following points; this procedure is managed by the booking software and the related data are processed by the company Mercurio Sistemi Srl, which acts as Data Processor on behalf of the Data Controller and guarantees the protection and storage of data.
    • to fulfill the obligation established by the "Consolidated text of public safety laws" (article 109 RD 18.6.1931 n. 773) which requires us to communicate to the Police Headquarters, for public safety purposes, the personal details of the clients accommodated according to the established procedures by the Ministry of the Interior (Decree of 7 January 2013). The provision of data is mandatory, and in case of refusal to provide them we will not be able to host you in our structure. The data acquired for this purpose is not stored by us.
    • to fulfill current administrative, accounting and tax obligations. For these purposes, the processing is carried out without the need to obtain your consent. The data is processed by us and by our authorized employees and is communicated externally only in fulfillment of legal obligations. In case of refusal to provide the data necessary for the above fulfilments, we will not be able to provide you with the requested services.

  3. LEGAL BASIS OF THE TREATMENT

    The legal basis applicable to the processing of your personal data for the purposes indicated is:

    • the execution of the contract referred to in Article 6, paragraph 1, letter b) of EU Reg. 2016/679, if the booking is successfully defined, as the processing of the guest's personal data is necessary for the purpose of concluding of the accommodation rental contract.
    • the fulfillment of a legal obligation to which the Data Controller is subject pursuant to article 6, paragraph 1, letter c) of EU Reg. 2016/679.

  4. RECIPIENTS OR CATEGORIES OF DATA RECIPIENTS

    The personal data provided will be communicated to recipients who will process the data as managers (Article 28 of EU Reg. 2016/679) and/or as natural persons acting under the authority of the Data Controller and the Manager and who operate as employees or collaborators with specific appointments as authorized to process (art. 29 of EU Reg. 2016/679), for the purposes listed above in point 2.

    By way of non-exhaustive example, the data will be communicated to:

    • subjects that provide services for the management of the information system used by the Data Controller and the related telecommunications networks, including e-mail and website management.
    • professionals and consultants in the field of assistance and consultancy relationships.
    • competent authorities for the fulfillment of legal obligations and/or provisions of public bodies, upon request.

    The subjects belonging to the aforementioned categories perform the function of data processing manager, or operate in total autonomy as separate data controllers.

    The list of data processors is constantly updated and available at the registered office of the data controller.

    Any further communication will take place only with your explicit consent, in accordance with and within the limits of the GDPR.

    Your data, object of the treatment, will not be disclosed.

  5. DATA TRANSFER TO A THIRD COUNTRY AND/OR AN INTERNATIONAL ORGANIZATION AND WARRANTIES

    Personal data is stored on servers located within the European Union.

    In any case, it is understood that the Data Controller, if necessary, will have the right to move the servers even outside the EU.

    In this case, the Data Controller ensures from now on that the transfer of data outside the EU will take place in compliance with the applicable legal provisions, subject to the stipulation of the standard contractual clauses envisaged by the European Commission and the user will be informed.

  6. DATA RETENTION PERIOD OR CRITERIA FOR DETERMINING THE PERIOD

    The processing will be carried out in an automated and manual form, with methods and tools aimed at guaranteeing maximum security and confidentiality, by the Data Controller and/or by persons specifically authorized to do so.

    In compliance with the provisions of the art. 5 paragraph 1 letter. e) of EU Reg. 2016/679, the personal data provided for the booking of the accommodation will be kept for the rental of the accommodation, for the minimum period required by law in relation to the accounting/tax regime adopted by the Owner and in any case no later than the following 10 years, in order to verify any pending matters including accounting documents (for example invoices).

  7. RIGHTS OF INTERESTED PARTIES

    The interested party may assert their rights as expressed by EU Regulation 2016/679 by contacting the Data Controller, sending an email to info@agenziaarena.it or writing to the Data Controller's office indicated above.

    The interested party has the right, at any time, to ask the Data Controller:

    1. access to your personal data (art. 15);
    2. rectification (art. 16);
    3. the cancellation (art. 17) of the same;
    4. the limitation of the treatment (art. 18);
    5. the transfer of personal data to another owner (art. 20);
    6. the interested party also has the right, if it is not possible to request the cancellation of the data, to oppose the treatment when this is justified by reasons relating to his particular situation (art. 21).

  8. POSSIBILITY OF COMPLAINT TO THE GUARANTOR

    Without prejudice to any other administrative and judicial appeal, if the data subject believes that the processing of data violates the provisions of EU Reg. 2016/679, the interested party has the right to lodge a complaint with the supervisory authority (Guarantor for the protection of personal data) pursuant to art. 15 letter f) of EU Reg. 2016/679.

  9. NATURE OF THE DATA PROVISION AND CONSEQUENCES OF THE REFUSAL TO PROVIDE THE DATA

    • Since these are treatments necessary for the definition of the contractual agreement and for its subsequent implementation, the provision is mandatory. In case of refusal to provide personal data, the reservation cannot be confirmed or the requested services provided.

  10. AUTOMATED DECISION-MAKING PROCESSES

    There is no automated decision making process.