Hotel Eden
via Porto Palos, 7 – 47922 Viserbella di Rimini (RN)
P. Iva 04121240404

Information on the processing of personal data ex art. 13-14 EU Regulation 2016/679

Chiara Denicolò, as the controller of your personal data, pursuant to EU Regulation 2016/679, hereinafter referred to as ‘GDPR’, hereby informs you that the aforementioned legislation provides for the protection of data subjects with regard to the processing of personal data and that such processing will be based on the principles of fairness, lawfulness, transparency, proportionality and protection of your privacy and rights.

Your personal data, subject to your consent, will be processed in accordance with the provisions of the aforementioned legislation and the confidentiality obligations therein.

Purpose and legal basis of processing: performance of the requested service, in implementation of legislative or contractual obligations.

Method of data processing: your data may be processed by means of electronic computers.

All processing is carried out in compliance with the methods set out in Articles 6 and 32 of the GDPR and through the adoption of the appropriate security measures provided for therein.

Communication: your data will be communicated exclusively to competent and duly appointed data processors for the performance of the services necessary for the proper management of the relationship, with guaranteed protection of the rights of the data subject.

Your data will only be processed by persons authorised and duly trained for this purpose by the Data Controller.

Dissemination: your personal data will not be disseminated in any way.

Storage period: Please note that, in accordance with the principles of lawfulness, purpose limitation and data minimisation, pursuant to Art. 5 of the GDPR, the retention period for your data is:

• established for a period of time not exceeding the achievement of the purposes for which they are collected and processed for the performance and fulfilment of contractual purposes;
• established for a period of time not exceeding the performance of the services provided;
• established for a period of time not exceeding the achievement of the purposes for which they are collected and processed and in compliance with the mandatory time limits prescribed by law.

The data controller, in accordance with the law, is Ms Chiara Denicolò who can be reached on 0541/738234; MAIL: info@hoteledenrimini.it

You have the right to obtain from the Data Controller the erasure (right to be forgotten), restriction, updating, rectification, portability, objection to the processing of personal data concerning you, as well as in general you may exercise all the rights provided for in Articles 15, 16, 17, 18, 19, 20, 21, 22 of the GDPR.

Rights of the Interested Party:

1. The data subject has the right to obtain confirmation of the existence or non-existence of personal data concerning him/her, even if not yet recorded, and its communication in intelligible form.
2. The person concerned has the right to obtain the following information:

• purpose of processing;
• categories of personal data concerned;
• recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular if they are recipients in third countries or international organisations;
• where possible, the intended period of retention of personal data or, if this is not possible, the criteria used to determine that period;
• existence of the data subject’s right to request from the controller the rectification or erasure of personal data or the restriction of the processing of personal data concerning him or her or to object to their processing;
• right to lodge a complaint with a supervisory authority;
• where the data are not collected from the data subject, all available information on their origin;
• the existence of an automated decision-making process, including profiling as referred to in Article 22(1) and (4), and, at least in such cases, meaningful information on the logic used, as well as the importance of such processing for the data subject and the envisaged consequences thereof;
• where personal data are transferred to a third country or international organisation, the data subject has the right to be informed of the existence of appropriate safeguards within the meaning of Article 46 relating to the transfer.3. The data controller provides a copy of the personal data being processed. In the event of further copies requested by the data subject, the data controller may charge a reasonable fee based on administrative costs. If the data subject makes the request by electronic means, and unless otherwise specified by the data subject, the information shall be provided in a commonly used electronic format.4. The right to obtain a copy referred to in paragraph 3 must not infringe the rights and freedoms of others.

3. The data subject has the right to obtain:

• updating, rectification or, when interested, integration of the data;
• the cancellation, transformation into anonymous form or blocking of data processed in breach of the law, including data whose storage is not necessary in relation to the purposes for which the data were collected or subsequently processed;
• certification that the transactions referred to in points a) e (b) have been brought to the attention, also as regards their content, of those to whom the data have been communicated or disseminated, except where this proves impossible or involves a manifestly disproportionate effort compared with the right protected;
• data portability.

4. The data subject has the right to object, in whole or in part:

• for legitimate reasons to the processing of personal data concerning him/her, even if pertinent to the purpose of collection;
• the processing of personal data concerning him/her for the purpose of sending advertising or direct sales material or for carrying out market research or commercial communication.

For an exhaustive list of the data subject’s rights, please refer in each case to the text of Articles 15-22 of the GDPR.