Skip to content

Privacy Policy

ENGLISH
(Update to 23 May 2018)

VILLA LAVANDA TODI recognizes the importance of protecting personal information and undertakes to process it responsibly and in compliance with applicable regulations. Villa Lavada Todi , as data controller, informs you pursuant to ‘art. 13 EU Regulation n. 2016/679 (later, “GDPR”) that your data will be processed in the manner and for the following purposes:

Object of the treatment
The Data Controller processes personal, contacting, identifying and non-sensitive data (for example, but not limited to, name, surname, nationality, address, telephone number, e-mail address – hereinafter, ” personal data ” or even ” data “) from You communicate through: to) the Web site www.villalavandatodi.com of the Data Controller (hereinafter, ” Site “) to the “Contact” section or through the online compilation of the “Form” request for an estimate or the “Form” for the sending of newsletters, both present on the Website; b) the mailbox info@villalavandatodi.com of the Data Controller – also available on the website – for the on-line request for quotes, information or clarifications.

In case of use of social networks – such as Facebook and Instagram – the privacy policy established on a case by case basis is applicable.

Purpose of the treatment
The personal data supplied by you to www.villalavandatodi.com are processed in order to allow the services requested by you, namely:

A) without your express consent (Article 24 letter a), b), c) Privacy Code and art. 6 lett. b) GDPR), for the following Service Purposes:
Process a contact request and prepare a quote
Keep communication with you fluid and dynamic with any means, including the use of social networks and instant messaging applications. In these cases, save the application of this Policy, it is also the application of the Privacy Policy of social networks or instant messaging applications
Allow you to use any services you may request;
Manage and maintain the site;
Fulfill the obligations established by law, by a regulation, by community legislation or by an order of the Authority;
Prevent or discover fraudulent activities or malicious activities harmful to the Site;
Exercise the rights of the owner, for example the right to exercise a right in court.
B) Only subject to your specific and distinct consent (articles 23 and 130 of the Privacy Code and article 7 of the GDPR), for the following Other Purposes.,
Participate through the Website to initiatives organized by the Owner
Method of treatment
The processing of your personal data is carried out by means of the operations indicated in art. 4 of the Privacy Code and art. 4 n. 2) GDPR and more precisely: collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data. Your personal data are subjected to both paper and electronic and / or automated processing, through the use of servers in the EU. The Data Controller will process the personal data for the time necessary to fulfill the aforementioned purposes and in any case for no more than 5 years from the termination of the Service Finality report and no later than 2 years from the collection of data for the Other Finances.

Safety
The Owner has taken a variety of security measures to protect your data against the risk of loss, misuse or alteration. In particular: has adopted the measures referred to in Articles 32-34 of the Privacy Code and art. 32 GDPR; uses the data encryption technology established by the AES Standards (BCrypt) and the protected data transmission protocols known as HL7 and HTTPS; complies with the ISO / IEC 27000, WG3 and WG4 standards.

Data processing
Your data may be made accessible for the purposes referred to in art. 2.A) and 2.B)

to employees and collaborators of the Owner, in their capacity as persons in charge and / or system administrators;
to third party companies or other subjects (e-payment service, suppliers, hardware and software service engineers, shippers and carriers) who carry out outsourcing activities on behalf of the Owner, in their capacity as data processors.
Data communication
Without your express consent (pursuant to Article 24 letter a), b), d) Privacy Code and art. 6 lett. b) and c) GDPR), the Data Controller may communicate your data for the purposes referred to in art. 2.A) to Supervisory Bodies, Judicial Authorities and to all the other subjects to whom the communication is mandatory by law for the accomplishment of said purposes. Your data will not be disclosed.

Data transfer
The management and storage of personal data will take place in Europe, on servers located in Italy of the Data Controller and / or third-party companies appointed and duly appointed as Data Processors.

Rights of the interested party
In your capacity as interested parties, you have the rights referred to in Articles 15-22 GDPR and precisely

The interested party has the right to obtain from the data controller confirmation that it is or is not undergoing the processing of personal data concerning him and in this case, to obtain access to personal data and the following information:

a) the purposes of the processing;
b) the categories of personal data in question;
c) the recipients or categories of recipients to whom the personal data have been or will be communicated;
d) when possible, the retention period of personal data;
e) the existence of the right of the interested party to request the data controller to rectify or delete personal data or limit the processing of personal data concerning him or to oppose their treatment;
f) the right to lodge a complaint with a supervisory authority;
g) if the data are not collected from the data subject, all information available on their origin;
h) the existence of an automated decision-making process.
If personal data are transferred to a third country or to an international organization, the data subject has the right to be informed of the existence of adequate guarantees.

The data subject has the right to obtain from the data controller the correction of inaccurate personal data concerning him without undue delay. Taking into account the purposes of the processing, the data subject has the right to obtain the integration of incomplete personal data, also by providing an additional declaration.

The data subject has the right to obtain from the data controller the deletion of personal data concerning him without undue delay and the data controller is obliged to cancel the personal data without undue delay if there is one of the reasons indicated in the art. . 17 of the GDPR.

The interested party has the right to obtain from the data controller the limitation of processing when one of the following hypotheses occurs:

a) the interested party disputes the accuracy of personal data for the period necessary for the data controller to verify the accuracy of such personal data;
b) the processing is illegal and the interested party opposes the cancellation of personal data and asks instead that its use is limited;
c) although the data controller no longer needs it for processing purposes, personal data are necessary for the data subject to verify, exercise or defend a right in court;
d) the interested party has opposed the treatment pursuant to Article 21 (1), pending verification of the possible prevalence of the legitimate reasons of the data controller with respect to those of the interested party.
The data controller shall inform each of the recipients to whom the personal data have been transmitted of any correction or cancellation or limitation of the processing carried out pursuant to Article 16 , Article 17 (1) and Article 18 , unless this proves impossible or involves a disproportionate effort. The data controller informs the recipient of these recipients if the data subject requests it.

The data subject has the right to receive, in a structured, commonly used and automatically readable form, the personal data concerning him / her provided to a data controller and has the right to transmit such data to another data controller without impediments from part of the data controller to whom he has provided them if: a) the processing is based on consent pursuant to Article 6 (1) (a) or Article 9 (2) (a) or on a contract pursuant to Article 6 (1) (b); and b) processing is carried out by automated means.

The interested party has the right to oppose at any time, for reasons connected with his particular situation, to the processing of his personal data pursuant to Article 6, paragraph 1, letters e) of), GDPR including profiling on the basis of these provisions. The data controller refrains from further processing personal data unless he demonstrates the existence of binding legitimate reasons to proceed with the processing that prevail over the interests, rights and freedoms of the data subject or for the assessment, exercise or the defense of a right in court.

The data subject has the right not to be subjected to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or which significantly affects his person.

How to exercise rights
You can exercise your rights at any time by sending an e-mail at info@villalavanda.com.

minors
This Website and the Services of the Data Controller are not intended for minors under the age of 18 and the Data Controller does not intentionally collect personal information about minors. In the event that information about minors were unintentionally registered, the Data Controller will delete them in a timely manner, at the request of the interested parties.

Owner, manager and agents
Villalavandatodi.com
Cookies Policy
This website uses cookies to ensure the proper functioning of procedures and improve the experience of using online applications.

Cookies are short fragments of text (letters and / or numbers) that allow the web server to store on the client (the browser ) information to be reused during the same visit to the site (session cookies) or later, even after days (persistent cookies). Cookies are stored, according to user preferences, by the individual browser on the specific device used (computer, tablet, smartphone).

Changes to this Information
This information may change.

When this happens, www.villalavandatodi.com adds a new date at the top of this Policy.

It is therefore advisable to regularly check this information and refer to the latest version.

Book your next dream vacation

en_GBEnglish

This website uses technical cookies to improve your experience. Click "Accept" to allow us to use cookies. You can revoke this consent in any moment. For more information please read cookie policy

Questo sito utilizza i cookie per fornire la migliore esperienza di navigazione possibile. Continuando a utilizzare questo sito senza modificare le impostazioni dei cookie o cliccando su "Accetta" permetti il loro utilizzo.

Chiudi