Blog
HOTEL LOGIN
ENG
DEU
ITA

Privacy.

INFORMATIVE
on the processing of personal data
Articles 12 et seq. of Regulation (EU) 2016/679 (GDPR)

FOREWORD
In compliance with the provisions of EU Regulation 2016/679 (hereinafter GDPR) we provide, in the following, the information regarding the processing of personal data provided by the data subject, in relation to the relationship with NetToHotel s.r.l. The information is provided in accordance with Article 13 GDPR.

  1. IDENTITY AND CONTACT DETAILS
    In relation to the different areas in which the processing will be carried out for the purposes of this policy, NetToHotel s.r.l. may hold the role of Data Controller under Art 4 GDPR or of Co-Processor under Art 26 GDPR. The list of the Co-Processor Companies can be found at the following links (https://www.nettohotel.com/contitiolari) and the co-processing agreement is made available upon request by the data subject, who can send an email to assistenza@nettohotel.com.
  2. FINALITÀ DEL TRATTAMENTO, BASE GIURIDICA E PERIODO DI CONSERVAZIONE DEI DATI

    Finalità:     Precontrattuale/contrattuale
    Fornire informazioni su prodotti e servizi commercializzati, se richiesto dall’interessato; esecuzione dei rapporti contrattuali in essere.
    Tipologia di dati trattati: Dati anagrafici e dati di contatto; dati necessari all’esecuzione del rapporto contrattuale.
    Base giuridica: Esecuzione di un contratto di cui Lei è parte o misure precontrattuali adottate su richiesta dell’interessato; adempimenti di obblighi legali. art. 6 co. 1 lett. b) e c) GDPR.
    Ruolo NetToHotel s.r.l.: Titolare del trattamento
    Periodo di conservazione: Secondo norme di legge.

    Finalità: Marketing diretto
    invio, con modalità automatizzate di contatto (email e messaggistica istantanea) e tradizionali (telefonate con operatore e posta ordinaria), di materiale pubblicitario, newsletter, comunicazioni promozionali e commerciali relativi a prodotti e/o eventi e/o corsi di formazione in relazione, nonché realizzazione di studi di mercato e analisi statistiche e rilevazione del grado di soddisfazione della clientela.
    Tipologia di dati trattati: Dati anagrafici e dati di contatto.
    Base giuridica: Consenso (richiesto con contratto o con richiesta specifica);(facoltativo e revocabile in qualsiasi momento)Art. 6 co. 1 lett. a) GDPR. Qualora l’interessato non abbia prestato il consenso per l’invio di comunicazioni commerciali con modalità automatizzate, potrà comunque riceverle attraverso le modalità tradizionali, qualora non abbia manifestato il dissenso attraverso le modalità ordinarie e/o il Registro delle opposizioni.
    Ruolo NetToHotel s.r.l.: Contitolari del trattamento
    Periodo di conservazione: Sino alla revoca del consenso per tale finalità e/o trascorsi cinque anni dall’ espressione del consenso.

    Finalità: Marketing su già clienti
    invio di comunicazioni relative a prodotti/servizi contrattualizzati e/o a prodotti/servizi similari a quelli già contrattualizzati (newsletter, webinar, eventi, attività formative).
    Tipologia di dati trattati: Dati anagrafici e dati di contatto; dati relativi all’azienda di appartenenza e ruolo ricoperto.
    Base giuridica: Legittimo interesse Art. 6 co 1 lett. f) GDPR.
    Ruolo NetToHotel s.r.l.: Contitolari del trattamento
    Periodo di conservazione: Fino alla revoca del consenso.

    Finalità: Marketing indiretto
    generazione di case history e pubblicazioni su social, quotidiani, riviste e siti internet di immagini, video, recensioni, valutazioni ed altri contenuti che l’interessato può liberamente decidere di condividere con i Contitolari del trattamento, nonché su eventuali altri mezzi di comunicazione utilizzati (come previsto dai singoli consensi di volta in volta richiesti).
    Tipologia di dati trattati: Dati anagrafici; immagini, suoni, società di appartenenza, ruolo ed esperienza professionale, nickname, profilo dei social networks
    Base giuridica: Consenso (facoltativo e revocabile in qualsiasi momento) Art. 6 co 1 lett. a) GDPR.
    Ruolo NetToHotel s.r.l.: Contitolari del trattamento
    Periodo di conservazione: Sino alla revoca del consenso per tale finalità e/o trascorsi cinque anni dall’ultima interazione con le Contitolari del trattamento.

    Finalità: Se necessario, per accertare, esercitare o difendere i diritti delle Contitolari in sede giudiziaria.
    Tipologia di dati trattati: Dati anagrafici e dati di contatto, dati relativi all’esecuzione del contratto.
    Base giuridica: Consenso (facoltativo e revocabile in qualsiasi momento) Art. 6 co 1 lett. f) GDPR.
    Ruolo NetToHotel s.r.l.: Titolare del trattamento
    Periodo di conservazione: Per il tempo necessario a all’esercizio dei diritti in sede giudiziaria.

    Finalità: Finalità di assistenza su prodotti e servizi acquistati.
    Tipologia di dati trattati: Dati anagrafici e dati di contatto, dati relativi all’esecuzione del contratto.
    Base giuridica: Esecuzione di un contratto di cui Lei è parte (per risoluzione anomalie e malfunzionamenti).Interesse legittimo (per analisi finalizzate al miglioramento del servizio).
    Ruolo NetToHotel s.r.l.: Titolare del trattamento
    Periodo di conservazione: Cinque anni dall’ultima interazione.
  3. OBLIGATORYITY OF THE PROVISION OF DATA
    The interested party must provide NetToHotel s.r.l. with the data necessary for the performance of the contractual relationship, as well as the data necessary to fulfill obligations under laws, regulations, EU rules, or provisions of Authorities empowered to do so by law and supervisory and control bodies (referred to purposes a) and f) above).Data that are not essential for the performance of the contractual relationship are qualified and considered supplementary and their provision by the data subject, if requested, is optional and subject to consent. The consent provided may be revoked by the data subject at any time by writing an email to: assistenza@nettohotel.com. Such revocation will in no way affect the lawfulness of the processing based on the consents given before revocation.
  4. METHODSOF PROCESSING
    Personal data will be recorded, processed and stored in the Companies' archives, both paper and electronic, in compliance with the appropriate technical and organizational measures referred to in Article 32 of the GDPR. The processing of personal data of the data subject may consist of any operation or set of operations among those indicated in 'art. 4, paragraph 1, point 2 of the GDPR. The processing of personal data will take place through the use of tools and procedures suitable to guarantee their security and confidentiality and may be carried out, directly and/or through delegated third parties, either manually by means of paper media, or by means of computer or electronic tools. The data, for the purposes of the proper management of the relationship and the fulfillment of legal obligations, may be included in the internal documentation of NetToHotel s.r.l. and if necessary also in the records and registers required by law. The personal data of the interested party may be processed by employees of the business functions of NetToHotel s.r.l. in pursuit of the above-mentioned purposes. These employees have been expressly authorized to the processing and have received appropriate operating instructions pursuant to and in accordance with Article 29 GDPR
  5. CATEGORIES OF RECIPIENTS OF PERSONAL DATA
    The personal data of the data subject may be communicated to and processed by external parties operating as autonomous data controllers pursuant to Articles 4 and 24 GDPR such as, by way of example, authorities and supervisory and control bodies and in general subjects, public or private, legitimated to request the data and/or to parties operating as Data Processors pursuant to Article 28 GDPR), such as, by way of example, consulting companies and/or professional firms and/or professionals, e.g. legal, tax and insurance companies. The data may also be communicated by NetToHotel s.r.l. to its business partners/dealers for the fulfillment of activities related to the execution of the contract or for the performance -by the same- of commercial actions, subject to the express consent of the data subject.
  6. DATA TRANSFERTO NON-EU COUNTRIES
    Data provided by the data subject will be processed only in countries located within the European Union. Should the personal data of the data subject be processed in a non-EU state, the rights granted to the data subject under EU law will be guaranteed and the data subject will be promptly notified.
  7. RIGHTS OF THEDATA SUBJECT
    Pursuant to Articles 15 et seq. GDPR, the data subject may exercise the following rights:
    1. access: confirmation or otherwise that personal data of the data subject is being processed and the right to access the same; requests that are manifestly unfounded, excessive or repetitive cannot be answered;
    2. rectification: to correct/obtain the correction of personal data if incorrect or outdated and to complete them, if incomplete;
    3. deletion/oblivion: to obtain, in some cases, the deletion of the personal data provided; this is not an absolute right, as NetToHotel s.r.l. may have legitimate or legal reasons for retaining it;
    4. limitation: the data will be archived, but can neither be processed nor processed further, in the cases provided for by the legislation;
    5. portability: to move, copy or transfer the data from NetToHotel s.r.l.'s databases to third parties. This applies only to data provided by the data subject for the performance of a contract or for which consent has been given and express and the processing is carried out by automated means;
    6. opposition to direct marketing;
    7. withdrawal of consent at any time, if the processing is based on consent.
    Pursuant to art. 2-undicies of Legislative Decree. 196/2003, the exercise of the data subject's rights may be delayed, limited or excluded, by reasoned notice given without delay, unless such notice would jeopardize the purpose of the limitation, for such time and to the extent that this constitutes a necessary and proportionate measure, having regard to the fundamental rights and legitimate interests of the data subject, in order to safeguard the interests referred to in subsection 1, letters a) (protected money laundering interests), e) (to the conduct of defensive investigations or the exercise of a right in court)and f) (to the confidentiality of the identity of the employee who reports wrongdoing of which he/she has become aware by reason of his/her office). In such cases, the rights of the interested party may also be exercised through the Guarantor in the manner set forth in Article 160 of the same Decree. In this hypothesis, the Guarantor will inform the interested party that he/she has carried out all the necessary verifications or has carried out a review as well as the interested party's right to bring a jurisdictional appeal.
    It should also be noted that - before processing requests - NetToHotel s.r.l. may carry out an assessment of the identity of the interested party, in order to evaluate the legitimacy of the request received.

Do you want to increase your business?

If you are a hotelier or owner of tourist accommodation and you need information about our services, contact us by phone at +39 011 4347428 or fill out the following contact form:

I am interested in:
Pursuant to the European law 2016/679 GDPR on the protection of privacy, by pressing the 'send' button, you authorize the processing of personal data sent.
Thank you, your message has been successfully sent!
Oops! Something is not working, please try again later!
Home GDS Booking Engine Channel Manager Digital RFP Consortia About us Blog Contact
© NettoHotel Srl - Piazza Della Repubblica, 9 - 20121 Milano
P.IVA/CF 05355610964 - REA Milano 1815839 - CAP. SOC. € 10.500 i.v.

Privacy Policy| Cookie Policy