WHY THIS NOTICE?
This page describes the web site’s management methods in relation to the processing of site visitors’ personal data.
This is a disclosure also made in accordance with art. 13, Italian Leg. Decree 196/2003 – The Personal Data Protection Code – for those interacting with web services provided by the Personal Data Protection La Medusa Grand Hotel, accessible online from the following address:
corresponding to the homepage of the site La Medusa Grand Hotel.
This disclosure refers only to the La Medusa Grand Hotel’s web site and not for any other web site accessed by the user via links.
The disclosure also refers to Recommendation no. 2/2001 on personal data protection which the European authorities, through the Group established pursuant to art.29 of EU Directive 95/46/EC, adopted on 17 May 2011 to identify a number of minimum requirements for online collection of personal data and, in particular, the methods, timing and nature of the information that data processing controllers are expected to provide to users when they connect to web pages, regardless of the purpose of connection.
DATA PROCESSING CONTROLLER
After consulting this web site, the data relating to identified or identifiable persons may be processed.
The Data Processing “Controller” is La Medusa Grand Hotel, with its operations base at Via Passeggiata Archeologica, 5 Castellammare di Stabia - 80053 - Sorrento Coast - ITALY, Piano di Sorrento (NA) – email: email@example.com
DATA PROCESSING VENUE
The processing in relation to web services for this site is performed at the aforementioned address of the La Medusa Grand Hotel and only by technical office staff appointed for such purposes, or by other persons appointed for occasional maintenance operations.
No data deriving from the web service is communicated or disclosed to other parties.
The personal data provided by users submitting requests for the issue of information (brochures, CD-ROMs, newsletters, replies to queries, etc.) is used only to complete the service required and is disclosed to third parties only if strictly necessary for that purpose.
TYPES OF DATA PROCESSED
As part of their normal operations, the IT systems and software processes used to operate this web site acquire elements of personal data, the transmission of which is implicit in the use of Internet communications protocols.
This data is not gathered for association with the identified parties, but through processing and association with data held by third parties its very nature could allow identification of the user.
This data category includes IP addresses or domain names of the computers used by users connecting to the web site, URI (Uniform Resource Identifier) coded addresses for the resources requested, the time of the request, the method used to send the request to the server, the size of the response file received, the numeric code indicating the response status from the server (successful, error, etc.) and other parameters relating to the operating system and IT environment of the user.
This data is used only to obtain anonymous statistics on use of the web site and to check that the site is operating correctly, and is cancelled immediately after processing. The data could be used to ascertain liability in the event of computer crime against the web site: except in such cases, the web contact data is not kept for more than seven days.
Data provided voluntarily by the user
The optional, explicit and voluntary sending of e-mails to addresses indicated on this web site results in subsequent capture of the sender's address, necessary in order to reply to requests, together with any other personal data included in the message.
Specific summary data can gradually be published or made visible on the pages of the web site prepared for special services on request.
No personal data of users is deliberately captured from the web site.
Cookies are not used to transmit data of a personal nature, and no permanent cookies or user tracking systems are used.
The use of session cookies (not permanently stored on the user’s computer and disappear when the browser is closed) is strictly limited to the transmission of session data (random numbers generated by the server) which is needed to ensure secure and efficient browsing of the web site.
The session cookies used on this web site avoid recourse to other IT approaches that could compromise users’ browsing confidentiality and do not allow the capture of personal data identifying the user.
OPTIONAL PROVISION OF DATA
Except for that specified under Browsing Data, the user is free to provide personal data in request forms sent to La Medusa Grand Hotel or in any event indicated in contact with our office to accelerate the issue of information or other communications.
Failure to provide such data might mean that it would be impossible to obtain the information requested.
DATA PROCESSING METHOD
The personal data is processed using automatic tools for the length of time strictly necessary to achieve the purpose for which it was obtained.
Specific security measures are adopted to prevent data loss, unlawful or incorrect use and unauthorised access.
RIGHTS OF THE INTERESTED PARTIES
The parties to whom the personal data refers have the right to obtain confirmation, at any time, of the existence or otherwise of such data and to be informed of the content and source, verify its accuracy or request integration, updating or correction (art. 7, Italian Leg. Decree 196/2003).
The same article offers the right to cancellation, transformation into anonymous format or block data processed in violation of the law, or in any event and for legitimate reasons oppose its processing.
Requests should be addressed to La Medusa Grand Hotel with registered office at Via Passeggiata Archeologica, 5 Castellammare di Stabia - 80053 - Sorrento Coast - ITALY as follows:
via mail to firstname.lastname@example.org or via fax on +39 0818717009
For the purpose of providing complete information, the article on the rights of interested parties is provided below.
Art. 7. Personal data access rights and other rights
1. The interested party has the right to obtain confirmation of the existence or otherwise of his/her personal data, even if not yet recorded, and its communication in an intelligible format.
2. The interested party has the right to be informed of:
a) the source of the personal data;
b) the purpose and method of processing;
c) the logic applied in the event of processing via electronic means;
d) details of the controller, manager and appointed officer under the terms of article 5, subsection 2;
e) the parties and categories of parties to whom personal data may be communicated or who may become aware of data as designated Italian representative, manager or officer.
3. The interested party has the right to:
a) updating, amendment and integration of the data, if required;
b) cancellation or transformation into anonymous format or the blocking of data processed in violation of the law, including data no longer necessary for the purpose for which it was obtained or later processed;
c) confirmation that the activities listed under points a) and b) above have been notified, also with regard to content, to the parties to whom the data has been communicated or disclosed, unless such confirmation proves impossible or would require the exploitation of means disproportionate to the right protected;
4. The interested party has the right to oppose, wholly or in part:
a) for legitimate reasons, the processing of related personal data, even if relevant to the purposes of its collection;
b) the processing of his/her personal data for the purpose of advertising material mailings or direct sales or for the purpose of market research or marketing communications.
Every effort will be made so that the functions of this web site interface as much as possible with the automatic privacy control mechanisms available in certain products adopted by users.
As the current quality of automatic control mechanisms do not yet ensure they are free from error or malfunction, note that this document, published at the address: