LEARN MORE ABOUT OUR PRIVACY STATEMENT
In this privacy statement, Visconti Cesi S.r.l. with registered office at Via Catania N. 9 - 00161, Rome, the provider of hotel and catering services for Palazzo Scanderbeg located at Piazza Scanderbeg 117, 00187 Roma, intends to describe the way it operates website: http://www.palazzoscanderbeg.com particularly as regards the purposes for which and the manner in which the personal data of the users who consult it are collected, recorded and used.
This disclosure, which is also made pursuant to Article 13 of Legislative Decree 196/2003 - the Italian Data Protection Code, is based on Recommendation 2/2001, which the European data protection authorities, forming part of the Working Party group set up und er Article 29 of Directive 95/46/EC , adopted on 17 May 2001 in order to set out some minimum requirements for the collection of personal data online.
The information only refers to website http://www.palazzoscanderbeg.com and not also to other siti web websites that users may consult through links on the above web site.
Pursuant to Article 28 of Legislative Decree 196/2003, the Data Controller is VISCONTI CESI S.r.l. with registered office at Via Catania, 9 – 00161 Roma.
Users may obtain an up-to-date list of Visconti Cesi S.r.l.’s internal and external Data Processors by contacting the company.
Pursuant to Article 29 of Legislative Decree 196/2003, the Data Processor is the General Manager of Palazzo Scanderbeg T (+39) 06 89529001 – Email: firstname.lastname@example.org Pursuant to Article 29 of Legislative Decree 196/2003, the external Data Processor and System Administrator for the operation of the www.palazzoscanderbeg.com and the online booking platform, www.blastnessbooking.com is integrated in the website is BLASTNESS S.r.l. with registered office at Galleria del Corso n.2, 20122 Milano, Tel. 0187 599737- Fax 0187 020349 – email: email@example.com.
PLACE OF DATA PROCESSING
The processing connected with the web services of this site takes place at the registered offices of the data controller and processors. The two companies do not transmit the data obtained through the web service to third parties unless transmission is strictly pertinent to the purpose for which the data are processed or imposed by laws or regulations.
The data supplied voluntarily to the site in order to make online bookings are stored in the database of BLASTNESS S.r.l. The owner of the hotel booking engine applied to website http://www.palazzoscanderbeg.com.
BLASTNESS S.r.l. the provider of the booking service for the Palazzo Scanderbeg Roma, website, supplies the data gathered from its booking platform to the hotel, i.e. to Società Visconti Cesi S.r.l. the data controller.
PURPOSE OF PROCESSING
The personal data provided voluntarily and optionally by the users who carry out online bookings, register for the newsletter or merely apply for job vacancies sending their CVs in digital form, are only used to provide the service or perform the task required and are not transmitted to third parties unless transmission is imposed by law or is strictly pertinent to and necessary for compliance with the requests concerned.
In detail, the personal data which the persons concerned provide voluntarily will be collected digitally and processed, also using electronic means, either directly and/or through authorised third parties (e-mail services companies, website hosting companies), for the following purposes:
The data we process may include sensitive data as defined in Article 4, paragraph (d), of Legislative Decree 196/2003, i.e. “personal data which may reveal racial or ethnic origin, religious, philosophic or other convictions, political opinions, the membership of parties, trade unions, religious, philosophic, political or trade union associations or organisations and which give information regarding state of health and sexual life” which you have provided voluntarily in the notes box in the booking form because it may be necessary in order for us to provide you with our services (food allergies, disabilities, information regarding state of health, etc.).
These data will be processed in accordance with the Italian Data Protection Authority’s general authorisation 5, issued to cover only the data and operations that are indispensable in order to fulfil the obligations, including the pre-contractual obligations, which the hotel undertakes in its sector of activity in delivering specific goods or services at the requests of the persons concerned.
Pursuant to Article 26 of Legislative Decree 196/2003, we will process any sensitive data that you provide observing the utmost confidentiality and will not distribute them.
MANAGEMENT OF CVs
Visconti Cesi S.r.l. reserves the right to examine the CVs we receive in connection with job vacancies advertised in the “Work with Us” section.
We will not transmit your CV to third parties.
CVs which we consider of interest will be stored for one year and they will be processed in full compliance with the minimum security requirements set out in Articles 33, 34 and 35 of Legislative Decree 196/2003.
Candidates, however, are asked kindly to comply with the following rules in transmitting their CVs in digital format:
It will be the responsibility of the Company to give candidates the information required under Article 13 of Legislative Decree 196/2003 during any interviews it conducts with them.
The purposes of processing, related to the management of CVs, will involve activities that are closely connected with the assessment, recruitment or selection of personnel with a view to a collaboration contract, temporary or permanent employment or an internship or in order to give the chosen candidates the opportunity to prepare their thesis while working with us.
TRANSMISSION AND DISTRIBUTION OF DATA
Only formally appointed personnel who have been trained in personal data confidentiality and security may process personal data gathered from the www.palazzoscanderbeg.comwebsite at the Data Controller’s office.
The personal data of those concerned may be processed by the following persons in the various spheres of the activities for which they are responsible:
TYPE OF DATA PROCESSED
While they operate, the software applications which run this website acquire some personal data whose transmission is implicit in the normal IP communications protocol. This is information which is not collected in order to be directly associated with the users concerned, but which, by its very nature, could allow the users to be identified by means of subsequent processing and correlation with data held by third parties (providers).
This category of data includes IP addresses or domain names of the computers used by users who connect with the website, the date and hour of the request, the addresses in URI (Uniform Resource Identifier) of the resources requested, the size of the file obtained from the server in response, the number code giving the status of the server’s response (OK, error, etc.) and other parameters of the users’ operating system and IT environment. These data are only employed in order to obtain anonymous statistical information on the use of the website and to check that it is functioning correctly and are deleted immediately after they have been processed.
They could be used by judicial authorities to establish responsibility in the event of IT crimes against the web site; except as stated, data on website visits are not kept for longer than seven.
Data provided voluntarily by users
Sending optional, explicit and voluntary e-mail messages to the addresses given on this website entails the subsequent acquisition of the sender’s address, which is necessary to reply to requests, and of any other personal data included in the message.