In this privacy statement, Visconti Cesi S.r.l. with registered office at Via Catania N. 9 - 00161, Rome, the provider of hotel and catering services for Palazzo Scanderbeg located at Piazza Scanderbeg 117, 00187 Roma, intends to describe the way it operates website: http://www.palazzoscanderbeg.com particularly as regards the purposes for which and the manner in which the personal data of the users who consult it are collected, recorded and used.

This disclosure, which is also made pursuant to Article 13 of Legislative Decree 196/2003 - the Italian Data Protection Code, is based on Recommendation 2/2001, which the European data protection authorities, forming part of the Working Party group set up und er Article 29 of Directive 95/46/EC , adopted on 17 May 2001 in order to set out some minimum requirements for the collection of personal data online.
Specifically, these requirements concern the manner in which data controllers must provide information to users when they connect to web pages and the timing and contents of this information, regardless of the purpose of the connection, and prescribe the information regarding the use of cookies that must be givento persons browsing the site, in compliance with Directive 2009/136 /EC and the Italian Data Protection Authority’s General Order of 8 May 2014.

The information only refers to website http://www.palazzoscanderbeg.com and not also to other siti web websites that users may consult through links on the above web site.

Pursuant to Article 28 of Legislative Decree 196/2003, the Data Controller is VISCONTI CESI S.r.l. with registered office at Via Catania, 9 – 00161 Roma.
Users may obtain an up-to-date list of Visconti Cesi S.r.l.’s internal and external Data Processors by contacting the company.


Pursuant to Article 29 of Legislative Decree 196/2003, the Data Processor is the General Manager of Palazzo Scanderbeg T (+39) 06 89529001 – Email: info@palazzoscanderbeg.com Pursuant to Article 29 of Legislative Decree 196/2003, the external Data Processor and System Administrator for the operation of the www.palazzoscanderbeg.com and the online booking platform, www.blastnessbooking.com is integrated in the website is BLASTNESS S.r.l. with registered office at Galleria del Corso n.2, 20122 Milano, Tel. 0187 599737- Fax 0187 020349 – email: info@blastness.com.

The processing connected with the web services of this site takes place at the registered offices of the data controller and processors. The two companies do not transmit the data obtained through the web service to third parties unless transmission is strictly pertinent to the purpose for which the data are processed or imposed by laws or regulations.
The data supplied voluntarily to the site in order to make online bookings are stored in the database of BLASTNESS S.r.l. The owner of the hotel booking engine applied to website http://www.palazzoscanderbeg.com.

BLASTNESS S.r.l. the provider of the booking service for the Palazzo Scanderbeg Roma, website, supplies the data gathered from its booking platform to the hotel, i.e. to Società Visconti Cesi S.r.l. the data controller.

The personal data provided voluntarily and optionally by the users who carry out online bookings, register for the newsletter or merely apply for job vacancies sending their CVs in digital form, are only used to provide the service or perform the task required and are not transmitted to third parties unless transmission is imposed by law or is strictly pertinent to and necessary for compliance with the requests concerned.
In detail, the personal data which the persons concerned provide voluntarily will be collected digitally and processed, also using electronic means, either directly and/or through authorised third parties (e-mail services companies, website hosting companies), for the following purposes:

  • to allow bookings to be made and confirmed on the security of the user’s credit card details;
  • to promote commercial activities by e-mail in accordance with Article 130, paragraph 4, of Legislative Decree 196/2003;
  • to allow users to register for the newsletter in order to receive periodic commercial or promotional messages;
  • to consider any CVs received in response to advertisements in the “Work with Us” section;
  • to prepare statistics in anonymous form (counting visits, etc.);
  • to fulfil current administrative, accounting and tax obligations and to comply with laws and regulations;
  • to establish responsibility in the event of any IT crimes being committed against the website.

The data we process may include sensitive data as defined in Article 4, paragraph (d), of Legislative Decree 196/2003, i.e. “personal data which may reveal racial or ethnic origin, religious, philosophic or other convictions, political opinions, the membership of parties, trade unions, religious, philosophic, political or trade union associations or organisations and which give information regarding state of health and sexual life” which you have provided voluntarily in the notes box in the booking form because it may be necessary in order for us to provide you with our services (food allergies, disabilities, information regarding state of health, etc.).
These data will be processed in accordance with the Italian Data Protection Authority’s general authorisation 5, issued to cover only the data and operations that are indispensable in order to fulfil the obligations, including the pre-contractual obligations, which the hotel undertakes in its sector of activity in delivering specific goods or services at the requests of the persons concerned.

Pursuant to Article 26 of Legislative Decree 196/2003, we will process any sensitive data that you provide observing the utmost confidentiality and will not distribute them.

Visconti Cesi S.r.l. reserves the right to examine the CVs we receive in connection with job vacancies advertised in the “Work with Us” section.
We will not transmit your CV to third parties.
CVs which we consider of interest will be stored for one year and they will be processed in full compliance with the minimum security requirements set out in Articles 33, 34 and 35 of Legislative Decree 196/2003.

Candidates, however, are asked kindly to comply with the following rules in transmitting their CVs in digital format:

  • attach their CV to the recruitment form in the “Work with Us” section of the website;
  • use the European format in compiling their CV;
  • transmit their CV in pdf;
  • not put sensitive data which are not pertinent to the job opportunity in their CV (particularly regarding state of health or religious, philosophical or political convictions);
  • consent to the processing of sensitive data pertinent to entering into an employment contract (for example falling under a protected category under Italian Law 68/1999).

It will be the responsibility of the Company to give candidates the information required under Article 13 of Legislative Decree 196/2003 during any interviews it conducts with them.

The purposes of processing, related to the management of CVs, will involve activities that are closely connected with the assessment, recruitment or selection of personnel with a view to a collaboration contract, temporary or permanent employment or an internship or in order to give the chosen candidates the opportunity to prepare their thesis while working with us.

Only formally appointed personnel who have been trained in personal data confidentiality and security may process personal data gathered from the www.palazzoscanderbeg.comwebsite at the Data Controller’s office.
The personal data of those concerned may be processed by the following persons in the various spheres of the activities for which they are responsible:

  • BLASTNESS S.r.l. which is responsible for the development of the website and provides the online booking service, manages the newsletter and updates the contents of the site (through CMS - Content Management System), with registered office at Galleria del Corso n.2, 20122 Milano, Tel. 0187 599737- Fax 0187 020349 – email: info@blastness.com
  • Public bodiesor offices to fulfil legal and/or contractual obligations;
  • debt collection companies and banking institutions for the management of receipts and payments related to the stay in the hotel;
  • any external advisors and companies which we appoint to carry out tax consulting work on our behalf
  • collaborators or firms which provide services, when transmission is necessary in order for the person concerned to be able to enjoy the hotel’s facilities.

Browsing data

While they operate, the software applications which run this website acquire some personal data whose transmission is implicit in the normal IP communications protocol. This is information which is not collected in order to be directly associated with the users concerned, but which, by its very nature, could allow the users to be identified by means of subsequent processing and correlation with data held by third parties (providers).

This category of data includes IP addresses or domain names of the computers used by users who connect with the website, the date and hour of the request, the addresses in URI (Uniform Resource Identifier) of the resources requested, the size of the file obtained from the server in response, the number code giving the status of the server’s response (OK, error, etc.) and other parameters of the users’ operating system and IT environment. These data are only employed in order to obtain anonymous statistical information on the use of the website and to check that it is functioning correctly and are deleted immediately after they have been processed.

They could be used by judicial authorities to establish responsibility in the event of IT crimes against the web site; except as stated, data on website visits are not kept for longer than seven.

Data provided voluntarily by users
Sending optional, explicit and voluntary e-mail messages to the addresses given on this website entails the subsequent acquisition of the sender’s address, which is necessary to reply to requests, and of any other personal data included in the message.