As required by the European Union Regulation no. 679/2016 (“GDPR”) below is provided to the user (“User”) the information required by the law regarding the processing of your personal data
The Data Holder and the Data Processing Manager
The Data Holder and the Data processing manager is Associazione Iridium – Agricoltura Turismo Ambiente | P.I. 03448790547 |
Registered office address: Via Benedetto Croce, Gubbio
e-mail: booking@agriturismiumbria.org
Who can see the data
Third parties delegated by us to manage some of our activities may have access and see the data on the website. These subjects are people inside agencies and companies that have the task of carrying out some activities on our behalf (eg web agency or free lance or ecommerce managers)
These subjects can not, however, process this data except in the presence of a precise written mandate from us
Personal data
Name, surname, physical address, nationality, province and municipality of residence, landline and / or mobile phone, social security number, address / s e-mail, contacts social networks
Data of companies, associations, public bodies, freelancers
Company Name, VAT Number, Fiscal Code, administrative office, name and surname of the contact persons, address (s), contact details, telephone number (s), social network
Trackable traffic data
Log, IP address of origin, generic statistical data, social network connection data
The processing of personal data of the User serves us, in this case, to register on our list of customers and to comply with the legal obligations to which we must abide.
These data will also be used for sending invoices or other documents necessary for the proper performance of our task of service providers or products.
These data will be included in our management database and will be used only and exclusively to follow up on our relationship with the interested party
The processing of such data takes place on your explicit request and consent to answer your questions. These are data that are processed only as a result of solicitation of the User
The legal basis of these treatments is the fulfillment of the services inherent to the request for registration, information and contact and / or sending of informative material and compliance with legal obligations.
The Data Holder, even without the explicit consent of the User, may use the contact data communicated only for services / products similar to those of the sale, unless the User’s explicitly objects.
In this case the data will be processed only and exclusively if the user has provided the consent.
Processing can be done through automatic systems for sending emails, text messages or telephone contact
If the user does not provide the identification data required to process the requests received or following the completed form, the Data Holder will not be able to process the processing of the requested services and / or the contract and the services / products connected to it, nor to the obligations that depend on them.
If the interested party does not give his consent to the use of data in order to receive information or specifications on promotional activities, the consent remains for the performance of those activities necessary for the management of the contractual relationship
We need this to make statistics and analysis on all those who is interested in our services. This information can also be collected through software or plugins external to our website
(so-called “Cookies” –> See point 9. of this text)
The data objects of the treatment are stored in two ways:
The data collected through our website will be included in a database on the Internet site and on servers provided by Aruba Business srl (read the privacy policy of Aruba Business here https://business.aruba.it/informativa_arubabusiness.pdf )
The data collected offline will be kept in special folders kept in the legal or operational headquarters of our company
The data collected by us on the Internet site are protected by access with passwords of the administrators of the website.
The website has two systems of protection.
The first is an encryption system of the Internet site through the https protocol. The certificate of protection is provided by Let’s Encript, provided by the company Aruba Business Spa.
The second is a system of protection of the Internet site inserted in it, which:
The data are all stored on the servers of Aruba Business Spa
The data collected offline are all located within special folders located within the company headquarters.
The company is always manned during special working hours, while during closing hours it remains closed and accessible only through an access key. The folder in which the data is stored is anonymized
In general, the personal data of the User will be kept until they are necessary with respect to the legitimate purposes for which they were collected, unless legitimate and specific requests for cancellation.
In particular, they will be stored for 20 years in the case of personal data collected for the purpose of carrying out activities linked or similar to services or products sold
Instead, in the case of data provided to the Data Holder for the purposes of commercial promotion for services other than those already acquired by the User, for which he initially consented, these will be retained for 48 months, always subject to revocation of the consent given.
Regardless of the determination of the interested party to their removal, the personal data will in any case be kept according to the terms established by current legislation and / or national regulations.
Furthermore, personal data will in any case be kept for the fulfillment of obligations (eg tax and accounting) that remain even after the termination of the contract (Article 2220 of the Civil Code); for these purposes the Data Controller will retain only the data necessary for the relative prosecution.
Except in cases where the rights deriving from the contract and / or registration, in which case the personal data of the User, exclusively those necessary for such purposes, will be processed for the time necessary to their pursuit.
The User has the right to obtain from the Data Holder, if requested, the data available of the User (so-called “data portability” right)
In addition, the User may request to be deleted from any database or other place of data storage, or any correction of some of these data, at any time and without having to provide any justification for such request.
For any information or need, however, the User can directly contact the Data Holder at the addresses referred to in paragraph 1. of this document.
The maximum times established by law so that the holder can fulfill the requests in this direction are 1 month
The User can also lodge a complaint with the competent supervisory authority in Italy (the Personal Data Protection Authority) or the one carrying out its duties and exercising its powers in the Member State where the violation took place. of the GDPR.
Cookies are data that are sent from the website and stored by the Internet browser on the computer or other device (for example, tablet or mobile phone) of the user. The User can manage and disable the management of cookies directly from the browser he uses.
Below you can see how cookies are managed by the most popular web browsers:
Technical cookies and third-party cookies may be installed on our website or by sub-domains.
In any case, the user can manage a general request of deactivation or cancellation of cookies, modifying the settings of his internet browser. This deactivation, however, may slow down or prevent access to some parts of the site.
It is all those cookies that allow the safe and efficient use of our site.
Technical cookies, in fact, are essential for the proper functioning of our website and are used to allow users normal browsing and the opportunity to take advantage of the advanced services available on our website.
The technical cookies used are distinguished in session cookies, which are stored exclusively for the duration of navigation until the browser is closed, and persistent cookies that are saved in the user’s device memory until their expiration or cancellation by the user same.
Some of the services listed below collect statistics in aggregate form and may not require the consent of the User or could be managed directly by the Data Holder – depending on what is described – without the help of third parties.
If among the tools indicated below there were services managed by third parties, these could – in addition to what is specified and also without the knowledge of the owner – perform tracking activities of the User. For detailed information, it is advisable to consult the privacy policy of the services listed.
The +1 button and Google+ social widgets are services for interacting with the Google+ social network, provided by Google Inc.
Personal data collected: cookies and usage data.
Place of data processing: USA – Policy Google
The “Like” button and Facebook social widgets are services of interaction with the social network Facebook, provided by Facebook, Inc.
Personal data collected: cookies and usage data.
Place of data processing: USA – Policy Facebook
The Tweet button and Twitter social widgets are services of interaction with the Twitter social network, provided by Twitter, Inc.
Personal data collected: cookies and usage data.
Place of data processing: USA – Policy Twitter
Google Analytics is a web analytics service provided by Google Inc. (“Google”). Google uses the Personal Data collected for the purpose of tracking and examining the use of this Application, compiling reports and sharing them with other services developed by Google.
Google may use the Personal Data to contextualise and personalize the advertisements of its advertising network.
Personal data collected: cookies and usage data.
Place of data processing: USA – Policy Google
The user can selectively disable the action of Google Analytics by installing on his browser the opt-out component provided by Google. To disable the action of Google Analytics, please refer to the link below Deactivation Analytics
Google Maps is a map visualization service managed by Google Inc. that allows this application to integrate such contents within its pages.
Personal data collected: cookies and usage data.
Place of data processing: USA – Policy Google
YouTube is a map visualization service managed by Google Inc. that allows this application to integrate such contents within its own web pages
Personal data collected: cookies and usage data.
Place of data processing: USA – Policy YouTube
Link to manage or disable cookies: Deactivation of Cookies YouTube
The Facebook Pixel is a widget that allows the tracking of visits and activities carried out by the user on the Internet site, when access to the Facebook APP is open. This widget allows you to analyze data in an aggregate way and to carry out targeted advertising campaigns
Personal data collected: cookies and usage data.
Place of processing: Ireland
To set your privacy on Facebook differently, just click here Policy Facebook
They can be installed by the Data Holder, using software of c.d. web analytics, profiling cookies, which are used to prepare detailed and real-time analysis reports on information about: visitors to a website, search engines of origin, keywords used, language of use, most visited pages.
The same can collect information and data such as IP address, nationality, city, date / time, device, browser, operating system, screen resolution, navigation source, pages visited and number of pages, duration of the visit, number of visits.