Privacy Policy
This information is provided in compliance with art. 13 of Regulation 2016/679 (GDPR), pursuant to art. 13 of Legislative Decree no. 196/2003 (Personal Data Protection Code) and relates to all personal data processed in the manner indicated below.
Data Controller
The Controller of the Personal Data collected is: Holos srl
Headquarters: via Magenta 31 – 50123 Florence (FI)
Email address of the Controller: info@residenzalefonticine.it
Types of Data collected
Full details on each type of data collected are provided in the dedicated sections of this privacy policy. Personal Data may be freely provided by the User or, in the case of Usage Data, collected automatically when using the site. Unless otherwise specified, all Data requested is mandatory. If the User refuses to communicate them, it may be impossible to provide the service. In cases where some Data is optional, Users are free to refrain from communicating such Data, without this having any consequences on the availability of the Service or on its operation. Users who have doubts about which Data is mandatory, are encouraged to contact the Owner. Any use of Cookies, or other tracking tools, by the site or by the owners of third-party services used, unless otherwise specified, is intended to provide the Service requested by the User. The User assumes responsibility for the Personal Data of third parties obtained, published or shared through the site and guarantees that he or she has the right to communicate or disseminate them, freeing the Owner from any liability towards third parties.
METHOD AND PLACE OF PROCESSING OF COLLECTED DATA
Purpose of the Processing of Collected Data
The User’s data is collected to allow the Owner to provide its Services, as well as for the following purposes: Statistics, Newsletter, Personalized Advertising, Accounting, Content and functionality performance testing, Interaction with external social networks and platforms, Displaying content from external platforms and interaction with data collection platforms and other third parties. To obtain further detailed information on the purposes of the processing and on the Personal Data specifically relevant to each purpose, the User can refer to the relevant sections of this document.
Treatment methods
The Data Controller adopts appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of Personal Data. Processing is carried out using computer and/or telematic tools, with organizational methods and logic strictly related to the purposes indicated. In addition to the Data Controller, other parties external to the company (administrative, commercial, marketing, legal, system administrators) or external parties (such as third-party technical service providers, postal couriers, hosting providers, IT companies, communications agencies) have access to the data, also appointed, if necessary, as Data Processors by the Data Controller. The updated list of Data Processors may always be requested from the Data Controller.
Legal basis for processing
The Data Controller processes Personal Data relating to the User if one of the following conditions exists:
- the user has given consent for one or more specific purposes;
- processing is necessary for the performance of a contract with the user and/or for the execution of pre-contractual measures;
- processing is necessary to fulfill a legal obligation to which the Data Controller is subject;
- processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Data Controller;
- processing is necessary for the pursuit of the legitimate interest of the Owner or third parties.
However, it is always possible to ask the Owner to clarify the specific legal basis of each treatment and in particular to specify whether the treatment is based on the law, provided for by a contract or necessary to conclude a contract.
Place
The Data is processed at the Data Controller’s operating offices and in any other places where the parties involved in the processing are located. For further information, contact the Data Controller. The User’s Personal Data may be transferred to a country other than that in which the User is located. To obtain further information on the place of processing, the User can refer to the section containing details on the processing of Personal Data. The User has the right to obtain information regarding the legal basis of the transfer of Data outside the European Union or to an international organization governed by public international law or set up by two or more countries, such as the UN, as well as regarding the security measures adopted by the Owner to protect the Data. If one of the transfers described above takes place, the User can refer to the respective sections of this document or ask the Owner for information by contacting him at the contact details provided in the opening.
Retention period
The Data are processed and stored for the time required by the purposes for which they were collected:
- Personal Data collected for purposes related to the performance of a contract between the Owner and the User will be retained until the performance of such contract is completed.
- Personal Data collected for purposes related to the legitimate interest of the Owner will be retained until such interest is fulfilled. The User can obtain further information regarding the legitimate interest pursued by the Owner in the relevant sections of this document or by contacting the Owner.
When the processing is based on the User’s consent, the Data Controller may retain the Personal Data for a longer period until such consent is revoked. Furthermore, the Data Controller may be obliged to retain the Personal Data for a longer period in compliance with a legal obligation or by order of an authority. At the end of the retention period, the Personal Data will be deleted. Therefore, upon expiration of such term, the right of access, cancellation, rectification and the right to portability of the Data can no longer be exercised.
Details on the processing of Personal Data
Personal Data is collected for the following purposes and using the following services:
- Mailing List or Newsletter By registering for the mailing list or newsletter, the User’s email address is automatically added to a list of contacts to which email messages containing information, including commercial and promotional information, may be transmitted. The User’s email address may also be added to this list as a result of registering on the site or after requesting a quote.
Personal Data collected : email, name and surname. - Contact form The User, by filling in the contact form with his/her Data, consents to their use to respond to requests for information, quotes, or any other nature indicated by the form header.
Personal Data collected : name and surname, email (mandatory data), telephone, and various types of Data. - Registration for access to the reserved area The User, by filling in the registration form with his/her Data, consents to their use to create a unique account that can be used for the various functions of the site (respond to requests for information, quotes, or e-commerce).
Personal Data collected : name and surname, email (mandatory data), telephone, and various types of Data. - Interaction with social networks and external platforms This type of service allows interaction with social networks, or other external platforms, directly from this site. The interactions and information acquired are in any case subject to the User’s privacy settings for each social network. If a service for interaction with social networks is installed, it is possible that, even if Users do not use the service, it may collect traffic data relating to the pages in which it is installed.
- Facebook social widgets (Facebook Inc.) Facebook social widgets are services of interaction with the social network Facebook, provided by Facebook, Inc.
Personal Data collected : Cookies and Usage data.
Place of processing : USA – Privacy Policy. - YouTube social widgets (Google Inc.) YouTube social widgets are services of interaction with the YouTube platform, provided by Google Inc.
Personal Data collected : Cookies and Usage data.
Place of processing : USA – Privacy Policy.
- Facebook social widgets (Facebook Inc.) Facebook social widgets are services of interaction with the social network Facebook, provided by Facebook, Inc.
- Remarketing and Behavioral targeting This type of service allows you to communicate, optimize and serve advertisements based on past use of this site by the User. This activity is performed by tracking Usage Data and using Cookies, information that is transferred to the partners that manage the remarketing and behavioral targeting activity.
- Remarketing with Google Analytics for Display Advertising (Google Inc.) Google Analytics for Display Advertising is a remarketing and behavioral targeting service provided by Google Inc. that connects the tracking activity performed by Google Analytics and its Cookies.
Personal Data collected : Cookies and Usage Data.
Place of processing : USA – Privacy Policy.
- Remarketing with Google Analytics for Display Advertising (Google Inc.) Google Analytics for Display Advertising is a remarketing and behavioral targeting service provided by Google Inc. that connects the tracking activity performed by Google Analytics and its Cookies.
- Statistics The services contained in this section allow the Data Controller to monitor and analyze traffic data and are used to keep track of User behavior.
- Google Analytics (Google Inc.) Google Analytics is a web analysis service provided by Google Inc. (“Google”). Google uses the Personal Data collected for the purpose of tracking and examining the use of the site, compiling reports and sharing them with other services developed by Google. Google may use the Personal Data to contextualize and personalize the ads of its own advertising network.
Personal data collected : Cookies and Usage data.
Place of processing : USA – Privacy Policy – Opt Out.
- Google Analytics (Google Inc.) Google Analytics is a web analysis service provided by Google Inc. (“Google”). Google uses the Personal Data collected for the purpose of tracking and examining the use of the site, compiling reports and sharing them with other services developed by Google. Google may use the Personal Data to contextualize and personalize the ads of its own advertising network.
Further information on Personal Data
Privacy Policy
By filling in the contact form with their Data, the User consents to their use to respond to requests for information, quotes, or any other nature indicated by the form header.
User Rights
Pursuant to Articles 15 – 21 of EU Regulation 2016/679, each interested party is granted a series of rights.
- Right of Access : the interested party, pursuant to art. 15, has the right to obtain confirmation that personal data concerning him or her are being processed and, where applicable, to obtain a copy. He or she also has the right to obtain access to the personal data concerning him or her and to further information such as the purpose of the processing, the categories of recipients, the period for which the data will be stored and the rights that can be exercised.
- Right of rectification : the interested party, pursuant to art. 16, has the right to obtain the rectification of inaccurate personal data concerning him or her or their integration.
- Right to erasure : the interested party has the right to obtain the erasure of personal data concerning him or her, without undue delay, if one of the reasons set out in art. 17 exists.
- Right to limit processing : the interested party has the right, in the cases provided for by art. 18 of Regulation 2016/679, to obtain the limitation of processing.
- Right to data portability : the interested party has the right to receive in a structured, commonly used and machine-readable format, the personal data concerning him or her and has the right to transmit such data to another owner without impediment, as provided for by art. 20 of Regulation 2016/679;
- Right to object to processing : the interested party has the right to object to the processing of personal data concerning him/her as provided for by art. 21 of Regulation 2016/679.
The interested party also has the right to lodge a complaint with the competent Supervisory Authority, the Privacy Guarantor. The requests referred to in the previous points must be addressed in writing to the Data Controller. The Data Controller will provide, within the time limits established by current legislation, a timely response to requests to exercise the rights of the interested parties.