Information on the processing of personal data
This report, drafted in compliance with Art 13 of Reg. 2016/678 (GDPR) aims to clarify to website Users the methods with which we collect personal data, why we collect it and the methods the Users can use to update, manage, export and eliminate information.
Our goal is to provide all the necessary information to make browsing on the website transparent and safe for Users. It is important to read the content below carefully; if Users do not agree with the content, we invite them to stop browsing on the website.
In order to provide our services, however, we need to collect some personal data, even through automated tools, as indicated below.
The data holder of the personal data gathered is Siset S.P.A., located in Via Altinate 62, 35121 Padua, Italia, VAT no. 00458810280, e-mail firstname.lastname@example.org, tel. +390498246401, in the person of temporary legal representative.
Type of personal data collected
Through the website, we collect different types of data from Users suitable to identifying the Users themselves, such as personal and accounting data. Specifically, we collect the following personal data:
Browsing data: information registered by our IT systems while users are browsing and while supplying of our services. For more information about the type of data collected, we invite Users to also read the Cookies policy.
The following data is included:
- Information relating to internet communication protocols, IP addresses and access logs to the IT systems;
- Data relating to browsing and websites previously visited;
- Data provided by the browser selected by the User;
Data provided voluntarily and directly by the User: The User, by registering or using the services offered by the website, voluntarily shares his/her personal data.
The following data is included:
- personal data (e.g. name, surname, address, fiscal code)
- communication data (e.g. phone number, email address)
- accounting data (e.g. payment method)
- data included in the documents sent by the Users (e.g. ID documents, etc.)
Data of third parties voluntarily provided by the User: The User could also voluntarily provide third party data which is not related to the Holder in any way, such as, for example, when loading content onto the website. For this type of data, see the point below.
The following data is included:
- data of third parties (e.g. names of people who will be staying with the User, etc.)
- third party accounting
- data included in the documents sent by the Users (e.g. technical documents, etc.)
In the event the User informs the Holder of third-party contents, he/she declares to having gathered the consensus required for personal data processing and the communication of said information to the Holders.
The personal data collected via the website is treated by the Holder for the following purposes:
- this allow the Users to use the website and the services offered by the website;
- purchase and confirm the bookings and additional services, and to provide the services requested;
- to comply with the obligation set forth in the Consolidated Law on public security (Testo unico delle leggi di pubblica sicurezza), (article 109 of Royal Decree no. 773 dated 18.6.1931) which obliges us to register and notify the Police Headquarters of the general details of our guests, for purposes of public safety, according to the methods set out by the Ministry of the Interior (Decree of 7th January 2013).
- to fulfil the applicable administrative, accounting and fiscal obligations in force.
- to speed up the registration process in the event of your future stays at our establishment;
- provide information on the stay at the campsite (post, messages, visits and phone calls);
- statistical analysis and market analysis;
- manage access to possible reserved areas;
- send notifications to the Users and/or communicate with them if there are requests for technical assistance and/or information;
- send reports and updates pertaining to offers, promotions and events connected to our business, through information and advertising material;
- carry out a direct sales service of the Services and website Contents.
Furthermore, with the consent of the Users, we can also:
Obligation to provide data
The User can choose to share his/her data. However, failure to share personal data may result in the impossibility to provide the services requested and/or comply with the contract obligations on behalf of the Holder (e.g. if the payment data is not provided).
In any case, sharing data is always compulsory insofar as it is required to comply with the law (e.g. in accordance with the Consolidated Law on public security; compliance with accounting obligations, etc.).
Legal basis of the data processing
The Holder carries out the data processing pursuant to Art. 6 of Reg 679/2016 and, specifically, following the collection of the consent on behalf of the User.
In any case, the Holder can process the Users’ personal data even without their consent in the following cases:
- processing is required for the execution of a contract that the User is part of or to execute pre-contractual measures adopted upon request of the User;
- processing is necessary to comply with a legal requirement that the processing Holder is subject to;
- processing is necessary to safeguard the vital interests of the User or other physical people;
- processing is necessary to execute a task of public interest or one connected to exercising public powers that the processing holder possesses;
- processing is necessary to pursue the legitimate interest of the processing holder or third parties, unless the interests, rights, fundamental freedom of the interested party requesting the protection of their personal data are compromised, particularly if the interested party is a minor.
The IT systems and IT programmes are configured with the aim of reducing to a minimum the use of personal data and ID data, in order to exclude processing when the results pursued in specific cases can be met, respectively, via anonymous data or in ways that allow the interested party to be identified only in cases of need.
We guarantee the safety of data even via backup and data recovery systems.
Duration of the Processing
Personal data is preserved for the duration of the Service supply (e.g. until the account is deleted by the website) and/or until the suspension of the consent and/or as long as the content loaded is available on the website itself.
In the event of suspension and/or at the end of the service provision, the data will be preserved within the terms set forth by the law for the fulfilment, for example, of civil and fiscal obligations and, in any case, for no less than 10 years.
Transfer of personal data abroad
In order to improve the Services provided, we can transfer the personal data of the Users to other member countries of the EU, for example, via the Cloud system.
In the even that, in order to provide the Services requested or for technical and/or operational reasons, it is necessary to enlist the services of subjects located outside the EU, or some of the data collected needs to be transferred to technical systems and cloud services located outside the EU, the processing will be regulated in conformity with what is set forth in point V of Reg. 679/2016 and authorised based on specific EU decisions.
Sharing personal data
In addition to employees and/or authorised collaborators responsible for processing, the Users personal data can also be shared with:
- subjects with whom it is necessary to interact to provide services, including:
- subjects with whom communications are necessary to provide the services required;
- subjects delegated with performing a technical activity;
- other employees and/or collaborators specifically authorised to carry out data processing;
- subjects we rely on for sending commercial reports;
- professional firms which offer assistance and consulting activities on accounting, administrative, legal, tax and financial matters.
- legal authorities for suppression and certifying purposes.
User data will never be shared.
Rights of the User
revoke his/her consent to personal data processing, if the data processing is based on the consent given by the User;
Every person concerned can exercise these rights by informing the Processing Holder at the addresses indicated in the heading.
Furthermore, the interested party reserves the right to file a complaint to the Authority for the Protection of Personal Data in accordance with Art. 77 of Regulation 679/2016
We reserve the right to make amendments to the content of this report on personal data processing at any time, providing information about the types of use and, in any case, via publication on the website.
The amendments enter into force from the moment the update is published, unless otherwise advised.
The official version of this report on personal data processing is the one written in Italian.
What are Cookies?
Cookies are short text files downloaded from Users internet browsers when accessing a website.
They allow the website to know whether a given User has already accessed the website before, from which device, which pages the User visited and which pages the User landed on this website. Cookies are not embedded in our servers, but in the User’s computer and can be removed by amending browser settings.
Cookies serve various purposes. They allow us to obtain statistics on the number of Users who access the website every day, from which third party websites the Users come from, which pages are visited and, generally speaking, they enable us to improve our performance and loading of the website. Therefore, they contribute to improving the user experience, in addition to the services we offer, adapting them to our client’s needs.
Cookies can have different functions:
- Technical Cookies: these perform a technical function, allowing the User to interact with the website; for example, remembering login details, which makes searching and using the website quicker, and remembering previous accesses;
- Analytical Cookies: these allow the website to collect information in an aggregated form pertaining to the number of users, on how these visit the website, from which web pages they have come, to which websites they go, in order to elaborate general and anonymous statistics on the service and its use. These Cookies can be combined with Technical Cookies where the data is gathered in an aggregated and anonymous way;
- Profiling Cookies: these allow to create user profile and are connected to the consumption trends and preferences expressed during navigation.
There are also different types of Cookies, depending on who shares them, that is to day First Party Cookies (when we are the direct managers) and Third Party Cookies (when the cookies are sent and gathered by a Third party, an autonomous data holder). On our website, we also use Third Party Cookies in order to provide certain specific analysis services for the functioning of the website.
Which Cookies do we use?
In order to better improve the navigation experience and to assess the correct functioning of the website, we use Technical and Analytical Cookies. To date, we do not use Profiling Cookies suitable for creating the consumption profiles of our Users, but we reserve the right to use them and notify the User of this right in this policy.
More specifically, we use the following Cookies:
|Cookie||Type||Domain||Duration||Function||Link to an external policy|
|_fbp||Analytical||.santangelo.it||1 hour||Used by Facebook to provide a series of advertising products, such as real-time offers by third-party advertisers.|
|_gat||Analytical||.santangelo.it||1 hour||Used by Google Analytics to limit the frequency of requests|
|_ga||Analytical||.santangelo.it||1 hour||It registers a unique ID used to generate statistical data on how the visitor uses the website.|
|_gid||Analytical||.santangelo.it||1 hour||It registers a unique ID used to generate statistical data on how the visitor uses the website.|
|displayCookieConsent||Technical||.santangelo.it||1 hour||It memorises the acceptance of the banner related to cookies.|
|PHPSESSID||Technical||.santangelo.it||1 hour||It preserves the user statuses on the different pages of the website.|
Furthermore, the above-mentioned Cookies, even Third Party Cookies, are solely used in an aggregated form, in a way that makes them anonymous and impedes them from identifying the User.
In the case of Third Party Cookies, we will not be held responsible for incorrect data processing methods or methods different to those indicated in this policy.
When do I consent to data processing via Cookies?
Most of the browsers (Internet Explorer, Microsoft Edge, Firefox, Chrome, Safari, etc.) are configured to accept Cookies. Users can also disable them through the settings. Here are the links to the pages for enabling or disabling Cookies for the most frequently-used web browsers:
Furthermore, to block Cookies in a selective way, we suggest the following tools:
- Ghostery: It is a browser plug-in which allows you to select which Cookies to use on each website, allowing Users to selectively disable them;
- Your Online Choices: A website which allows you to disable behavioural advertising;
- Tool for removing Google Analytics: Browser plug-in which allows you to disable Google Analytics;
Consequences of disabling Cookies
Although the User reserves the right to fully disable the Cookies, this could lead to malfunctions and/or errors in the functioning of the website, preventing said website from carrying out the necessary technical functions.
Additional Third Party Cookies
We reserve the right to use additional Third Party Cookies connected to services provided on behalf of third parties, which may be implemented in the website. Specifically, we reserve the right to use the following services:
If these services are used, we will not in any case be responsible for the data processing carried out by these third parties, which we use solely to share content on our website and not for the purpose of data collection. The data collection activity is performed by an independent Holder indicated in the report and/or in any case, directly linked to the service used.
Third Party Websites
Third Party websites, which it is possible to access via our website, are not covered by this policy; consequently, we will not be held responsible for any processing they may carry out.
Rights of the User
Every User and/or person interested in the processing can exercise the rights set forth in art. 13 of Regulation 678/2016 at any time, and can specifically:
- revoke his/her consent to the personal data processing, if the data processing is based on the consent provided by the User;
- find out whether the Holder holds and/or is treating his/her data, access it in full and obtain a copy (art. 15 Right to Access);
- ask that incorrect data be amended or incomplete data be integrated (Art. 16 Right to Rectification);
- ask for the personal data kept by the Holder be erased if one of the reasons set forth in Reg. 679/2016 applies (Right to Cancellation, 17);
- ask the Holder to limit the processing to specific data, in the cases foreseen (Art. 18 Right to limitation of the Processing);
- ask and receive the personal data processed by the Holder in a structured way, a descriptive manner, readable on an automatic device or ask for the data to be sent to another holder, in the cases foreseen (Art. 20, Right to Data Portability)
- not consent, in part or in whole, to the data processing for the purpose of sending commercial and/or promotional material, or any potential profiling activities (Art. 21, Right to Not Consent)
Furthermore, the interested party reserves the right to file a complaint to the Authority for the Protection of Personal Data in accordance with Art. 77 of Regulation 679/2016.
In order to exercise the rights pursuant to Articles 15-22 of EU Regulation 679/2016, Users can contact the Holder here:
E-mail: email@example.com Tel: +390498246401