Information document pursuant to article 13 of EU Reg. 2016/679 (GDPR) - Information on the processing of personal data collected from the interested party
In compliance with the provisions of EU Reg. 2016/679 (European Regulation for the protection of personal data) we provide the necessary information regarding the processing of personal data provided.
Definitions: the art. 4 of EU Reg. 2016/679 defines "personal data" any information concerning an identified or identifiable natural person ("concerned"); an identifiable natural person can be identified, either directly or indirectly, with particular reference to an identifier such as a name, an identification number, location data, an online ID or one or more characteristic elements of his physical identity, physiological, genetic, psychological, economic, cultural or social.
1. HOLDER OF THE TREATMENT
pursuant to art. 4 of EU Reg. 2016/679, is VeNet srl with offices in Via Lissa n. 12, Zip Code 30174 City Mestre (VE), firstname.lastname@example.org with exclusive reference to the role of owner of the business called “VeNet Holiday Apartments in Venice”.
2. PURPOSE AND LEGAL BASIS OF TREATMENT
The personal data provided will be processed for the following purposes:
- compilation of data collection form for contact request with sending of the requested information. The data sent by you will be used for the sole purpose of being able to contact you again via the references you left through the contact form, to process any requests contained in the message and to evaluate the suggestions received, respond to reports.
The legal basis applicable to the processing of your personal data for the purposes indicated is the execution of pre-contractual measures adopted at your request pursuant to art. 6 paragraph 1 lett. b) of the GDPR.
3. ADDRESSEES OR CATEGORIES OF DATA ADDRESSEES
The personal data provided will be communicated to recipients, who will process the data as managers (Article 28 of EU Reg. 2016/679) and / or as natural persons acting under the authority of the Data Controller and the Data Processor (Article 29 of EU Reg. 2016/679), for the purposes listed above in point 2.
By way of example and not exhaustively, the data will be communicated to:
- subjects that provide services for the management of the information system used by the Data Controller and related telecommunications networks, including e-mail, newsletters and management of websites, including for example Mercurio Sistemi S.r.l .;
- professionals and consultants in the field of assistance and consultancy relationships;
- competent authorities for compliance with legal obligations and / or provisions of public bodies, upon request.
The subjects belonging to the aforesaid categories perform the function of Data Processing Manager, or operate in complete autonomy as separate Data Controllers. Any further communication or dissemination will take place only with your explicit consent.
4. DATA TRANSFER TO A THIRD COUNTRY AND / OR AN INTERNATIONAL ORGANIZATION AND GUARANTEES
Your data, subject to the processing, will not be disclosed but may be disclosed to companies contractually linked to the company, in accordance with and within the limits of the GDPR. Personal data is stored on servers located within the European Union. In any case, it is understood that the Data Controller, if necessary, will have the right to move the servers even outside the EU. In this case, the Data Controller ensures from now on that the transfer of data outside the EU will take place in accordance with the applicable legal provisions, subject to the stipulation of the standard contractual clauses provided for by the European Commission and the user will be informed.
5. DATA STORAGE OR CRITERIA FOR DETERMINING THE PERIOD
The processing will be carried out in an automated and manual manner, with methods and instruments aimed at ensuring maximum security and confidentiality, by the owner and / or subjects specifically appointed to do so. In compliance with the provisions of art. 5 paragraph 1 letter e) of Reg. UE 2016/679 the personal data provided by contact request will be kept for a maximum period of 24 months.
6. NATURE OF DATA CONFERENCE AND CONSEQUENCES OF THE REFUSAL TO SUPPLY THE DATA
The communication of personal data is not an obligation, as you are free to provide your personal data in the areas dedicated to the site, but it is necessary to fulfill the purposes of the processing; the consequence of not providing personal data implies the impossibility of using the services offered by the data controller.
7. RIGHTS OF THE INTERESTED
The interested party may assert his / her rights as expressed in the EU Regulation 2016/679, by contacting the Data Controller, sending an e-mail to email@example.com or writing to the office of the owner indicated above. The interested party has the right, at any time, to ask the Data Controller to access your personal data (Article 15), the correction (Article 16) or the deletion (Article 17) of the same, the limitation of the treatment (Article 18) or to oppose the treatment based on legitimate interest (Article 21).
Without prejudice to any other administrative and judicial appeal, if it considers that the processing of data violates the provisions of EU Reg. 2016/679, the data subject has the right to lodge a complaint with the supervisory authority (Guarantor for the protection of personal data) pursuant to art. 15 letter f) of EU Reg. 2016/679.
8. AUTOMATED DECISION MAKING PROCESSES
There is no automated decision-making process.