1. Home
  2. Privacy and legal notice

Privacy and legal notice

Your Privacy is important to us

With this information, provided in the light of the privacy legislation, and in particular the European Regulation 2016/679 (hereinafter "GDPR") we want to give you some information to illustrate the characteristics and methods of processing of personal data provided by you, as an interested party (hereinafter also "Interested Party" or "User"), through the consultation of the website www.lealidelfrassino.it.

The information refers only to this website and not to websites of third parties, which may be reached by the User through links contained therein.

 

First of all, the data controller (hereinafter also "Data Controller"), which GDPR defines as "the natural or legal person, public authority, service or other body that, individually or together with others, determines the purposes and means of the processing of personal data" is Le Ali del Frassino S.r.l., in the person of the legal representative pro tempore, with registered office in 37019 Peschiera del Garda (VR), Via Santa Cristina n. 13, P.I/C.F. 03924870235, telephone 045 4950327.

 

We will try to be exhaustive, but we would like to point out that at any time you may contact the data controller to request information regarding the processing of your data, by sending an email to direzione@lealidelfrassino.it, or by writing a pec to laghettosrl@open.legalmail.it.

 

In accordance with the provisions of the GDPR, you have the right to exercise the rights listed below. For a better understanding of these rights, we invite you in any case to consult in full articles 15 et seq. GDPR.

 

  • Right of access (art. 15 GDPR): you can ask for confirmation whether or not data concerning you is being processed and, if so, to obtain access to your personal data and more information regarding the processing.

 

  • Right of rectification (art. 16 GDPR): you can ask to rectify or integrate the data provided or otherwise in the possession of the Owner, if inaccurate or incomplete.

 

  • Right to deletion ("right to be forgotten") (art. 17 GDPR): you may request that the data acquired or processed by the Data Controller be deleted without undue delay, if (i) they are no longer necessary for the purposes for which they were collected, (ii) consent has been revoked and there is no other legal basis for processing, (iii) the Data Subject has opposed the processing, (iv) the data has been processed unlawfully, or (v) there is a legal obligation to delete the data.

 

  • Right to limit the processing (art. 18 GDPR): you can request the limitation of the processing of personal data, when one of the following hypotheses applies: (i) the interested party contests the accuracy of their data, for the period necessary for the Data Controller to verify the accuracy of such data; (ii) the processing is unlawful and the interested party opposes the deletion of the data, requesting instead that its use be limited; (iii) although the Data Controller no longer needs the data for the purposes of processing, the data are necessary for the interested party to ascertain, exercise or defend a right in court; (iv) the interested party has objected to the processing in accordance with art. 21, par. 1, of GDPR, pending verification of the possible prevalence of the legitimate reasons of the Data Controller over those of the Data Subject.

 

  • Right to data portability (art. 20 GDPR): you have the right (i) to receive your data in a structured format, in common use and readable by automatic device, (ii) to have them transmitted directly by the Owner to another owner indicated by you, if technically feasible, as well as (iii) to transmit them to another owner without hindrance by the Owner.

 

  • Right to object (art. 21 GDPR): you have the right to object, at any time for reasons related to your particular situation, to the processing of personal data concerning him/her based on the condition of the lawfulness of the legitimate interest or the performance of a task in the public interest or the exercise of public authority, including profiling, unless there are legitimate reasons for the Controller to continue processing that prevail over the interests, rights and freedoms of the data subject or for the establishment, exercise or defense of a right in court. Furthermore, you have the right to object to the processing at any time if the personal data are processed for direct marketing purposes, including profiling, in so far as it is related to such direct marketing.

 

  • Right not to be subject to automated decision making, including profiling (Art. 22 GDPR): You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or significantly affects you in a similar way.

 

Furthermore, you may exercise your right to revoke your consent at any time, without prejudice to the lawfulness of the processing based on prior consent.

 

In order to exercise these rights, you may address a request to the Owner by e-mail, by pec or by post, to the contact data of the Owner indicated in the information notice.

 

Finally, we inform you that as the Data Subject, you have the right to lodge a complaint before the Control Authority, which in Italy is the Guarantor for the Protection of Personal Data.

 

Now we would like to explain what kind of data we process when you consult this site.

 

  • Navigation data 

During navigation, the website collects certain personal data, the transmission of which is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified data subjects, but by its very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes IP addresses or domain names of the computers used by users who connect to the site, the time of the request, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc..) and other parameters relating to the operating system and computer environment of the user. These data are processed for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning and are deleted after processing.

  • Data collected using cookies or similar technologies.

We encourage you to read the extended information on cookies.

  • Data provided by you.

As a user of the site, you may provide us with personal data such as personal and contact details (e.g. name, surname, address, telephone number, e-mail, telephone number, payment details). This is information that you may provide us by sending us a message through the "Contact Us" form or other forms on the site, by writing and/or calling us, booking a service or subscribing to the newsletter. 

  • Finally, we also collect data that we need to obtain in order to demonstrate that you have given us your consent to process the data you have provided.

Below, we will explain to you for what purposes we process your data, what is the legal basis of the processing and for how long we will keep your data. We will also inform you about the nature of the provision of this data.

  • We process your data in order to carry out prodromal activities, preliminary and/or consequent to the purchase of a service such as, by way of example, following up requests for information, allowing the booking, sending an estimate, managing the service, as well as for the fulfilment of any obligation provided for and deriving from the contract.

In this case, the legal basis consists in the need to implement a contract to which the interested party is a party or pre-contractual measures taken at the request of the same.

The data processed for this purpose will be kept for the time necessary to fulfill the purpose, in particular for the entire duration of any contractual relationship concluded and, after termination, for the ordinary limitation period of 10 years; in the case of legal disputes, for the entire duration of the same, until the expiration of the terms of appeal, subject in any case to compliance with current legislation.

  • We process your data to comply with any legal and/or regulatory obligations. In this case, the legal basis is the need to fulfill a legal obligation to which the data controller is subject and the storage period will correspond to the duration provided for by law.
  • We process your data to prevent abuse and fraud, to ascertain, exercise or defend a right in the courts of the Owner, to protect the rights of the Owner out of court. In this case, the legal basis consists in the need to pursue the legitimate interest of the data controller or third parties, provided that the interests or fundamental rights and freedoms of the data subject do not prevail and that they require the protection of personal data, in particular if the data subject is a minor. We will keep the data for the time necessary to fulfill the purpose.
  • We will process your data in order to answer your questions, following an express request by e-mail/telephone/by filling in the "contact us" form. In this case the legal basis consists in your consent and the data will be kept for the time necessary to fulfill this purpose.
  • We process your data to send you our newsletter, which may contain promotions, offers, events. Also in this case, the legal basis consists in your consent and the data will be kept until you revoke your consent. More specifically, we inform you that you can unsubscribe from our newsletter by using the specific link in the newsletter itself or by writing to direzione@lealidelfrassino.it at any time.
  • Finally, we process your data in order to be able to demonstrate your consent to the processing, where required, for a maximum period of 24 months, subject in any case to compliance with current legislation.    

Once the retention periods have expired, the data will be destroyed, deleted or made anonymous. At the same time, in the event that other processing purposes should subsequently emerge, it will be the responsibility of the Data Controller to provide you with further information.

We inform you that the provision of data to carry out the activities prodromal, preliminary and / or subsequent to the purchase of a service is necessary to allow the completion of this purpose, so that any refusal to provide them in whole or in part could result in the failure or partial performance of the contract or the impossibility for the Owner to properly perform all the tasks related to the relationship. The provision of data to answer your questions and/or to send the newsletter does not depend on a legal or contractual obligation and is entirely optional.

  We want to inform you that your data will be processed mainly electronically (but we do not exclude paper processing), adopting security measures to prevent any violation of personal data, such as loss of data, unlawful or incorrect use and unauthorized access. However, such measures, due to the nature of the online transmission medium, cannot limit or exclude absolutely any risk of unauthorized access or loss of data. For this reason, we recommend that you periodically check that your device is equipped with software devices suitable for the protection of network data transmission, both incoming and outgoing (such as updated antivirus systems) and that the Internet service provider has taken appropriate measures for the security of network data transmission (such as firewalls and spam filters).

We will communicate your personal data to third parties (from time to time appointed, if necessary, as Data Processors pursuant to art. 4 n.8) GDPR), only when it is indispensable and only to the extent strictly necessary to achieve the purposes of the processing. Therefore, the data may be communicated to subjects belonging to our company, duly authorized to process the data; to suppliers/other companies/entities and/or natural persons who carry out activities instrumental, supporting or functional to the execution of contracts or services required (e.g. carriers, couriers); to external personnel (such as third party technical service providers, hosting providers, IT companies, companies offering e-mail and booking services); in the case of marketing purposes, to consultants, communication agencies, companies in charge of the design, printing and maintenance of advertising or promotional publishing materials and/or their online management, direct e-mailing service companies; to third parties providing administrative, payment and billing services, legal advisors; to subjects to whom the right to access data is granted by law or regulations and other subjects provided by law. We specify that for the provision of the newsletter service we use MailUp, a communication platform for sending newsletters, of the company MailUp S.p.A.; for booking services we use Vertical Booking S.r.l.

In any case, you can always ask the Data Controller for the updated list of Data Processors.

  • Personal data is stored on servers located within the European Union and will not be transferred outside the European Union. Otherwise, after having duly informed you, the transfer will take place only after the adoption of adequate guarantees, as required by the binding legislation.

We inform you that if you are under 16 years old (14 years old if you are on Italian territory) your consent is legitimate only if given or authorized by the person with parental responsibility. Moreover, if you are under 18 years old, you can only purchase services through a parent or guardian.

Finally, we would like to point out that this information may be subject to periodic updates 24/11/2020