INFORMATION ON THE PROCESSING OF PERSONAL DATA AND COOKIES
of users who consult our website pursuant to Article 13 of Regulation (EU) 2016/679
WHY THIS INFORMATION
Under of Regulation (EU) 2016/679 (hereinafter "Regulation"), this page describes the methods for processing the personal data of users who consult the websites of our company HCRESORT di Braulinese Cinzia via Mercato 11, cap 33054, Lignano Sabbiadoro ( UD) PEC: cinzia.braulinese@legalmail.ti REA number: UD 362947 Tax code: BRLCNZ76M45L483F VAT number: 03059140305
www.hcresortlignano.it
This information does not concern other sites, pages or online services accessible via hypertext links that may be published on the sites but referring to resources outside the domain of the company HCRESORT of Braulinese Cinzia via Mercato 11, cap 33054, Lignano Sabbiadoro (UD) PEC: cinzia.braulinese @ legalmail.ti REA number: UD 362947 Tax code: BRLCNZ76M45L483F VAT number: 03059140305 tel. 043171626
​
HOLDER OF THE TREATMENT
HCRESORT di Braulinese Cinzia via Mercato 11, zip code 33054, Lignano Sabbiadoro (UD) PEC: cinzia.braulinese@legalmail.ti REA number: UD 362947 Tax code: BRLCNZ76M45L483F VAT number: 03059140305 tel. 043171626
​
EXTERNAL MANAGER OF TREATMENT FOR THE WEBSITE
HCRESORT di Braulinese Cinzia via Mercato 11, zip code 33054, Lignano Sabbiadoro (UD) PEC: cinzia.braulinese@legalmail.ti REA number: UD 362947 Tax code: BRLCNZ76M45L483F VAT number: 03059140305 tel. 043171626
LEGAL BASIS OF THE PROCESSING
The Data Controller processes Personal Data relating to the User if one of the following conditions exists:
• The User has given consent for one or more specific purposes; Note: in some jurisdictions the Data Controller may be authorized to process Personal Data without the User's consent or another of the legal bases specified below, as long as the User does not object ("opt-out") to such treatment. However, this is not applicable if the processing of Personal Data is governed by European legislation on the protection of Personal Data;
• The processing is necessary for the execution of a contract with the User and / or for the execution of pre-contractual measures;
• The processing is necessary to fulfill a legal obligation to which the Data Controller is subject;
• The processing is necessary for the execution of a task of public interest or for the exercise of public authority vested in the Data Controller;
• The processing is necessary for the pursuit of the legitimate interest of the Data Controller or third parties.
However, it is always possible to ask the Data Controller to clarify the concrete legal basis of each treatment and in particular to specify whether the treatment is based on the law, provided for by a contract or necessary to conclude a contract.
TYPES OF DATA PROCESSED AND PURPOSE OF THE TREATMENT
Navigation data
The computer systems and software procedures used to operate this site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This category of data includes IP addresses or domain names of the computers and terminals used by users, the URI / URL (Uniform Resource Identifier / Locator) addresses of the requested resources, the time of the request, the method used in submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user's IT environment. These data, necessary for the use of web services, are also processed for the purpose of: obtaining statistical information on the use of the services (most visited pages, number of visitors by time or day, geographical areas of origin, etc.) and to check the correct functioning of the services offered. The navigation data do not persist for more than seven days and are deleted immediately after their aggregation (except for any need to ascertain crimes by the judicial authorities).
Data communicated by the user
The optional, explicit and voluntary sending of messages to the contact addresses of the Data Controller, as well as the compilation and forwarding of the forms present on the Data Controller's sites, entail the acquisition of the sender's contact data, necessary to reply, as well as of all the personal data included in the communications. Specific information will be published on the pages of the Data Controller's sites prepared for the provision of certain services. The site contains various user data collection forms. Each form is designed to allow the user to access specific services.
Cookies and other tracking systems
Why do we use cookies?
Cookies allow us to provide, protect and improve the Service, for example by personalizing content and providing a safer experience. Although the cookies we use may undergo periodic changes following the improvement and updating of the Service, we use cookies for the following purposes: to save User preferences and to optimize the browsing experience by reducing waiting times. These cookies include, for example, those to set the language and currency, login information to private sections or for the management of statistics by the owner of the site.
Technical session and navigation cookies:
This website uses session cookies to carry out activities that are strictly necessary for its functioning.
Cookies are information installed in the browser when you visit a website or use a social network with your PC, tablet or smartphone. Each Cookie contains various information that assist the Owner in providing the service based on the purposes described. Cookies can remain in the system for the duration of a session (i.e. when the browser is closed) or for an extended period of time. Some of the installation purposes may require the User's consent.
Cookies are not used for user profiling, nor are other tracking methods used.
Instead, session cookies (non-persistent) are used strictly limited to what is necessary for the safe and efficient navigation of the sites. The storage of session cookies in terminals or browsers is under the user's control, where on the servers, at the end of the HTTPS sessions, information relating to cookies remains recorded in the service logs, with storage times not exceeding 1 day per equal to other navigation data. The acceptance of the cookie banner has a duration of 1 year.
Third party cookies:
Statistics. The services contained in this section allow the Data Controller to monitor and analyze traffic data and are used to keep track of User behavior. By way of example, the following are mentioned:
- Google Analytics (Google Inc.). Web analysis service provided by Google Inc. ("Google"). Google uses the Personal Data collected for the purpose of evaluating the use of this website, compiling reports and sharing them with other services developed by Google. Google may use the Personal Data to contextualize and personalize the advertisements of its own advertising network.
- Google AdWords (Google Inc.). Google AdWords conversion tracking is a statistics service provided by Google Inc. that links data from the Google AdWords ad network with actions performed on this Website.
- Personal data collected: Cookies and Usage data; Place of processing: 1600 Amphitheater Parkway Mountain View - CA94043 USA; privacy legislation; revocation
Widget. These services allow you to view content hosted on external platforms directly from the pages of this website and interact with them. In the event that a service of this type is installed, it is possible that, even if the Users do not use the service, it collects traffic data relating to the pages in which it is installed.
The site may also use some "social plugins" for sharing and communicating content: their use is optional. When one of the plugins is used, the site will get in touch, through your browser, with the servers where the social sharing services are managed, communicating the data that the user intends to publish and share through their social profile ( of which he remains the only responsible) and informing them (the servers) of the pages that the user has visited.
To exclude this possibility, you can avoid sharing content by using the social share buttons. For further details regarding the use and collection of data through the following plugins and to know how the data collected and transmitted in this way are processed (and for what purposes), please consult the privacy and legal information issued by the Owners of the services in question.
How can I control cookies?
Through the browser preferences, the User has the possibility to manage preferences relating to Cookies directly from within his browser and prevent third parties from installing them. It is important to note that by disabling all or some cookies, the functioning of this site could be compromised.
Your browser or device may contain settings that allow you to choose whether to set cookies and delete them. For more information on these control options, see your browser or device help materials.
For more information on how companies usually use cookies and the choices available, you can consult the following resources:
• Digital Advertising Alliance
• Digital Advertising Alliance of Canada
• European Interactive Digital Advertising Alliance
Payment management
The payment management services allow this website to process payments by credit card, bank transfer or other tools. The data used for payment are acquired directly by the requested payment service provider without being processed in any way by this website. Some of these services may also allow the scheduled sending of messages to the User, such as emails containing invoices or notifications regarding payment.
Infrastructure monitoring
These services allow this Application to monitor the use and behavior of its components, to allow for the improvement of performance and functionality, maintenance or troubleshooting.
RIGHTS OF THE INTERESTED PARTY
In your capacity as an interested party, at any time you can exercise your rights towards the Data Controller, pursuant to art. 15 of the GDPR:
the. obtain confirmation of the existence or not of personal data concerning you, even if not yet registered, and their communication in an intelligible form;
ii. obtain the indication: a) of the origin of the personal data; b) the purposes and methods of the processing; c) of the logic applied in case of treatment carried out with the aid of electronic instruments; d) the identity of the owner, manager and the representative appointed pursuant to art. 3, paragraph 1, GDPR; e) the subjects or categories of subjects to whom the personal data may be communicated or who can learn about them as appointed representative in the State, managers or agents;
iii. obtain: a) updating, rectification or, when interested, integration of data; b) the cancellation, transformation into anonymous form or blocking of data processed in violation of the law, including data which need not be kept for the purposes for which the data were collected or subsequently processed; c) the attestation that the operations referred to in letters a) and b) have been brought to the attention, also as regards their content, of those to whom the data have been communicated or disseminated, except in the case in which this fulfillment is proves impossible or involves the use of means that are manifestly disproportionate to the protected right;
iv. object, in whole or in part: a) for legitimate reasons to the processing of personal data concerning you, even if pertinent to the purpose of the collection; b) to the processing of personal data concerning you for the purpose of sending advertising or direct sales material or for carrying out market research or commercial communication, through the use of automated call systems without the intervention of an operator by e-mail and / or through traditional marketing methods by telephone and / or paper mail. It should be noted that the right of opposition of the interested party, set out in point b) above, for direct marketing purposes through automated methods extends to traditional ones and that in any case the possibility remains for the interested party to exercise the right of opposition also only partially.
Therefore, the interested party can decide to receive only communications using traditional methods or only automated communications or neither of the two types of communication.
Where applicable, you also have the rights referred to in Articles. 16-21 GDPR:
- Right of rectification (Article 16);
- Right to erasure - Right to be forgotten (Article 17);
- Right to limitation of treatment (Article 18);
- Obligation to notify in case of rectification or cancellation of personal data or limitation of processing (Article 19);
- Right to data portability (Article 20);
- Right to object (Article 21);
- Revoke, at any time, the consent to the processing of their Personal data previously expressed;
- Submit a complaint to the Guarantor Authority.
RESPONSIBILITY OF THE HOLDER OF THE TREATMENT
• Facilitate the protection of personal data
• Adopt safety measures, evaluating in advance the risks generated in the treatment process
• Ensure transparency on data flows and processing activities
• Promptly intervene in the event of a breach (also known as a data breach)
• Adapt to establish roles and responsibilities in each processing activity
For any further information, and to assert the rights recognized by the European Regulation, you can contact the Data Controller who for all legal purposes is a company:
HCRESORT
by Braulinese Cinzia
via Mercato 11, zip code 33054, Lignano Sabbiadoro (UD)
PEC: cinzia.braulinese@legalmail.ti
REA number: UD 362947
Tax code: BRLCNZ76M45L483F
VAT number: 03059140305
tel. 043171626
METHOD FOR THE EXERCISE OF RIGHTS BY THE INTERESTED PARTIES
The methods of exercising the rights by the interested parties are established, in general, in the articles 11 and 12 of the regulation. The deadline for replying to the interested party is, for all rights (including the right of access), 1 month, which can be extended up to 3 months in particularly complex cases; the owner must in any case give a reply to the interested party within 1 month of the request, even in case of refusal.
It is up to the owner to evaluate the complexity of the response to the interested party and to establish the amount of any contribution to be requested from the interested party, but only if the requests are manifestly unfounded or excessive (even repetitive) (Article 12.5), unlike the provisions of art. 9, paragraph 5, and 10, paragraphs 7 and 8, of the Code, or if more "copies" of personal data are requested in the case of the right of access (Article 15, paragraph 3); in the latter case the owner must take into account the administrative costs incurred. As a rule, the person concerned must be replied to in writing, including through electronic means that facilitate accessibility; it can be given orally only if so requested by the interested party (Article 12, paragraph 1; see also Article 15, paragraph 3).
The exercise of rights is, in principle, free of charge for the data subject, but there may be exceptions. The owner has the right to request information necessary to identify the data subject, and the latter has the duty to provide it, according to suitable methods (see, in particular, Article 11, paragraph 2 and Article 12, paragraph 6).
RIGHT OF COMPLAINT
Interested parties who believe that the processing of personal data referring to them carried out through this site is in violation of the provisions of the Regulation have the right to lodge a complaint with the Guarantor, as required by art. 77 of the Regulation itself, or to take appropriate judicial offices (Article 79 of the Regulation).
CHANGES TO THE POLICY
The Data Controller reserves the right to make changes to this policy at any time by giving notice to Users on this page. Therefore, please consult this page often, referring to the date of the last modification indicated at the bottom. In case of non-acceptance of the changes made to this privacy policy, the User is required to cease using this Website and may request the Data Controller to remove their Personal Data. Unless otherwise specified, the previous privacy policy will continue to apply to the Personal Data collected up to that time.
The person in charge of the treatment
_________________________
