PRIVACY POLICY
In accordance with Article 13 of Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016,
The following describes the methods of managing the website www.ludwig-house.it (hereinafter referred to as the website) with regard to the processing of personal data of users who consult it. This is a general document that provides information about the criteria for the correct processing of personal data carried out on or through the website. The information related to the individual services that the user will use, prepared in accordance with Article 13 of Regulation 679/2016/EU on the protection of data (hereinafter referred to as the Regulation), can be found on the website in specific sections and can be obtained from the offices of the data controller.
This information is provided in accordance with Article 13 of the General Data Protection Regulation (Regulation) to those who interact with the website's web services and does not include the processing of data on other websites that the user may consult through links present on the website itself. Users are invited to carefully read this information before submitting any personal information.
​
Data Controller
Following the consultation of this website, data relating to identified or identifiable individuals (hereinafter referred to as the user) may be processed. The data controller is Hotel CristalloI Srl (hereinafter referred to as the data controller). As of today, all information regarding the data controller, together with the updated list of designated data processors and system administrators, can be found at Hotel Cristallo Srl, located at via Monsignor Luigi Martini, 29 - 46100 Mantova.
Purposes, Lawfulness of Processing, Types of Data, and Criteria Used to Determine the Retention Period of Personal Data
​
Browsing Data
Browsing the website involves the acquisition of certain personal data, the transmission of which is implicit in the use of Internet communication protocols (browsing data). These are pieces of information that are not collected to be associated with identified users, but which, by their very nature, could, through processing and association with data held by third parties, allow users to be identified. This category of data includes IP addresses or domain names of the computers used by users who connect to the site, URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the server hosting the site or managing the requested services, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.), and other parameters relating to the operating system and the user's computer environment.
​
The following are the purposes for which the user's personal data will be processed:
-
Use of the website;
-
Any statistics on the use of the service (most visited pages, number of visitors by time of day or day, geographical areas of origin, etc.);
-
Any checks on the proper functioning of the services offered.
The user's browsing data will be stored for the period necessary to achieve the purposes for which they are collected, not exceeding seven days, without prejudice to the time required to fulfill requests received from the Judicial Authority for defense and/or security purposes of the State, and/or for the prevention, investigation, or suppression of offenses, or to fulfill requests received from the Data Protection Authority.
The lawfulness of the processing of personal data is based on the need to pursue the legitimate interest of the data controller (Article 6(1)(f) of the Regulation).
​
Contact/Information Request Section
The personal data provided by the user accessing the Contact/Information Request Section and sending a message will be used solely to perform the requested service. The optional, explicit, and voluntary sending of emails to the addresses indicated on the website, by its very nature, entails the subsequent acquisition of the sender's email address, which is necessary to respond to the requests, as well as any other personal data included in the message.
The lawfulness of the processing of personal data is based on the need to fulfill a contract of which the user is a party or to take pre-contractual measures at the request of the user (Article 6(1)(b) of the Regulation).
The user's personal data will be stored for the time necessary to provide the requested service or for the time necessary to manage any appeals or disputes.
​
Online Chat
The user's personal data is processed in order to provide requested information and services.
The lawfulness of the processing of personal data derives from the performance of a contract of which the user is a party or the need to take pre-contractual measures at the user's request (Article 6(1)(b) of the Regulation).
The user's personal data will be stored for the time necessary to provide the requested service or for the time necessary to manage any appeals or disputes.
​
Methods of Processing Personal Data
The processing of your personal data takes place at the headquarters of the data controller or, if necessary, at the headquarters of any specifically appointed external data processors in accordance with Article 28 of the Regulation, or at the subjects indicated in the "Communication and Disclosure of Personal Data" section. Personal data is processed using automated tools. Specific security measures are observed to prevent the loss, illegal or incorrect use, and unauthorized access to the data. Processing of personal data is carried out within the limits of what is strictly necessary for the performance of the functions for which the service is required, excluding processing when the intended purposes can be achieved using anonymous data or methods that allow the user to be identified only if necessary.
​
Communication and Disclosure of Personal Data
Personal data, if necessary, may be communicated (meaning to provide knowledge to one or more specific subjects) to subjects whose access to data is recognized by national and European Union legal provisions. Personal data is not disclosed in any way, meaning to make it known in any way to an indeterminate number of subjects, without prejudice to legal obligations.
​
Changes to the Policy
The data controller reserves the right to make changes to this policy at any time by giving notice to the user on this page. Therefore, please check this page frequently to stay updated.
​
Rights of the Data Subject (User)
Please note that the user has the following rights at any time:
-
The right to receive the personal data concerning them, which they have provided to a data controller, in a structured, commonly used, and machine-readable format and the right to transmit those data to another data controller without hindrance from the data controller to which the personal data have been provided;
-
The right to obtain access to their personal data;
-
The right to obtain the rectification of their personal data if it is inaccurate or incomplete, provided it does not contravene current legislation on the retention of such data;
-
The right to obtain the erasure of their personal data if it is no longer necessary for the purposes for which it was collected or processed, provided it does not contravene current legislation on the retention of such data;
-
The right to obtain the restriction of processing of their personal data;
-
The right to object, on grounds relating to their particular situation, at any time to the processing of their personal data.
The user can exercise the above rights by making a request without formality to the data controller by hand delivery, regular mail, registered letter, fax, or by email to the following address: ma.mi@pec.net
To facilitate the exercise of these rights, the Italian Data Protection Authority has prepared a specific form that can be downloaded from the website www.garanteprivacy.it.
Right to Lodge a Complaint (Art. 13.2.d of Regulation 679/2016/EU)
Please note that the user has the right to lodge a complaint with a supervisory authority (in particular, the Italian Data Protection Authority www.garanteprivacy.it).
Cookie
The specific information describing the use of cookies on the website is available and can be consulted in the document "Cookie Policy."