PRIVACY POLICY - INFORMATION PURSUANT TO ART. 13 EU REG. 2016/679

This page describes the processing of personal data carried out in relation to the services offered/available via the website: http://marivadunesuite.webbins.it/it
The information is provided only for this site and not for other websites that may be consulted by the user via links

INDEX

  • THE DATA CONTROLLER (who decides why, how and to whom the data are processed)
  • RIGHTS OF DATA SUBJECTS
  • NAVIGATION DATA (data processed in relation to the visit of the website)
  • DATA VOLUNTARILY PROVIDED BY THE USER
    • DATA PROCESSING FOLLOWING A CONTACT REQUEST
    • BOOKING ONLINE
    • DATA PROCESSING FOLLOWING THE SUBMISSION OF A RESERVATION
  • SUBSCRIPTION TO THE NEWSLETTER
  • DATA STORAGE
  • USER RIGHTS - MORE INFORMATION
  • SOME TERMS

* * *

THE DATA CONTROLLER

(who decides why, how and to whom the data are processed)

Following consultation of this site and use of the services it offers, data relating to identified or identifiable persons may be processed.
In addition to navigation data, information may, for example, be collected on the occasion of:
- the request for a reservation;
- the use of other services through the platforms;
- subsequent phone calls with our operators.

The data controller (i.e. the entity that determines the purposes and means of the processing of personal data and assumes the responsibility for processing and having personal data processed correctly) is:

Arranger Consulting Srl Gruppo Iva Arranger Consulting
Via G. Pico Della Mirandola, 8
50132 Firenze (FI) ITALY
P.Iva 06870970487 C.F.06141820487
arrangerconsultingsrl@pec.studiolisi.info

also indicated as Mariva Dune Suites.

RIGHTS OF DATA SUBJECTS

The data subject has the following rights:

  • to ask the Owner of the processing to access his/her personal data, to correct or erase them, to limit their processing, or to object to their processing;
  • if the processing occurs by automated means, on the basis of his/her consent, the data subject may receive his/her personal data in a structured format, of common use and legible by an automated device, and/or obtain their direct transmission to another owner of the processing, if this is technically feasible;
  • to revoke his/her consent at any time (without compromising the legality of the processing based on the consent given before the revocation); the consent in question obviously regards that given for processing carried out on the basis of this presupposition;
  • to file a complaint with the controlling authority: Supervisor for the Protection of Personal Data - Piazza di Monte Citorio n. 121 00186 ROMA – https://www.garanteprivacy.it/web/guest/home

Requests should be addressed to the Data Controller by registered letter with return receipt or via the CONTACT/INFORMATION form on the website

NAVIGATION DATA

(data processed in relation to the visit of the website)

The systems and software procedures used to operate a website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
This is information that is not collected to be associated with identified interested parties, but which by their very nature could, through processing and association with data held by third parties, allow users to be identified.
This category of data includes, for example, the IP addresses or domain names of the computers used by users who connect to the site, the URI (Uniform Resource Identifier) ​​addresses of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the IT environment of the user, such as the type and version of the browser, the types and versions of the browser plug-ins, the identification of the mobile device (IDFA or Android ID) and other parameters relating to your operating system and IT environment,
This data, in the absence of specific consent of processing for further purposes, is used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning.
The data could be used to ascertain responsibility in the event of hypothetical computer crimes against the site and only in this case can specific procedures be activated to identify the author.
The LEGAL BASIS FOR THE PROCESSING of this data is constituted by the legitimate interest of the owners consisting in the protection of data security, proper functioning of the site and improvement of service standards.

METHODS AND PERSONNEL IN CHARGE OF THE PROCESSING
Personal data is processed with automated tools for the time strictly necessary to achieve the purposes for which they were collected. The processing relating to the web services of this site are handled by personnel appointed by the Data Controller as well as by external subjects, appointed as managers (ART. 28 EU REG. 2016/679), who are entrusted with the technical management and maintenance of the site and related IT systems. Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access.
No data deriving from the web service is disclosed.
The personal data provided by users who submit requests to send informational material (newsletters, answers to questions, etc.) are used for the sole purpose of carrying out the service or provision requested and are disclosed to third parties only if this is to this is necessary.

DATA VOLUNTARILY PROVIDED BY THE USER

Apart from what is specified data for navigation, the user is free to provide their personal data requested during navigation to request informative material or other communications. Failure to provide them may make it impossible to obtain what is requested.
When the user visits a part of the Site that requires the collection of personal data, a link to this information document is re-proposed and, if necessary, consent is requested
The optional, explicit, and voluntary sending of e-mails to the addresses indicated on this site entails the subsequent acquisition of the sender's address, necessary to respond to requests, as well as any other personal data included in the message which, unless otherwise duly communicated, will be kept for the time necessary to satisfy requests.
Below is specific information referring to the pages of the site set up for particular services on request or through which it is possible to acquire further personal data.

DATA PROCESSING FOLLOWING A CONTACT REQUEST

Personal data provided spontaneously by the interested party through the booking area, or the e-mail addresses made available on the site:

  1. Are processed with mainly automated tools to:
    1. Ensure a certain and timely answer and to satisfy the requests of the interested party (legal basis of the processing: legitimate interest and consent of the interested party in the case of "particular" personal data);
    2. Fulfil obligations deriving from EU laws, rules, and regulations; fulfilment of provisions issued by the Judicial Authority, (legal basis of the processing: coinciding with the purpose);
    3. Feed the system knowledge of the public through statistical analyses, carried out through anonymized and aggregated data, useful for the verification, improvement and therefore design of an increasingly efficient and adequate service adapted to demand, (legal basis of the processing: legitimate interest of the owners coinciding with the purpose).
  2. The contact details, postal and e-mail addresses provided may be used to send courtesy communications and/or informative material/offers relating to the proposed products and services provided by the Data Controller, obviously with the consent of the interested party, even via SMS or other communication platforms such as WhatsApp. It is understood that the interested party will still have the right to oppose this treatment at any time (legal basis of the treatment: legitimate interest of the owners consisting in the promotion of their products/ services and the consent of the interested party)
  3. They may be handled by commercial staff, IT system maintenance personnel who have the task of guaranteeing the functionality of the systems, data security and backup operations, other personnel in charge within the limits of the assigned tasks and as provided for by company procedures and other subjects that provide services for auxiliary purposes in satisfying the requests of the interested party, also within the limits strictly necessary to carry out their duties.
  4. They may be communicated or be made available:
    1. to subjects who can access the data by virtue of the provision of the law, regulations or community legislation, within the limits set by these rules;
    2. to other associated companies (subsidiaries - parent companies) always for current "administrative accounting purposes" related to satisfying the requests of the interested party;
    3. to other subjects who provide services for purposes related to the satisfaction of the requests of the interested party, within the limits strictly necessary to carry out their duties - commercial partners, whose collaboration is necessary for the purpose of providing the requested services The Commercial Partners will operate as independent owners of the processing and in compliance with the respective privacy policies, which will be made available by them.
  5. Personal data will be transferred to subjects located outside the European Economic Area to the country in which the interested party resides or is located only if necessary to satisfy his requests and in compliance with current legislation.

When filling in the forms, the fields whose compilation is mandatory are indicated with an asterisk, in the absence of the requested data it will not be possible to satisfy the requests of the interested party.

If at the time of the request for contact/booking the interested party were to communicate particular categories of data (such as: personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, as well as process genetic data, biometric data intended to uniquely identify a natural person, data relating to the health or sexual life or sexual orientation of the person) specific consent may be required for their processing, in the absence of which it may be impossible to give course to the requests of the interested party.

BOOKING ONLINE

It is the page of the site through which the user can book stays at the structures of the Owner. In order to offer the best service with the highest safety standards, the management of the service has been entirely entrusted to a company specialized in the sector with proven experience and reliability, leader in technology and support for Internet and GDS distribution in the tourism and hospitality sector. The link "CHECK AVAILABILITY" refers to a page on the site https://be.bookingexpert.it/ of Zucchetti Hospitality Srl (https://www.bookingexpert.com ), which is fully entrusted with the online booking procedure and who has been appointed Responsible for this purpose to art. 28 of the European Regulation 2016/679, more information can be found via the links in the footer of the booking area.
The data entered by the user when making the booking request will be entered by booking expert directly onto the Hotel management software.
Once transmitted to the Hotel, the data may be processed by administration staff, receptionists or other staff appointed by the Data Controller to register the reservation, fulfil contractual and natural obligations accounting and tax, to offer the guest attentive and personalized services satisfying his requests.


DATA PROCESSING FOLLOWING THE SUBMISSION OF A RESERVATION

The data provided by the interested party or by a third party acting on their behalf will be processed, mainly with IT and/or telematic tools, for the following purposes:

  1. to fulfil obligations deriving from laws, rules, and community regulations, including the obligation relating to the communication of the guests to the Public Security Authorities required by Article 109 of Royal Decree 773 of 18 June 1931 and subsequent amendments, which will be carried out after checking in; (legal basis coinciding with the purpose);
  2. to fulfil contractual, accounting and tax obligations; performance of the services requested by the interested party or by third parties on behalf of the interested party. (legal basis coinciding with the purpose);
  3. to offer the guest attentive and personalized services throughout the period of their stay within our structure; (legal basis: legitimate interest consisting in the correct organization and planning of activities and in the improvement of the service);
  4. purposes related to public relations, information, and commercial activities. In particular, the contact details and e-mail addresses provided may be used for sending courtesy communications and/or advertising material relating to services similar to those covered by the existing business relationship. It is understood that the guest has the right to oppose the aforementioned processing at any time (legal basis: legitimate interest consisting in processing personal data for direct marketing purposes, always considering the reasonable expectations of the interested party based on his/her relationship with the Data Controller);
  5. to assert or defend a right, also by resorting to agents with representation, both out of court and in administrative or judicial offices (legal basis coinciding with the purpose);
  6. for the same purposes, the data may be processed, always and only within the limits of what is actually necessary to carry out their functions, by the following categories of appointees and/or managers: Company management and management; administration staff, receptionists, resources in charge of the management maintenance of IT systems, and finally Associated Companies or other subjects (companies/professionals), Managers appointed for this purpose, who need to access some data for auxiliary purposes, always within the limits strictly necessary to carry out the tasks delegated to them.

Personal data relating to guests may be disclosed:

  • limited to accounting and tax data to banks, credit institutions, data processing companies and credit card issuers, for activities strictly connected to the execution and administrative management of the contract;
  • to the Public Security Authority or to Public Bodies in compliance with the law;
  • to insurance institutions, public entities, and bodies for the purpose of fulfilling legal obligations;
  • to other subjects who need to access some data to carry out auxiliary activities for the purposes indicated above, always within the limits strictly necessary to carry out the tasks delegated to them such as: tax, accounting, welfare, insurance, information systems management, financial services.

Of course, all the communications described above are limited only to the data necessary for the recipient body/office for the performance of its duties and/or for the achievement of the purposes related to the communication itself.
The processing of the data in question may also consist in their communication abroad, both inside and outside the European Union to the country of origin or destination of the guest and limited to strictly the necessary data, in relation to the specific guest requests. The transfer will always be carried out in full compliance with the law and can only be carried out in fulfilment of the aforementioned legitimacy conditions
The data will not be disclosed.

SUBSCRIPTION TO THE NEWSLETTER

Personal data provided spontaneously by the interested party by subscribing to the Newsletter:

  1. is processed with mainly automated tools for the sole purpose of satisfying the requests of the interested party, who has the right to interrupt the aforementioned process at any time;
  2. may be handled by communication and marketing staff, IT system maintenance staff who have the task of guaranteeing the functionality of the systems, data security and backup operations, other employees within the limits of the assignments received and the provisions of company procedures and other subjects providing the services for auxiliary purposes in satisfying the requests of the interested party, within the limits strictly necessary to carry out their duties;
  3. may be communicated or made available:
    - to subjects who can access the data by virtue of the provision of law, regulation, or community legislation, within the limits set by these rules,
    - to other subjects who provide services for purposes related to the satisfaction of the requests of the interested party, within the limits strictly necessary to carry out their duties.
    - to associated companies (subsidiaries - parent companies) always for current administrative accounting purposes connected to the satisfaction of the requests of the interested party
DATA STORAGE

The data communicated, unless otherwise duly communicated by the interested party, will be kept for the time necessary to satisfy the requests of the interested party and to comply with the law.
If the interested party has a contractual relationship with the Data Controller, the data will be kept, if pertinent to it, for the duration of the contract, after which the conservation will be continued only if required by law and in compliance with the rules on the conservation of administrative documentation.
The contact details for which the sending of commercial communications is permitted will be kept for up to 12 months following the last sending or until otherwise instructed by the interested party.

USER RIGHTS - MORE INFORMATION

Right of access
The interested party has the right to obtain from the data controller confirmation as to whether or not personal data concerning him/herself is being processed and, in this case, to obtain access to personal data and the following information:

  1. the purposes of the processing;
  2. the categories of personal data in question;
  3. the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular if recipients of third countries or international organizations and, in this case, the existence of adequate guarantees;
  4. when possible, the retention period of the personal data envisaged or, if not possible, the criteria used to determine this period;
  5. the existence of the right of the interested party to ask the data controller to rectify or delete personal data or limit the processing of personal data concerning him/her or to oppose its processing;
  6. the right to lodge a complaint with the supervisory authority;
  7. if the data is not collected from the data subject, all available information on their origin;
  8. the existence of an automated decision-making process, including profiling, which produces legal effects concerning him/her or which significantly affects his/her person and, at least in such cases, significant information of the logic used, as well as the importance and expected consequences of such processing for the person concerned.

Right of rectification
The interested party has the right to obtain the correction of inaccurate personal data concerning him/her without undue delay from the data controller.

Right of cancellation
The data subject has the right to obtain the cancellation of personal data concerning him/her without undue delay and the data controller is obliged to cancel the personal data without undue delay, if one of the following reasons exists:

  1. the personal data is no longer necessary with respect to the purposes for which it was collected or otherwise processed;
  2. the interested party revokes the consent on which the processing is based and there is no other legal basis for the processing;
  3. the interested party opposes the processing, and there is no legitimate overriding reason to proceed with the processing;
  4. the personal data have been unlawfully processed;
  5. the personal data must be deleted to fulfil a legal obligation under European Union law or the law of the Member State to which the data controller is subject;

Rights to limit the processing
The interested party has the right to obtain the limitation of processing from the data controller when one of the following hypotheses occurs:

  1. the data subject disputes the accuracy of his/her personal data, for the period necessary for the data controller to verify the accuracy of such personal data;
  2. the processing is unlawful and the interested party opposes the cancellation of personal data and requests instead that its use be limited;
  3. although the data controller no longer needs it for processing purposes, the personal data is necessary for the data subject to ascertain, exercise or defend his/her right in court;
  4. the interested party opposed the processing, pending verification of the possible prevalence of the legitimate reasons of the data controller with respect to those of the interested party.

Right to object
The interested party has the right to object at any time to the processing of personal data concerning him/her for direct marketing purposes, including profiling insofar as it is connected to such direct marketing.

Right to data portability
The interested party has the right to receive, in a structured format, commonly used and readable by an automatic device, the personal data concerning him/herself provided to a data controller and has the right to transmit such data to another data controller without impediments from the data controller who provided them if:

  1. the processing is based on consent or on a contract; 
  2. the processing is carried out by automated means.

In exercising their rights relating to data portability, the interested party has the right to obtain the direct transmission of personal data from one data controller to the other, if technically feasible.

Some terms

EU Reg. 20168679: REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27th April 2016 concerning the protection of individuals with regard to the processing of personal data, as well as the free circulation of such data
Personal data: Any information relating to an identified or identifiable natural person
"Particular" personal data: NEED MORE PROTECTION AND PARTICULAR ATTENTION, such as the personal data that reveal racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, as well as genetic data, biometric data intended to uniquely identify a natural person, data relating to the health or sexual life or sexual orientation of the person (Article 9 of EU Reg. 2016/679)
Treatment: any operation or set of operations, carried out by any means or methods and applied to personal data or sets of personal data, (such as the collection, registration, organization, structuring, storage, adaptation or modification, extraction, consultation, use, communication by transmission, dissemination or any other form of provision, comparison or interconnection, limitation, cancellation or destruction)
Interested: The natural person to whom the personal data refers to
Owner: the natural or legal person, public authority, service or other body who, individually or together with others, determines the purposes and means of the processing of personal data
Data processors (appointed pursuant to Article 28 of EU Reg. 2016/679): the natural or legal person, public authority, service or other body that processes personal data on behalf of the Data Controller
Legal basis of the processing: the regulatory principle on the basis of which the processing of personal data described can be carried out, in many cases coinciding with the declared purpose
European Economic Area (EEA): EU Member States, Norway, Iceland, Lichtenstein.

* * *

In case of any discrepancy between the meanings of any translated versions of this Privacy Policy, the meaning of the Italian language version shall prevail.

Stay in touch

Stay in touch

Join the club.
Subscribe to our newsletter so not to miss any Mariva Dune news and updates.

Subscribe to the newsletter

Information and booking

Contact us, we are at your disposal:

Tel: +39 0565 719650
info@marivadune.it

Request info

Thank you!

Thank you: we sent you an email to activate your subscription and select your preferences if applicable

Close

Subscribe to the newsletter


Cancel
Close

Request information & booking


-
Close

Credits

PROGETTAZIONE, GRAFICA, CONVERSIONE E REALIZZAZIONE SITO WEB:
www.kumbe.it

Foto:

  • Fotografo professionista

Close

Thank you!