This Privacy Policy is provided pursuant to Article 13 of European Regulation No. 679/2016 and applies exclusively to all Data collected through the website www.covodeisaraceni.com. This Privacy Policy, together with the Cookie Policy, sets out the basis on which the User’s Personal Data will be processed.

DATA CONTROLLER

The Data Controller is:

HOTEL RISTORANTE COVO DEI SARACENI – S.R.L.
VIA CONVERSANO 1 – 70044 – POLIGNANO A MARE (BA)

METHODS OF PROCESSING PERSONAL DATA

The Personal Data provided or acquired will be processed in accordance with the principles of fairness, lawfulness, transparency, and confidentiality protection pursuant to applicable regulations.

The Data Controller processes Users’ Personal Data by adopting appropriate security measures aimed at preventing unauthorized access, disclosure, modification, or destruction of Personal Data.

Processing is carried out by means of IT and/or telematic tools, with organizational methods and logic strictly related to the purposes indicated. Among the Personal Data collected by this website are: Cookies, Usage Data, Email Address, and Name. Personal Data may be voluntarily provided by the User or automatically collected during the use of this Website.

DISCLOSURE AND DISSEMINATION OF DATA

In addition to the Data Controller, in some cases the following parties may have access to the Data:

a) categories of personnel specifically trained and involved in the organization of the Website (administrative, commercial, marketing, legal staff, system administrators);

b) external parties (such as third-party technical service providers, hosting providers, IT companies, communication agencies), also appointed, where applicable, as Data Processors by the Data Controller pursuant to Article 28 GDPR. The updated list of Data Processors, if appointed, may always be requested from the Data Controller;

c) public or private entities that may access the Data in compliance with legal obligations;

d) parties performing ancillary and instrumental tasks with respect to the activities of the Data Controller;

e) Users of the Website who may view certain Data on the public profile of other Users within the Website’s closed group.

DATA VOLUNTARILY PROVIDED BY THE USER

The optional, explicit, and voluntary sending of emails, including through the Contact Form or through the addresses indicated on this Website, entails the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other Personal Data included in the email.

The User’s consent to provide data is necessary in order to be included in the Data Controller’s database and for the establishment and proper performance of the services offered by the Controller to its users, as well as to third parties for the fulfillment of the specific requested activity.

Failure to provide such data therefore prevents registration in the Controller’s databases, the conclusion of any contracts, as well as their execution and any other related activity.

Therefore, the User’s failure to provide certain Personal Data may prevent this Website from delivering its services.

PLACE OF PROCESSING

The Data is processed at the Data Controller’s operational premises. For further information, the User may contact the Data Controller.

DATA RETENTION PERIOD

As expressly provided by Article 5(1)(e) GDPR, Data is stored for the time necessary for its processing in relation to the performance of the service requested by the User, or for the purposes described in this document, and in particular:

• Data collected for contractual obligations will be retained for the time necessary to fulfill the above purposes and as required by law;
• Data collected for tax/administrative obligations or for contractual obligations will be retained for the time necessary to fulfill the above purposes and as required by law;
• Data collected for purposes attributable to the legitimate interest of the Data Controller will be retained until such interest is satisfied; the User may obtain further information regarding the legitimate interest pursued by the Data Controller by contacting the Data Controller;
• Data collected on the basis of the User’s Consent may be retained until such Consent is withdrawn; Data may be retained by the Data Controller for a longer period in compliance with legal obligations or by order of an authority.

At the end of the retention period, Personal Data will be deleted and, therefore, the rights of access, deletion, rectification, and portability of the Data may no longer be exercised.

PURPOSES OF PROCESSING THE COLLECTED DATA

User Data is collected to allow the Website to provide its services, as well as for the following purposes: contacting the User, managing addresses and sending email messages, interaction with external platforms, and analytics.

In particular:

a) to comply with any obligation provided for by applicable laws, regulations, related rules, and commercial practices, in particular in tax/fiscal matters. This processing is mandatory in order to comply with a legal obligation to which the Data Controller is subject;

b) to respond to specific requests addressed to the Data Controller by the User through the Website and its communication tools (Contact Form, information request forms, and similar). This processing is optional and based on the User’s consent; however, failure to provide one or more Data items will make it impossible to provide the service offered by the Data Controller and to use the services offered by the Data Controller;

c) for other ancillary or related purposes connected with those indicated above and in any case falling within the scope of the Website’s activities;

d) to carry out statistical analyses on aggregated and anonymous data in order to analyze User behavior, improve the products and services provided by the Data Controller, and meet the User’s expectations;

e) for profiling activities for marketing purposes. This processing is based on the User’s freely given consent.

The types of Personal Data used for each purpose are indicated in the specific sections of this document.

COOKIES

This Website uses cookies. Cookies are small text files that may be used by websites to make the user experience more efficient and to personalize content and advertisements, provide social media features, and analyze traffic.

In addition, information is provided on how the User uses the Website to the Data Controller’s partners dealing with web data analysis, advertising, and social media, who may combine it with other information that the User has provided to them or that they have collected based on the use of their services.

For more information, please consult the Cookie Policy at the following link:
https://www.covodeisaraceni.com/cookie-policy/

HOW PERSONAL DATA IS PROCESSED – DETAILS

Data is collected through the use of the following services:

ADDRESS MANAGEMENT AND MAILING

These services allow the management of a database of email contacts, telephone contacts, or contacts of any other type, used to communicate with the User.

These services may also allow the collection of Data relating to the date and time messages are viewed by the User, as well as the User’s interaction with them, such as information on clicks on links included in messages.

SECURITY MEASURES ADOPTED

This Website, in order to make the moment when Personal Data is entered secure, has an SSL certificate and uses the HTTPS protocol. By using this protocol, transactions and data transmitted on websites take place with maximum security, and the content of the communication is not read or manipulated in any way by third parties.

ANALYTICS

Analytics services allow the Data Controller exclusively to monitor and analyze traffic data and are used to track User behavior. In particular, the following services are used:

Google Analytics (Google Ireland Limited)

Google Analytics is an analytics service provided by Google Ireland Limited. Google uses the Personal Data collected for the purpose of tracking and examining the use of this Website, compiling reports, and sharing them with other services developed by Google.

Google may use the Personal Data to contextualize and personalize advertisements in its advertising network. Google may also transfer this information to third parties where required by law or where such third parties process the information on Google’s behalf.

On this Website, the IP address anonymization function is active. The IP address transmitted by the browser for purposes related to Google Analytics will not be merged with other data already held by Google.

Google provides a browser add-on for disabling Google Analytics at the following link:
https://tools.google.com/dlpage/gaoptout?hl=it

Personal Data collected: Cookies and Usage Data.
Place of processing: United States – https://policies.google.com/privacy?hl=it

Facebook Pixel Conversion Tracking (Facebook Ireland Ltd.)

Facebook conversion tracking (Facebook Pixel) is a statistics service provided by Facebook. The Facebook Pixel monitors conversions that can be attributed to Facebook ads.

Personal Data collected: Cookies; Usage Data.
Place of processing: Germany – https://www.facebook.com/about/privacy/

REMARKETING AND RETARGETING

These services allow this Website to communicate, optimize, and serve advertisements based on the User’s past use of this Website. This activity is carried out by tracking Usage Data and using Cookies.

This Website uses the following services:

Facebook Remarketing (Facebook Ireland Ltd.)

Facebook Remarketing is a remarketing and behavioral targeting service provided by Facebook, which connects the activity of this Website with the Facebook advertising network.

This Website uses the Facebook Pixel tool in order to measure conversions. Thanks to the Facebook Pixel, it is possible to understand the actions that people perform on the Website.

The Data collected may be used to:

• ensure that advertisements are shown to the right people;
• create audience groups to which advertisements can be targeted;
• take advantage of the additional advertising tools of the platform on which advertising is carried out.

The information collected is anonymous to the operators of this Website and cannot be used to identify an individual user. However, the information is stored and analyzed by Facebook, which may connect the action to a single profile and use this information for Facebook’s internal advertising purposes, as outlined in Facebook’s Privacy Policy.

This will allow Facebook to display advertisements both on Facebook and on third-party websites. The Website Owner has no control over how this data is used.

For more information on how users can protect their privacy, please refer to Facebook’s Privacy Policy:
https://www.facebook.com/about/privacy/

Google Ads

Google Ads is a service provided by Google Ireland Limited that connects this Website with Google’s advertising network.

This Website uses the Google Analytics Remarketing features combined with Google Ads’ cross-device capabilities. This functionality makes it possible to connect target groups for promotional campaigns created by Google Analytics’ Marketing features with Google Ads’ cross-device adaptability.

This allows advertising based on the User’s personal interests, identified through an analysis of the User’s behavior on the web, whether on a mobile device or other devices.

It is possible to permanently disable targeting and remarketing functions by disabling the “personalized advertising” feature in the Google account. To do so, simply follow this link:
https://www.google.com/settings/ads/onweb/

Personal Data collected: Cookies and Usage Data.
Place of processing: USA – United States.

LinkedIn Insight Tag (LinkedIn Ireland Unlimited Company)

This Website uses a script called the “LinkedIn Insight Tag”. The LinkedIn Insight Tag adds a cookie to Users’ browsers whenever they visit this Website.

Thanks to this tool, the Data Controller can record when a LinkedIn member performs a specific action on the Website (such as booking a service or leaving an email address).

This tool is used to collect statistical data that makes it possible to measure the effectiveness of paid advertising. Thanks to the LinkedIn Insight Tag, it is possible to understand the actions that people perform on the Website.

The collected Data is used to:

• ensure that advertisements are shown to the right people;
• create audience groups to which advertisements can be targeted;
• take advantage of the additional advertising tools of the platform on which advertising is carried out.

This Website uses the LinkedIn Insight Tag to carry out “remarketing” and “retargeting” activities; thanks to these activities, cookies left by the User on the Website are used without identifying the User.

Personal Data collected: Cookies and Usage Data.
Place of processing: / (activation in progress)

INTERACTION WITH SOCIAL NETWORKS

These services allow interactions with social networks or other external platforms directly from the pages of this Website.

The interactions and information acquired by this Website are in any case subject to the User’s privacy settings for each social network.

If a social network interaction service is installed, it may collect traffic data relating to the pages on which it is installed, even if Users do not use the service.

Facebook (Facebook Ireland Ltd.)

Facebook buttons are interaction services with the Facebook social network, provided by Facebook Ireland Ltd.

Personal Data collected: Cookies and Usage Data.
Place of processing: Germany – https://www.facebook.com/privacy/explanation

Instagram (Facebook Ireland Ltd.)

Instagram buttons are interaction services with the Instagram social network, provided by Facebook.

Personal Data collected: Cookies and Usage Data.
Place of processing: / – https://help.instagram.com/519522125107875

LinkedIn (LinkedIn Ireland Unlimited Company)

LinkedIn buttons are interaction services with the LinkedIn social network, provided by LinkedIn Corporation.

Personal Data collected: Cookies and Usage Data.
Place of processing: / – https://it.linkedin.com/legal/privacy-policy?_l=it_IT

CONTENT ON EXTERNAL PLATFORMS

These services allow content hosted on external platforms to be displayed directly from the pages of this Website and to interact with it.

If such a service is installed, it may collect traffic Data relating to the pages on which it is installed, even if Users do not use the service.

YouTube Video Widget

YouTube is a video content visualization service operated by Google Inc., which allows this Website to integrate such content within its pages.

Personal Data collected: Cookies.
Place of processing: USA – https://policies.google.com/privacy?hl=it-IT

FURTHER INFORMATION ON DATA PROCESSING

NATURE OF THE DATA PROCESSED AND CONSEQUENCES OF ANY REFUSAL

The provision of navigation data by Users, for the purposes indicated above, depends on the level of privacy that the User has enabled or disabled through their browser. In some cases, disabling such settings may impair navigation on this Website.

For certain forms on this Website, the provision of navigation data and/or the use of technical cookies is mandatory for the proper functioning of the Website.

In any case, the provision of certain data is necessary for the very structure of the Website and its procedures. Any request for other optional Data will instead be preceded by a specific approval checkbox.

The provision of all other Data is optional, in accordance with the type of information the User wishes to provide to the Website.

EXERCISE OF THE DATA SUBJECT’S RIGHTS

The Data Subject has the right to exercise the rights provided for in Articles 7 and 15–22 of European Regulation 679/2016.

In particular, the Data Subject has the right to withdraw consent at any time and, upon simple request to the Data Controller, may request access to Personal Data, receive the Personal Data provided to the Data Controller and, where possible, transmit it to another Data Controller without hindrance (so-called portability), obtain the updating, restriction of processing, rectification of Data, and deletion of Data processed in breach of applicable law.

The Data Subject also has the right, for legitimate reasons, to object to the processing of Personal Data concerning them and to processing for the purposes of sending advertising materials, direct sales, and market research.

The Data Subject also has the right to lodge a complaint with the Data Protection Authority as the supervisory authority for the protection of Personal Data.

The Data Subject may exercise their rights by contacting the Data Controller by email at:
info@covodeisaraceni.com

CHANGES TO THIS PRIVACY POLICY

The Data Controller reserves the right to make changes to this Privacy Policy at any time by informing Users on this page.

Users are therefore requested to consult this page frequently, taking as reference the date of the last modification indicated at the bottom.

If the User does not accept the changes made to this Privacy Policy, the User must cease using this Website and may request that the Data Controller remove their Personal Data.

Unless otherwise specified, the previous Privacy Policy shall continue to apply to Personal Data collected up to that time.

The Data Controller is not responsible for updating all links displayed in this Privacy Policy; therefore, whenever a link is not functioning and/or updated, Users acknowledge and accept that they must always refer to the document and/or section of the websites referred to by such link.