European Regulation EU/2016/679 (hereinafter referred to as the “Regulation”) lays down rules on the protection of individuals with regard to the processing of personal data, as well as rules on the free movement of such data.
In compliance with the principle of transparency provided for by art. 5 of the Regulation, ALBERGO TREVI, VICOLO DEL BABUCCIO, 20/21, 00187 ROMA, in its capacity as Data Controller, provides you with the information required by articles 13 and 14 of the Regulation.
The processing of your personal data will be based on principles of propriety, lawfulness and transparency, and in a manner protecting your privacy and rights, in accordance with the company’s privacy policy. The company also commits to process your data in accordance with the principle of “minimisation”, i.e. acquiring and processing the data only to the extent necessary for the following purposes:
Legal basis | Purpose | Consent |
Processing is necessary for the performance of a contract to which the data subject is a party or for the performance of pre-contractual measures taken at the request of the data subject | Fulfilment of the obligation laid down in Article 109 of Royal Decree No. 773 of 18 June 1931, which requires the registration and communication to the police headquarters of the names of accommodated guests
Fulfilment of current administrative, accounting and tax obligations To manage your reservation (check-in, check-out) and your stay (hotel services provided) To perform the function of receiving messages and phone calls intended for you |
For these purposes the processing may be carried out without your consent |
The processing is carried out on the basis of the consent of the data subject | To perform the function of receiving messages and phone calls intended for you
To send our promotional messages and updates on rates and offers |
For these purposes, the processing can be carried out only with your consent |
We inform you that for the above purposes data classified by art. 9.1 of the Regulation as “special categories of data” will also be collected and processed, such as:
The provision of your personal data is required for the following purpose:
Your refusal to consent to the processing of such data may result in the impossibility of providing the services requested.
The provision of your personal data is optional for the following purposes:
Your refusal will not have any effect on the provision of the services requested.
The processing of your personal data will be carried out using paper documentation and computers in compliance with the provisions on the protection of personal data and, in particular, the appropriate technical and organisational measures referred to in art. 32.1 of the Regulation, and with the observance of all precautionary measures that ensure integrity, confidentiality and availability.
DATA COLLECTED FROM THE DATA SUBJECT | DATA COLLECTED FROM THIRD PARTIES | |
TYPE OF DATA | SOURCES | |
Customers |
Strictly for the purposes indicated above, your personal data may be disclosed to the following parties or categories of parties:
We also inform you that:
In relation to these categories of recipients, the Data Controller undertakes to rely exclusively on persons who provide adequate guarantees regarding data protection, and will appoint them as Data Processors pursuant to art. 28 of the Regulation. The list of the Data Processors is available in the company and can be viewed upon request to the Data Controller.
Your data will also be processed, exclusively for the purposes mentioned above, by company employees and/or other employees specially authorised and instructed by the Owner pursuant to art. 29 of the Regulation.
Your personal data will not be disclosed, unless required by a law or regulation or by Community legislation.
Your personal data will not be transferred to non-European countries or international organisations.
CATEGORIES OF DATA | SHELF LIFE | REFERENCES OF STANDARDS |
Personal data (name, surname, gender, place and date of birth, residence, domicile) and contact details | The data are kept for the entire duration of the relationship of providing services to the customer. Once the relationship is no longer in place, they are still kept for another 10 years for the purpose of managing any legal disputes.
The data are kept for advertising purposes are kept for 24 months. |
Art. 2946 Italian Civil Code (ordinary prescription)
Measure of the Privacy Authority 24 February 2005 – Data storage for marketing purposes |
Payment details | The data are kept for the entire duration of the relationship of providing services to the customer. Once the relationship is no longer in place, they are still kept for another 10 years for the purpose of managing any legal disputes. | Art. 2946 Italian Civil Code (ordinary prescription) |
Data communicated to the Police Headquarters | The public security (PS) file communicated to the police is kept for 5 years. | Royal Decree No. 773 of 18 June 1931 (TULPS) |
No automated decision-making processes are used for the processing.
At any time, you may exercise your rights under Articles 15-22 of the Regulation with respect to the Data Controller.
In particular, at any time, you have the right to request:
You will also have:
ALBERGO TREVI , VICOLO DEL BABUCCIO, 20/21, 00187 ROME, tel.:(+39) 06 79844142, email:info@almanthiahotel.com
Contact details of the Data Protection Officer (DPO):