Hotel Toledo Jesolo / Privacy Policy

Privacy Policy

Privacy Policy for the Processing of Personal Data.
(Articles 13 and 14 EUROPEAN REGULATION No. 679/2016)

Dear User,
The undersigned, based in Piazza Brescia 10/a 30016 Jesolo (VE), Tax Code and VAT Number 02006400275, as “Data Controller”, informs you, pursuant to Articles 13 and 14 of the European Regulation No. 679/2016 (hereinafter “EU Regulation”), that your data will be processed as indicated below:

  1. Subject of the Processing
    The Data Controller informs you that personal data, identifying (such as name, surname, company name, address, phone, email, bank and/or payment details, etc.), hereinafter referred to as “personal data” or simply “data”, relating to you, acquired verbally directly or through third parties in the past, as well as those to be collected in the future, may be processed in full compliance with the EU Regulation. The Data Controller processes the data lawfully specifically for the execution of a contract to which you are a party or for the implementation of pre-contractual measures (e.g., preparation of an offer, etc.) requested by you (Art. 6 of the EU Regulation).

Data processing refers to any operation or set of operations related to the collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, dissemination, destruction of the data.

  1. Legal Basis and Purpose of the Processing
    Legal Basis: EU Regulation No. 679/2016
    A) Without your express consent (Art. 6 letter b), c), e) of the EU Regulation), for the following purposes:
    – To fulfill pre-contractual, contractual, and fiscal obligations arising from ongoing relationships with you;
    – To fulfill obligations required by law, regulation, community law, or order of the Authority (such as anti-money laundering regulations);
    – To exercise the rights of the Data Controller, e.g., the right of defense in court;
    – For general accounting management;
    – For management purposes (invoicing, document management, etc.);
    – For credit management;
    – For statistical analysis and quality control;
    – For insurance management;
    – For technical assistance.
    In particular, your data will be processed for purposes related to the implementation of the following obligations, relating to legislative or contractual obligations:
    – Technical and functional access to the website; no data is retained after closing the browser;
    – Advanced browsing features or personalized content management;
    – Statistical purposes and analysis of navigation and users.

B) Only with your specific and distinct consent (Art. 7 of the EU Regulation), for the following commercial and/or marketing and/or profiling purposes:
– Sending newsletters, commercial communications, and/or advertising material about products or services offered by the Data Controller and/or satisfaction surveys on the quality of services provided at your request;
– Sending newsletters, commercial communications, and/or promotional material from third parties (e.g., business partners).

  1. Processing Methods
    Your personal data is processed through the operations indicated in Art. 4 No. 2) of the EU Regulation, specifically: collection, registration, organization, structuring, storage, adaptation, modification, extraction, consultation, use, communication through transmission, dissemination or any other form of provision, comparison, interconnection, limitation, cancellation or destruction, blocking. Your personal data is processed both manually and electronically and/or automatically (adequate to ensure the security and confidentiality of the data).
  2. Data Retention Period and Other Information
    The Data Controller will process the personal data for as long as necessary to fulfill the purposes above and in any case, for no longer than the legal retention terms after the cessation of the relationship for the purposes of the current relationship.
    Regarding personal data processed for Marketing or Profiling purposes, the data will be kept in compliance with the principle of proportionality and, in any case, until the purposes of the processing have been pursued or until the specific consent is revoked by the data subject.
    Specifically, the Data Controller will process data for no more than 2 years from the collection for Marketing purposes and one year for Profiling purposes.
    The personal data provided will be processed “lawfully, fairly, and transparently,” safeguarding your privacy and rights.
    A periodic verification will be conducted annually on the processed data and whether they can be deleted if no longer necessary for the purposes set out.
  3. Access to the Data
    Your data may be made available for the purposes outlined in points 2.A) and 2.B):
    – To partners, employees, and collaborators of the Data Controller in Italy and abroad, in their capacity as internal managers and/or responsible persons for the processing and/or system administrators;
    – To third-party companies or other entities performing activities on behalf of the Data Controller, in their capacity as external processors (e.g., law firms, data processing companies, certifying bodies, accounting/tax consultants, and in general to all bodies responsible for checks and verifications of the correct fulfillment of the above purposes, banks, professional studios, consultants, insurance companies, financial offices, municipal authorities, consultants and service companies, and for workplace security).
  4. Communication of Data
    Without the need for explicit consent (Art. 6 letters b) and c) of the EU Regulation), the Data Controller may communicate your data for the purposes of point 2.A) to supervisory bodies, judicial authorities, insurance companies for insurance services, and to those parties to whom communication is mandatory by law for the performance of the above purposes.
    These parties will process the data as autonomous data controllers.
    During and after navigation, your data may be communicated to third parties, particularly to:
    – Google: Advertising service, Advertising targeting, Analytics/Measurement, Content personalization, Optimization;
    – Google AdWords: Advertising service, Advertising targeting, Analytics/Measurement, Content personalization, Optimization;
    – Google Analytics: Advertising targeting, Analytics/Measurement, Optimization.

Your data will not be disseminated.

  1. Data Transfer
    Personal data is stored on devices located at the Data Controller’s premises or with providers within the European Union. However, the Data Controller may transfer data to non-EU countries if necessary. In such cases, the Data Controller ensures that the transfer will be in compliance with applicable legal provisions, including the signing of contractual clauses and the standard checks required by the European Commission.
    Both for the data on the Controller’s devices and for any data with providers, the Data Controller has implemented technical and organizational measures to ensure an adequate level of security, fully complying with the provisions of Article 32 of the EU Regulation.
    Browsing data may also be transferred, within the limits of the above purposes, to the following countries: EU Countries, United States.
    Cookie management: If you have doubts or concerns about the use of cookies, you can intervene to prevent their setting and reading by modifying your browser’s privacy settings to block specific types.
  2. Nature of Data Provision and Consequences of Refusal to Respond
    Providing data for the purposes outlined in point 2.A) is mandatory. Without it, we cannot guarantee the services mentioned in 2.A).
    Providing data for the purposes outlined in point 2.B) is optional. You may decide not to provide any data or later deny consent for the processing of already provided data. In this case, you will not receive newsletters, commercial communications, or advertising material related to the services offered by the Data Controller.
    You will still be entitled to the services mentioned in point 2.A).
  3. Rights of the Data Subject
    As a data subject, you have the rights under Article 15 of the EU Regulation, as outlined below:
  4. You have the right to obtain from the Data Controller confirmation of whether or not your personal data is being processed, and if so, to access your personal data and the following information:
    a) the purposes of the processing;
    b) the categories of personal data concerned;
    c) the recipients or categories of recipients to whom personal data have been or will be disclosed, particularly recipients in third countries or international organizations;
    d) where possible, the retention period for personal data or the criteria used to determine such period;
    e) the existence of the right to request rectification, erasure, or restriction of processing of personal data concerning you, or to object to their processing;
    f) the right to lodge a complaint with a supervisory authority;
    g) where the data has not been collected from the data subject, all available information as to its source;
    h) the existence of automated decision-making, including profiling, and, at least in these cases, meaningful information about the logic involved, as well as the significance and consequences of such processing for the data subject.
  5. If your personal data is transferred to a third country or international organization, you have the right to be informed of the existence of appropriate safeguards under Article 46 of the EU Regulation concerning the transfer.
  6. The Data Controller will provide you with a copy of your personal data being processed upon request.
    If you request further copies, the Data Controller may charge a reasonable fee based on administrative costs. If you make the request electronically, unless you specify otherwise, the information will be provided in a commonly used electronic format.
  7. The right to obtain a copy as per paragraph 3 shall not adversely affect the rights and freedoms of others.
    Additionally, you may enjoy the rights under Articles 16 to 22 of the EU Regulation, including the right to rectification, the right to erasure, the right to restriction of processing, the right to data portability, the right to object, and the right to file a complaint with the Supervisory Authority.
  8. Exercising Your Rights
    You may exercise your rights at any time by sending:
    – a registered letter to the undersigned (see address on letterhead);
    – an email to info@hoteltoledo.it
  9. Minors
    What is offered by the Data Controller does not intentionally involve the collection of personal information from minors. In case information about minors is inadvertently registered, the Data Controller will promptly delete it upon request from the data subject.
  10. Personal Data Not Collected from the Data Subject
    It may happen that the undersigned is not the Data Controller to whom you provided your personal data but is a co-controller or an external processor, and your data may have been transferred to the undersigned due to a contract between the parties. In this case, the undersigned will make every effort to ensure that you were informed and gave consent to the processing. You may request the origin of your data at any time from the undersigned.
  11. Data Controller and Processors
    Below are some details for your information, not only to comply with legal obligations but also to ensure transparency and fairness towards our clients, which is a fundamental part of our activity.
    Data Controller: The Data Controller for your personal data is Serenella di Tonetto Maurizio & C. S.a.s. on behalf of the legal representative, responsible for the legitimate and correct use of your personal data, and you can contact them for any information or requests at the following contacts: phone +39 0421 370279, email: info@hoteltoledo.it.
    Processors: The updated list of processors is kept at the Data Controller’s premises and is available to you.
  12. Cookies
    Cookies are text files automatically stored on the user’s computer during navigation. Their purpose is to enhance the browsing experience by storing user preferences.
    This site uses first-party and third-party cookies described below, which depend on the functionalities of the site in the design phase:

Technical Cookies
Technical cookies are essential for the correct functioning of some areas of the site. Therefore, technical cookies are always used on the site regardless of the user’s preferences. Specifically, the site uses: PHPSESSID (session duration); it contains session information and allows users to access the site.

Reserved Area Cookie
If there is a reserved area, a cookie is generated to remember the user’s username and password.
This way, this information does not need to be re-entered on subsequent visits.

Mobile Browsing Cookie
To enhance the browsing experience on the latest generation devices, this website has a cookie that detects and stores the accessing device. Based on the information collected, the most appropriate site version will be presented.

E-commerce Order Recovery Cookies
If there is an e-commerce area, the system stores the user’s interaction with the purchase area, generating a cookie to recover placed orders.

Third-party Cookies – Google Analytics
This site uses third-party cookies from Google Inc. to collect user browsing data. The data collected is used solely to generate statistical reports within Google Analytics.

Additional active third-party cookies may include:
AddThis, Bing, CloudFlare, Facebook, Feedaty, HotJar, LinkedIn, ShareThis, TrustedShop, Twitter, Yotpo, Zendesk.

For a full list of active cookies on this site, you can use the service at http://www.cookie-checker.com/ or similar services.

All data collected via cookies on this site will never be provided to third parties other than Google Inc. of its certified partners.