PRIVACY POLICY

Please read this Privacy Policy carefully, which contains important information on the personal data of customers staying at the B & amp; B CasAlice and describes how to use such data.

CasAlice recognizes the importance of protecting the personal data of its Customers and, for this reason, adopts specific security policies and measures to comply with current regulations on the protection of personal data and protect your personal data.

We remind you that this Privacy Policy is governed by Italian law and in particular by the Code regarding the protection of personal data (Legislative Decree 30 June 2003 n. 196, the "Code"), as well as by the European Regulation 2016/679 (the "Regulations") in force since 25 May 2018. The Code and the Regulations guarantee that the processing of personal data is carried out in compliance with fundamental rights and freedoms, with particular reference to confidentiality, personal identity and the right to protection of personal data.

  1. HOLDER OF PERSONAL DATA AND RESPONSIBLE FOR TREATMENT

Dr. Giancarlo CANALE, resident in Naples, in vico Santa Maria a Cappella Vecchia 8A, as owner of "CasAlice", is the owner of the processing of personal data ("Owner") of Customers who stay at "CasAlice".

For any questions about this Privacy Policy and to submit requests relating to the exercise of rights related to the processing of personal data, you can contact the Data Controller by writing to the following email address: info@casalicenapoli.it

  1. PERSONAL DATA COLLECTED
  2. When booking a stay at the B & amp; B CasAlice, the following personal data is collected: name, surname, email, mobile phone, credit card details.
  3. At the beginning of the stay at the B & amp; B CasAlice, the following personal data is collected: name, surname, identification document.
  4. PURPOSE OF THE PROCESSING, LEGAL BASIS AND DATA RETENTION PERIOD
  5. a) The data collected when booking a stay at "CasAlice" is used exclusively for the purpose of managing the Customer's booking and stay at the facility (eg for contacts or payments).

The personal data processed for the management of reservations and stays are kept for the period strictly necessary for the aforementioned management.

Once the aforementioned retention period has elapsed, the data will be deleted.

  1. b) The data collected at the start of the stay at "CasAlice" are used exclusively for the fulfillment by the Owner of legal obligations (such as the communication to the Police Headquarters of the identification data of the subjects staying at the structure).

The personal data processed for the fulfillment of legal obligations are kept for the period strictly necessary for the aforementioned fulfillment.

Once the aforementioned retention period has elapsed, the data will be deleted.

Without prejudice to the foregoing, the Customer's personal data will be kept only for any legal and regulatory obligations (such as, for example, accounting and tax obligations).

  1. COMMUNICATION OF PERSONAL DATA

The Customer's personal data will be processed by authorized personnel of the Data Controller.

Personal data may also be processed by third parties such as, for example, credit institutions for payment transactions.

The aforementioned subjects will only process the personal data necessary for the performance of the related services and will not be authorized to process them for different purposes.

The Customer's personal data may also be disclosed to other subjects, such as, for example, law enforcement agencies, administrative or judicial authorities and public administrations for the fulfillment of legal obligations, regulations or community provisions.

Apart from the aforementioned hypotheses, the personal data of Customers will not be disclosed to third parties.

  1. PROTECTION OF THE PRIVACY OF MINORS

The processing of the minor's personal data is lawful if the minor is at least 16 years old. If the minor is under the age of 16, such processing is lawful only if and to the extent that such consent is given or authorized by the holder of parental responsibility.

The Data Controller will make every reasonable effort and in consideration of the available technologies, to verify that the consent is provided or authorized by the holder of parental responsibility for the minor.

If the Data Controller or the Manager becomes aware that data of a minor have been collected, they will immediately delete them.

  1. METHOD OF TREATMENT

Personal data are processed both in analogue mode and with IT and telematic tools, adopting the necessary security measures in order to minimize the risk of destruction or loss, even accidental, of the data, of unauthorized access or processing that is not permitted or does not comply with the collection purposes indicated in this information.

In the event that the Data Controller deems that the security of the Customer's personal data in its possession or under its control has been or may have been compromised, the same will inform the Customer of the incident in the manner provided for by the law in force .

  1. TRANSFERS TO THIRD COUNTRIES OR INTERNATIONAL ORGANIZATIONS

If the Data Controller has to transfer personal data to third countries or international organizations, in order to pursue the purposes set out in this Notice, the same will take measures to ensure that such communications take place in compliance with European data protection standards (for example , the use of standard contractual clauses or Privacy Shield).

  1. CUSTOMER RIGHTS

To exercise the rights indicated below, the Customer can send a request by contacting the Owner by sending an email to the address or a letter by ordinary mail to the address of the Owner.

The Customer always has the right to obtain from the Data Controller confirmation of the existence or not of personal data concerning him, even if not yet registered, and their communication in an intelligible form. He also has the right to obtain information about the origin of personal data; the purpose and method of processing; the logic applied in case of treatment carried out with the aid of electronic instruments; the identification details of the data controller and data processors; the indication of the subjects or categories of subjects to whom the personal data may be communicated or who can learn about them as, for example, as data processors or as a subject authorized to process the data. The Customer also has the right to request updating, rectification or, when interested, integration of personal data, cancellation, transformation into anonymous form or blocking of personal data, processed in violation of the law. , including those that do not need to be kept for the purposes for which the data were collected or subsequently processed; the attestation that the above operations have been brought to the attention, also as regards their content, of those to whom the data have been communicated, except in the case in which this fulfillment proves impossible or involves the use of means manifestly disproportionate to the protected right. The Customer also has the right to data portability.

The Customer has, however, the right to object in whole or in part, for legitimate reasons, to the processing of personal data concerning him, even if pertinent to the purpose of the collection, to the processing of personal data concerning him for the purpose of sending advertising or direct marketing material or for carrying out market research or commercial communication and also has the right to request the limitation of the processing of data concerning you. The right to object may also be exercised specifically, with regard to one or more methods of sending marketing communications. The user also has the right to lodge a complaint with the competent supervisory authority as well as the right to revoke the consent previously given.

  1. UPDATES TO THIS INFORMATION NOTICE - COMMUNICATIONS