Hotel Casa Tra Noi Roma
This section describes how to manage the website in relation to the processing of the personal data of the users browsing it. This information is provided pursuant to Article 13 of the European Regulation No. 679/16 -GDPR- on the protection of the personal data of the users who interact with the web services of the company Pace S.r.l., with the brand Hotel Casa Tra Noi Rome, providing hotel services in Rome. The information is provided only for the website www.hotelcasatranoiroma.com and not for other websites that may be consulted by users through links.
1. THE DATA CONTROLLER
The Data Controller is the Company Pace S.r.l., based in Rome, Via Monte del Gallo, 113, Telephone: +39 0639387355 Fax: +39 06.39387446, E-mail: firstname.lastname@example.org
2. THE DATA PROCESSOR
Pursuant to Article 28 of the European Regulation No. 679/16 -GDPR- the Data Processor is the owner of the booking platform HOTELEASYRESERVATIONS and it is the company EasyConsulting S.r.l., based in Via Nicolò III, 4, 00165 Rome (http://www.easyconsulting.com), which deals with customers' personal data only for IT management activities (website hosting and IT security measures), phone-booking and online booking.
3. PLACE OF DATA PROCESSING
The data processing relating to the web services of this website takes place at the offices of the Data Controller.
No data resulting from the web service is communicated to third parties unless strictly relevant to the purpose or required by laws or regulations.
The Company EasyConsulting S.r.l. providing the website management service for Hotel Casa Tra Noi Roma makes the data acquired from the website available to the Data Controller.
4. PURPOSE AND LEGAL BASIS OF DATA PROCESSING
The personal data provided voluntarily and optionally by the users, who forward requests to receive information on the Hotel services (prices, availability of rooms and conference rooms, event organization, etc.), register to the newsletter or make online reservations as individuals, families or groups, is used only to provide the service requested and is not disclosed to third parties, unless its communication is required by law or is strictly relevant and necessary for meeting the requests.
In particular, the personal data voluntarily provided by the data subjects shall be collected electronically and processed - also with electronic means directly and / or through third parties (e-mail service companies, website hosting companies). In summary, the purposes for collecting and processing data are the following:
- to enable customers to make and confirm their reservations by providing their credit card details as a guarantee;
- to provide the specific services requested upon reservation;
- to use the credit card given as a guarantee for any charge as a penalty in the event of cancellation after the deadline to exercise the right of withdrawal defined in the booking confirmation, or in case of failure to arrive on the agreed date (no show procedure);
- for statistical purposes on an anonymous basis (to evaluate the number of accesses, etc.);
- to comply with the current administrative, accounting and tax obligations, as well as to abide by laws and regulations.
With regard to the legal basis for the collection of personal data, we highlight the following:
1) data provided for making reservations, through the website, the Contact Center, via e-mail for individual and group requests: the data shall be used exclusively for this purpose and the storage of said data shall last until the end of communication, unless the users proceed to book and confirm their stay.
- Management of the reservation requests made by users.
- Sending confirmation or documentation of the reservation made.
- Analysis of the website use and verification of user preferences and behavior, in an aggregated way.
For the bookings made both through the website and the contact center, as well as via email for individual and group requests, the legal basis of the data processing is the performance of the contract between the parties. Analyzing the website use is the legitimate interest of Hotel Casa tra Noi.
2) Data provided for sending the Newsletter, when the related consent has been given:
- management of the subscription to the Newsletter, made through the channel provided on the website of HOTEL CASA TRA NOI.
- Sending of commercial communications of HOTEL CASA TRA NOI.
For sending the Newsletter or commercial information in the traditional way or with IT methods such as SMS, MMS and e-mail, the legal basis is the consent provided by the user. The consent given for the aforementioned purposes is not binding and the user can revoke it at any time.
5. TYPE OF DATA PROCESSED
A. Browsing data
During their ordinary operation, the software applications for the functioning of this website acquire some personal data whose implicit transmission falls within the normal IP protocol of Internet communication. This data is not collected to be directly associated with the identified data subjects but, due to its very nature, it could allow to identify users, through further processing and correlation with data held by third parties (providers).
This class of data includes IP addresses or domain names of the computers used by the customers who access the website, as well as the date and time of request; the URI (Uniform Resource Identifier) addresses of the requested resources; the size of the file obtained in response from the server; the numerical code indicating the status of the response given by the server (ok, error, etc.) and other parameters relating to the operating system and the user IT environment.
This data is used for the sole purpose of obtaining anonymous statistical information on the website use and checking its correct functioning and it is deleted immediately after processing. This data could be used by judicial authorities to ascertain responsibility in case of any IT crime against the website. Subject to the above, data does not remain on the web contacts for over seven days.
B. Data provided voluntarily by users
The optional, explicit and voluntary sending of e-mails to the addresses indicated on this website entails the subsequent acquisition of the sender's address, necessary to respond to requests, as well as of any other personal data included in the e-mails.
With a view to allowing to make and confirm a reservation, the credit card details may be requested to guarantee said reservation. This data may be used for any charge as a penalty in case of cancellation after the deadline to exercise the right of withdrawal defined in the booking confirmation, or in case of non-arrival on the agreed date (no show procedure).
The data relating to credit cards or other online means of payment given to confirm the reservation shall be kept until the end of the stay or until its payment and shall be processed and protected with appropriate technical and organizational measures suitable for facing the related risks.
At the end of the check-out and settlement procedures, this data is deleted.
In addition to this data, the following personal data shall be collected:
- identification data: name, surname, nationality;
- contact information: e-mail address, telephone number;
- stay preferences;
- economic, financial and insurance data;
- other data: data provided by the data subjects in the “notes" fields or during phone calls.
- browsing data.
As for the request to send the newsletter:
- identification data: name and surname;
- contact information: country of residence, e-mail address;
- personal characteristics data: language.
The data collected and processed in the free compilation fields may also include sensitive data falling in the so-called "special categories of personal data" pursuant to Article 9 of European Regulation No. 679/16 -GDPR, i.e. personal data that may reveal racial and ethnic origin, religious, philosophical or other type of beliefs, political opinions, as well as personal data that may reveal health conditions and sexual orientation. This data supplied by customers is instrumental to the personalization of the services we provide (food allergies, food choices, disabilities, information on health conditions, etc.).
Pursuant to the Italian and EU legislation on the protection and processing of personal data, any data falling within the special categories of personal data shall be processed in a strictly confidential way and shall not be disseminated. This special data shall be deleted from the Hotel systems at the end of the stay.
6. COMMUNICATION AND DISSEMINATION OF DATA
The personal data acquired from the website may be processed only by Hotel staff officially appointed and trained on matters of confidentiality and security of personal data or by specifically designated Processors.
Where necessary, the personal data of the parties concerned can be communicated to:
- EasyConsulting S.r.l. as external Data Processor and to other companies managing software platforms for booking and hospitality solutions;
- public bodies, authorities, agencies or public offices in compliance with legal and / or contractual obligations;
- debt collection companies and banking institutions for managing receipts and payments relating to the hotel stay;
- any consultants and external companies specifically appointed to perform tax consultancy on behalf of the Hotel;
- aides, collaborators or companies providing services when the communication is necessary for the customer's use of the hotel services.
7. INTERACTIONS WITH THE HOTEL THROUGH SOCIAL NETWORKS AND EXTERNAL PLATFORMS
This type of services permit interactions with social networks or with other external platforms, directly from the pages of this website.
The interactions and information acquired from this website are in any case subject to the User's privacy settings relating to every social network.
If a service of interaction with social networks is installed, it is possible that - even if the Users do not use it - said service collects traffic data relating to the webpages on which it is installed.
Like button and Facebook social widgets (Facebook, Inc.)
The 'Like' button and Facebook social widgets are services for interacting with the social network Facebook, provided by Facebook, Inc.
Personal Data collected: Cookies and Usage Data.
+1 button and Google+ social widgets (Google Inc.)
The +1 button and Google+ social widgets are services for interacting with the Google+ social network, provided by Google Inc.
Personal Data collected: Cookies and Usage Data.
Tweet button and Twitter social widgets (Twitter)
The Tweet button and Twitter social widgets are services for interacting with the Twitter social network, provided by Twitter Inc.
Personal Data collected: Cookies and Usage Data.
8. INTERACTION WITH THE HOTEL – MANAGEMENT OF EMAIL ADDRESSES AND MESSAGES.
Mailing List or Newsletter
This type of services allows to manage a database of email, telephone or any other type of contacts, used to communicate with the User.
These services may also allow to collect data relating to the date and time when the messages are viewed by the User, as well as to the User's interaction with them, such as information about the clicks on the links included in the messages.