Privacy Notice

 

INFORMATION
ARTS. 13 AND 14 OF REGULATION (EU) 2016/679

Data Subjects: Potential clients.

“HOTEL SPORTING S.R.L.”, as the Data Controller of your personal data, pursuant to and in accordance with Regulation (EU) 2016/679 hereinafter referred to as 'GDPR', hereby informs you that the aforementioned legislation provides for the protection of individuals with regard to the processing of personal data and that such processing will be based on the principles of fairness, lawfulness, transparency, and the protection of your privacy and your rights.
In order to achieve its purposes related to the management of the relationship, the Controller needs to acquire personal data such as, by way of example, your first and last name, phone or mobile number, email address, and tax code.
Your personal data will be processed in accordance with the legislative provisions of the above-mentioned regulations and the confidentiality obligations contained therein.

Purpose of processing
Request for quote: your data will be processed to manage requests received through the online booking form available on the website www.hotelsportingrimini.com of “HOTEL SPORTING S.R.L.”.

The legal basis for the processing is of a pre-contractual and contractual nature, in terms of data processing required for preliminary operations related to the stay; as well as compliance with legal obligations by the Controller for tax and accounting purposes.

Consequences of failure to provide data: Data processing is necessary for the use of the online booking service in order to fulfill the above purposes and ensure the proper management of the relationship. Failure to provide, or the incorrect provision of, any mandatory information may result in the Controller being unable to ensure the appropriateness of the processing itself.

Optional purposes:
a) With your free consent, the Controller may also process your data to conduct market surveys, statistics, and promotional activities, including the sending of advertising and promotional material – by email, post, and/or SMS and/or phone calls or possibly via WhatsApp (with prior consent) – unrelated to the services necessary for executing the relationship.
The legal basis for this processing is the data subject’s consent.

b) With your consent for the use of WhatsApp, given by clicking the checkbox near the indication of your mobile number, in order to make communications faster and more effective, we intend to use this communication channel. You may disable the use of WhatsApp at any time through WhatsApp functionalities (e.g., blocking the number), or through the procedures later described for exercising your rights via email.
The legal basis for the above processing is the data subject’s consent.

Consequences of refusing optional purposes: Providing your data for the above optional purposes is voluntary. Any “refusal to process” for either the optional marketing purpose (a), or the use of WhatsApp (b), does not affect the continuation of the relationship or the appropriateness of the processing itself. Regarding “optional purpose b)”, refusal would mean you will not receive the quote via the WhatsApp messaging service, but only via email.
In any case, you may exercise your right to withdraw consent at any time, either via the emails received (bottom of the message) or by requesting it through the Controller’s contact channels.

Processing methods: Processing is carried out using manual and/or IT and telematic tools in order to ensure the security, integrity, and confidentiality of the data, in compliance with organizational, physical, and logical measures provided by current regulations, aimed at minimizing the risk of data destruction or loss, unauthorized access, modification, and unauthorized disclosure, pursuant to Articles 6 and 32 of the GDPR.

Recipients:
To carry out certain activities or to provide support for business operations and organization, some data may be disclosed or communicated to recipients. These entities include:

Third parties (disclosure to: natural or legal persons, public authorities, services or other bodies that are not the data subject, the Controller, the processor, or persons authorized to process data), such as:
• Companies providing traditional or digital postal services;
• Any other parties whose data communication is necessary to fulfill the above purposes.

Processors (a natural or legal person, public authority, agency, or other body which processes personal data on behalf of the Controller):
• Providers of IT, web, or other services necessary to achieve the management purposes of the relationship.

Within the company, your data will be processed solely by personnel expressly authorized by the Controller, under confidentiality agreements.

Disclosure: Your personal data will not be disclosed in any way.

Transfer of data to third countries: The Controller does not transfer personal data outside the EU. Should such transfer become necessary, the data subjects will be informed in advance, and guarantees will be implemented to safeguard the transfer, which may include: verifying the existence of adequacy decisions for the destination country by the Commission, signing standard contractual clauses, or verifying the implementation of additional measures as per EDPB Recommendation 01/2020.
In derogation of such guarantees, for data processing (ref. Art. 49 of the GDPR), where applicable, the existence of a contract or pre-contractual measures in favor of the data subject or the consent to the transfer will be verified.

Data retention period: In accordance with the principles of lawfulness, purpose limitation, and data minimization, as per Art. 5 of the GDPR, the retention period of your personal data is set for a time not exceeding the achievement of the purposes for which they are collected and processed. In case a contract is signed, this period may end upon termination or withdrawal of the contract. The same data may be retained, where applicable, for a further period for the management of potential disputes.
The data retention period for marketing-related processing is functional to the purposes pursued by the Controller and, in any case, does not exceed 3 years from the last contact or response received.

Data Controller: The Data Controller, under the law, is “HOTEL SPORTING S.R.L.” with its registered and operational office in Viale Amerigo Vespucci, 20 – 47921 Rimini (RN), VAT no. 03472560402, Tel: 0541 55391, in the person of its legal representative pro tempore. You may request further information about the data provided by sending an email to: info@hotelsportingrimini.com or by fax to: 0541 55455.

The Data Protection Officer (“DPO”) is Studio Paci & C. Srl (Representative: Dr. Gloriamaria Paci), contactable at the following:
Email: dpo@studiopaciecsrl.it, Phone: 0541 1795431, Certified Email (PEC): studiopaciecsrl@pec.it

EU Regulation 2016/679: Articles 15, 16, 17, 18, 19, 20, 21, 22, 23 – Rights of the Data Subject

1. The data subject has the right to obtain confirmation as to whether or not personal data concerning them exist, even if not yet recorded, and their communication in an intelligible form.

2. The data subject has the right to obtain information on:
   a. the origin of the personal data;
   b. the purposes and methods of processing;
   c. the logic applied in case of processing carried out with the aid of electronic tools;
   d. the identification details of the Controller, processors, and the designated representative as per Article 5(2);
   e. the entities or categories of entities to whom the personal data may be communicated or who may become aware of them as designated representatives in the State, processors, or persons in charge.

3. The data subject has the right to obtain:
   a. the updating, rectification, or, where interested, integration of data;
   b. the erasure, anonymization, or blocking of data processed unlawfully, including data whose retention is unnecessary for the purposes for which they were collected or subsequently processed;
   c. confirmation that the operations referred to in letters a) and b) have been notified, also regarding their content, to those to whom the data were communicated or disclosed, except where this proves impossible or involves a manifestly disproportionate effort;
   d. data portability.

4. The data subject has the right to object, in whole or in part:
   a. on legitimate grounds, to the processing of personal data concerning them, even if relevant to the purpose of collection;
   b. to the processing of personal data concerning them for the purpose of sending advertising materials, direct sales, or for carrying out market research or commercial communication.

Complaint: Data subjects, if applicable, also have the right to lodge a complaint with the Supervisory Authority in accordance with the established procedures. For any further information, and to exercise the rights granted by the GDPR, you may contact the Data Controller at the contact details provided above.

Consent
Consent acquisition statement

Your consent for marketing purposes will be recorded (IP address, email, date, and time) by checking the box below the email input field or by clicking the appropriate checkbox and pressing the “send” / “ok” button. This consent will be stored to prove it was given and to allow you to withdraw it at any time, in addition to exercising all the other rights mentioned above.