This document consists of the following parts:



1. NORMATIVE REFERENCES
2. DATA CONTROLLER
3. PLACE OF TREATMENT
4. COLLECTION OF DATA
5. COOKIES
6. MANAGEMENT OF COOKIES
7. OPTIONAL SUPPLY OF DATA
8. PROCESSING METHODS
9. USERS RIGHTS
10. SHARING, COMMUNICATION AND DISSEMINATION OF DATA
11. CHANGES TO THESE PRIVACY POLICIES
12. INFORMATION TO THE GUEST





1. NORMATIVE REFERENCES

Directive 95/46 / EC on the “protection of individuals with regard to the processing of personal data, as well as on the free movement of such data”.

Directive 2002/58 / EC on the “processing of personal data and the protection of privacy in the electronic communications sector”.

EU European Regulation 679/2016 - General Data Protection Regulation (GDPR).





2. DATA CONTROLLER

During the consultation of this site, data relating to identified or identifiable persons may be processed.

The Data Controller is:

Diketo Casangelina Srl
Via Giovanni Porzio Is. E/7 – Centro Direzionale - 80143 Napoli
P.I. 08435301216
e-mail: info@casangelina.com
sito web: www.casangelina.com





3. PLACE OF TREATMENT

The processing connected to the web services of this site takes place on servers located in the Italian state.





4. DATA COLLECTION

a. Technical data collection:

The use of the site by visitors, involves the full and implicit acceptance and respect of what is written in this document. The site, for technical and security reasons, and for statistical purposes, automatically collects information on accesses, (the information is not of an identifying character or classified as particular data), which are electronically stored and processed exclusively for the aforementioned purposes and for the reasonably necessary time.



b. Contact forms:

We inform you that personal data, which you may provide via this site, are processed exclusively for the management of your request and for the practices required by law. Some data, requested through the appropriate form, are essential to start the request itself and for the practices required by law. In this case you will not be asked to give any consent as the data that you send us will fall within the exempted cases in accordance with current legislation and with reference to Article 6 of Law 679/2016 (GDPR).

Optional consent: Your refusal to provide such data will make it impossible for us to process your request.



c. Booking Engine:

Through this site, visitors can use a "booking engine" to get a personalized quote and book by obtaining a direct confirmation. In case of reservation, some data are sent to this structure and stored in the integrated system. Consequently, the data controller and data processor of the company that owns the booking engine also contributes to the processing of stored data.
The company that owns the booking engine is: Sabre Hospitality Solutions - Sabre Hospitality Customer Care - Tel Europe: 31-36-7999299

http://www.sabrehospitality.com/contact/global-hospitality-solutions





5. COOKIES

a. What is a cookie?

Cookies are short text files that are downloaded to your device when you visit a website. At each subsequent visit the cookies are sent back to the website that originated them (first-party cookies) or to another site that recognizes them (third-party cookies). Cookies are useful because they allow a website to recognize the User's device. They have different purposes such as, for example, allowing you to efficiently navigate pages, remember favorite sites and, in general, improve the browsing experience. They also help ensure that the advertising content displayed online is more targeted to the user and his interests. Depending on the function and purpose of use, cookies can be divided into technical cookies, profiling cookies, third-party cookies. Cookies are used by most sites. Cookies alone can not be used to identify visitors. Usually a cookie contains the name of the domain from which it comes, the age of the cookie itself and a value; usually a randomly generated unique number. Cookies can be deactivated completely in your browser at any time, changing the browser preferences. Disabling cookies may compromise the operation of some parts or features of this site.
The site in question uses the following types of cookies:



b. Technical session cookies

The use of c.d. session cookies are strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to allow the safe and efficient exploration of the site. I c.d. session cookies used on this site avoid the use of other technologies that could compromise the privacy of users' browsing and do not allow the acquisition of personal identification data. These cookies are processed in computer mode.



c. Analytics cookies

This website uses Google Analytics, a web analytics service provided by Google, Inc. ("Google"). Google Analytics uses "cookies", which are text files that are stored on your computer to allow the website to analyze how users use the site. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google (independent data controller) will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and use of the Internet. Google may also transfer this information to third parties where required to do so by law or where such third parties process the information on Google's behalf. Google will not associate your IP address with any other data held by Google. You can refuse to use cookies by selecting the appropriate settings on your browser, but this may prevent you from using all the features of this website.



d. Duration of cookies

Some cookies (session cookies) remain active only until the browser is closed or when the logout command is executed. Other cookies "survive" when the browser is closed and are also available in subsequent visits by the user. These cookies are called persistent and their duration is set by the server when they are created.



e. List of third-party cookies

The site uses or may use third-party cookies, to follow the list of possible cookies and related privacy policies.

Google Analytics: Used to collect statistical and website data - https://policies.google.com/privacy

PHPSESSID: it is a session technical cookie used by the PHP programming language, it allows to keep active a connection between the browser and the server. It does not collect any data relating to the user. It is deleted when the user closes the browser he is browsing with.

_ga: Performance cookies set by Google Analytics (assimilated to technical cookies), it is necessary to distinguish univocally each user who accesses the website, assigning a random identifier (ID) at the first access. It lasts about two years.

_gid: Performance cookies set by Google Analytics (assimilated to technical cookies), it is necessary to distinguish a returning user. It lasts 24 hours.

_gat: Performance cookies set by Google Analytics (assimilated to technical cookies), is used to limit the number of requests to be sent to the Google server in a given period of time. It lasts 10 minutes.





6. MANAGEMENT OF COOKIES

The data controller recalls that the total or partial disabling of cookies c.d. technicians can compromise the use of site features.

It is possible to selectively disable the action of Google Analytics by installing on your browser the opt-out component provided by Google. To disable the action of Google Analytics, please refer to the link below: https://tools.google.com/dlpage/gaoptout

However you can decide whether or not to accept cookies by changing the security settings of the browser.

Chrome: https://support.google.com/chrome/answer/95647?hl=it
Firefox: https://support.mozilla.org/it/kb/Gestione%20dei%20cookie
Internet Explorer: http://windows.microsoft.com/it-it/windows7/how-to-manage-cookies-in-internet-explorer-9
Safari: http://support.apple.com/kb/HT1677?viewlocale=it_IT
Opera: http://help.opera.com/Windows/10.00/it/cookies.html





7. OPTIONAL DATA SUPPLY

We inform you that personal data, which you may provide via this site, are processed exclusively for the management of your request and for the practices required by law. Some data, requested through the appropriate form, are essential to start the request itself and for the practices required by law. In this case you will not be asked to give any consent as the data that you send us will fall within the exempted cases in accordance with current legislation and with reference to Article 6 of Law 679/2016 (GDPR).

Optional consent: Your refusal to provide such data will make it impossible for us to process your request.





8. METHOD OF TREATMENT

a. Data retention

The information relating to accesses on the site and personal data that users will communicate by filling out the contact form, will be stored on electronic media protected by password and will be treated in full confidentiality by the manager of our structure that will keep them strictly necessary, for the execution of the request. Any particular data are processed in compliance with the regulations in force and in particular with the law 679/2016 (GDPR).



b. Data protection

For access to the IT tools used during the collection, consultation and storage of data, the data controller and processor has put in place all the technical and organizational measures necessary to ensure an adequate level of security, avoiding the possibility of unauthorized disclosure and thus ensuring the confidentiality, integrity, availability of data as well as, in the event of a physical or technical incident, to ensure the ability to restore data in a short time.

In accordance with the art. 8 of REGULATION (EU) 2016/679, on this website, the services are offered exclusively to those who have reached the age of majority or for which (if minors under the age of 16) parents' consent has been collected. If we discover that a minor has provided us with personal information without the permission of the parents or guardian, we will immediately delete this information.





9. SHARING, COMMUNICATION AND DISSEMINATION OF DATA

The data collected may be transferred or communicated to other companies, specifically identified, for activities strictly connected and instrumental to the operation of the service, such as the management of the site itself or its components. Personal data may be transmitted to third parties, but only and exclusively if this is necessary to comply with requests from the Judicial Authority or Public Security. No data deriving from the web service is disseminated.





10. USER RIGHTS

The User will have the right to exercise the rights referred to in art. 7 of the Privacy Code and art.15 GDPR.

In particular, the User has the right at any time to obtain from Diketo Casangelina Srl confirmation of the existence or not of personal data concerning him, even if not yet registered, and their communication in intelligible form.

The User also has the right to obtain confirmation: a) of the origin of personal data; b) of the purposes and methods of the processing; c) of the logic applied in case of treatment carried out with the aid of automated tools; d) of the identification details of the owner, of the managers and of the designated representative; e) of the subjects or categories of subjects to whom the personal data may be communicated or who can learn about them as appointed representative in the territory of the State, managers or agents.

The User also has the right to obtain: a) updating, rectification or, when interested, integration of data; b) the cancellation, transformation into anonymous form or blocking of data processed unlawfully, including data whose retention is unnecessary for the purposes for which the data were collected or subsequently processed; c) the attestation that the operations referred to in letters a) and b) have been brought to the attention, also as regards their content, of those to whom the data have been communicated or disseminated, except in the case where such fulfillment is prove impossible or involve a manifestly disproportionate use of the law with respect to the protected right. The User has the right to object, in whole or in part: a) for legitimate reasons, to the processing of personal data concerning him / her, even though they are relevant to the purpose of the collection; b) to the processing of personal data concerning him / her for the purpose of sending advertising or direct sales material or for carrying out market research or commercial communications (for example relating to newsletter services).

Where applicable, the User also has the rights referred to in Articles 16-21 GDPR (Right of rectification, right to be forgotten, right of limitation of treatment, right to the portability of contractual data and rough navigation, right of opposition), as well as the right of complaint to the Guarantor Authority.



How to exercise rights

We also wish to inform you that the European Regulation recognizes certain rights, including the right of access and rectification, or cancellation or limitation or opposition to processing, as well as the right to data portability, if and as applicable (articles to be 15 to 22 of EU Regulation No. 679 of 2016). It can also lodge a complaint with the supervisory authority, in accordance with the procedures established by current legislation. To exercise the rights referred to in the previous article, the User may, at any time, contact the company (Data Controller) by e-mail





11. CHANGES TO THESE PRIVACY POLICIES

The data controller periodically checks its privacy and security policy and, if necessary, revises it in relation to regulatory, organizational or technological changes. In case of policy changes, the new version will be published on this page of the site.





12. CUSTOMER INFORMATION

Dear Guest, in accordance with current legislation on the protection of personal data (EU Regulation No. 679 of 2016), we wish to inform you that the processing of your personal data is carried out correctly and transparently, for lawful purposes and protecting your privacy and your rights . The treatments are also carried out with the help of IT tools for the following purposes:

1. to acquire and confirm your booking of accommodation services and ancillary services, and to provide the services requested. Since these are necessary treatments for the definition of the contractual agreement and for its subsequent implementation, its consent is not required, except in the case in which particular, so-called sensitive data are given. In case of refusal to provide personal data, we will not be able to confirm the booking or provide the requested services. The treatment will cease on his departure, but some of his personal data may or must continue to be processed for the purposes and with the methods indicated in the following points;

2. to fulfill the obligation set forth in the "Consolidated Law on Public Security Laws" (article 109 RD 18.6.1931 No. 773) which requires us to communicate to the Police Headquarters, for purposes of public security, the particulars of clients accommodated according to methods established by the Ministry of the Interior (Decree of 7 January 2013). The provision of data is mandatory and does not require its consent, and in case of refusal to provide it we will not be able to host it in our facility. The data acquired for this purpose are not stored by us, unless you provide us with the consent to the conservation as foreseen in point 4;

3. to comply with current administrative, accounting and tax obligations. For these purposes, the processing is carried out without the need to acquire your consent. The data are processed by us and our representatives, and are disclosed outside only in fulfillment of legal obligations. In case of refusal to provide the data necessary for the above-mentioned obligations, we will not be able to provide the requested services. The data acquired for these purposes are stored by us for the time provided for by the respective regulations (10 years, and even more in the case of tax assessments);

4. to speed up the registration procedures in case of subsequent stays at our facility. For this purpose, after obtaining its revocable consent at any time, your data will be kept for a maximum period of 10 years and will be used when you will be our guest again for the purposes referred to in the previous points;

5. to perform the function of receiving messages and telephone calls addressed to her during her stay. For this purpose, your consent is required. You can withdraw your consent at any time. The treatment will cease at its departure anyway;

6. to send you our promotional messages and updates on the rates and offers made. For this purpose, after obtaining your consent, your data will be kept for a maximum period of 10 years and will not be disclosed to third parties. You can withdraw your consent at any time;

7. for purposes of protection of persons, property and company assets through a video surveillance system of some areas of the structure, identifiable by the presence of appropriate signs. For this treatment, your consent is not required, as it pursues our legitimate interest in protecting people and property with respect to possible aggressions, thefts, robberies, damage, acts of vandalism and for purposes of fire prevention and job security. The recorded images are deleted after 24 hours, except holidays or other cases of closure of the exercise, and in any case not more than a week. They are not the object of communication to third parties, except in cases where it is necessary to adhere to a specific investigation request by the judicial or judicial authorities.

We also wish to inform you that your data may be made accessible for the purposes set out in points 1 to 7:

a) to employees and collaborators of the Owner in their capacity as agents and / or managers and / or internal sub-managers of the processing;

b) companies that perform functions strictly connected and instrumental to the operations - including technical - of the services offered by the Data Controller, such as providers of direct marketing and customer care services, companies that provide archiving, administrative, payment and invoicing services , associated companies and / or in general companies that provide technical components for the provision of some service features

c) bodies and administrative and judicial authorities by virtue of legal obligations.

Personal data will be stored on servers located in the European Union, without prejudice to the Owner's right to transfer the location. In this case, we make sure that this transfer takes place in compliance with current legislation and that an adequate level of personal data protection is guaranteed based on an adequacy decision, on standard clauses defined by the European Commission or on Binding Corporate Rules. We also wish to inform you that the European Regulation recognizes certain rights, including the right of access and rectification, or cancellation or limitation or opposition to processing, as well as the right to data portability, if and as applicable (articles to be 15 to 22 of EU Regulation No. 679 of 2016). It can also lodge a complaint with the supervisory authority, in accordance with the procedures established by current legislation.