The site’s management methods are described in the section "Security Policies on Our Site," which constitutes the Disclosure to interested parties provided in accordance with sect. 13 of Decree n. 196/2003 (Code concerning the protection of personal data) for those who interact with the web services provided on the site, but not for other websites that the user may visit by way of links.
In order to comply fully with the current privacy regulations, the Company has made specific arrangements described in the "Privacy Policies" section.
SECURITY POLICIES ON OUR SITE
These pages describe the management methods the site uses to process personal data from the users who visit it.
See the "Privacy Policies" section to find out the Owner, the list of Managers responsible for processing the data and the rights of interested parties (in accordance with section 7 of the Privacy Code).
Data provided voluntarily by the user
The optional, explicit and voluntary submission of your email address to the addresses listed on this site constitutes the subsequent acquisition of the sender’s address, necessary for providing responses to requests, as well as possibly other personal data entered in the message.
Specific summary information will be continuously reported or displayed on this site’s pages that are used for certain service requests.
The user is free to provide personal data submitted in the request forms or otherwise indicated in contacts with the company’s Office to solicit sending computer information or other communications. A failure to provide this information may make it impossible for you to obtain an answer to your request.
Computer systems and software procedures required for the functioning of this website acquire, in the course of their normal operations, some personal data, the sending of which is implicit in the use of the Internet’s communications protocols. This is information that is not gathered in order to be associated with identified subjects but that by their very nature may permit (through processing and associations with data held by third parties) a person to identify users. This category of data includes IP addresses or domain names used by visitors who connect to the site, the addresses of resources requested in Uniform Resource Identifier (URI) notation, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the number code indicating the status of the response from the server (successfully completed, error, etc.) and other parameters related to the operating system and the user’s computing environment. These data are used only in order to retrieve anonymous statistical information on site usage or to check for proper functioning and are often deleted. The data may be used to determine responsibility if any computer crimes may be committed.
For more information, click here.
Personal data are processed with automated tools for only the time strictly necessary to reach the goals for which they were gathered.
Specific security measures are implemented to prevent data loss, illicit or improper uses and unauthorized access.
Our Company processes personal data from third parties – current and potential customers and collaborators – always taking every measure needed to guarantee the safety and confidentiality of the data being processed.
The application of current regulations regarding the protection of personal data (Regulation) is organized as follows:
- The owner of personal data processing is Atahotels S.p.A. with headquarters at via Gioacchino Murat 17 – 20159 Milan, Italy, which has indicated General Director Fabrizio Gaggio as Delegate for application of the privacy regulations at the company;
- To ensure compliance with regulations and instructions issued on privacy, some Privacy Managers have been nominated for different processing performed within the internal and/or Group organizational structure;
- The Company also uses subjects outside the organization, to which it entrusts part of its operations process;
- The complete list of internal and/or Group Managers and of external subjects mentioned in the paragraph above may be requested by contacting the “Manager of responses to interested parties” at the addresses given above;
- Employees who process personal data have been given specific instructions and attend a training program and receive constant updates;
- The Company acquires only the personal data strictly necessary for the fulfilment of the requested services or for the purpose they were gathered, providing specific disclosure to accomplish those purposes;
- In order to assure the exercise of the rights provided in section 7 of the privacy code (access to information and other rights) and to provide all other information with respect to the protection of personal data, every interested party may contact the Manager of responses to interested parties at:
Via Gioacchino Murat 17
20159 Milano (MI)
to obtain confirmation of the existence or lack thereof of personal data regarding them, even if they are not yet registered, and to receive their communication in an intelligible manner.
When contacting the Manager of Responses, interested parties may also:
- obtain information on the origin of, purposes for, and processing methods used on the data regarding them;
- obtain the deletion, anonymizing or blocking of data processed in violation of the law and the updating, correction and/or integration of the data;
- deny consent to the processing of personal data for legitimate reasons, provided for the purposes of making sales, sending promotional material and performing market research.
- obtain information about the subjects and the categories of subjects these data are communicated to or that may be aware of them in their roles as Managers or Employees.
- obtain information about the subjects that may become aware of them in their roles as Managers or Employees, including as a result of activity performed by other companies in the Group based on service contracts.
Italian Data Protection Authority