DECLARATION ON DATA PROTECTION

This privacy statement is addressed to all those persons who use this website in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27.04.2016 (General Data Protection Regulation – GDPR).

The declaration applies only to said page and not to any other pages that may be accessed by the user by means of a hyperlink.

The operator of this site guarantees, within the scope of the law, that the processing of personal data will take place in respect of fundamental rights and freedoms as well as in respect of the dignity of the interested person, with particular reference to confidentiality, to personal identity, and to the right of the protection of personal data.

1. Name and address of the person responsible and the data protection officer

Responsible person in the sense of the DSGVO:

Pension Steigerhof

Unterpertinger – Schatzer

St. Pauls 49
I-39037 Rodeneck

info@pension-steigerhof.it

+39 338 1195111

/dsgvo

Data Protection Officer:

info@pension-steigerhof.it

2. Place of data processing

Aruba S.p.A.
Via San Clemente, 53 – 24036 Ponte San Pietro (BG)
P.IVA 01573850516 – C.F. 04552920482
C.S. € 4.000.000,00 i.v.

3. Scope and legal basis of the processing of personal data

As a matter of principle, we only process personal data of our users to the extent that this is necessary for the provision of a functional website as well as our content and services. As a rule, personal data is only processed with the consent of the user. An exception applies in those cases in which it is not possible to obtain prior consent for actual reasons and the processing of the data is permitted or provided for by legal regulations.

The legal basis for the processing of personal data is Art. 6 DSGVO and, where applicable, specific contractual agreements with the user and associated obligations.

4. Data deletion and storage period

Unless specifically stated, we store personal data only as long as necessary to fulfill the purposes pursued.

In some cases, the legislator provides for the retention of personal data. In these cases, we only store the data for these legal purposes, but do not process it elsewhere and delete it after the legal retention period has expired.

5. General purposes of processing

We use personal data for the purpose of operating this website and for the purposes listed individually below.

6. What data we use and why

Access data / server log files

When you use this website, information about your usage behavior and your interaction with the site, as well as data about your computer or mobile device, is automatically collected (so-called server log files). This data includes:

  • Name and URL of the retrieved website, date and time of the retrieval.
  • Browser type and browser version
  • Operating system
  • Referer URL (i.e. the previously visited page)
  • IP address of the client/user

All log files listed above are automatically deleted from our server after 365 days. During this period, the user’s IP address is stored only partially anonymized. The collection of data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website. We use this log data without attribution to your person or other profiling for statistical analysis for the purpose of operation, security and optimization of our website, but also to anonymously record the number of visitors to our website (traffic) and the extent and nature of the use of our website and services, as well as for billing purposes to measure the number of clicks received from cooperation partners. Based on this information, we can provide personalized and location-based content and analyze traffic, search for and correct errors, and improve our services.

This is also our legitimate interest in data processing pursuant to Art 6 (1) f) DSGVO.

In addition, among other things, accesses with complete IP addresses are administratively logged by the website operator for the purpose of detecting and defending against cyber attacks. This data is deleted again after seven days at the latest.

Cookies

Our website uses cookies. Cookies are text files that are stored in the Internet browser or by the Internet browser on the user’s computer system. When a user accesses an Internet page, a cookie may be stored on the user’s operating system. This cookie contains a characteristic string of characters that enables the browser to be uniquely identified when the Internet page is called up again.

Our legitimate interest in the use of cookies pursuant to Art 6 (1) f) DSGVO is to make our website more user-friendly, effective and secure.

Since cookies are stored directly on your computer, you as a user also have full control over the use of cookies. By changing the settings in your internet browser, you can disable or restrict the transfer of cookies. Cookies that have already been stored can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to fully use all functions of the website.

Google Analytics

We use Google Analytics, a web analytics service provided by Google, Inc. (Google). Google Analytics uses cookies that are stored on your computer and allow an analysis of user behavior. The information generated by the cookie about the use of this website by visitors to the site is usually transmitted to a Google server in the USA and stored there.

According to its own information, Google has submitted to the Privacy Shield Agreement concluded between the European Union and the USA and has been certified for this purpose. Google thereby undertakes to comply with the standards and regulations of European data protection law. You can find more information in the entry linked below: [Click here]

We have activated IP anonymization on this website (anonymizeIp). This means that your IP address will be shortened beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.

You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.

In addition, you can prevent the transmission of the data generated by the cookies and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plugin available under the following link: [Click here]

As an alternative to the browser plugin or within browsers on mobile devices, you can click on the following link to set an opt-out cookie that will prevent the collection by Google Analytics within this website in the future (this opt-out cookie only works in this browser and only for this domain.

Google Web Fonts

This page uses so-called web fonts provided by Google for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into its browser cache in order to display texts and fonts correctly.

For this purpose, the browser you are using must connect to Google’s servers. This enables Google to know that our website has been accessed via your IP address. Google Web Fonts are used in the interest of a uniform and appealing presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6 (1) f) DSGVO.

If your browser does not support web fonts, a standard font will be used by your computer.

You can find more information about Google Web Fonts at Google Fonts FAQ and in the privacy policy of Google: Google Privacy.

Contact form and e-mail contact

Our website contains a contact form that can be used for electronic contact. If a user makes use of this option, the data entered in the input mask will be transmitted to us and stored.

For the processing of the data, your consent is obtained during the sending process and reference is made to this data protection declaration. The legal basis for the processing of the data is thus your express consent in accordance with Art. 6 (1) a) DSGVO.

Alternatively, it is possible to contact us via the e-mail address provided. In this case, the user’s personal data transmitted with the e-mail will be stored. The legal basis for the processing of the data is thus your express consent in accordance with Art. 6 para. 1 a) and b) DSGVO.

In this context, the data will not be passed on to third parties. The data is used exclusively for the processing of the conversation.

The processing of personal data from the input mask serves us solely to process the contact. In the case of contact by e-mail, this also constitutes the necessary legitimate interest in processing the data.

The other personal data processed during the sending process (server log files) are used to prevent misuse of the contact form and to ensure the security of our information technology systems.

The user has the option to revoke his consent to the processing of personal data at any time.

Google Maps

We integrate maps (“Google Maps”) from the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, in one or more places on this website. These are integrated via a script, whereby your IP address and your location data are sent to Google (but not without your consent, usually in the context of the settings made on your terminal device). The data may be processed in the USA.

Google is certified under the Privacy Shield agreement and thereby offers a guarantee of compliance with European data protection law.

7. Your rights as a person affected by data processing

If personal data of yours is processed, you are a “data subject” within the meaning of the GDPR and you are entitled to the following rights vis-à-vis the controller:

  • the right to confirmation and information
  • the right to rectification
  • the right to erasure (“right to be forgotten”)
  • the right to restriction of processing
  • the right to information
  • the right to data portability
  • the right to object
  • the right to revoke the declaration of consent under data protection law
  • the right not to be subject to automated decision-making, including profiling
  • the right to lodge a complaint with the supervisory authority.

8. Data security

We are very concerned about the security of your data within the framework of the applicable data protection laws and technical possibilities.

Your personal data is always transmitted encrypted. This applies in particular to your orders and also to the customer login. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line. We use the SSL (Secure Socket Layer) coding system, but we would like to point out that data transmission on the Internet (e.g. when communicating by e-mail) can have security gaps. Complete protection of data against access by third parties is not possible.

To protect your data, we maintain technical and organizational security measures in accordance with Art. 32 DSGVO, which we continuously adapt to the state of the art.

We also do not guarantee that our offer will be available at certain times; disruptions, interruptions or failures cannot be ruled out. The servers we use are carefully backed up on a regular basis.

9. Disclosure of data to third parties

In principle, we use your personal data only within our company. However, we cannot rule out the possibility that, if the data is transferred to third parties, it may be transferred to another EU or non-EU country or to an international organization, provided that this is in accordance with the purpose of the data processing.

If and to the extent that we involve third parties in the performance of contracts (such as logistics service providers), they will receive personal data only to the extent that the transfer is necessary for the relevant service.

In the event that we outsource certain parts of data processing (“commissioned processing”), we contractually oblige commissioned processors to use personal data only in accordance with the requirements of data protection laws and to ensure the protection of the rights of the data subject.

10. More information

If you still have questions or concerns about privacy, please contact:

info@pension-steigerhof.it

Further information:

GDPR – Reglement 2016/679

Privacy in the EU

Competent supervisory authority (Italy): Garante per la Protezione dei Dati Personali, Piazza di Monte Citorio 121, 00186 ROM, Tel.: (+39) 06.696771, Fax: (+39) 06.69677.3785, , E-Mail: garante@gpdp.it, Webseite: http://www.garanteprivacy.it/.