Effective date: 25/05/2018
In accordance with the ORDINANCE (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL, we inform you that we will process personal data of customers and suppliers, as well as data of persons who communicate their data willingly (personally, by phoning, by faxing or by e-mailing to us) and by registering on our website, as well as persons whose data have been acquired by third parties, for example when collecting external data for business information, public directories, etc., whereas in the latter case only personal data of ordinary / common kind and nature is concerned.
Our company guarantees within the framework of legal regulations that the processing of personal data takes into account the fundamental rights and freedoms as well as the dignity of the person concerned, with particular reference to secrecy, personal identity and the right of protecting personal data.
Target and purpose positions in data processing:
In relation to the above stated objectives, your personal information will be forwarded as needed:
- fulfillment of legal obligations, duties arising from regulations, community norms as well as civil and tax laws
- fulfillment of any contractual obligations to the person concerned
- Performing activities related to the business of our company, such as completing internal statistics, accounting, and managing customer / supplier accounting
- Business objectives such as sending business information and promotional material (by post, fax and e-mail), marketing and market research
- Protection of claims and management of liabilities
- Objectives regarding insurance, especially credit insurance
- area of publication and circulation of data.
What kind of information is collected from you and for how long?
- to the public administration and authorities, if stipulated by law
- to credit institutions our company has business relations with, concerning the management of receivables / payables and financial intermediation
- to all those natural and / or legal, public and / or private persons (legal, administrative and tax consulting offices, courts, chambers of commerce, etc.), if the forwarding proves necessary or convenient for the performance of our duties
- to suppliers / manufacturers, for the execution of the orders
- The personal data processed by our company are not subject to circulation.
1. Information provided by the user and collected automatically
The personal data stored by our company are collected directly from customers or third parties, such as the hypothesis that the company acquires data from external companies for commercial information, market research, direct offers of products or services. For this last type of data, an informative notice will be provided at the time of its registration or, in any event, no later than the first possible notice.
In addition, our company may possess data that the law defines as "sensitive" in relation to customer-requested transactions. The law requires a specific consent for their utilization.
2. Data Storage
Click on this link
to see the retention period of the data.
Type of data processing:
The data processing may be carried out with or without the aid of electronic means - in any case automatic - and includes all the operations required and necessary for the data processing concerned. In any case, the data processing will be carried out in compliance with all security measures that ensure their security and secrecy. Online advertising
to learn how to review and disable this information. Please note that the exclusion of interest-based advertising does not prevent the display of advertising that is not based on your interests
Third parties who act as processors of such contractual processing guarantee that they will not store the data received from the client and will not use them for other purposes. Our contractors are contractually committed to use the same privacy and security standards, and we ensure that they are complied with.
Navigation data in the context of our Internet information service:
The computer systems and procedures provided for the function of the hotel-mirabel.com
website collect certain personal information during normal operation, the transmission of which is subject to the use of data exchange protocols on the Internet.
It is information that is not collected to associate with identified persons but, by their nature, enables users to be identified by processing and linking to third party data. This category of data includes the IP addresses or domain names of the computers that connect to the website, the Uniform Resource Identifier (URI) addresses of the resources requested, the time of the request, and other parameters related to the transfer and the data communication of the user's computer environment.
These data are used only for the purpose of collecting anonymous statistical information when using the Website to verify that it works correctly. The data in question may be used to establish liability in the case of offenses by means of information technology to the detriment of our website.
Transfer of data abroad:
We may need to submit your data to service providers in non-European countries (EEA). The EEA consists of countries of the European Union and Switzerland, Iceland, Liechtenstein and Norway, which are considered to be countries with equivalent data protection and privacy laws. This type of data transfer may occur if our servers (i.e. where we store data) or our suppliers and service providers are located outside the EEA or if you use our products and services during your stay in countries outside the EEA from this area.
The updated list of third countries to which the company may transfer data is available on request to the data controller.
Rights of the person concerned:
The Basic Data Protection Regulation 679/2016 gives the data subject the opportunity to exercise certain rights. In particular, it has the right to obtain information on whether and what kind of its data exist and to obtain in an understandable form details of such data, their origin and the reason for and purpose of their processing, as well as details of the holder and controller of the processing and persons and categories of persons to whom such data may be transmitted.
The data subject has the right to update, correct and complete his data and to request that the data be deleted, blocked and converted into anonymous data if the processing violates the legal provisions. He has the right, for a justified reason, to oppose, in whole or in part, the processing of his data, and for no justified reason, to use data for the purposes of trade information, the sending of advertising material, direct sales, market research and opinion polling.
In addition, from 25 May 2018 onwards, the right to data portability will apply. For more information, please contact the data controller.
If you believe that your rights have been violated, you have the right to lodge a complaint with the competent data protection authority (Garante della Privacy) or to take legal action.
The rights can be asserted on the part of the person concerned or a person commissioned by him, by means of a request to the person responsible for data processing at the Hotel Mirabel ***s
– Via Pelegrin 11 - I-39030 San Vigilio di Marebbe - by registered mail or e-mail to firstname.lastname@example.org
Holder of the data processing: Hotel Mirabel ***s Fam. Erlacher
Via Pelegrin 11
I-39030 San Vigilio di Marebbe
T. +39 0474 501280 email@example.com Time information for the data storage of personal data
- 5 years after the last data processing, regarding the established business relationship;
- 5 years after expiry of the notified period of validity of the offer.
The following categories of personal data may be stored for different periods of time:
- Financial information (such as payments, refunds, etc.) will be retained for the duration required by applicable tax and accounting rules;
- All user-generated content (e.g. comments and ratings) is anonymous, but remains available on our platforms.
Regular Guest Club (Guest Club)
This website uses KunLeiSys Guest Club software (Regular Guest section). The provider is GASTROpoint GmbH, Pommernstraße 17, 83395 Freilassing, Germany. KunLeiSys Guest Club software is a service for organising and administering the Guest Club, offers, loyalty points, e-mails about events and the distribution of newsletters.
You can register to become a member of the Guest Club on our website. All the personal information you provide shall only be used for the purpose of the respective offer or service. The mandatory information requested for registration must be provided in full. If it is not, your registration will be declined. The personal data you provide on registration shall only be used as specified in your consent (Art. 6 Para. 1(a) GDPR). You are able to withdraw your consent free of charge at any time. This can be done via the unsubscribe link in the e-mail or the unsubscribe option in the Guest Club.
We shall store the information you have provided for the purpose of the Guest Club until such time as you unsubscribe and, as soon as you have unsubscribed and your Guest Club account has been deleted, your details shall be deleted from our servers and the servers of GASTROpoint GmbH.
We shall inform you of any important changes relating to the scope of the services we offer or that are necessary for technical reasons via the e-mail address you provided on registration or saved in your profile. This does not affect statutory retention periods. We have signed a contract data processing agreement with GASTROpoint GmbH and shall fully comply with the strict requirements imposed by the data protection authorities in our operation of KunLeiSys Guest Club software.
Please complete the mandatory fields on the registration screen, as otherwise your registration cannot be processed.