INFORMATION ON THE PROTECTION OF PERSONAL DATA PURSUANT TO EUROPEAN REGULATION 2016/679
The Cooperative Company Golden Keys of the Trevenezie scrl (from now on unospitedivenezia.it), carries out multiple activities including:
- publishing activities, distribution of the guide a Guest of Venice, sale of ticketing services.
- Commercial intermediation and sale of travel tickets in general
- Sale of tickets and/or electronic cards for access to public and private services
- Priority admissions to museums, cultural institutions, shows and sporting and related events.
For the services listed in the table above unospitedivenezia.it, to offer all its services, it makes use of the websites www.unospitedivenezia.it.
unospitedivenezia.it therefore the data controller of the personal data collected.
HOW WE COLLECT YOUR PERSONAL DATA
unospitedivenezia.it collects and treats your personal data in the following circumstances:
- When you purchase one of the services provided, by entering into a contract;
- registering on the website to use its features;
- If you contact us in order to request information, make a complaint or a report, request a refund regarding the services provided;
- In the event that companies or business partners legitimately communicate your personal data to unospitedivenezia.it
Please help us keep your personal data up to date by informing us of any changes. Any changes related to the data on the personal residence must be promptly communicated to unospitedivenezia.it in order to avoid incurring problems related to the use of the services provided.
WHAT PERSONAL DATA ABOUT YOU CAN BE COLLECTED
The following categories of personal data concerning you may be collected:
Personal and contact data – information relating to the name, place and date of birth, tax code, address, telephone number, workplace, email address and, if you connect to our site, via social login (i.e. the account of a social network to which you are subscribed), also the data that are visible in that social based on the privacy settings set by you
FOR WHAT PURPOSES YOUR PERSONAL DATA MAY BE USED
The processing of personal data in compliance with European data protection regulations must be legitimized by one of the various legal conditions provided for and we are required to indicate these conditions for each processing described, as you can read below:
(a) Establishment and execution of contractual relations and subsequent obligations, including the communication on services
unospitedivenezia.it may process your personal data for the purposes of the possible establishment and execution of contractual relationships, the provision of the requested services and the response to reports and complaints.
unospitedivenezia.it you may also use your contact details and in particular your email, to provide you with information about the services offered.
Prerequisite for processing: fulfilment of contractual obligations.
The provision of data is mandatory to manage the contractual relationship.
b) Operational management and purposes strictly connected to it for access to the Unospitedivenezia Site collects your personal data to allow you to access the site and provide you with the services available there, also by accessing your Personal Area in order to: (i) download documents relating to the services purchased by you from your Personal Area; (ii) respond to other requests made through the website.
Prerequisite for processing: fulfilment of contractual obligations.
The provision of data is mandatory to respond to your requests.
c) Customer Satisfaction surveys unospitedivenezia.it may use your contact data to conduct institutional surveys aimed at measuring the level of satisfaction (so-called customer) of the service provided.
Basis for processing: legitimate interest
The owner with this activity respects the contractual obligations assumed with the current service contract with the entrusting body and puts in place every useful activity in order to improve, implement and make more efficient the service itself
d) Marketing to meet your needs and to provide you with promotional offers unospitedivenezia.it collects your contact data for marketing and advertising communication purposes, aimed at informing you about promotional sales initiatives, carried out through automated methods of contact (e-mail, sms and other massive messaging tools, etc.) and traditional methods of contact (for example, phone call with operator).
Prerequisite for treatment: your consent is required.
Consent can be revoked at any time through the privacy form on the website.
(c) Compliance with legally binding requests to comply with legal obligations, regulations or measures of the judicial authority
unospitedivenezia.it collects your personal data to comply with the legal provisions.
Basis for processing: legal obligations.
HOW WE KEEP YOUR PERSONAL DATA SECURE
unospitedivenezia uses a wide range of security measures in order to improve the protection and maintenance of the security, integrity and accessibility of your personal data.
Although at present, as you know, it is not possible for anyone to guarantee security from intrusions into the transmission of data that takes place on the internet and websites, we, our suppliers and business partners are committed to ensuring
physical, electronic and procedural protections aimed at protecting your personal data in accordance with the law and with the utmost responsibility.
All your personal data is stored on secure servers (or secure hard copies) and is accessible and usable according to our security standards and policies (or equivalent standards for our suppliers or business partners).
We take, among others, measures such as:
the strict restriction of access to your personal data, as necessary and for the sole purposes communicated;
perimeter security systems to prohibit unauthorized access from outside
permanent monitoring of access to information systems to detect and stop the abuse of personal data.
penetration tests with half-yearly frequency aimed at highlighting any flaws in perimeter safety
tracing access to your personal data carried out by internal staff and verification of the related purpose
Internal transaction security
transactions on our websites that require the entry of your personal data take place in an encrypted manner through Secure Socket Layer (SSL) technology
Using login passwords
Where we have provided you (or have chosen) a password that allows you access to certain parts of our website or other portals, applications or services provided by us, you will be responsible for the secrecy of that password and for complying with any other security procedures we report to you.
We ask you not to share your password with anyone.
HOW LONG DO WE KEEP YOUR INFORMATION
We store your personal data only for as long as is necessary to achieve the purposes for which it was collected or for any other legitimate related purpose.
Term retention of personal data
Therefore, if personal data is processed for two different purposes, we will retain such data until the purpose expires with the longer term, however we will no longer process personal data for that purpose whose retention period has been lost. We limit access to your personal data only to those who need to use it to carry out their tasks.
Your personal data that is no longer necessary, or for which there is no longer a legal basis for its storage, are irreversibly anonymized (and in this way can be stored) or destroyed securely.
Below are the storage times in relation to the different purposes listed above:
Fulfilment of contractual obligations:
the data processed to fulfill any contractual obligation may be kept for the duration of the contract as well as for the next 10 years, in order to verify any slopes or for compliance with legal obligations (e.g. accounting documentation).
Operational management and purposes strictly related to this for access to the website: the data processed for this purpose may be stored for 1 year after the duration of the underlying contract for which access was made.
Customer satisfaction surveys: the data processed for this purpose may be stored for 3 years from the date of the survey.
Marketing purposes: Personal data processed for marketing purposes may be stored for 2 years from the date on which we obtained your last consent for this purpose (with the exception of the opposition to receive further communications).
Disputes: In the event that we need to defend ourselves or act or even make claims against you or third parties, we may retain personal data that we deem reasonably necessary to process for such purposes, for as long as such claim may be pursued.
WITH WHOM WE CAN SHARE YOUR PERSONAL DATA
your personal data may be accessed by unospitedivenezia.it employees, as well as suppliers and collaborators, duly appointed data controllers, who provide support for the provision of services.
If you have any questions about our processing of your personal data, please send an email to firstname.lastname@example.org, or contact the phone number 0415220848, asking for the secretariat.
We also inform you that the Company has appointed an internal data protection officer (DPO), whose contact details are: email@example.com, to whom you can contact in general for matters related to the protection of personal data and related rights.
YOUR DATA PROTECTION RIGHTS AND YOUR RIGHT TO MAKE COMPLAINTS TO THE SUPERVISORY AUTHORITY
Under the legal conditions, you have the right to ask us:
- Access to your personal data
- Portability of personal data that you have provided us with
- Rectification of the data in our possession
- Deletion of any data for which we no longer have any legal basis for processing
- Withdrawal of your consent, in the event that the processing is based on consent and relates to direct marketing activities
- Limitation of the way we process your personal data, in the cases provided for by law.
In addition, you can exercise the right of objection in the case of data processed for legitimate interest, specifically therefore in the case of customer satisfaction.
The exercise of all these rights is based on certain exceptions aimed at safeguarding the public interest (e.g. the prevention or identification of crimes) and our interests (understood as legitimate and binding reasons). If you exercise any of these rights, it will be our duty to verify that you are entitled to exercise it and we will, as a rule, give you feedback within one month.
If you are not satisfied with the way in which we process your personal data, or with our feedback, you will have the right to lodge a complaint with the supervisory authority whose contacts can be found on the www.garanteprivacy.it