Privacy & Cookies Policy

PRIVACY POLICY

Pursuant to European regulation for the protection of personal data, no. 2016/679, GDPR and subsequent amendments, this website respects and protects visitor confidentiality (ex art. 4, c.1 of the GDPR), and takes every possible and proportionate measure to avoid infringements on the rights of the parties involved.

We have developed a privacy policy regarding the collection, use, disclosure, transfer and storage of user data. This document aims to communicate the privacy protection criteria adopted with regard to the parties involved. This privacy policy is applicable only to the online activities of this website and is valid only for the parties concerned. It holds no validity over other websites that may be visited via links.

By consulting this website and/or using its services, the user explicitly approves and consents to the processing of his or her personal data using the methods and for the purposes described in this Privacy Policy.

 

DATA PROTECTION PRINCIPLES
We are committed to processing user data only for lawful, just and transparent purposes, and only for legitimate reasons. When processing data, we always consider the rights of the party concerned, and we endeavor to provide, upon request, all of the information and data that have been processed.

Data processing is always limited to the required purpose. Our data processing activities always correspond to the required purpose for which personal information was collected.
Data processing uses only the necessary data. We collect and process the minimum amount of personal information required for a purpose.

Data processing is carried out in a limited time. We do not archive any personal information for longer than is necessary.

We endeavor to guarantee care and attention, respect for your personal information, integrity and confidentiality.

Any personal data collected is processed in accordance with current legislation and privacy regulations, within the scope of its own institutional activities and those of its affiliates, for purposes strictly connected to, and instrumental to the management of relations with the user, and the fulfilment of obligations stipulated by law, regulations and EU legislation.

 

Alba Hotels S.r.l., with legal headquarters in: viale Costa Smeralda 76 07021 Arzachena OT, Italy, VAT Number 02184480909 (referred to hereinafter as “Data Controller”), in the capacity of Data Controller, informs you pursuant to art. 13 of Legislative Decree 30.06.2003 no. 196 (referred to hereinafter as “Privacy Code”) and to art. 13 of EU Regulation no. 2016/679 (referred to hereinafter as “GDPR”) that your data will be processed using the following methods and for the following purposes:

 

1. DATA SUBJECT TO PROCESSING
The Data Controller processes identifiable, but not sensitive, personal data (examples include, but are not limited to: name, surname, legal name, address, telephone number, e‑mail address – referred to hereinafter as, “ personal data” or also “ data”) provided by you upon registration with the Data Controller’s website (referred to hereinafter as “ website”), through participation in opinion polls or satisfaction surveys, through the completion of a contact form and/or registration via the website to events organized by the Data Controller, by an online request for clarification or support, or through the sending of a newsletter.

 

2. PURPOSES OF DATA PROCESSING

Your personal data are processed:
A) without your express consent (art. 24 letter a), b), c) of the Privacy Code and art. 6 letter b), e) of the GDPR), for the following Service Purposes:
– website management and maintenance;
– to allow to you use the services you request;
– to process a contact request;
– to participate via the website in initiatives organized by the Data Controller;
– to fulfil obligations required by law, regulations, EU legislation or an authoritative body;
– to fulfil obligations relating to the management of relations with website users/clients;
– to prevent or uncover fraudulent activity, harmful practice to or abuse of the website;
– to exercise the Data Controller’s rights, for example the right to exercise its rights in court.

B) Only with your prior and distinct consent (art. 23 and 130 of the Privacy Code and art. 7 of the GDPR), for the following Other Purposes:
– to send you newsletters and opinion polls or satisfaction surveys via e‑mail.

 

3. DATA PROCESSING METHODS
Your personal data is processed through operations indicated in art. 4 of the Privacy Code and art. 4 no. 2) of the GDPR, more precisely: the collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data. Your personal data may undergo paper, electronic and/or automated processing, through the use of the website hosted by the company Aruba S.p.a., located in Italy. The Data Controller will process personal data for the time necessary to fulfill the aforementioned purposes and, in any case, will retain such data for no longer than 10 years from their termination in the case of Service Purposes, and for no longer than 2 years from its collection for Other Purposes.

 

4. SECURITY
The Data Controller has adopted a large variety of security measures for the protection of your data against risks of loss, abuse or modification.
4.1 Website Security
We take numerous measures in order to guarantee the safety of this website, of its users during browsing and of the data collected from the website or from integrated systems provided by third parties. Such measures include https data transmission protocols to ensure a secure connection, complex alphanumeric passwords, firewalls, constant scanning against viruses and malware, and system updates.
In the event that any data is violated, we will inform the competent authorities in the manner and time required by current privacy legislation. The user or users concerned will be informed directly in the case of a violation regarding their rights or interests.
4.2 Hosting Provider Security
This type of service carries the aim of hosting data and files that permit the website to operate, allow its distribution and provide a ready-to-use infrastructure that offers specific features.

This website is installed on servers owned by Aruba S.p.a.
Aruba pays close attention to data protection, and as such, it welcomes European regulations. With regard to data for which consent for processing is given and hosting data for its applications, Aruba does not access or use client data for purposes such as “data mining”, “data profiling” or sale to third parties.
More information
Privacy Policy

 

5. TYPES OF DATA PROCESSED BY THIS WEBSITE
5.1 Browsing Data
During their normal operation, the computer systems and software procedures used to operate this website acquire some personal data, the transmission of which is implicit in the use of Internet communication protocols.
Such information is not collected in order to be associated with identified users; however, by its very nature, its processing and association with data held by third parties could permit the identification of users.
This category of data includes the IP addresses or domain names of the computers through which users connect to the website, the addresses in the Uniform Resource Identifier (URI) notation of requested resources, the time of a request, the method used to submit a request to the server, the size of the files obtained in response, the numerical code indicating the status of the response given by the server and other parameters concerning the operating system and to the users computer environment.
Such data are used for the sole purpose of obtaining anonymous information regarding the use of this website and to check it is functioning correctly. They could also be used to ascertain any responsibility in case of hypothetical web crime that may cause damage to the website. Except in such cases, personal data are stored for no more than thirty days.
5.2 Data Provided Voluntarily by the User
The explicitly optional and voluntary sending of information via e-mail to the e-mail addresses indicated on the website involves the subsequent acquisition of the senders address, which is required in order to respond to requests, as well as any other personal data included in the request to the website completed by the visitor. Specific summary information will be shown or displayed on the website’s pages as required for particular services on request.
5.3 Contact/Booking Form
When a user enters his or her data into a form on the website, he or she a gives consent for such data to be used in order to carry out the specific request. The data collected in the contact form are sent via e-mail to the recipient for this website and are therefore not saved on any database.
Data processing location: ITALY
Duration: 24 months or as long as necessary for the issue of the active service
Personal data collected: Name and surname, telephone number, e-mail address, message, date and time of consent to processing of personal data.
5.4 Automatically Collected Information
This data is automatically stored in the server log files. The information collected may be: (1) the type and version of the browser used, (2) the operating system used by the access system, (3) the website of origin and visitor destination (referral), (4) ) the country of origin, (5) the date and time of access to the website, (6) the Internet protocol address (IP address), (7) the name of the Internet service provider (ISP) and (8) any other similar data and/or information that may be required in case of attacks on the computer system. Such information is anonymous and is mainly used to improve visitor/user experience on the website, or to guarantee an optimal level of protection with regard to the personal data being processed. Anonymous data from server log files are stored separately from all personal data provided by users. The traffic on this website is monitored by the web hosting company Aruba S.p.a., through the collection of user IP addresses over a period of one month.

 

6. ACCESS TO DATA
Access to your data may be granted for the purposes stipulated in art. 2.A) e 2.B):
– to employees and associates of the Data Controller, in their capacity as internal Data Handlers and/or Processors and/or system administrators;
– to third parties or others (for example: the website hosting provider, suppliers, hardware and software technicians and assistants, shipping agents and couriers, accredited institutes, professional researchers etc.) that carry out outsourcing activities on behalf of the Data Controller, in their capacity as Data Handlers and/or Processors.

 

7. COMMUNICATION OF DATA
Without your express consent (ex art. 24 letter a), b), d) of the Privacy Code and art. 6 letter b) and c) of the GDPR), the Data Controller may disclose your data for purposes pursuant to art. 2.A) to supervising bodies, judiciary authorities and to any other subjects to whom such communication is mandatory by law in order to fulfil the abovementioned purposes. Your data will not be divulged to others.

 

8. TRANSFER OF DATA
Your personal data will be managed and stored in Europe, on servers located in Italy and owned by the Data Controller and/or third parties appointed and duly nominated as Data Handlers.

 

9. DATA PROVISION METHODS AND CONSEQUENCES OF REFUSAL TO RESPOND
The provision of data for the purposes stipulated in art. 2.A) is mandatory. The absence of such data would not allow us to guarantee your registration in the website or to the services in art. 2.A).
The provision of data for purposes stipulated in art. 2.B) is, however, optional. You may therefore decide not to provide any data or to subsequently deny the possibility of processing for any previously provided data. In this case, you will be unable to receive invitations to events, newsletters, opinion polls or satisfaction surveys via e-mail. You will, however, still retain the right to access the services stipulated in art. 2.A).

 

10. YOUR USER RIGHTS
In your capacity as a user, you retain the rights pursuant to art. 7 of the Privacy Code and art. 15 of the GDPR, which are precisely as follows:
i. to obtain confirmation of the existence or otherwise of personal data concerning you, even when it has not yet been registered, and the communication of such data in an intelligible form;
ii. to obtain information indicating: a) the origin of any personal data; b) the processing purposes and methods; c) the logic applied in the case of any data processing aided by electronic tools; d) the details of the Data Controller and Processors and any designated representatives pursuant to art. 5, paragraph 2 of the Privacy Code and art. 3, paragraph 1 of the GDPR; e) the subjects or categories of subjects to whom personal data may be communicated or who may become aware of such data in their capacity as designated representatives in state territory, or as Data Handlers or Processors;
iii. obtain: a) the update, rectification or, where applicable, the integration of data; b) the cancellation, transformation into anonymous form or blocking of unlawfully processed data, including data whose retention is not necessary for the purposes for which they were collected or subsequently processed; c) an attestation that the operations referred to in letters a) and b) and their content have been brought to the attention of any parties to whom the data have been communicated or disseminated, except in cases where the fulfillment of such requirements proves impossible or would involve the use of means that are manifestly disproportionate to the right being protected;
iv. to object, wholly or in part: a) for legitimate reasons, to the processing of personal data concerning you, even where pertinent to the purpose of its collection; b) to the processing of personal data concerning you for the purpose of sending advertising or direct sales material or for carrying out market research or commercial communication, through the use of automated call systems without an operator via e-mail and/or through traditional marketing methods by telephone and/or post. It should be noted that the user’s right to object, stipulated in point b) above, to direct marketing purposes through automated methods extends to traditional means and that the user also retains to right to only partially object in any such case. A user may therefore decide to receive communications only via traditional methods or only via automated communications, or to object to both types of communication.
Where applicable, you also retain the rights stipulated in articles 16-21 of the GDPR (right to rectification, right to be forgotten, right to restriction of processing, right to data portability, right to opposition), as well as the right to lodge a complaint with the Guarantor Authority.

 

11. HOW TO EXERCISE YOUR USER RIGHTS
You may exercise your user rights at any time by sending:
– a letter via registered mail to Alba Hotel S.r.l., with legal headquarters in: viale Costa Smeralda 76, 07021 Arzachena OT, VAT Number 02184480909;
– an e-mail to the following e-mail address: info@cascioni.com

 

12. MINORS
This website and the services provided by the Data Controller are not intended for minors under the age of 18, and the Data Controller does not intentionally collect personal information concerning minors. Where information regarding minors is involuntarily collected, the Data Controller will promptly delete such information at the user’s request.

 

13. DATA CONTROLLER, HANDLER AND PROCESSORS
The Data Controller is:

 

Alba Hotels S.r.l.
Viale Costa Smeralda 76
07021 Arzachena
OT, Italy
VAT Number: 02184480909
Email: info@cascioni.com
Tel: +39 0789 387537

 

14. DATA PROCESSING LOCATION
Your data, and an up-to-date list of the Data Handlers and Processors who may process your data, are stored at the Data Controller’s headquarters. This list includes external Data Handlers who may process your data independently, in the capacity of autonomous Data Controller, for their own informational purposes.

 

15. AMENDMENTS TO THIS POLICY
This document may be subject to changes. It is therefore advisable to check this information regularly and refer to the latest version.

 

Contacts and references
Italian data protection authority

 

 

 

COOKIE POLICY

www.cascioni.com

 

STRICTLY NECESSARY COOKIES
These cookies are essential in order to browse our website correctly and to view content in your language as of your first visit. Strictly necessary cookies are fundamental to guarantee the use of the services offered by our website, such as logging in and managing your orders.

 

FUNCTIONALITY COOKIES
These cookies are used to memorize the choices you make (language preference, country and other online settings) and to provide you with the best personalized performance according to your chosen preferences. Functionality cookies may be used to offer online services or to block services that you have previously refused.
These cookies are not fundamental for the website to function, but they greatly improve the quality of service and browsing.

 

PERFORMANCE COOKIES
These cookies have a strictly statistical purpose and are used by analysis tools in the main search engines. The results generated by such analyses track the browsing habits of website users through computers and mobile devices, on the number of pages visited or the number of clicks made on a page during browsing. The data collected are processed anonymously for strictly statistical purposes.

 

ADVERTISING AND TARGETING COOKIES
These advertising cookies are installed on your browsing device by us (or by the service providers who work for us) and allow you to view advertising banners on other websites that display the products you most recently consulted on our website.
While you browse around our website, these cookies are used to show you products that may interest you or are similar to that you have already viewed, on the basis of your browsing history. The use of such cookies does not usually require the processing of personal data but may permit connection to your computer or other devices in order to track saved data. These cookies connect to the browser installed on your computer or other devices used to browse our website.

 

ENABLING AND DISABLING COOKIES
There are various ways to manage cookies: from our website’s homepage, or in the banner that appears. If you do not select a preference, the banner will remain visible.
You can change the settings in your browser to accept or refuse cookies, or to choose which categories of cookies to accept and refuse. You can also choose to receive a warning message before accepting a cookie from any websites you have visited. It is also possible to delete all of the cookies installed in the cookies folder of your browser. However, it is important to remember that disabling all browser cookies in this manner may result in limited use of our interactive features.
If you use more than one computer in different locations, ensure that each browser is set according to your personal preferences.
Each browser has different procedures for managing settings.
Click on one of the links below for browser-specific instructions.
Microsoft Windows Explorer
Google Chrome
Mozilla Firefox
Apple Safari
Apple Safari Ios (mobile devices)
Opera

 

DELETION OF COOKIES AND BROWSING DATA
If you do not use any of the browsers indicated above, select “cookies” in the help section of your browser to discover the location of the cookies folder, so as to be able to enable, disable and delete cookies and browsing data. Free software is available online through which it is possible to entirely remove cookies and browsing data from the bowser at any time, such as CCleaner.

 

TYPES OF COOKIE
Cookies are classified by law into the following categories:
Same-Site Cookies: these cookies are installed directly by the websites that the user consults.
Third Party Cookies: these cookies are installed by a domain other than the website visited by the user.
Session Cookies: they are only active during a web browser session. They connect all of the activities carried out by the user during a web browser session. Session cookies expire when the browser is closed.
Persistent Cookies: they remain in the PC after the browser session is closed. They are reactivated by any subsequent visits to the website from which they originated, and they are stored on the computer’s hard disk for a length of time. They may be stored on the computer for days, months or even years.

 

COOKIES USED SPECIFICALLY BY THIS WEBSITE
Session
Type: session
This website uses cookies to save the user’s web session and to carry out only those activities necessary for the website to function.

 

GOOGLE ANALYTICS (with anonymized IP address)
Statistics
Type: third party
Google Analytics is a web analytics service provided by Google Inc. (“Google”).
Google may use personal data to contextualize and personalize advertising on its own advertising network.
It is possible to disable Google Analytics cookies by visiting the web Google GaOptOut web page and downloading the additional component for the web browser used.
Personal data collected: Cookies and Usage data
Processing Location: USA
Duration: 26 months
Privacy Policy

 

PLUGIN QTRANSLATE-X
Functionality (preference)
Type: same-site
This website uses persistent cookies to save the language chosen by the user and to allow for browsing of the website using the chosen language settings, even after the website is exited or the browser session is closed.
Processing Location: ITALY
Duration: 12 months

 

GOOGLE MAP
Marketing
Type: third party
Some pages of the website use Google Maps.
Google may use personal data to contextualize and personalize advertising on its own advertising network.
Personal data collected: Cookies and Usage data
Processing Location: USA
Duration: from 6 to 24 months
Privacy Policy

 

GOOGLE FONT
Marketing
Type: third party
Google Fonts is a service that allows the user to see icons and characters managed by Google Inc. which permits the website to integrate such content within its web pages.
Personal data collected: Cookies and Usage data
Processing Location: USA
Duration: from 6 to 24 months
Privacy Policy

 

FONT AWESOME
Marketing
Type: third party
Font Awesome is a service that allows the user to see icons and characters managed by Fonticons, which permits the website to integrate such content within its web pages.
Personal data collected: Cookies and Usage data
Processing Location: USA
Duration: undisclosed
Privacy Policy

 

This page can be accessed via the link provided at the foot of each page of the website, pursuant to art. 122 paragraph 2 of Legislative Decree 196/2003 and subsequent to the simplified procedures regarding the explanation of and request for consent to the use of cookies published in Official Gazette no.126 on 3rd June 2014 and the corresponding Register of Measures no.229 on 8th May 2014 and subsequent technical guidelines.

 

All rights reserved. It is forbidden any use, total or partial, of the contents included in this website, including the storage, reproduction, reprocessing or distribution of the same contents through any technological platform, support or telematic network, without the authorization of the administrator.