Privacy Policy

PRIVACY POLICY

Notice on the Processing of Personal Data of Website Users Articles 13 and 14 of Regulation 2016/679/EU (also referred to as “GDPR”)
Why This Notice Is Important 
HORSTAMANN HOTELS GROUP S.R.L. (hereinafter also referred to as the “Company” or “Data Controller”) is committed to respecting and protecting your privacy and wants you to feel secure both while simply navigating the site and in the event you decide to register by providing us with your personal data to take advantage of the services made available to its Users and/or Customers. On this page, the Company intends to provide some information about the processing of personal data related to users who visit or consult the website accessible electronically from the address https://horstmannhotels.com (the “Site”). This notice is only for the Company's website and not for other websites that may be consulted by the user through links (for which reference should be made to their respective privacy policies/informations). The reproduction or use of pages, materials, and information contained within the Site, by any means and on any support, is not allowed without prior written consent from the Company. Copying and/or printing for strictly personal and non-commercial use is allowed (for requests and clarifications contact the Company at the addresses indicated below). Other uses of the contents, services, and information present on this site are not permitted.
Regarding the content offered and the information provided, the Company will strive to keep the Site's content reasonably updated and reviewed, without offering any guarantee on the adequacy, accuracy, or completeness of the information provided and expressly declines any responsibility for any errors of omission in the information provided on the Site.
Origin - Browsing Data 
The Company informs you that the personal data you provide and acquired in conjunction with the request for information and/or contact, registration to the site, and use of services through a smartphone or any other tool used to access the Internet, as well as data necessary for the provision of these services, including browsing data and data used for the possible purchase of products and services offered by the Company but also the mere “navigation” data of the site by Users, will be processed in compliance with applicable legislation. The computer systems and software procedures used for the operation of this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of the Internet. These are informations that are not collected to be associated with identified interests, but which by their very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes "IP addresses" or the domain names of computers used by users who connect to the site, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used in submitting the request to the web server, the size of the file obtained in response, the numerical code indicating the status of the response given by the web server (successful, error, etc.) and other parameters relating to the user's operating system and computer environment. These data are used only to obtain anonymous statistical information on the use of the site and to check its correct functioning and are deleted immediately after processing. It is highlighted that these data could be used to ascertain responsibility in case of computer crimes against the Company's website or other sites connected or linked to it: except for this possibility, currently, the data on web contacts do not persist for more than a few days.
Origin - Data Provided by the User 
The Company collects, stores, and processes your personal data for the purpose of providing the products and services offered on the Site, or for legal obligations. Regarding some specific Services, Products, Promotions, etc., the Company may process your data also for commercial purposes. In such cases, specific, separate, optional, and always revocable consent will be requested with the modalities and at the addresses indicated below.
The optional, explicit, and voluntary sending of electronic mail to the addresses indicated in the specific section of the Website, as well as the compilation of questionnaires (e.g., forms), communication via chat, push notifications via APP, social networks, call centers, etc., involves the subsequent acquisition of some of your personal data, including those collected through the use of the Apps and related services, necessary to respond to requests. We also inform you that when using the mobile connection to access digital content and services offered directly by the Company or by our Partners, it may be necessary to transfer your personal data to these third parties. We highlight that you could access the Site or connect to areas where you could be enabled to publish information using blogs or message boards, communicate with others, for example coming from the Company page on Facebook®, LinkedIn®, YouTube®, and other social network sites, review products and offers and post comments or content. Before interacting with these areas, we invite you to carefully read the General Conditions of Use considering that, in certain circumstances, the information published can be viewed by anyone with Internet access and all the information you include in your publications can be read, collected, and used by third parties.
Purposes of Processing and Legal Basis 
The data is processed for the purposes:
strictly connected and necessary for registration to the site www.azienda.it, to the services and/or Apps developed or made available by the Company, to the use of the related informational services, to the management of contact requests or information, for the execution of purchases of products and services offered through the Company site;
related to ancillary activities connected to the management of User/Customer requests and sending of feedback which may include the transmission of promotional material; for the completion of the purchase order of products and services offered, including aspects related to credit card payments, the management of shipments, the possible exercise of the right of withdrawal provided for distance purchases, the update on the availability of temporarily unavailable products and services;
related to the fulfillment of obligations provided by community and national regulations, the protection of public order, the ascertainment and repression of crimes;
direct marketing, i.e., sending advertising material, direct sales, market research, or commercial communication of products and/or services offered by the Company; this activity may also concern products and services of Company Group companies and be performed through the sending of advertising/informative/promotional material and/or invitations to participate in initiatives, events, and offers aimed at rewarding users/customers, carried out with “traditional” methods (by way of example, paper mail and/or operator calls), or through “automated” contact systems (by way of example, SMS and/or MMS, telephone calls without operator intervention, email, fax, interactive applications), pursuant to art. 130 c. 1 and 2 of Legislative Decree 196/03 and subsequent modifications. The provision of data for the purposes referred to in points 1), 2), and 3), connected to a pre-contractual and/or contractual phase or functional to a user's request or provided by a specific normative provision, is mandatory and, in its absence, it will not be possible to receive the information and access any requested services; regarding the point 4) of this Notice, the consent to the processing of data by the user/customer is instead free and optional and always revocable without consequences on the usability of the products and services except for the Company's inability to keep updated on new initiatives or on particular promotions or advantages possibly available to users/customers. The Company may send commercial communications related to products and/or services similar to those already provided, pursuant to Directive 2002/58/EC, using the email or postal addresses indicated by you on these occasions to which you may object with the methods and contact details below.
Methods, Logic of Processing, Retention Time, and Security Measures The processing is carried out also with the aid of electronic or automated means and is performed by the Company and/or by third parties which the Company can use to store, manage, and transmit the data. The processing of your data will be carried out with logic of organization and processing of your personal data, including logs originated from access and use of services made available via the web, of the products and services used related to the above purposes and, in any case, so as to guarantee the security and confidentiality of the data. The personal data processed will be kept for the times prescribed by the legislation in force at the time.
Again, with regard to data security, in the sections of the website prepared for particular services, where personal data are requested from the user navigator, the data is encrypted using a security technology called Secure Sockets Layer, abbreviated SSL. SSL technology encrypts the information before it is exchanged via the Internet between the user's computer and the Company's central systems, making it incomprehensible to unauthorized parties and thus guaranteeing the confidentiality of the information transmitted; furthermore, transactions made using electronic payment instruments are carried out using directly the platform of the Payment Service Provider (PSP) and the Company retains only the minimum set of information necessary to manage any disputes. Specifically referring to aspects of the protection of personal data, the user/customer is invited, under art. 33 of the GDPR, to report to the Company any circumstances or events from which a potential “personal data breach (data breach)” may arise in order to allow an immediate assessment and the adoption of any actions aimed at countering such event by sending a communication to privacy@Company.it or contacting Customer Service. The measures adopted by the Company do not exempt the Client from paying the necessary attention to the use, where required, of adequately complex passwords/PINs, which should be updated periodically, especially if he/she believes that they have been violated/know by third parties, as well as keeping them with care and making them inaccessible to others, in order to prevent unauthorized and improper use.
Cookies 
A cookie is a short string of text that is sent to your browser and, if applicable, saved on your computer (alternatively on your smartphone/tablet or any other tool used to access the Internet); this sending generally occurs every time you visit a website. The Company uses cookies for different purposes, in order to offer you a fast and safe digital experience, for example, allowing you to keep the connection to the protected area active while browsing through the pages of the site. The cookies stored on your terminal cannot be used to recall any data from your hard disk, transmit computer viruses or identify and use your email address. Each cookie is unique in relation to the browser and device you use to access the Website or use the App of the Company. Generally, the purpose of cookies is to improve the functioning of the website and the user's experience in using it, although cookies can be used to send advertising messages (as specified below). For more information on what cookies are and how they work, you can consult the website “All about cookies” http://www.allaboutcookies.org .
Areas of Communication and Data Transfer 
For the pursuit of the above-mentioned purposes, the Company may communicate and have processed, in Italy and abroad, the personal data of users/clients to third parties with whom we have relationships, where these third parties provide services at our request. We will provide these third parties only with the information necessary to perform the services requested taking all measures to protect your personal data. Data may be transferred outside the European Economic Area if this is necessary for the management of your contractual relationship. In such case, the recipients of the data will be imposed with obligations of protection and security equivalent to those guaranteed by the Data Controller. In case of use of services offered directly by Partners, we will provide only the data strictly necessary for their execution. In any case, only the data necessary to pursue the purposes envisaged will be communicated and, where required, the applicable guarantees applicable to data transfers to third countries will be applied. We may also disclose personal data to our commercial service providers, for marketing reasons, to such purpose appointed external processors. Moreover, personal data may be communicated to the competent public bodies and authorities for compliance with regulatory obligations or for the assessment of responsibility in case of computer crimes against the site as well as communicated to, or allocated at, third parties (in their capacity as Data Processors or, in the case of electronic communication service providers, as independent data controllers), who provide computer and telematic services (e.g., hosting, management and development of websites) and whom the Company uses for performing tasks and activities of technical and organizational nature instrumental to the functioning of the website. Subjects belonging to the categories above act as separate Data Controllers or are designated as Data Processors appointed by the Company. Personal data may also be known to Company employees/consultants who are specially trained and appointed as Data Processors. The categories of recipients to whom the data can be communicated are available by contacting the Company at the addresses below.
Rights of the Data Subjects 
You may exercise your rights granted by the law at any time, including the right to: a) access your personal data, obtaining evidence of the purposes pursued by the Controller, the categories of data involved, the recipients to whom the data can be communicated, the applicable retention period, the existence of automated decision-making processes; b) obtain without delay the correction of any inaccurate personal data concerning you; c) get, in the cases provided, the deletion of your data; d) obtain the restriction of processing or to oppose the processing where possible; e) request the portability of the data you have provided to the Company, i.e., to receive them in a structured, commonly used, and machine-readable format, also to transmit such data to another controller, within the limits and the constraints provided by art. 20 of GDPR; Moreover, you can lodge a complaint with the Data Protection Authority under art. 77 of the GDPR. For the processing referred to in point 4) of the purposes, the Customer may always revoke the consent and exercise the right to object to direct marketing (in “traditional” and “automated” form). The objection, in the absence of any contrary indication, will be referred to both traditional and automated communications.
Data Controller 
The Data Controller, under art. 4 of the GDPR, is HORSTAMANN HOTELS GROUP S.R.L., VIA LUNGOLAGO MARCONI N. 11 – 25010 LIMONE SUL GARDA (BS) VAT No.: 04177150986 - Tax Code: 04177150986 The rights mentioned above can be exercised at the request of the Interested Party by the methods disclosed by the Customer Service or on the Company's WEB site or using the following references: BELLICINI REGINA (horstmannhotelsgroup@unapec.it). The use of the Website, including those intended for tablets and/or smartphones, by the Client and/or User implies full knowledge and acceptance of the content and any indications included in this version of the notice published by the Company when the site is accessed. The Company informs that this notice can be modified without any prior notice and therefore recommends a periodic reading. 
The Data Controller HORSTAMANN HOTELS GROUP S.R.L. 
This privacy notice was updated on 01/02/2024