PRIVACY & COOKIES
Information to customers
This information is provided to customers, whether they are natural persons or natural persons who operate in the name and on behalf of customers who are legal entities, of River Castle Central Verona, pursuant to art. 13 d. lgs. 196 of 30 June 2003 – “Personal data protection code” and art. 13 GDPR 679/2016 – “European regulation on the protection of personal data”.
Owner’s identity
The Data Controller of natural person customers, or of natural persons operating in the name and on behalf of legal entity customers, is Gaetano Di Leo of River Castle Central Verona based in Verona – Italy.
The DPO has not been designated.
Data source
The personal data processed are those provided by the interested party on the occasion of:
– Visits to the offices;
– Interactions through the website;
– Requests for information, also via email;
– Previous transactions.
Purpose of the treatment
Fiscal compliance, organizational management and bureaucratic fulfillment of the requested services. Negotiation management and pre-contractual and post-contractual relationships. Management of the commercial activities object of the entrepreneurial activity.
Finally, all the personal data of the aforementioned interested parties will be entered in the archives of the Data Controller and used (in view of article 130 paragraph 4 of Legislative Decree 196/2003 and also in view of the General Provision of the Guarantor Official Gazette 1 July 2008 No. 188 /C, formulation 6, points a, b, c) for sending communications concerning products, services, news and promotions.
Legal basis
The legal basis is constituted by the execution of a contract of which the interested party is a part or the execution of pre-contractual measures adopted at the request of the same. Some treatments are carried out for the legitimate interest of the Data Controller (promotion of its commercial activities and pursuit of statutory purposes).
Data Recipients
The personal data processed by the Data Controller will not be disclosed, or will not be disclosed to indeterminate subjects, in any possible form, including that of making them available or simple consultation. Instead, they may be communicated to workers who work for the Data Controller and to some external subjects who collaborate with them. They may also be communicated, within the strictly necessary limits, to subjects who, for the purpose of fulfilling purchases or other requests or services relating to the transaction or contractual relationship with the Owner, must supply goods and/or perform services or services. Finally, they may be communicated to subjects entitled to access them by virtue of the provisions of the law, regulations, community regulations. In particular, on the basis of the roles and job duties performed, some workers have been entitled to process personal data, within the limits of their competences and in compliance with the instructions given to them by the Data Controller.
Data transfer
The Data Controller does not transfer personal data to third countries or to international organizations. However, it reserves the right to use cloud services; in which case, the service providers will be selected from among those who provide adequate guarantees, as required by art. 46 GDPR 679/16.
Data Retention
The Data Controller retains and processes personal data for the time necessary to fulfill the purposes indicated. Subsequently, the personal data will be kept, and not further processed, for the time established by the current provisions on civil and fiscal matters.
Rights of the interested party
With reference to the art. 7 of Legislative Decree 196/2003 and Articles 15 – right of access, 16 – right of rectification, 17 – right of cancellation, 18 – right of limitation of treatment, 20 – right of portability, 21 – right of opposition, 22 right of opposition to the automated decision-making process of the GDPR 679/ 16, the interested party exercises his rights by writing to the Data Controller at the above address, or by email, specifying the subject of his request, the right he intends to exercise and attaching a photocopy of an identity document certifying the legitimacy of the request.
Withdrawal of consent
With reference to the art. 23 of Legislative Decree 196/2003 and art. 6 of the GDPR 679/16, the interested party can revoke any consent given at any time. However, the processing object of this information is lawful and permitted, even in the absence of consent, as it is necessary for the execution of a contract of which the interested party is a part (the supply relationship) or for the fulfillment of his requests.
Proposal of complaint
The interested party has the right to lodge a complaint with the supervisory authority of the state of residence.
Refusal to provide data
Customers who are natural persons cannot refuse to provide the Data Controller with the personal data necessary to comply with the laws governing commercial transactions and taxation. The provision of further personal data may be necessary to improve the quality and efficiency of the transaction. Therefore, the refusal to provide the data required by law will prevent the fulfillment of orders; while failure to provide additional data may compromise all or part of the fulfillment of other requests and the quality and efficiency of the transaction itself.
Persons who work in the name and on behalf of legal entity clients may refuse to provide the Data Controller with their personal data. However, the provision of personal data is necessary for a correct and efficient management of the contractual relationship. Therefore, any refusal to provide data may compromise all or part of the contractual relationship itself.
Automated decision-making processes
The Data Controller does not carry out treatments consisting of automated decision-making processes on the data of customers who are natural persons, or of natural persons who operate in the name and on behalf of customers who are legal entities.
Supplier information
This information is provided to natural persons who operate in the name and on behalf of the suppliers of the River Castle Central Verona company pursuant to art. 13 d. lgs. 196 of 30 June 2003 – “Personal data protection code” and art. 13 GDPR 679/16 – “European regulation on the protection of personal data”.
Owner’s identity
The Data Controller of natural persons working in the name and on behalf of suppliers is Gaetano Di Leo owner of River Castle Central Verona – Verona – Italy, is its pro tempore legal representative Gaetano Di Leo.
The DPO has not been designated.
Data source
The personal data processed are those provided by the interested party on the occasion of:
– Visits or phone calls;
– Direct contacts for participation in shows, exhibitions, etc.;
– Proposition of offers;
– Post-order transmissions and transactions.
Purpose of the treatment
The personal data of natural persons who work in the name and on behalf of suppliers are processed for:
– Forward communications of various kinds and with different means of communication (telephone, mobile phone, sms, email, fax, paper mail);
– Formulate requests or process requests received;
– Exchange information aimed at the execution of the contractual relationship, including pre- and post-contractual activities.
Legal basis
The treatment is necessary for the execution of a contract of which each supplier is a part or for the execution of pre-contractual measures adopted at the request of the same.
Data Recipients
The personal data processed by the Data Controller will not be disclosed, or will not be disclosed to indeterminate subjects, in any possible form, including that of making them available or simple consultation. Instead, they may be communicated to the workers of the Data Controller and to some external subjects who collaborate with them. They may also be communicated, within the strictly necessary limits, to subjects who, for the purpose of issuing our orders or requests for information and estimates, must supply goods and/or perform services or services on our behalf. Finally, they may be communicated to subjects entitled to access them by virtue of the provisions of the law, regulations, community regulations.
In particular, on the basis of the roles and job duties performed, some workers have been entitled to process personal data, within the limits of their competences and in compliance with the instructions given to them by the Data Controller.
Data transfer
The Data Controller does not transfer personal data to third countries or to international organizations.
However, it reserves the right to use cloud services; in which case, the service providers will be selected from among those who provide adequate guarantees, as required by art. 46 GDPR 679/16.
Data retention
The Data Controller retains and processes personal data for the time necessary to fulfill the purposes indicated. Subsequently, the personal data will be kept, and not further processed, for the time established by the current provisions on civil and fiscal matters.
Rights of the interested party
With reference to the art. 7 of Legislative Decree 196/2003 and Articles 15 – right of access, 16 – right of rectification, 17 – right of cancellation, 18 – right of limitation of treatment, 20 – right of portability, 21 – right of opposition, 22 – right of opposition to the automated decision-making process of the GDPR 679 /16, the interested party exercises his rights by writing to the Data Controller at the above address, or by email, specifying the subject of his request, the right he intends to exercise and attaching a photocopy of an identity document certifying the legitimacy of the request.
Withdrawal of consent
With reference to the art. 23 of Legislative Decree 196/2003 and art. 6 of GDPR 679/16, the interested party can revoke any consent given at any time.
However, the processing covered by this information is lawful and permitted, even in the absence of consent, as it is necessary for the execution of a contract of which the interested party is a party (the relationship for the supply of products and services).
Proposal of complaint
The interested party has the right to lodge a complaint with the supervisory authority of the State of residence.
Refusal to provide data
The interested party may refuse to provide the Data Controller with his personal data.
However, the provision of personal data is necessary for a correct and efficient management of the contractual relationship. Therefore, any refusal to provide data may compromise all or part of the contractual relationship itself.
Automated decision-making processes
The Data Controller does not carry out treatments that consist of automated decision-making processes.
Information on cookies and website navigation (with traffic analysers)
This information is provided to natural persons who access and consult the River Castle Central Verona website pursuant to art. 13 d. lgs. 196 of 30 June 2003 – “Personal data protection code” and art. 13 GDPR 679/16 – “European regulation on the protection of personal data”.
Owner’s identity
This WEB site is managed by Gaetano Di Leo, Data Controller of River Castle Central Verona based in Verona – Italy. The Data Controller guarantees the security, confidentiality and protection of the personal data in their possession, at any stage of the processing process. The personal data collected is used in compliance with Legislative Decree 196/2003 and GDPR 679/16.
The DPO has not been designated.
Purpose of the treatment
The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of internet communication protocols. This is information that is not collected to be associated with identified interested parties, but which by their very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes the IP addresses or domain names of the computers used by users who connect to the site, the addresses in URI (Uniform Resource Identifier) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error ..) and other parameters relating to the operating system and the user’s IT environment. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning and are canceled immediately after processing. The data could be used to ascertain responsibility in the event of hypothetical computer crimes against the site.
Legal basis of the treatment
The use of technical cookies is a treatment carried out in the legitimate interest of the owner; the use of analytical cookies is carried out with the consent of the interested party.
Data Recipients
The Data Controller does not communicate any personal identification data or information to third parties except, possibly and to the extent strictly necessary, to those who act as suppliers for the provision of services relating to the management of the website and for the consequent management of the contractual relationship and related administrative obligations.
Data transfer
The Data Controller does not transfer personal data to third countries or to international organizations.
Data Retention
The Data Controller keeps the data for the time necessary to obtain anonymous statistical information on the use of the site and to check its correct functioning. The data is deleted immediately after processing.
Rights of the interested party
With reference to the art. 7 of Legislative Decree 196/2003 and Articles 15 – right of access, 16 – right of rectification, 17 – right of cancellation, 18 – right of limitation of treatment, 20 – right of portability, 21 – right of opposition, 22 right of opposition to the automated decision-making process of the GDPR 679/ 16, the interested party exercises his rights by writing to the Data Controller at the above address, or by email, specifying the subject of his request, the right he intends to exercise and attaching a photocopy of an identity document certifying the legitimacy of the request.
Withdrawal of consent
With reference to the art. 23 of Legislative Decree 196/2003 and art. 6 of the GDPR 679/16, the interested party can revoke the consent at any time.
Proposal of complaint
The interested party has the right to lodge a complaint with the supervisory authority of the state of residence.
Refusal to provide data
The interested party can refuse to give the Owner his navigation data. To do this, you must disable cookies by following the instructions provided by the browser in use. Disabling cookies can make navigation and use of the site’s features worse.
Automated decision-making processes
The Data Controller does not carry out treatments that consist of automated decision-making processes.
Types of Cookies
Cookies are information entered on the user’s browser when you visit a website or use a social network with your PC, smartphone or tablet. Each cookie contains various data such as, for example, the name of the server it comes from, a numeric identifier, etc. Cookies can remain in the system for the duration of a session (ie until the browser used for web browsing is closed) or for long periods and can contain a unique identification code.
Technical cookies
Some cookies are used to perform computer authentication, session monitoring and storage of specific information on users who access a web page. These so-called technical cookies are often useful, because they can make browsing and use of the web quicker and faster, because for example they intervene to facilitate certain procedures when you shop online, when you authenticate to areas with restricted access or when a website automatically recognizes the language you usually use. A particular type of cookie, called analytics, is then used by website managers to collect information, in aggregate form, on the number of users and how they visit the site, and therefore develop general statistics on the service and its use.
Profiling cookies
Other cookies can instead be used to monitor and profile users while browsing, study their movements and web consultation or consumption habits (what they buy, what they read, etc.), also for the purpose of sending advertising of targeted services and customized (so-called Behavioral Advertising). In this case we are talking about profiling cookies. It may happen that a web page contains cookies from other sites and contained in various elements hosted on the page itself, such as advertising banners, images, videos, etc. These are the so-called third-party cookies, which are usually used for profiling purposes. Given the particular invasiveness that profiling cookies (especially those from third parties) can have in the private sphere of users, European and Italian legislation requires the user to be adequately informed about their use and express their valid consent to the placement of cookies on your terminal
Cookies used
The site www.rivercastlecentralverona.com uses cookies to make the site’s services simpler and more efficient for the user who views the web pages. Users who access the site will receive some very small amounts of information in their devices in use, whether they are computers or mobile devices, in the form of small text files, the “cookies” in fact, stored in the directories used by their browser. The cookies used by www.rivercastlecentralverona.com allow you to:
– Memorize navigation preferences;
– Avoid re-entering the same information several times;
– Analyze the use of the services and content provided by the site to optimize the browsing experience.
The website www.rivercastlecentralverona.com uses Google Analytics or ShinyStat. In this case, the information generated by the cookie on the use of the site is transmitted to Google Inc. or Triboo Data Analytics srl and stored on its servers. These recipients of the data use this information for the purpose of producing reports on the site’s activities, intended for the Data Controller or for subjects appointed by it. It is possible to refuse the provision of navigation data by selecting the appropriate setting on the browser. In this regard, please refer to the information published on the Google site: https://www.google.it/intl/it/policies/privacy/ and to the browser add-on for deactivating Google Analytics: https://tools. google.com/dlpage/gaoptout?hl=it or at https://www.shinystat.com/it/informativa_privacy_generale_app.html. However, this choice could prevent you from using all the site’s features. On the contrary, by accepting the use of cookies as described above and continuing to browse, the user gives free and unconditional consent to the processing of personal data by the Committee and by Google or Inc. Triboo Data Analytics srl in the manner and for the purposes indicated above. From the moment the user clicks on any Facebook, Twitter, Youtube, Instagram etc. icons, he is directed to the respective sites and receives cookies from these that are not under the control of the owner. Finally, if the user arrives on the site after clicking on a banner published on another site, he should know that the manager of the advertising network has assigned the cookies necessary to detect the throughput and the amount of any purchases made. The responsibility for the management of these cookies lies with the manager of the advertising network whose information can usually be consulted on its institutional website.
Brief information on cookies (with Analytics)
This site does not use profiling cookies, either its own or from other sites. Technical cookies are used to allow easier use of some site features and Google Analytics (or ShinyStat or other web traffic analysers) to improve site functionality. The detailed information on the navigation of this site can be consulted by pressing the “privacy policy” button. By following the links in the information, you can learn how to disable Google Analytics (or ShinyStat or other web traffic analysers). The detailed information on the navigation of this site can be consulted by pressing the “privacy policy” button. To disable technical cookies, follow the instructions of the browser in use. By pressing the “OK” button, you explicitly express your consent to the use of the cookies indicated and to the communication of navigation data to third parties (Google, ShinyStat or others).
Information for people who fill out the “booking” form
This information is provided to natural persons who access and consult the River Castle Central Verona website, pursuant to art. 13 d. lgs. 196 of 30 June 2003 – “Personal data protection code” and art. 13 GDPR 679/16 – “European regulation on the protection of personal data”.
Owner’s identity
This WEB site is managed by Gaetano Di Leo, Data Controller of River Castle Central Verona based in Verona – Italy. The Data Controller guarantees the security, confidentiality and protection of the personal data in their possession, at any stage of the processing process. The personal data collected is used in compliance with Legislative Decree 196/2003 and GDPR 679/16.
The DPO has not been designated.
Stakeholders
This information is given to natural persons who fill in the “Booking” form proposed by the River Castle Central Verona site www.rivercastlecentralverona.com based in Verona – Italy.
Data source
The data is provided spontaneously by the interested party through the form proposed on the website www.rivercastlecentralverona.com.
Purpose of the treatment
The personal data of natural persons who fill out the “Booking” form are processed to process their requests.
Legal basis of the treatment
The personal data of natural persons who complete the “Booking” form are lawfully processed for the execution of a contract of which the interested party is a part or execution of pre-contractual measures adopted at the request of the same (the request forwarded).
Data Recipients
The personal data processed by the Data Controller will not be disclosed, or will not be disclosed to indeterminate subjects, in any possible form, including that of making them available or simple consultation. They may also be communicated to the collaborators of River Castle Central Verona and, within the strictly necessary limits, to the subjects who, for the purpose of processing your request, must supply goods and/or perform services or services on our behalf. Finally, they may be communicated to subjects entitled to access them by virtue of the provisions of the law, regulations, community regulations.
Data transfer
The Data Controller does not transfer personal data to third countries or to international organizations.
However, it reserves the right to use cloud services; in which case, the service providers will be selected from among those who provide adequate guarantees, as required by art. 46 GDPR 679/16.
Data Retention
The Data Controller retains and processes personal data for the time necessary to fulfill the purposes indicated.
Rights of the interested party
With reference to the art. 7 of Legislative Decree 196/2003 and Articles 15 – right of access, 16 – right of rectification, 17 – right of cancellation, 18 – right of limitation of treatment, 20 – right of portability, 21 – right of opposition, 22 right of opposition to the automated decision-making process of the GDPR 679/ 16, the interested party exercises his rights by writing to the Data Controller at the above address, or by email, specifying the subject of his request, the right he intends to exercise and attaching a photocopy of an identity document certifying the legitimacy of the request.
Withdrawal of consent
With reference to the art. 23 of Legislative Decree 196/2003 and art. 6 of the GDPR 679/16, the interested party can revoke the consent at any time.
Proposal of complaint
The interested party has the right to lodge a complaint with the supervisory authority of the state of residence.
Refusal to provide data
The interested party may refuse to provide the Data Controller with his personal data as the provision is optional.
However, filling in the fields indicated is essential in order to be able to process the requests received.
Automated decision-making processes
The Data Controller does not carry out treatments that consist of automated decision-making processes.