Privacy policy

Data processing disclosure

This section explain in detail what information are in our system and how we handle them.

The Masseria Parco della Grava Azienda Agricola di Rosalia Dipierdomenico, with registered office in C.da Monte Pizzuto snc, Pezze di Greco (Brindisi) – 72010  CF DPRRSL87R67D508G and VAT: 02275870745 ( later described as “Holder”), as owner of the data processing, inform You under Article 13 D.Lgs. 30.6.2003 n. 196 (later described as “Privacy Code”), and the Article 13 UE Regulation n. 2016/679 (later described as “GDPR”) that Your data will be processed with the following modes and purposes:

  1. Subject of the data processing and purposes

This data processing sees as subject all the personal data, biographical and/or identifying, given from You at the moment to the conclusion of the contract for the services offered by the Holder.

Moreover, further data may be automatically gathered and processed, such as technical data ( for example IP address, browser type, location data) and/or cookies ( please go to section “Cookie”).

Your data is used for:

  • a) Ensuring the access to the services You negotiated by contract and providing You with the concerning assistance (for example messaging service with the Hotel and/or the generic Customer Care services);
  • b) Communicate our commercial initiatives (for example promotional and marketing material about new services and events
  • c) Conduct analysis activities and reports connected to the use of the negotiated services;
  • d) Conduct profiling activities, in particular for the creation of your business profile and / or for the analysis of your preferences, habits or consumption choices.

The processing of your personal data for the purposes indicated above will take place with the tools and methods described in paragraph 2 below

The possible refusal to give your consent to the data processing for the unique “purposes of provisionof the service” – reported sub a) – will make it impossible to use the service itself.

Your data will never be used for purposes other than those above indicated.

 

  1. Cookies/similar technologies, log files, and web beacons

Cookies/similar technologies. Please see our Cookie Policy to find out how you can manage your cookie settings and to get detailed information about the cookies we use and why we use them.

Log Files. We collect information in the form of log files that record your activities on the Internet Sites and collect statistical information about your browsing habits. These records are generated automatically, and help us to eliminate errors, improve performance, and ensure the security of our Internet Sites.

Web beacons. Web beacons (also known as “web bugs”) are small strings of code that produce a graphic image on an Internet page or in an e-mail for the purpose of relaying data back to us. Information collected via web beacons could include technical information such as your IP address, as well as information about how you respond to an e-mail campaign (e.g. what time the e-mail was opened, what links contained in the email you clicked on, etc.). We may use web beacons on our Web Sites or include them in e-mails we send you. We use the information obtained through web beacons for a variety of purposes including, but not limited to, site traffic reporting, single visitor counts, advertising, email monitoring and reporting, and personalization.

 

  1. Processing mode

The processing of Your personal data is implemented through the operations indicated under the Article 4 of the Privacy Code and Article 4 n.2) GDPR and precisely: data gathering, registration, organization, conservation, consultation, elaboration, modification, selection, extraction, comparison, use, interconnection, block, communication, cancellation and destruction. Your personal data are subject to paper and electronic and/or automated processing.

Data is gathered by the subjects indicated in point 4, under the indications of the relevant legislation, with particular attention to the security measures under the GDPR (art.32) for its processing through computer, manual and automated tools and with logics closely related to the purposes explained above in point 1, and anyway to ensure the data safety and confidentiality.

The data processing is carried by the Holder and/or the controller and/or sub processor.

 

  1. Retention period

For the purposes in point a) the Holder will retain the personal data for the necessary period to fulfil the above objectives, while complying with current laws, and in any case not over the legislative deadline under Article 2946 c.c. (10 yers).

For purposes of direct marketing and possible profiling- as in point b) c) and d) – personal data will be retained for a maximum period equal to the one provided for in the applicable rules, i.e. 24 and 12 months.

Invoices, accounting documents and data concerning the commercial activities, will be retained, according to the law, for a maximum period of 10 months.

 

  1. Entities data can be transmitted to

Your data are available for the purposes shown in Article 1:

  • a) To the employees and collaborators of the Holder in their quality of responsible and/or officer in charge and/or internal sub processors of the data processing.
  • b) Companies playing a role strictly connected and useful to the efficient operation – also technical – of the services offered by the Holder, like for example providers of the services of direct marketing and/or generally companies offering technical units to the provision of some service functions.
  • c) Institutions and government authorities as required by law.

The personal data will be retained on servers located in the European Union, subject to the Holder’s faculty to transfer its location. The personal data can be transferred towards Countries belonging to the European Union and towards third party countries outside of the European Union, exclusively under the purposes stated in point 1.

In this case, we ensure that the transfer takes place in the accordance of the existing legislation and that an adequate level of protection for the data processing is guaranteed, based on an adequacy decision, on standard clauses defined by the European Commission or Binding Corporate Rules.

 

  1. Rights of the data subject

As subject concerned, is entitled to exercise its rights under the Article 7 of the Privacy Code, and Article 15 and ss.GDPR, and precisely can:

  • a) Obtain from the Holder, at any moment, information about the existence of his personal data, its origin, the purposes and processing mode, and when available, to obtain access to the personal data and to the information under Article 15 of the GDPR;
  • b) Ask for the update, rectification, integration, cancellation, limitation of the data processing in the event that any of the following conditions under Article 18 of the GDPR is fulfilled, the anonymous transformation or the block off the personal data, processed infringed the law, including those in which it is not necessary the storage concerning the purposes the data has been gathered and processed for.
  • c) Oppose, totally or partly, for legitimate reasons, to the data processing, albeit relevant to the goal of the gathering and processing of the personal data for the purposes of commercial information or to send advertising material or of direct sale, i.e. the completion of market research or business communication. Every user has also the right to withdraw his consent at any moment, without prejudice to the lawfulness of the data processing based on the consent given before the withdrawal.
  • d) Receive the personal data, submitted knowingly and actively through the enjoyment of the service, in a structured format, customary and machine readable, and transmit it to another holder of the processing without obstacles.
  • e) Lodge a complaint to the Responsible Authorities for the protection of personal data in Italy.

 

  1. Procedures for the right exercise

You will be able at any moment to exercise Your rights sending a registered letter a.r to Masseria Parco della Grava , azienda Agricola Dipierdomenico Rosalia,  i.e. an email to the address direzione@parcodellagrava.it

 

  1. Holder, responsible and DPO

The Holder of the data processing is Masseria Parco della Grava Azienda Agricola di Rosalia Dipierdomenico, with registered office in C.da Monte Pizzuto snc, CF DPRRSL87R67D508G and P.IVA 02275870745 as pro-tempore legal representative.

The Holder of the processing makes use of controllers to achieve the objects specified in point 1 and of a Data Protection Officer (DPO) to ensure the protection of personal data.