La Rocca s.r.l. attaches great importance to your privacy and the security of your personal data; for this reason, we collect and process these data with the utmost care and attention, by adopting specific technical and structural measures to ensure the complete security of the processing.
La Rocca s.r.l. collects personal data such as name and surname, email, address, navigation data the transmission of which is implicit in the use of Internet communication protocols (IP addresses, URI addresses, other parameters regarding the operating system and the User’s IT environment).
In particular, such personal data are processed for the following purposes:
|A||Navigation on the Website||In this case, personal data are processed to fulfil contractual obligations and there is no need for a specific consent by the data subject.|
|B||Fulfilment of the obligations arising from laws, regulations, European legislation or provisions laid down by Authorities||In this case, personal data are processed to fulfil legal and statutory obligations, and to allow users to enjoy the service or good requested, and there is no need for a specific consent by the data subject.|
|C||Forwarding of commercial communications relating to promotions and/or other offers in the interest of the Data Controller or other Companies related to the Data Controller||In this case, personal data are processed based on specific User consent, except for commercial communications relating to products and/or services that are similar to those already purchased and/or subscribed by the User, for which the processing of data is based on a legitimate interest of the Data Controller.|
|D||Profiling activities, i.e. analysis and processing information regarding the customer, his/her preferences, habits and consumer choices.||In this case, personal data are processed based on specific User consent, except for the analysis of elementary data relating to his/her consumer preferences.|
Your personal data are processed by staff of La Rocca s.r.l. specifically authorized, pursuant to Art. 4, paragraph 10, of GDPR, to process data under specific instructions from the Data Controller.
Furthermore, your personal data will be transmitted to third parties we use for the provision of our services; these entities have been carefully selected by us and ensure compliance with regulations on personal data protection. These entities have been appointed as data processors pursuant to Art. 28 of GDPR, and are required to carry out their activities in accordance with the specific instructions received from La Rocca s.r.l. and under its control.
These third parties may belong to the following categories: financial operators; internet providers; IT services specialists; couriers; marketing agencies; market survey and data processing companies. A specific and updated list of these entities is available for consultation by the data subject at the Data Controller’s premises.
The data may be transmitted to third parties in case of mergers, acquisitions, company or branch transfer, and other extraordinary operations, as well as to anyone who is a legitimate recipient of communications under any law or regulation. For the processing purposes described above, your personal data may be transmitted to other companies of the Group of which La Rocca s.r.l. is a member, which will process them in compliance with the applicable data protection legislation and European regulations. It is understood that your personal data will not be disclosed to third parties for use in their own promotional activities and will in no way be disseminated.
Furthermore, your data may be transmitted to police forces and judicial or administrative authorities as required by law for the investigation and prosecution of crimes, the prevention of and protection from threats to public security, as well as to allow La Rocca s.r.l. to exercise or protect their own or third party rights before the competent authorities, and for other reasons related to the protection of the rights and freedoms of others.
The personal data supplied by you may also be disclosed to third parties appointed as Data Processors.
SECURITY BOOKING SYSTEM
FastBooking uses the credit cards provided at the time of booking in accordance with the PCI DSS (Data Security Standard of the Payment Card Industry) security protocol. All information sent to this site, if in an SSL session, is encrypted and protected against disclosure to third parties.
As a rule, personal data are not transferred to non-EU Countries or to international organizations; however, some of the third parties referred to in the preceding paragraph 4 may have their headquarters in States not belonging to the European Union.
In such cases, if these third parties do not provide an adequate level of data protection, as determined by specific decisions of the European Commission, your personal data will be transferred only with your consent or after specific agreements have been signed between La Rocca s.r.l. and said third parties, which agreements should contain specific safeguard clauses and appropriate guarantees for the protection of your personal data – so-called “Standard Contract Terms », also approved by the European Commission, or when the transfer is required to enter into and to execute an agreement between you and La Rocca s.r.l. or for the management of your requests.
We inform you that your data will be stored for a limited period of time varying as a function of the type of processing activity and of the specific purposes of the processing, as per example below:
At the end of said retention periods, your data will be permanently erased or in any case made irreversibly anonymous by La Rocca s.r.l.
The Data Subject’s personal data will not be disseminated. The Data Subject is entitled to request a complete and updated list of the individuals or entities designated as Data Processors from the contact person indicated below.
You may exercise your rights at any time in connection with the specific processing procedures relating to your personal data performed by La Rocca s.r.l.
For more information about the rights of the Data Subject, contact the Data Controller to ask for a full extract of the articles mentioned above.
We strive to protect your personal data with specific technological and organizational security measures aimed at preventing your personal data from being used illegally or fraudulently.
We test, check and regularly evaluate the effectiveness of said security measures in order to ensure continuous improvement in the security of our processing system.
Cookies are short text fragments (letters and/or numbers) that allow the web server to store information on the client (browser) to be reused during the same visit to the website (session cookies) or later, even at a distance of days (persistent cookies). Cookies are stored, according to user preferences by a single browser on the specific device used (PC, tablet, smartphone). Similar technologies may be used to collect information on the user’s behaviour and on the use of the services.
In the next sections of this document we will refer to cookies and to all similar technologies by simply using the term « cookie(s) ».
Types of cookies
We can distinguish different categories of cookies based on their characteristics and use:
Third party cookies
When visiting a website, you may receive cookies from the visited site (« Owner ») or from websites managed by other organizations (« Third Parties »). One example is the presence of « social plugins » (e.g., Facebook, Twitter, Google+) aimed at sharing content on social networks. The presence of these plugins involves the transmission of cookies from and to all the websites managed by third parties. The management of information collected by « third parties » is governed by the relevant information sheets, to which we refer the user.
Management of cookies
Users can decide whether to accept or reject cookies by using their browser settings.
Waiver of cookies
Totally or partially disabling technical cookies could prevent registered users from using certain functionalities of the website. Conversely, public contents can be accessed even if cookies are completely disabled.
Disabling third-party cookies does not affect navigability. Settings can be defined specifically for different websites and web applications. The best browsers allow users to define different settings for proprietary cookies and for third-party cookies.
For example, in Google Chrome, click on the wrench in the upper-right corner and select « Settings ». At this point, select ‘Show advanced settings (« Under the hood ») and change your privacy settings.
The website operator has enabled the anonymisation function for the IP address and subscribed the amendment on data processing in accordance with the European Directive 95/46/EC.
The purpose of these cookies is to provide users with advertising spaces that can be installed by third parties. Some are used to recognize individual advertising messages and know which ones have been viewed and when, so that, at the following visit on other affiliated websites, banners and/or advertising relating to certain products will be displayed based users’ navigation patterns. Users are assigned a technical identifier, but in no case shall personal identification data, such as the user’s name or address, be collected.
Other advertising cookies are used to assume a user navigation « profile », so as to propose advertising in line with his/her behaviour and interests in the web. This « profile » is anonymous and the information collected by these cookies do not allow the user’s identity to be traced.
We specifically highlight the use of « Google Analytics », « Linkedin Ads » and « Facebook Ads », including the so-called « advertising function ».
This is a web analysis service provided by Google, Linkedin, and Facebook, which use analytical cookies, that are installed on the user’s computer, to perform statistical analyses on aggregated data regarding the use of the visited websites. They also allow for visitor profiling (after their identification through “detection cookies ») based on the information contained in their ‘advertising cookies’, concerning three categories: age, sex, and marketing segments.
Visit https://www.google.com/analytics/learn/privacy.html?hl=itfor more information about the Google service.
Visit https://it-it.facebook.com/privacy/explanation for more information about the Facebook service.
Google’s Information Sheet: http://www.google.com/intl/it/policies/privacy/ regulates the processing of the personal data of the users who use products and services offered by Google.
The list of the cookies used by Google Analytics is available at the following link: https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage).
The Google Analytics opt-out browser add-on is available at the following link: https://tools.google.com/dlpage/gaoptout?hl=it.
The list of the cookies used by Linkedin is available at the following link: Https://www.linkedin.com/legal/cookie-table, where users can also control cookies.
Your personal data are processed by La Rocca s.r.l., with registered office in via Santa Caterina, 2 – 06084 Bettona, (PG), in its capacity of Data Controller pursuant to the EU GDPR.
For any question or request related to the processing of your personal data, you may contact the following
The contact details of the Group DPO are: firstname.lastname@example.org