Privacy Policy

INFORMATION ON THE PROCESSING OF PERSONAL DATA
PURSUANT TO ARTICLE 13 OF REGULATION (EU) 2016/679

Data subjects: users who consult the website www.rimini-eventi.it of “MAXIMILIAN’S HOTELS S.R.L.”

WHY THIS INFORMATION
Pursuant to Regulation (EU) 2016/679 (hereinafter “Regulation” or “GDPR”), this page describes the methods for processing the personal data of users who consult the website of “MAXIMILIAN’S HOTELS S.R.L.” accessible online at the following address: www.rimini-eventi.it

This information does not concern other websites, pages, or online services that may be accessible through hyperlinks published on this website but refer to resources external to the domain www.rimini-eventi.it

DATA CONTROLLER
Following the consultation of this website, data relating to identified or identifiable natural persons may be processed.
The Data Controller is MAXIMILIAN’S HOTELS S.R.L., with registered office at Via Amerigo Vespucci 20 - 47900 Rimini (RN) and operational offices at Via Amerigo Vespucci 20 - 47900 Rimini (RN) and Lungomare Murri, 4/B - 47921 Rimini (RN), VAT No.: 03782880409.

DATA PROTECTION OFFICER (DPO)
The Data Protection Officer (DPO) is Studio Paci & C. Srl (Contact person: Dr. Gloriamaria Paci), who may be contacted at:
• Email: dpo@studiopaciecsrl.it
• Telephone: +39 0541 1795431.

TYPES OF DATA PROCESSED, PURPOSE OF PROCESSING, AND LEGAL BASIS
1) Browsing data
Legal basis: “data processing necessary for website navigation” - contractual obligation - Art. 6(1)(b) GDPR
The IT systems and software procedures responsible for the functioning of this website acquire, during their normal operation, certain personal data whose transmission is implicit in the use of Internet communication protocols.
This category of data includes:
• IP addresses or domain names of the computers and devices used by users,
• URI/URL (Uniform Resource Identifier/Locator) addresses of the requested resources,
• the time of the request,
• the method used to submit the request to the server,
• the size of the file obtained in response,
• the numerical code indicating the status of the server’s response (successful, error, etc.),
• and other parameters related to the user's operating system and IT environment.
Such data, necessary for navigating the website and accessing its contents, are also processed by the Data Controller for the purpose of:
• obtaining aggregated and anonymous statistical information regarding the use of the website (e.g., most visited pages, number of visitors by time slot or day, geographical areas of origin, etc.);
• verifying the correct functioning of the content offered by the website; 
• preventing or countering possible cybercrimes, fraudulent use of website functionalities, including for the purpose of reconstructing security incidents and ensuring traceability.

Retention period:
Browsing data, in compliance with the principles of lawfulness, purpose limitation, and data minimisation under Article 5 of the GDPR, will be retained for a period not exceeding the achievement of the technical purposes described above for which they are collected and processed, without prejudice to any requirements of the Judicial Authority for the ascertainment of criminal offences.

2) Data provided by the user
Legal basis: “data processing necessary to respond to users’ requests” - contractual obligation - Art. 6(1)(b) GDPR.
The optional, explicit, and voluntary sending of messages to the contact addresses of “MAXIMILIAN’S HOTELS S.R.L.”, private messages sent by users to the company’s institutional profiles/pages on social media (where this functionality is available), as well as the completion and submission of forms on the websites of “MAXIMILIAN’S HOTELS S.R.L.”, entails the acquisition of the sender’s contact details, necessary for responding, as well as all personal data included in such communications. Specific privacy notices are published on the pages of the website dedicated to the provision of particular services; where necessary, user consent is collected, with information provided on a case-by-case basis regarding the purposes and the optional nature of providing the data.

Retention period:
Data provided by the user are stored for the time necessary to manage each request; any subsequent retention for statistical purposes requires the anonymisation of such data (without prejudice to any requirements of the Judicial Authority for the ascertainment of criminal offences).

3) Cookies and other tracking systems
The website uses:
a) technical cookies necessary for user navigation, which facilitate proper browsing and access to the website’s content.
Legal basis: “contract, as they are functional and necessary.”
b) analytical cookies used to perform aggregated statistical analyses on users’ use of and interaction with the site.
Subject to the user’s consent.
Legal basis: “consent.”
c) profiling cookies, which allow the collection of information regarding user preferences during navigation and the creation of reports intended for targeted advertising and marketing campaigns.
Legal basis: “consent.”

Information on data processing, purposes, retention, and full cookie management, including consent and withdrawal, is available in the “Cookie Management” document, also accessible in the website footer.

4) Social Media Policy: Information on the processing of personal data carried out through the Social Media platforms used.
For information regarding the processing of personal data carried out by the operators of the Social Media platforms, please refer to the information they provide through their respective privacy policies. The Data Controller processes the personal data provided by users through the dedicated pages on the Social Media platforms as part of its corporate promotion and advertising purposes, in order to manage interactions with users (comments, public posts, messages, shares, etc.), in compliance with applicable data-protection legislation and with this privacy notice. Where necessary, user consent is collected, with information provided from time to time regarding the purposes and the voluntary nature of providing the data. Personal or “sensitive” data included in comments or public posts on the social media channels may be removed.

The platforms used are: Facebook https://www.facebook.com/maximilians.riccione

DATA RECIPIENTS
Recipients of the data collected through the use of some of the services listed above include subjects designated by the Data Controller, pursuant to Article 28 of the Regulation, as data processors, as well as additional service providers in the fields of web agencies, digital communication, system assistance, and any other digital service providers. A complete list may be requested by writing to info@maximilianshotels.it
Some data and information may be transmitted to or acquired by subjects identified as independent data controllers; such data relate to cookies, which are usually anonymised prior to transmission for statistical purposes. Where transfers to non-EU countries are envisaged, the safeguards adopted will be indicated, as described in paragraph 6 of this document.

The personal data collected are also processed by the staff of “MAXIMILIAN’S HOTELS S.R.L.”, who act on the basis of specific instructions provided regarding the purposes and methods of processing.

SECURITY OF PROCESSING
Personal data transmitted and stored for the time necessary to achieve the stated purposes are protected by specific technical and organisational security measures in accordance with Article 32 of the Regulation, capable of ensuring on a permanent basis the confidentiality, integrity, and availability of the data, as well as the ability to promptly restore access to personal data in the event of a physical or technical incident, including against the risks of destruction, loss, alteration, unauthorised disclosure of or access to personal data transmitted, stored, or otherwise processed.

TRANSFER OF PERSONAL DATA TO NON-EU COUNTRIES
The Data Controller does not transfer personal data to non-EU countries. Should such a need arise, data subjects will be informed in advance, and appropriate safeguards will be implemented for the transfer to recipients, which, depending on the case, may include: verification of the existence of adequacy decisions for the destination country issued by the European Commission; adoption of standard contractual clauses; and verification of any supplementary measures pursuant to EDPB Recommendation 01/2020. By way of derogation from these safeguards, for data processing operations (pursuant to Article 49 of the GDPR), where applicable, the existence of a contract or pre-contractual measures in favour of the data subject, or consent to the transfer, will be verified.

RIGHTS OF DATA SUBJECTS
Data subjects have the right to obtain from “MAXIMILIAN’S HOTELS S.R.L.”, in the cases provided for, access to their personal data, rectification, erasure, restriction of processing, data portability, as well as the right to object to processing and to withdraw consent (where used as the legal basis), pursuant to Articles 15 to 22 of the Regulation.
Requests may be submitted using the contact details of MAXIMILIAN’S HOTELS S.R.L., with its registered office at Via Amerigo Vespucci 20 - 47921 Rimini (RN), and operational offices at Via Amerigo Vespucci 20 - 47921 Rimini (RN) and Lungomare Murri 4/B - 47921 Rimini (RN), or by contacting the Data Protection Officer: Studio Paci & C. Srl (Contact person: Dr. Gloriamaria Paci), reachable at: dpo@studiopaciecsrl.it and telephone +39 0541 1795431.
To exercise their rights, data subjects may also use the form provided by the Italian Data Protection Authority, available on its website at the following link:
https://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/9038275

RIGHT TO LODGE A COMPLAINT
Data subjects who believe that the processing of their personal data carried out through this website is in breach of the provisions of the Regulation have the right to lodge a complaint with the Supervisory Authority, pursuant to Article 77 of the Regulation, or to bring an action before the competent courts (Article 79 of the Regulation). The complaint form is available on the website of the Italian Data Protection Authority at the following link: https://www.garanteprivacy.it/home/docweb/-/docwebdisplay/docweb/4535524

site.richiedi un preventivo alle struture site.visualizza le offerte delle strutture