Privacy

Hotel Giotto Flavia firmly believes that transparency lies at the root of the relationship with its customers and users. For this reason, it wishes to apply maximum clarity on how to use personal data The procedures for managing the website are described below, with reference to the processing of personal data of users who consult it. This is an information notice that is provided, pursuant also to: 1. Article 13 of Regulation (EU) 2017/679 “Protection of natural persons with regard to the processing of personal data, as well as the free movement of such data” (in short, GDPR); 2. Article 13 of Legislative Decree No. 196/03 “Personal data protection code” (in short, Privacy Code); to those who interact with the web services of Holitaly S.r.L. , accessible electronically from the address: www.giottoflaviahotel.com . The information notice is also based on Recommendation No. 2/2001 that the European Authorities for the protection of personal data, gathered in the Group established by Article 29 of Directive No. 95/46/EC, adopted on 17 May 2001, to identify some minimum requirements for the collection of personal data online, and, in particular, the methods, timing and nature of the information that the Data Controllers must provide users when they connect to the web pages, regardless of the purpose of the connection.

Personal Data Controller
The Data Controller is Holitaly S.r.L. Hotel Giotto Flavia, Via Flavia 84 - 00189 Roma , with registered office in Via Cardinal Agliardi n. 15 - 00165 Roma - Italy

Data Supervisors:
An internal personal data supervisor has been appointed, and the external data supervisors to whom the data are communicated for the various processing purposes have been appointed. The complete list of data supervisors can be requested from info@giottoflaviahotel.com .

Place of personal data processing
The processing operations connected with the web services of this site take place at the Company's headquarters in Milan and are only handled by technical staff of the Office in charge of processing. For the various specific services, the related data are processed by the personnel of specialised companies, appointed as Data Supervisors pursuant to Article 29 of the GDPR and Article 29 of the Privacy Code, at the headquarters of the company itself. 

Type of data processed

Navigation data
The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This is information that is not collected to be associated with identified data subject, but which, by its very nature, could, through elaboration and association with data held by third parties, allow users to be identified. This category of data includes IP addresses or domain names of the computers used by users connecting to the site, the addresses in the Uniform Resource Identifier (URI) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (success, error, etc.) and other parameters relating to the operating system and the user’s computer environment. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning, and are deleted immediately after processing. The data could be used to ascertain liability in case of hypothetical computer crimes against the site. Data provided by the user The optional, explicit and voluntary sending of e-mails to the addresses indicated on this site entails the subsequent acquisition of the sender's address, necessary to respond to requests, as well as any other personal data included in the message. For some specific services, the provision of personal data is required; detailed information is shown on the pages of the site prepared for particular services on request.

Consent to data processing
Except as specified for navigation data, the user is free to provide his personal data and provide consent to the various data elaborations indicated in the specific information notices.

Processing methods
Personal data are processed through automated tools for the time strictly necessary to achieve the purposes for which they were collected. Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorised access.

Data subjects’ rights
The subjects to whom the personal data relate have the right at any time to obtain confirmation of the existence or otherwise of the data themselves and to know their content and origin, verify their accuracy or request their integration or updating, or their rectification (Article 15 of the GDPR and Article 7 of the Privacy Code). Pursuant to the same articles, you have the right to request the erasure, anonymisation or blocking of data processed in breach of the law, and to oppose in any event, for legitimate reasons, to their processing. Requests should be sent via e-mail to the address: info@giottoflaviahotel.com .

This information notice Rev. 00 was issued on 1 June 2019 and is effective from 21 June 2019.