Parco San Marco
Hotels & Beach Resort
Book

INFORMATION NOTICE PURSUANT TO ART. 13 OF THE REGULATION (EU) 2016/679 (“GDPR”)

According to art. 13 of the Regulation (EU) 2016/679 (General Data Protection Regulation) we provide you with the due information concerning the processing of your personal data carried out through this website.
This privacy statement applies only to our site and does not apply to other websites that the user may consult via links on the websites under the data controller’s domain name that shall not be held liable under any circumstances for websites of third parties. The information notice has also been based on the Directive 2002/58/EC, updated by Directive 2009/136/EC, on cookies as well as on the Provision of the Italian Data Protection Authority on cookies dated 08.05.2014.

1. DATA CONTROLLER, pursuant to art. 4 and art. 24 of the Regulation (EU) 2016/679 is LUXURY HOTELS AND RESORTS SAGL, Via al Fiume 6 - 6962 - Viganello, Svizzera as represented by the pro-tempore legal representative. You can contact the Controller at any time at the following contact: privacy@san-marco-hotels.com

2. PROCESSED PERSONAL DATA

Personal data
Any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person (such as name, last name, date of birth, address, email, telephone number).

Browsing data
During their ordinary course of operation, the IT systems and software procedures required to run this website acquire certain Personal Data, whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified Data Subjects but, by its very nature, it could enable identification of the users through the processing and matching of data held by third parties.
This data category includes IP addresses or domain names of computers used by the users who visit the site, as well as the URI addresses (Uniform Resource Identifier) of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file received in reply, the numerical code indicating the status of the reply from the server (done, error, etc.) and other parameters related to the operating system and the IT environment of the user.
These data are only used to obtain anonymous statistical information on the use of the website and to control its correct functioning. They are cancelled immediately after processing.

Legal Defence
The user’s Personal Data may be used by the owner of the website in a legal defence, or during the preparatory stages of potential proceedings, against any abuse by the user of the website or its connected services. The data may be used to ascertain responsibility in the event of any potential crimes, including computer  crimes, against the Controller.

Maintenance
The User’s Personal Data may be processed due to additional procedures and purposes linked to maintenance of the website.

Data provided voluntarily by the user
The optional and voluntary disclosure of personal data (e.g.: dispatching of electronic mail to the addresses indicated on this website and/or the completion of a data collection form on this website) entails the acquisition and processing of the voluntary disclosed user’s data (e.g. sender’s address, name, last name), necessary to reply to the request, as well as other personal data included in the email message (such as name, last name, address, telephone number, email address, credit card number, preferences about the reservation).
Specific information notices will be provided or made available in the website’s pages in relation to particular services or processing activities upon user’s request.

Cookies
LUXURY HOTELS AND RESORTS SAGL do not collect and/or automatically retrieve any personal data of the visitors to their websites.
The websites make use of session cookies solely to enable the secure browsing of the site. The cookies do not allow the collection of the users’ personal data. 
By viewing the website, visitors and users consent to the processing of their personal data by the cookies, in the manner and for the purposes set out above.


3. PURPOSES AND LAWFULNESS OF THE PROCESSING
Your personal data will be processed in accordance to the requirements for the lawfulness of processing set forth by art.  6 lett. a) of the Regulation (EU) 2016/679 (data subject’s consent) for the following purposes:
1. With reference to the browising data, to obtain anonymous statistical information on the use of the website and to control its correct functioning;
2. Upon user’s request, to send info/ to supply services as requested through the compilation of the data collection form or through the request of info or services;
3. Upon user’s request and consent, to send newsletter, periodic satisfaction surveys, special offers and promotions or other marketing communications in general, by e-mail, upon the compilation of data collection form for subscription to the newsletter. The user can revoke at any time the consent given for the receipt of marketing communications.
4. In relation to contractual and legal obligations (Article 6, letter b) and c) EU Reg. 2016/679), for the purposes of administrative and accounting management connected to the performance of organizational, administrative, financial and accounting activities.


4. PERSONAL DATA RECIPIENTS
Your personal data may be communicated to recipients processing your data as processors (art. 28 Reg. UE 2016/679) or persons in charge of processing activities under the authority of the Controller (art. 29 Reg. UE 2016/679), for the above described purposes. Your personal data may be communicated to third parties belonging to: Serenissima Informatica, Amadeus – service providers for the management of the information system and the telecommunications networks (including e-mail, newsletter and website management service) of the Controller;
– professionals, firms or consultancy companies;
– competent authorities for the fulfilment of obligations of law and/or regulations of public bodies, upon request.
The above mentioned subjects will act as data processors or may carry out their processing activities as independent data controllers. The list of respective appointed data processors is constantly updated and it is available at Controller’s headquarters and by contacting the same at privacy@san-marco-hotels.com.

 

5. DATA TRANSFER TO THIRD COUNTRIES
Your personal data may be communicated to companies contractually involved with the controller, located inside and outside the European Union, in order to comply with contractual obligations or related purposes and subject to the limits and conditions set forth by art. 44 and subsequent articles of the Regulation (EU) 2016/679.
The data subject may obtain information on the appropriate safeguards provided by the Controller pursuant to Article 46 of the Regulation (EU) 2016/679 relating to the transfer of the personal data by writing to privacy@san-marco-hotels.com.

 

6. METHODS OF DATA PROCESSING – DATA RETENTION
The processing will be carried out with methods and tools aimed at ensuring the best security and confidentiality, by persons specifically appointed to perform such processing activities pursuant to articles 28 and 29 of the Regulation (EU) 2016/679. According to the provisions set forth in art. 5 par. 1 lett. e) of the Regulation (EU) 2016/679, collected personal data shall be kept in a form which permits identification of data subjects for a period not exceeding the purposes for which the personal data were collected and subsequently processed.
Data retention periods depend on the purposes of the processing:
1. purposes related to technical navigation data for the correct functioning of the website: retention only for the related session, after which the data are deleted;
2. purpose of reply to info request/services supply request (up to 12 months for contact requests; 10 years for administrative / accounting / financial documentation relating to the provision of a service);
3. data collection for staff recruitment (up to 24 months);
4. newsletter, marketing or promotional communications in general (up to 24 months);
5. purpose of di administrative / accounting / financial management: 10 years as as required by law for the conservation of administrative / accounting / financial documentation.

 

7. NATURE OF DATA PROVISION AND REFUSAL
The provision of your personal data through the data collection form or provided in specific websites areas is optional but necessary. The refusal to provide your personal data will entail the impossibility to provide you with the services requested through the website and to obtain the information requested.

 

8. DATA SUBJECT’S RIGHTS
You may exercise your rights pursuant to articles 15, 16, 17, 18, 19, 20, 21, 22 of the Regulation EU 2016/679, in respect of and against each of the controllers, by contacting the controllers at the following contacts: privacy@san-marco-hotels.com or writing at Controller’s headquarters.
You have the right, at any time, to request the data Controller to access your personal data and receive the information concerning their processing such as the purposes of the processing, the categories of personal data concerned, the recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period, the existence of automated decision-making, including profiling. You have the right to rectify, erase your personal data or limit their processing. Where the processing is based on point (a) of Article 6(1) or point (a) of Article 9(2), you have the right to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal. You have the right to be informed of the appropriate safeguards pursuant to Article 46 of the Regulation (EU) 2016/679 relating to the transfer of your personal data. You have the right to the portability of your personal data; in such case the Controller shall provide you with your personal data in a structured, commonly used and machine-readable format, and you have the right to transmit those data to another controller. Furthermore, you have the right to object, at any time, to the processing of your data which is based on point (e) or (f) of Article 6(1) of the Regulation (EU) 2016/679, including profiling based on those provisions. Where your personal data are processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for such marketing (including profiling to the extent that it is related to such direct marketing). You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects or similarly significantly affects you. Without prejudice to any other administrative or judicial remedy, if you consider that the processing of your personal data infringes the Regulation (EU) 2016/679, you have the right to lodge a complaint with a supervisory authority.

 

9. CHANGES TO THIS PRIVACY POLICY STATEMENT
The Data Controller reserves the right to amend, update, supplement or remove parts of this Privacy Policy Statement at its own discretion and at any time. We encourage you to periodically review our Privacy Statement. For your convenience, when we post changes, we will revise the “last updated” date at the bottom of the statement. By using the website following the publication of any amendments, you agree to these changes.
Last update: May 2018
Data Controller – LUXURY HOTELS AND RESORTS SAGL
LEGAL MENTIONS
LUXURY HOTELS AND RESORTS SAGL
Via al Fiume 6
6962 Viganello
info@san-marco-hotels.com

 

LEGAL NOTICE
LUXURY HOTELS AND RESORTS SAGL makes information and products available on this website, subject to the following terms and conditions. By accessing this site, you agree to these terms and conditions. LUXURY HOTELS AND RESORTS SAGL reserves the right to change these terms and conditions, and the products, services, prices, and programs mentioned in this site at any time, at its sole discretion, without notice. LUXURY HOTELS AND RESORTS SAGL reserves the right to seek all remedies available by law and in equity for any violation of these terms and conditions. Any rights not expressly granted herein are reserved.

 

PERSONAL INFORMATION PROTECTION
This notice is intended to clarify the legal provisions regarding personal data protection, particularly as regards the rights of the individuals involved and the measures taken to protect them. For this purpose we inform anyone accessing our website and the addresses linked to it that:
While you are browsing our website, personal data and information may be collected as a result of the voluntary completion of forms found on the website, by means of files temporarily or permanently stored on your hard-disk (known as. Cookies) and by using other software components downloaded or activated while browsing (e.g. ActiveX components). 
The data thus collected will be processed by us in order to:
provide information or promotional material regarding our activities, including using electronic communication tools (e.g. fax, email, text messages, newsletters)
draw up offers and quotations
gather statistics about use of the website
speed up, improve and personalise the standard of service for users.
The data collected may be stored electronically or on paper and will be processed by us in accordance with all the legal measures introduced to protect the rights of the individuals concerned. In order to provide further information or facilitate browsing for users, links to other sites not produced by us (e.g. search engines, associated solution providers, etc.) might be hosted on our websites. The privacy policies applied by these websites are beyond our control and the safeguards provided in this notice do not extend to them. Our company declines any responsibility regarding the personal data that might be collected by them. Information will be memorized either electronically or on paper and may come to the knowledge of the staff at our company who process it.
The Holder of the information is the LUXURY HOTELS AND RESORTS SAGL: you should contact on email address privacy@san-marco-hotels.com.

 

REFERRALS AND LINKS
LUXURY HOTELS AND RESORTS SAGL has no influence on the design and contents of third party material linked, or referred to, from its web sites. Therefore, LUXURY HOTELS AND RESORTS SAGL expressly distances itself from such material, and rejects responsibility for any contents provided by third parties, unless they have full knowledge of illegal contents and would be able to prevent website visitors from viewing those pages.

 

STATISTICAL ANALYSIS
This website uses Google Analytics, a web analytics service provided by Google, Inc. ("Google"). Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States.
In case of activation of the IP anonymization, Google will truncate/anonymize the last octet of the IP address for Member States of the European Union as well as for other parties to the Agreement on the European Economic Area. Only in exceptional cases, the full IP address is sent to and shortened by Google servers in the USA. On behalf of the website provider Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage to the website provider.
Google will not associate your IP address with any other data held by Google. You may refuse the use of cookies by selecting the appropriate settings on your browser. However, please note that if you do this, you may not be able to use the full functionality of this website.
Furthermore you can prevent Google’s collection and use of data (cookies and IP address) by downloading and installing the browser plug-in available under https://tools.google.com/dlpage/gaoptout?hl=en-GB
https://tools.google.com/dlpage/gaoptout?hl=en-GB


Further information concerning the terms and conditions of use and data privacy can be found at http://www.google.com/analytics/terms/gb.html
https://www.google.com/analytics/terms/gb.htmlor
https://www.google.de/intl/en_uk/policies/
https://policies.google.com/?hl=en&gl=uk

Please note that on this website, Google Analytics code is supplemented by "anonymizeIp" to ensure an anonymized collection of IP addresses (so called IP-masking).

COPYRIGHT
The Layout of the web sites, diagrams, pictures and logos used, as well as the collection of individual contributions, are protected by copyright. Any duplication or use of objects such as diagrams, pictures or texts in other electronic or printed publications is not permitted without LUXURY HOTELS AND RESORTS SAGL's consent.
Part of the pictures: Photocase

 

 

AI AND AUTOMATED DECISION-MAKING


1. Introduction to AI Usage

We employ artificial intelligence (AI) technologies to enhance our services, optimize website functionality, and improve your overall experience. This section outlines how we process personal data using AI, the purposes of such processing, and your rights related to AI and automated decision-making.

2. Types of AI Applications

Our AI systems may be used for:

  • Personalized recommendations and marketing communications.
  • Analysis of user behavior to improve website functionality.
  • Automated decision-making processes to streamline services.


3. Automated Decision-Making and Profiling

Certain services may involve automated decision-making, including profiling. These processes rely on algorithms that analyze data patterns to offer tailored services and communications. The decisions made by these systems can have significant consequences, such as personalized marketing messages and service recommendations.

4. Logic and Consequences

Automated decisions are based on predefined algorithms that evaluate user data. These decisions help us provide a personalized experience but also have significant implications. For instance, they might influence the type of marketing communications you receive or the services offered to you.

5. User Rights

You have specific rights concerning AI and automated decision-making:

  • Right to Information: You have the right to be informed about the use of AI in processing your data.
  • Right to Access: You can request access to data used by AI and understand the logic behind automated decisions.
  • Right to Rectification: You can request the correction of any inaccuracies in your data used by AI systems.
  • Right to Erasure: You can request the deletion of your data from AI processing systems.
  • Right to Restriction: You can request limitations on the processing of your data by AI.
  • Right to Object: You have the right to object to the processing of your data by AI, including profiling.
  • Right to Human Intervention: If you are subject to an automated decision, you can request human intervention, express your viewpoint, and contest the decision.


6. Data Minimization and Purpose Limitation

We adhere to the principles of data minimization and purpose limitation. Personal data processed by AI is limited to what is necessary to achieve specific, legitimate purposes. We ensure that data is used only for these intended purposes and not beyond.

7. Transparency and Fairness

We are committed to maintaining transparency and fairness in our AI practices. This includes:

  • Regular audits of AI systems to prevent biases.
  • Ensuring the explainability of AI-driven decisions.
  • Providing clear and accessible information about how our AI technologies work and their impact on your data.


8. Security Measures

We implement robust security measures to protect personal data processed by AI systems. These measures include encryption, access controls, and regular security assessments to mitigate risks associated with AI processing.

9. Third-Party Data Processors and Transfers

Your data may be processed by third-party service providers assisting us with AI technologies. These providers are contractually obligated to comply with GDPR standards and ensure adequate data protection. Any cross-border data transfers related to AI processing comply with GDPR requirements, ensuring appropriate safeguards are in place.

10. Exercising Your Rights

To exercise your rights concerning AI and automated decision-making, or if you have any concerns about our AI practices, please contact us at privacy@san-marco-hotels.com. We are committed to addressing your requests and ensuring your data is processed in compliance with GDPR.