PRIVACY POLICY
PURSUANT TO SECTION 13, LEGISLATIVE DECREE No. 196/03

As Data Controller, the Grand Hotel Principe di Piemonte wishes to inform users, consulting and/or interacting with this website about the policy regarding the processing of personal data relative to identified or identifiable data subjects, pursuant to Section 13 of Legislative Decree No. 196/2003 concerning the protection of personal data, as to illustrate the methods of site management.

LOCATION OF DATA PROCESSING
The data processing, connected to web services for this site, takes place at the registered offices and is performed by technical staff of the office in charge of processing, or by any other person responsible for occasional maintenance operations. Data processing may take place in external companies collecting data related to access and navigation within the site to enable the correct functioning of services and sections that require user identification; these companies may also use information collected for (togliere the) technical administration of the site and for any possible statistical analysis concerning the use of the site itself.
Personal data provided by users who send requests for the dispatch of informative material (catalogues, answers to questions, requests for contact) are used exclusively to provide the requested service and are communicated to third parties only if strictly necessary (e.g. for the dispatch service of the above-mentioned material).

TYPES OF DATA PROCESSED
Navigational Data
During the course of normal use, the computer systems and software procedures, responsible for the functioning of this website, collect personal data whose transmission is implicit in the use of internet communication protocols.
This information is not gathered in order to be associated with identified individuals, but may however – due to its nature – permit users to be identified, through processing and associations with data held by third parties.
This type of data includes the IP addresses or domain names of computers used by users connecting to the site; the URI (Uniform Resource Identifier) notation addresses of the requested resources; the time of the request; the mode used to submit the request to the server; the size of the file obtained in response; the numerical code indicating the status of the reply given by the server (successful, error, etc); and other parameters concerning the operating system and the user’s computer environment.
These data are used exclusively to obtain anonymous statistics about the use of the site and to check it is functioning correctly; they are deleted immediately after processing. Data may be used for ascertaining responsibility in the event of suspected computer offences damaging the site: apart from this eventuality, data on web contacts are not retained for more than seven days.
Data Provided Voluntarily by User
The optional, explicit and voluntary sending of email to the addresses indicated on this site leads to the subsequent acquisition of the sender’s address, which is necessary in order to reply to the requests, as well as any other possible personal data provided in the message.
Specific summarized information will be quoted or displayed on the website’s pages for particular services and/or processing purposes, and express requests for consensus will also be present where necessary.

COOKIES
The site does not collect any personal user data via cookies. Cookies are not used for the transmission of information of a personal nature; neither are so-called persistent cookies of any type or systems to trace users employed. The use of so-called session cookies (that are not stored in a persistent way on the user’s computer and are deleted when the browser is closed) is strictly limited to the transmission of session identification digits (made up of random numbers generated by the server) necessary to permit safe and efficient navigation of the site. The so-called session cookies used in this site avoid resorting to other computer techniques which potentially jeopardize the confidentiality of user navigation and do not allow for the collection of personal identifying data of the user.

VOLUNTARY NATURE OF PROVIDING DATA
Apart from that specified above for navigational data, the user is free to provide personal data in request forms or in any case indicated in contacts with the Office in order to request the sending of informative literature or other communications.
If such data are not provided, however, it may be impossible to fulfil the data subject’s request.

METHOD OF DATA PROCESSING
Personal data are processed using the following methods: paper, computer and automated tools for the time strictly necessary to achieve the purposes of the data collection. Specific safety measures are observed to prevent loss of data, as well as their illicit or wrongful use or incorrect and unauthorized access.

SITE SAFETY MEASURES
Specific safety measures have been adopted to manage the site, directed to guarantee safe access to the user and safeguard the information contained in the site against loss or destruction, even if accidental. The antivirus software used for site management is updated periodically in order to prevent loss of data due to the action of computer viruses. Furthermore, it is important to remember that even though the adoption of appropriate antivirus systems is guaranteed within the site, in addition to being an obligation of the law, the user is recommended to supply his/her work station with a prevention and scanning system against the attack of computer viruses. Companies who submit a request are assigned an identifying code and password to access to the reserved area of the site; such passwords are generated so as not to contain references that are easily recognizable to the associated person, in order to prevent possible abuse. The user is requested to keep his/her personal password confidential.

YOUR RIGHTS
An extract from Section 7 of Legislative Decree No. 196/2003 is quoted below to remind you that you can exercise the following rights in connection with us:
obtain confirmation as to whether or not personal data concerning you exist, regardless of their being already recorded, and the communication of such data in intelligible form and their source; in addition to the purposes and methods of the processing and the logic applied to the processing, if the latter is carried out with the help of electronic means;
obtain the cancellation, the anonymous status or the blocking of data that have been processed unlawfully, including data whose retention is unnecessary for the purposes for which they have been collected or subsequently processed obtain the updating, rectification or integration and supplementation of your data;
object, in whole or in part, on legitimate grounds, to the processing of personal data concerning you, even though they are relevant to the purpose of the collection To exercise these rights, please contact the Data Controller indicated below or send an email to:info@principedipiemonte.com

DATA CONTROLLER AND DATA PROCESSOR
The list of persons responsible for specific types of processing can be consulted by submitting a request to our offices. The Data Controller for processing personal data is the Grand Hotel Principe di Piemonte with registered offices in Piazza Puccini 1, Viareggio 55049 (LU).