PRIVACY POLICY

REASONS FOR THE INFORMATION
This privacy policy contains important information on the personal data that is collected by visiting this Website, as a registered or unregistered user, and describes how to use such data. Where applicable, it also explains the methods of processing the data provided by the user or collected during the provision of services by the company P & G SRL, or during other contacts with the Company. This information is supplementary to any other information that may be received in such other circumstances.
This document contains important information on the following:

1. PROCESSING OF PERSONAL DATA
2. PERSONAL DATA COLLECTED
3. PURPOSE OF THE PROCESSING OF PERSONAL DATA
4.COMMUNICATION OF PERSONAL DATA
5. PROTECTION OF THE PRIVACY OF MINORS
6. ARCHIVING, ACCESSIBILITY AND TRANSFER OF PERSONAL DATA
7. SECURITY AND CONFIDENTIALITY OF PERSONAL DATA
8. RIGHTS OF ACCESS TO PERSONAL DATA – MANAGEMENT OF    CHOICES
9.DATA RETENTION
10. LINKS, ADVERTISERS, SPONSORS AND ADVERTISING
11. DATA CONTROLLER – COMPANY CONTACTS
12. UPDATES TO THIS INFORMATION – COMMUNICATIONS

2. PERSONAL DATA COLLECTED
Origin of the data
The Company collects personal data from the user only where the same voluntarily provides information, for example: by making an information request through the Website as a “customer”; doing searches on the Website; by contacting the Company by sending a comment or a question; subscribing to email newsletters and updates regarding the latest services, events or promotions; o requesting to receive confirmation of a booking;
in the case of information directly from our company: by providing your personal data, such as mobile phone number, you will receive the privacy sheet from the company by email, interacting with it or purchasing services;
in the case of e-mails, SMS and other electronic messages: by exchanging communications between the Company and the user.
If the user provides the Company with personal data of third parties (for example, family members, other customers or potential customers), the same should ensure that these third parties are informed and have authorized the use of their data as described in this Privacy Policy .

Types of data
The Company may collect and use different types of personal data according to the specific purposes pursued and described below:
1. personal information, such as name, surname, gender, age / date of birth, country of origin and other personal data that the regulations in force allow us to collect;
2. contact information, such as address, email address, telephone number, mobile number, any fax number and other contact information that the regulations in force allow us to collect;
3. payment information, such as payment instrument (credit or debit card), if applicable, and passport number, where required for tax reasons or in relation to anti-money laundering legislation;
4. information relating to the sale of the services used, their amount, amount, VAT number, complaints, refunds or other information relating to the sale that the regulations in force allow us to collect;
5. habits and profiles, such as data regarding the services purchased, purchasing habits and preferences (seasonality, room chosen for overnight stay), other information (information on the work carried out, education, hobbies and lifestyle) that the regulations in force allow you to collect;
6. information relating to the family, such as marital status, anniversary date, number of children, information on children and other information relating to the family that current regulations allow us to collect.

3.PURPOSE OF THE PROCESSING OF PERSONAL DATA
Depending on the specific circumstances in which the interaction between the user and the Company took place, personal data could be used for the following purposes.
For information on online services directly from our site. The personal data provided by the user or collected at the time of the request for information or specific service, whether or not carried out as a registered user, i.e. basic personal data, contact information, data regarding the individual request, tax data, payment details, information relating to sales and any other data strictly necessary for the sale of the service will be used for:
1. manage, administer and process the sold and after-sales services, for example administrative activities, accounting, guarantees, refunds, where applicable, fraud prevention and communications with the user, including via email, for any problem relating to the management of the service or subsequent requests. All customer requests will be handled on the website, in addition analytisc will be installed on the Google site to track the conduct of users who access it and the facebook pixel for advertising purposes, for purely marketing purposes relevant on facebook and Instagram.
2. comply with obligations imposed by EU laws, regulations or legislation (including anti-money laundering legislation) and make a legal claim or defend against it.
It is necessary to provide personal data for the aforementioned purposes and the refusal would make it impossible to complete the sale of the service to the user. Except where otherwise required to comply with local regulations in force, the processing of data for these purposes, as necessary to fulfill contractual and legal obligations, could be carried out without requiring the user’s consent.

For the specific purposes for which the data were provided voluntarily
The personal data provided by the user or collected when the user requests a specific service (for example, request for information from the website), namely personal information, contact information and data strictly necessary to follow up on the request, will be used to:
1. provide the requested services (for example, manage authentication on the Website, assist it and manage any contact requests that may be sent by the user);
2. manage the subscription to the newsletter where the user is not registered.
Personal data must be provided for the aforementioned purposes and refusal would make it impossible to complete the request. Except where otherwise required to comply with local regulations in force, the processing of data for these purposes could be carried out without requiring the user’s consent, as necessary to follow up on the request.

For the purposes of managing customer relations if the user registers
The personal data provided by the user by filling in the Company’s forms collected when purchasing the service directly from the website or at the Cecina Beach hotel directly, i.e. personal and contact information and data regarding the habits and profile of the user and his family details will be entered in the centralized system to:
1. offer promotions, discounts and other personalized services and send newsletters, other marketing and commercial communications on the Company’s services (organized by the same), surveys and researches, market analyzes, or other initiatives for users or customers registered on other sites of the Company (“marketing”). The Company may use traditional means of contact (ordinary mail and telephone) and / or digital and automated (e-mail, SMS, MMS, telephone and other digital channels, for example social media) and may send the user such communications on the the basis of his profile, if he has given his consent to profiling;
2. analyze the user’s contacts with the Company, interests, preferences and purchasing habits, and create individual or aggregate profiles based on them, understand how to provide a better service, also to offer a better sales experience ( “Profiling”). The Company may also use personal data to create groups and carry out statistical and market analyzes aimed at identifying the services of interest to customers of its brands and improving its services (including the Website). The data collected on the Website will be combined with any information obtained by the Company through interactions with the staff present at the various structures of the Company. The processing of personal data for profiling is carried out in compliance with the guarantees and parameters established by the law in force.
The entry of data into the system is optional and free (being based on the consent that the user can choose to provide) and can only take place where personal data are provided for both marketing and profiling purposes or only for one of the two. The user can unsubscribe or withdraw their consent at any time (see point 8 below). In any case, the refusal to provide personal data for one or both of these purposes does not prevent the user from using the Company’s services or making purchases, but the Company cannot inform him of the marketing initiatives and events described above and cannot understand their interests and offer them a more personalized shopping experience.

4.COMMUNICATION OF PERSONAL DATA
The Company shares your personal data with its affiliated companies, its distributors and affiliates, including those located in other countries, and with other companies that provide services on its behalf (as detailed below), under its direction. or that of third parties. These companies and organizations will only receive the personal data necessary to perform the services and will not be authorized to use them for any other purpose.
Communication of personal data to data processors
The user’s personal data may be shared with third parties to monitor and analyze the activity of the Website, host contents of the Website, provide technical and organizational services functional to the aforementioned purposes, maintain the customer database, provide marketing assistance and manage emails, market analyzes, surveys, sweepstakes or promotions.
Dissemination of personal data
The user’s personal data may need to be shared with companies that deal with payment management and anti-fraud controls, which operate independently as data controllers, in order to provide the user with online sales services. In the event of asset or corporate transactions (for example, mergers or acquisitions, corporate restructuring or liquidation), customer data will likely be one of the assets transferred and may be shared with legal successors, to the extent permitted by law on the basis of legitimate interest. of society. Personal data will remain subject to the pre-existing privacy policy, unless the user decides otherwise.
The Company may also disclose the user’s personal data to third parties (i) where required by EU or Member State legislation; (ii) in case of legal proceedings; (iii) in response to a law enforcement request based on legitimate grounds; or (iv) to protect the rights, privacy, safety or property of the Company or the public.
Furthermore, to the extent permitted by law, the Company may disclose personal data to third parties in the event of complaints relating to the use of the Website, where deemed necessary to investigate, prevent or adopt measures regarding illegal activities, suspected fraud or in the event that the Company, in its sole discretion, considers that the use of the Website by the user is incompatible with the conditions of the Website itself.
Ulteriori informazioni su questo testo di originePer avere ulteriori informazioni sulla traduzione è necessario il testo di origine

5.PROTECTION OF THE PRIVACY OF MINORS
This Website is aimed at a general public, however its services are intended for individuals aged 18 and over. The Company does not request, collect, use and deliberately disclose personal data provided by persons under the age of 18 online or at the Cecina Beach Hotel. If the Company learns that it has personally collected data from a minor, it will delete them.
In the event that the user is not of the required age, please do not register or proceed with the online purchase and ask an adult (or your parents or guardian) to perform the necessary procedures.

6.STORAGE, ACCESSIBILITY AND TRANSFER OF PERSONAL DATA
The processing of personal data collected through the website takes place mainly using electronic or web-based means, including web analytics services hosted by servers of selected operating Company suppliers.
Access to personal data will be allowed only to authorized personnel of the company, according to the actual need to know such information and using access control tools on multiple levels. This staff has undertaken to comply with the confidentiality obligations and has been expressly designated as data processor, as required by current law. In particular, where the user has given his consent to the processing of his personal data, the related data may be read, modified and updated by the Company’s staff and by those employed by the same company. The staff present received appropriate training and are required to comply with the confidentiality obligations. The Company may use it to collect, use and disclose data according to its instructions.

7.SECURITY AND CONFIDENTIALITY OF PERSONAL DATA
The Company has implemented suitable measures to protect the user’s personal data from accidental loss and from unauthorized access, use, modification and disclosure. In the management of this Website, password controls and technological and procedure-based security measures are also used. Although the Company has implemented the aforementioned security measures for the Website, the user must know that it is not possible to guarantee 100% security. Therefore, the user provides his personal data at his own risk and, to the maximum extent permitted by current law, the Company will not be in any way responsible for their disclosure due to errors, omissions or unauthorized actions of third parties during or after their transmission to the same. The Company recommends that the user (i) periodically update the software to protect the transmission of data over the networks (for example, anti-virus software) and check that the provider of electronic communications services has adopted suitable means for the security of the transmission of the data on networks (for example, firewalls and anti-spam filters); keep confidential and do not communicate to anyone the username and password to access the account; and periodically change the password.
In the unlikely event that the Company deems that the security of the user’s personal data in its possession or under its control has been or may have been compromised, the Company will inform the user of the incident in the manner prescribed by the law in force. , using the methods prescribed by it (by providing the Company with their email address, the user agrees to receive such communications in electronic format through this email address).

8.RIGHTS OF ACCESS TO PERSONAL DATA – MANAGEMENT OF CHOICES
User rights.

At any time and free of charge, the user can access their data, receive their electronic personal data in a structured and commonly used machine-readable format and transmit them to another data controller (data portability), as well as have them corrected, updated, modify or delete (subject to any applicable exceptions). The user can update the data provided to the Company by contacting the same at the address provided below. Requests for deletion of data are subject to current legal obligations and the conservation of documents imposed on the Company.
If you believe that there is a problem in the way your personal data is managed, you will have the right to file a complaint with the national personal data protection authority or any other country in the EU or the European Economic Area.
To exercise these rights, the user can send a request by contacting the Company directly by sending an email to info@hotelcecinabeach.it or a letter by ordinary mail to the address of the Company’s headquarters. When contacting the Company, the user must ensure that they include their name, email address, postal address and / or telephone number (s) to be sure that the same can handle their request correctly.
Accuracy – Updating of personal data
To allow the Company to better serve the user, the same is invited to regularly check and update their personal data. If registered, the user will be able to access their personal data and modify them; otherwise, you can contact the Company for assistance in updating your personal data.
Management of choices related to direct marketing and profiling
If the user wishes not to give his consent to the use of data for marketing and / or profiling purposes, or to manage his preferences relating to advertising, he can send a simple request to the Company indicated below. The same procedure applies where the user wishes to withdraw their consent to profiling.

9.DATA RETENTION
Personal data will be kept for the duration of the business relationship and for as long as necessary to pursue the purposes described in this Privacy Policy (for example, where the user subscribes to a newsletter, for the duration of this subscription). The personal data of the user who has purchased one of our accommodation services will be kept only to comply with legal and regulatory obligations (for example, for 10 years, in the case of accounting purposes; for the duration of the mandatory conservation obligation, in case of tax purposes; etc.) or to allow the Company to keep proof of their respective rights and obligations.
The user’s personal data that are being processed will be kept until the account is closed or until consent to their processing for these purposes is withdrawn. Personal data relating to information on the services offered by the company whose processing is carried out for profiling and marketing purposes will be kept for a limited period, in line with the term allowed by the law in force, and, upon expiry of this term, will be deleted or permanently anonymised.

10.LINKS, ADVERTISERS, SPONSORS AND ADVERTISING
This Website may contain links to various websites owned by the Company or controlled by it, as well as to websites of third parties. Where the user chooses to provide their personal data on such or such linked websites, such information will be subject to the privacy policy and security policies of such linked websites. Since the Company is not responsible for the information sent or collected, used, disclosed or otherwise subjected to processing by third party websites, the user should be aware of these other privacy policies.

11.DATA CONTROLLER – DATA PROTECTION MANAGER – COMPANY CONTACTS
For the purposes of this Privacy Policy and the data processing described here, it is specified that the term “Company” refers to HOTEL CECINA BEACH of P&G SRL, with registered office in Vinci (FI) Via Tigliano 9 / F Italy.
The data controller of the data collected at the HOTEL CECINA BEACH of P&G SRL, with registered office in Vinci (FI) Via Tigliano 9 / F Italy. and / or the Website for sales purposes is the company P&G SRL, with registered office in Vinci (FI) Via Tigliano 9 / F Italy.
For any comments or questions on this Privacy Policy and to speak with the local contact person in charge of managing requests relating to data processing, it is also possible to contact the company at the following address: info@hotelcecinabeach.it.

12.UPDATES TO THIS INFORMATION NOTICE – COMMUNICATIONS
The Company, at its discretion, reserves the right to change, modify, add or delete parts of this Privacy Policy at any time, by publishing the revised version on this page of the Website and updating the date of the last modification indicated below. . It is the user’s responsibility to review the Privacy Policy from time to time to become aware of any changes made. In some cases, the Company may provide further communications relating to significant changes to this Privacy Policy by publishing a notice on the home page of this Website or, in the case of registered users, by sending an email notification. Following the changes, where required by current legislation, the user’s data will not be processed without the explicit consent of the user.
LAST EDIT
This information comes into force from 01 May 2021.