NOTICE pursuant to Article 13 of Regulation (EU) 2016/67
With this document (l ‘ “Policy”), the data controller, as defined below, wishes to inform you about the aims and methods of processing of personal data you provide through your request for information or your reservation online and the site www.polobio.it (the “Site”) and the rights that the Commission Regulation (EU) 2016/679 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (the ” GDPR “), recognizes you.
1. Who are the data controller and the data protection officer (DPO)
The data controller is
POLOBIO S.R.L., Via del Progresso, 45, 36054, Montebello Vicentino (VI).
The Holder has appointed a Data Protection Officer ( “Data Protection Officer” or “DPO”), you may contact to exercise your rights, as well as to receive any information related to them and / or to this Notice, writing to: firstname.lastname@example.org.
2. What personal information do we
2.1. Common personal data for the purposes indicated in this policy, the Holder is common personal data such as personal data (name, surname, address, telephone number, e-mail and other contact information).
2.2. Source of personal data. Your personal data processed by the data are those provided by you filling in the various forms on the Site.
3. Purpose and legal basis of the treatment, the nature and consequences of a refusal to provide personal data.
3.1. Request for services through the Site
In addition, your personal data may be processed by www.coali.it to meet the demands from you from time to time made by completing the appropriate form available on the Website (inquiries and online bookings). The provision of data is required and your refusal will make it impossible for the holder to follow up the requests you have from time to time formulated. The treatment does not require a consent as the legal basis lies in the satisfaction of the owner of a request made by you. The data collected for this purpose by the data may be processed for the time necessary to satisfy the request made by you, and in any case will be erased after six months to process your request.
3.2. Marketing activities
www.polobio.it may use your email address to send you commercial communications. The legal basis of the treatment consists of the explicit approval. To achieve the purposes referred to in this Chapter the transfer of your data is optional, therefore, your refusal will not affect the Holder’s ability to meet the demands from you from time to time made through the Site, but will result in the impossibility of keep you informed about your offers, initiatives and important information for your stay. The collected data will be processed by the holder until His decision to withdraw consent and / or obtain the cessation of treatment. When sending any notice by Email it will be easily allowed to terminate the processing of your personal data. Right to withdraw consent and to object to direct marketing activities we inform you that, at any time, you have the right to withdraw consent and / or oppose the direct marketing by contacting the holder to one of the references mentioned in section 1 Disclosure of the present.
4. With such mode will be processed your personal data The processing of your personal data will be in compliance with the provisions of the GDPR, through papers, computer and data, with logic strictly related to the indicated purposes and, however, with appropriate procedures to ensure the security and confidentiality in accordance with the provisions of Article 32 GDPR.
5. What subjects can be communicated your personal data and who can learn about them to achieve the purposes described in paragraph 3 above, your personal data will be known by employees and collaborators www.polobio.it and other companies that will operate as persons entitled to the treatment and / or data processing for the purposes of booking the services requested. The holder also may need to disclose your personal data to third parties and, in particular, but not limited, to the following categories: a) those that provide services for the management of the computer system of the Holder; b) persons who provide professional services consulting and tax, legal and judicial; c) authorities and vigilance and control subjects and in general, public or private, with type journalistic functions (such as police, consulates, etc.). The subjects belonging to the categories listed above operate, under certain assumptions, in total autonomy as distinct Holders of the treatment, in other cases, acting as the data processors specially appointed by www.polobio.it in compliance with Article 28 GDPR. The complete list of third parties to whom your personal data may be disclosed can be requested from the registered office of the Company. Your personal data may be transferred outside the European Union, only to persons specified in this paragraph 6) and in the presence of a decision of the adequacy of the European Commission or other appropriate guarantees contractual or agreements to be provided by holders involved (including the binding corporate rules – BCR, and model contractual clauses). Personal data processed by www.polobio.it are not subject to disclosure.
6. What rights do you have as an interested party in relation to the purposes described in this Policy, as a subject, you may, as provided in GDPR, exercise the rights enshrined in Articles 15 to 21 of GDPR and, in particular, following rights:
• right of access: the right to obtain confirmation of whether or not an ongoing processing of personal data relating to you and, if so, gain access to your personal data – including a copy of the same – and communication between the others, the following information: a) purpose of treatment; b) the categories of personal data processed; c) persons to whom they are or will be sent; d) retention period of the data or the criteria used; e) the rights (rectification, cancellation policy, limitation of treatment and the right to object to the treatment; f) the right to lodge a complaint; g) the right to receive information on the origin of my personal information if they have not been obtained from the data subject; h) the existence of an automated decision-making process, including the profiling;
• right of reply: the right to obtain the correction of inaccurate personal data relating to you and / or completion of incomplete personal data;
• Right to cancellation (right to forget): the right to obtain the erasure of personal data concerning you, when: a) the data are no longer needed for the purposes for which they were collected or otherwise processed; b) You have revoked your consent and there is no other legal basis for the processing; c) She has successfully opposed to the processing of personal data; d) the data have been processed unlawfully; e) data must be deleted for compliance with a legal obligation; f) the personal information was collected regarding the provision of information society services referred to in Article 8, paragraph 1, GDPR.
The right to cancellation does not apply to the extent that processing is necessary for compliance with a legal obligation or for the performance of a task carried out in the public interest or for the establishment, exercise or defense of a right in court;
• right to treatment limitation: the right to limitation of treatment when: a) he disputes the accuracy of the personal data; b) the processing is unlawful and the data subject opposes deletion of personal data and would instead suggest that the use is limited; c) personal data are necessary to the person to ascertain, the exercise or defense of a legal claim;
• right to object: right to object to the processing of personal data concerning you, unless there are legitimate reasons for the owner to continue treatment;
• right to data portability: the right to receive, in a structured format, commonly used and read by an automatic device, the personal data that concerns you provided to the Owner and the right to send it to another holder without hindrance, if the processing it is based on consensus and is carried out by automated means. In addition, the right to know that your personal data is transmitted directly from www.coali.it to another controller if this is technically feasible;
• submit a complaint to the Guarantor Authority for the protection of personal data, Piazza di Montecitorio n. 121, 00186, Roma (RM).
The above rights may be exercised against the data by contacting the references specified in paragraph 1. The exercise of your rights as an interested party is free under Article 12 GDPR. However, in the case of requests manifestly unfounded or excessive, even for their repetitiveness, the Owner may charge a reasonable contribution expenses, in light of the administrative costs incurred to handle your request, or deny the satisfaction of his request.