fbpx

Privacy

Notice regarding Cookies, Privacy and the Newsletter

We undertake to protect the privacy of our users in accordance with article 13 of Legal Decree 196/2003, “Code regarding the protection of personal data” (Privacy Code) and by article 13, paragraph 1 of EU Regulation 2016/679 relating to the protection of physical persons with regard to the processing of personal data (GDPR).
In compliance with the above-mentioned legislation, such processing is characterised by the principles of correctness, lawfulness and transparency, and by the protection of your confidentiality and your rights.

 

1. EXTENDED INFORMATION ON THE USE OF COOKIES

What are Cookies
Cookies are small text files used to improve website navigation. Thanks to cookies, navigation preferences can be stored by your browser, such as the language spoken, display options, etc.
Cookies are used to facilitate the use of online content; they are saved to the device used and they can be read only by the website that created them.
No personal user data is acquired by the website by simply navigating through web pages. We do not use cookies to transmit personal information.

The site of the 4 Mori Family Village uses the following cookies:
Technical Cookies
These cookies are essential to allowing you to browse the site and fully make use of its features. The cookies used are strictly necessary to the website’s technical operation and navigability, and cookies to save preferences in order to optimize their use (for example language preferences). Without cookies, some features may not be available or may not function properly.

Performance Cookies (third party)
This site uses Google Analytics service, provided by Google Inc. to collect statistical information about the site with a clear intention to improve its performance and usability.
All information collected by these cookies are aggregated in an anonymous form and are only used to improve the functionality of the site.
Below you will find the privacy policy of Google Inc. http://www.google.it/intl/en/policies/privacy/

Profiling Cookies (third party)
Some cookies can also be used to show special offers in line with the preferences shown during navigation, with the aim of improving the user’s experience and conditions of purchase.
The cookies we use for profiling do not collect information that would personally identify the user browsing the pages of the site.

The site uses profiling cookies associated with the “remarketing” function by Google Adwords, allowing to publish in the Google content network ads tailored to the pages visited by the users on the site. Third-party vendors, including Google, use cookies to publish ads based on previous visits made by users to your website.
The information obtained can identify only the browser and it cannot in any way identify the user.
How it works: a few pages on the site include a remarketing code that allows to read and configure the browser cookie to determine the type of ad that the user will see on the basis of the data relating to their visit to the site.
The remarketing lists thus created are stored in the Google servers where all the cookie IDs associated with interests are stored.
More information about the remarketing tool is available at this link: https://support.google.com/adwordspolicy/answer/143465?hl=en&ref_topic=3123080&rd=1

Social Network Cookies (third-party)
The site integrates the major social networks through scripts made available by them. These scripts may use Cookies in order to facilitate the sharing of content on social networks or the interaction with other registered members.
These types of cookies are managed by different companies belonging to individual Social Networks, each responsible for their own cookies.

Using the links below you can find more information about the privacy policies posted:

Declaration of consent
To agree to data processing and the use of all cookies just leave this notice by closing the associated page, continue navigating the site or click on any of its elements. To refuse consent or otherwise configure the Cookies settings, follow the instructions contained in the following section.

Managing cookies in the browser
All the major browsers allow you to change the settings to manage cookies. You can choose to: enable storing cookies, completely block cookies, decide on a case by case basis which cookies to accept.

These settings vary depending on the browser used. Below are the links to the information pages of the most popular ones:

 

For further information on the use of cookies by third-party services and further instructions to manage the cookies in your browser, please refer to the following link: http://youronlinechoices.eu.

If you decide to set your browser to block cookies from this site, please note that some features may not be available, and access to some sections will be limited.

 

2. INFORMATION ON THE BUSINESS MAILING SERVICE

The website owner https://www.4mori.it may process some of your personal data (such as e-mail address, etc.) to inform you about site news and offers. Each user mayat any moment choose to delete their registration to these newsletter services by simply clicking on the appropriate link in any communication sent.

 

3. TYPE OF DATA

The data you supply via the website’s methods, namely: the contact form, the newsletter, the booking engine, the official email provided in the website, will be processed in order to carry out a booking and an information or availability request on the site https://www.4mori.it.
Except for navigation data, users are free to provide the prompted personal data, however failure to do so may make it impossible to provide the services requested.

 

4. DATA PROCESSING METHODS

Content and services are provided only to those who allow the processing of personal data. Data processing is done through the use of automated tools, including third parties, manually and according to methods that ensure the outmost safety and confidentiality.

The rights to use the data collected are not transferred to third parties nor are their disclosed or transferred abroad.

Data can be processed electronically or on paper.
Specific security measures are taken to prevent illicit or incorrect and unauthorized access to data. Please note, however, that communications via email on the internet could pass through several countries before being delivered to the recipients. The 4 Mori Family Village can not be held responsible for any unauthorized access or loss of personal information outside of its control.

 

5. USE OF THE DATA

The data will be disclosed only to the extent necessary to execute the contract or booking requests you made. Data will not be disclosed for any other purpose.

 

6. DATA CONTROLLER AND DATA PROCESSOR

Vi.Mur. srl, – email info@4mori.it

The personal data acquired, also from third parties, will be used in compliance with current legislation in accordance with the obligations of confidentiality, lawfulness and correctness.
The data will be processed exclusively for the purposes related to the services requested and provided.
The processing of information concerning you will be based on the principles of correctness, lawfulness, transparency and protection of confidentiality and will be processed and stored with IT and / or paper tools.
In relation to the activities of the restaurant, wellness center and any other service that requires or contemplates the booking, only the minimum and necessary data, adequate and relevant with respect to the prevention of contagion from COVID-19, will be collected and processed.
VI.MUR s.r.l. maintains and maintains a Register of processing activities in which the measures adopted for the security of personal data and any updates and / or modifications of the identification data of the owners, managers and / or agents are described and identified.
The treatment is presumed lawful due to the purposes indicated and pursuant to art. 6 GDPR.
By signing this information, the interested party expresses his consent to the processing of his personal data for the aforementioned purposes;
b) Owner and data protection officer
Pursuant to art. 13 of the aforementioned GDPR we communicate that the identification details of the data controller are as follows:
Vimur. S.r.l., Loc. Is Perdigonis Ex ss 125 Km. 58 P.Iva 00625060926 REA CA 97326
E-mail address: amministrazione@4mori.it Pec: vimursrl@pec.it Tel. 070999110 Fax 070999126
The person in charge of the treatment is Mr. Ettore Salvatore Mallus, to whom general directives have been communicated with a written note attached to the treatment register.

The Data Protection Officer (DPO) is Mr. Andrea Deias, appointed with a special deed.
E-mail address: andreadeias@hotmail.it Tel: 070653599 Cell: 3294139392
Any modification of the name of the DPO during the contract will be duly communicated.
c) Purpose and legal basis of the processing
The processing is necessary for the execution of the contracts stipulated between the interested party and the data controller and / or for the execution of pre-contractual measures (e.g. reservations, information and anything else necessary) adopted at the request of the same;
The treatment is also necessary to fulfill the legal and tax obligations to which the data controller is subject;
In relation to the activities of the catering, wellness center and any other service that requires or contemplates the booking, collection and processing of data, the purpose will be to prevent contagion from COVID-19 in compliance with the provisions of art. 1, no. 7, lett. D), Prime Ministerial Decree of 11 March 2020;

d) Rights of the interested party
The interested party also has the right to ask the data controller for access to their personal data, their correction or cancellation. He may also ask for the limitation of the processing that concerns him and he will have the right, except as specified, to oppose their treatment.
It is the right of the interested party to request data portability, as well as to propose a complaint to a supervisory authority; The exercise of the related rights may take place by sending a request by email to the following address: amministrazione@4mori.it;
Pursuant to art. 13 par. 2 lett. e) GDPR specifies that, as part of the processing, the communication of personal data may be connected to legal obligations. This communication may also be necessary for the conclusion of the contract or for its execution, and it is specified that in these cases the failure to provide the data, the refusal to process, or the revocation of the consent given may constitute hypothesis of withdrawal from the contract, with the exclusion of any responsibility of the owner.
e) Data retention period
The data and documentation necessary and relevant to the assignments in progress to be established or ceased will be kept on file, beyond the execution of the assignments entrusted and precisely for the period of 1 years and also beyond that period limited to personal data, for reasons of fiscal, historical and statistical nature.
In relation to the activities of the catering, wellness center and any other service that requires or contemplates the booking, the data collected will be processed and stored for the period of fourteen days; such data will not be disclosed or communicated to third parties outside the specific regulatory provisions, especially health ones; in the event of temporary isolation due to exceeding the temperature threshold, they will be communicated to the competent health authorities ensuring methods that guarantee the owner’s confidentiality and dignity.

f) Methods of collection and treatment
The data controller informs the interested party that he makes use of the following data acquisition methods.
Direct acquisition sources:
– Registration of daily visitors;
– Contact by email;
– Contacts via booking form on the site http://www.4mori.it/; data acquisition from the contact form and automatic registration on the management system;
– Registration on the internal Wi-fi network, with reference to the compilation of a satisfaction questionnaire (Qualitare);
– Registration on paper coupon of all guests with reservations;
– Registration on paper coupon of the names of the booking guests who make use of the catering, wellness center and any other service that requires or contemplates the booking;
– Car rental service (possible secondary activity of Vimur);
– Bicycle rental (if_ at the time of rental, an accessory contract is signed with the details of a document);
– Rental of Vodafone Wi-Fi devices to customers (possible _ with signature of accessory contract and request for the details of a credit card to cover any damage to the property)
Indirect acquisition sources:
– Online booking system (so-called Vertical booking);
– Tour operator and travel agency vouchers (both via e-mail and fax, Italians and foreigners always EU);
Probability of data communication to third parties:
– Without prejudice to all the rights of the interested party, the owner reserves the right to make use of the presence of a photographer within the structure in order to shoot or photograph for promotional purposes.
The personal data storage system is thus organized.
– Data storage is entrusted to the following system:
– e-mail: a backup is made on the hard disk and shared in the local network. A parallel copy of them is made on a N.A.S. (Network Attached Storage) in F.T.P. format (File Transfer Protocol);
Currently, the Cloud storage option is not active;
Paper coupons: the document can be completed by the receptionists or directly by the customer in the case of presentation with the cd. fast check-in pre-filled, and will be used for the subsequent recording of data in the management public security form, which, within 24 hours after arrival, are sent to the Police Headquarters.
– These payslips are kept in a safe (located in the back office) and kept available for quick consultation in the event of disputes or non-payments and in any case in compliance with the rights and obligations of the GDPR. (n.b. these technical elements must be coordinated with what is specified in the register and must be substantially reproduced in both documents)
– For security reasons, the communication of personal data of customers to the competent authority is required by law.
– For the same security reasons, there is a video surveillance system inside the structure;
All data including those acquired and processed through automated tools and without prejudice to the aforementioned conservation needs, will be deleted when the contract is executed.
The data will be processed in a manner suitable for guaranteeing security and confidentiality and in accordance with the technical methods indicated in the treatment register kept in the company. It can also be carried out through automated tools that allow their storage, management and transmission.
In the event of a “data breach” or in the event of abusive access and theft of data, the company undertakes to communicate it to the Privacy Guarantor according to the law and, in the most serious cases, also to the interested party.
The data will not be disclosed to other subjects, except for the communication needs indicated above and in any case strictly connected to the execution of the service and the fulfillment of tax obligations, and in particular to the accountancy firm that follows the owner’s accounts.
In the event of communication of other subjects, the owner will undertake to communicate this to the interested party.

7. RIGHTS OF THE INTERESTED PARTY

At any time you may exercise your rights towards the data controller, under Article 7 of Legislative Decree n. 196/ 2003 and Article 15 of GDPR that for your convenience is included at the bottom of the page.

a) Minors (article 8 GDPR)
The website and the services of the Controller are not intended for minors below 16 years of age, and the Controller does not intentionally collect personal information regarding minors. The processing of the personal data of minors is legal if the minor is at least 16 years of age. If the minor is less than 16 years of age, such processing is only legal if and to the extent that such consent is provided or authorised by the holder of parental responsibility.
If information regarding minors is involuntarily registered, the Controller will delete this information as soon as possible.

8. DATA PROTECTION ON OTHER WEB SITES LINKED TO THE SITE

MyGuestCare
The site uses a booking system that is essential to check availability and allow an estimate of the requested services. The booking system is accessed by logging into the domain booking.myguestcare.com.This domain is connected to the Google Analytics Site https://www.4mori.it and uses the same cookies already approved by the user to navigate the site https://www.4mori.it.

LEGISLATIVE DECREE 196/2003
Section 7 – Right to Access Personal Data and Other Rights
1. A data subject shall have the right to obtain confirmation as to whether or not personal data concerning him exist, regardless of their being already recorded, and communication of such data in intelligible form.
2. A data subject shall have the right to be informed:
a) of the source of the personal data;
b) of the purposes and methods of the processing;
c) of the logic applied to the processing, if the latter is carried out with the help of electronic means;
d) of the identification data concerning data controller, data processors and the representative designated as per Section 5(2);
e) of the entities or categories of entity to whom or which the personal data may be communicated and who or which may get to know said data in their capacity as designated representative(s) in the State’s territory, data processor(s) or person(s) in charge of the processing.
3. A data subject shall have the right to obtain
a) updating, rectification or, where interested therein, integration of the data;
b) erasure, anonymization or blocking of data that have been processed unlawfully, including data whose retention is unnecessary for the purposes for which they have been collected or subsequently processed;
c) certification to the effect that the operations as per letters a) and b) have been notified, as also related to their contents, to the entities to whom or which the data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected.
4. A data subject shall have the right to object, in whole or in part,
a) on legitimate grounds, to the processing of personal data concerning him/her, even though they are relevant to the purpose of the collection;
b) to the processing of personal data concerning him/her, where it is carried out for the purpose of sending advertising materials or direct selling or else for the performance of market or commercial communication surveys.

EU Regulation 2016/679 (GDPR)
Article 15 – Right of access by the data subject
1. The data subject has the right to obtain from the data controller confirmation of whether the data subject’s personal data is being processed, and, if applicable, to obtain access to their personal data and the following information:
a) the purposes of processing;
b) the categories of personal data in question;
c) the recipients or categories of recipients to whom personal data has been or will be communicated, especially if these recipients are in third countries or international organisations;
d) where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
e) the existence of the right to request from the data controller rectification or deletion of personal data, or restriction of the processing of personal data concerning the data subject, or to object to such processing;
f) the right to lodge a complaint with a monitoring authority
g) where the personal data is not collected from the data subject, any available information regarding the origin of the data;
h) the existence of automated decision-making processes, including profiling, referred to in article 22, paragraphs 1 and 4, and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject
The data subject also has rights as detailed in articles 16 to 21 of the GDPR (the right to rectification, the right to deletion/the right to be forgotten, the right to restriction of processing, the right to the portability of data, the right to object) as well as the right to lodge complaints with the Guarantor Authority.

MEANS OF EXERCISING RIGHTS
The request can be communicated via registered letter, telefax or electronic mail to tel. fax – email: info@4mori.it

The 4 Mori Family Village reserves the right to modify or amend, at any time, this privacy policy, particularly in light of the entry into force of new relevant regulations. In that case, the changes will come into force 15 days from the date of publication on the website.