Discover Collezione Em
Personal data will be processed using manual, software or electronic tools, suitable for guaranteeing security and confidentiality in accordance with the provisions of Articles 24 and 25 of the GDPR and will be performed by personnel duly trained to observe the GDPR.
THE REASON FOR THIS NOTICE
By visiting the website, data relating to identified or identifiable persons may be processed. This page describes the website management methods, with particular reference to the processing of personal data of users and customers accessing and visiting the site.
This Information Note is provided pursuant to current EU and national legislation on personal data protection to those who interact with the web services of the Grand Hotel Minerva in Florence and can be accessed online via the website: http://www.grandhotelminerva.com.
The Information Note applies only to the Grand Hotel Minerva website and not to other websites accessed by the user via links.
This Note also draws on Recommendation No 2/2001 which the Data Protection Working Party established by Article 29 of Directive No 95/46/EC, adopted on 17 May 2001 to identify certain minimum requirements for the collection of personal data online and, in particular, the methods, timing and nature of the information that data controllers must provide to users when the latter access web pages, regardless of the purpose of their connection.
BROWSING DATA
During normal operation, the computer systems and software procedures used to operate the Grand Hotel Minerva of Florence website collect certain personal data whose transmission is implicit in the use of Internet communication protocols.
This information is not collected with the intent of associating it with identified users but may, by its nature, lead to the identification of users through processing and association with data held by third parties.
This category includes IP addresses or domain names of the computers used to connect to the website, URI (Uniform Resource Identifier) addresses of the requested resources, time of the request, method used to submit the request to the server, size of the file obtained in response, numerical code indicating the server response status (successful, error etc.) and other parameters pertaining to the user's operating system and IT environment.
These data are used only to obtain anonymous statistical information about the use of the Website and to check that it functions correctly; they are deleted immediately after processing. These data could be used to ascertain liability in the event of any computer crimes jeopardising website security: currently, except for this possibility, data concerning web contacts is stored for a maximum of seven days.
COOKIES
Like virtually all websites, our website also uses some cookies. Cookies are small text files that the websites visited by the user (but also other websites or web servers) send and save on your computer (or mobile device). These are then re-transmitted back to the same websites (or web servers) the next time they are visited, thus sending information.
Cookies have become essential tools, as they allow modern websites to work at their best, allowing maximum customisation, interaction and fluidity of navigation. But they can also be used to track user browsing and then send advertisements in line with those preferences.
Cookies can be:
The Italian Data Protection Authority considers cookies to be technical if they are session cookies, functionality cookies and - only subject to certain conditions - analytics cookies; in particular, the Italian Data Protection Authority, in its decision of 8 May 2014, has specified that the latter may be treated as technical cookies only if they are used for optimisation of the website directly by the website owner, who may collect aggregate information on the number of users and how they browse the website.
The user can choose whether to cancel or block, some (or all) of these cookies by configuring the browser. As a rule, these programs also allow, with a special option, to specifically block third-party cookies. Each browser has different procedures for managing cookies, here are the links to the specific instructions for the most popular browsers:
Internet Explorer:
http://windows.microsoft.com/it-it/internet-explorer/delete-manage cookies#ie=ie-11
Google Chrome:
https://support.google.com/accounts/answer/61416?hl=it
Apple Safari:
http://support.apple.com/kb/HT1677?viewlocale=it_IT
Mozilla Fireforx:
https://support.mozilla.org/it/kb/Attivare%20e%20disattivare%20i%20cookie
Please note that disabling cookies altogether in the browser may leave the user unable to use all the interactive features.
OUR COOKIES
| Category / Type | Cookie name | Purpose |
| Web functions | DispParams | Stores the information necessary for the availability search. |
| Web functions | no_mostrar_banernew | Prevents the information banner from appearing again. |
| Safety | crsftoken | Prevents third parties from operating on the websites in which we started the session, without our consent. |
|
| ||
| THIRD PARTY COOKIES | ||
| Category / Type | Third parties | Purpose/Further information |
| Site analysis | | Monitor user browsing on the web in order to analyse its use, identify possible problems and improve ease of use. |
| Management of favourites and links | AddThis, Facebook, Google+, Twitter | They allow sharing links in social networks and on the most popular websites. |
|
| ||
| THIRD PARTY COOKIES INTENDED FOR MARKETING | ||
| Category / Type | Third parties | Purpose/Further information |
| Marketing - Retargeting. | Zanox, Ve Interactive, TripAdvisor | Management of advertisements with the best offers based on locations where previous searches were performed. |
| Marketing - Retargeting. | Affilinet, Google Adwords. Sociomantic, TripAdvisor | Check the effectiveness of advertising campaigns to show the most important messages. |
The Cookies we use allow us to improve our website and provide a more personalised service to our users. If after providing your personal information you want a copy or wish to correct or delete it, please contact us. You will find the details of every RoiBack office on http://www.roiback.com/
If you do not wish to enable Cookies, you can change your browser settings; the Help function in your browser will explain how to proceed. You can also visit the site www.aboutcookies.orgwhich contains detailed information on how to manage Cookies on a wide range of browsers.
In case of services provided by third parties, the User may also exercise its right to object to tracking by inquiring through the Privacy Policy of the third party and contacting it directly. Notwithstanding the above, the Controller reminds the User that it can make use of Your Online Choices.
This service allows users to manage tracking preferences for most advertising tools. The Controller, therefore, recommends that Users use this resource in addition to the information provided in this document.
Please note that by blocking Cookies you may not be able to use all features of this website, especially the Booking Engine.
PROCESSING METHODS
Personal data are processed electronically or in any case using automated tools (for example, using electronic procedures and supports) and/or manually (e.g. on paper) for the time strictly necessary to achieve the purposes for which the data were collected and in any case in compliance with the current regulations in force. In order to prevent data loss, illicit or incorrect use of data and unauthorised access, specific security measures are implemented.
DATA PROCESSING LOCATION
Processing connected to the website services of Grand Hotel Minerva takes place at the offices indicated above and at the Travelclick server farm and are only handled by technical personnel in charge of processing, or by persons in charge of occasional maintenance operations.
No data deriving from the web service is disclosed.
Personal data provided by users who request sending of informational material are used only to provide the service requested and are communicated to third parties only where this is necessary for said purpose (e.g. shippers or carriers).
DATA TRANSFER
Personal data are stored on servers located in Italy, and in any case within the European Union. The Data Controller hereby ensures that wherever external data processing managers (Articles 28 and 29 GDPR) with servers located outside the EU are used, the assignment will be carried out in accordance with the applicable legal provisions, for example subject to the standard contractual clauses provided for by the European Commission.
OPTIONAL PROVISION OF DATA
Except for the browsing data specifications, the user is free to provide personal data contained in any request forms.
Failure to provide data may make it impossible to obtain the requested service.
THE DATA CONTROLLER
The data controller is Immobiliare Minerva S.p.A. Company with Sole Shareholder - Piazza Santa Maria Novella, 16 - 50123 Florence - Tax Code & VAT No 00907460489 - Tel: 055 27230, email: info@grandhotelminerva.com.
ACCESS TO DATA. RECIPIENTS OF THE PROCESSING
Your data may be made accessible for the purposes indicated in this document to:
The processing managers are specifically appointed by the data controller on the basis of a written agreement pursuant to Articles 28 and 29 of the GDPR. The updated list of external managers is available at the registered offices of the Data Controller. You can request the updated list at any time by contacting the Data Controller at the addresses and contacts indicated in this document.
RIGHTS OF THE DATA SUBJECT
Pursuant to Article 7 of Legislative Decree 196/2003 and Articles 15-22 of EU Regulation No 2016/679, you can exercise the following rights at any time:
You can exercise your rights by means of a written request sent to one of the addresses of the Data Controller indicated above.
AMENDMENTS
the Controller reserves the right to modify or amend, at any time, this web and cookies privacy policy published on this website, especially as a result of the entry into force of new sector regulations. The users may check, at any time, the latest version of the web and cookies privacy policy on the website, as updated from time by time by the Controller.
The purpose of this document ("Policy") is to provide you with indications regarding the processing of information by the Data Controller as specified below, pursuant to Article 13 of the GDPR, in relation to the hotel service and catering.
THE DATA CONTROLLER
The data controller is Immobiliare Minerva S.p.A. Company with Sole Shareholder - Piazza Santa Maria Novella, 16 - 50123 Florence - Tax Code & VAT No 00907460489 - Tel: 055 27230, email: info@grandhotelminerva.com.
CATEGORIES OF PERSONAL DATA PROCESSED
Within the limits of the purposes and methods described in this policy, the following information may be processed: a) "Data of a common nature", including your bank details and your contact details such as, by way of example, mobile phone number, residential or home address, e-mail address; b) "Particular Data" as characterised, in accordance with applicable law, by a particular nature; by way of example, reference is made to those able to provide information on the state or on the health conditions of the user, religious or philosophical beliefs (Art. 9 of EU Regulation 679/2016).
For ease of reference, the expression "Personal Data" shall be intended within this policy, as a reference to all of your Common and Particular Data, unless otherwise stated.
PURPOSE AND LEGAL BASIS OF THE PROCESSING
Personal Data collected to avail of the hotel services will be processed for the purposes and on the following legal bases:
3.1 for the management of your contractual relationship concerning the service requested, or to execute pre-contractual measures (such as, for example, the request for information or the quote), to acquire and confirm your booking of accommodation and ancillary services, and to provide the requested services. For this purpose, you may decide to confer Particular Data to the Data Controller in order to request the performance of an additional service to the contractual relationship and/or to the requested service concerning needs related to your health, such as, for example, allergies, diseases, and/or food or other intolerance, i.e. those data that reveal conditions relating to healthcare. Since this concerns processing necessary for the definition of the contractual agreement, for its subsequent implementation, and/or to perform the services requested by you, you are free to provide your personal data. However, in case of failure to provide them we will not be able to confirm the reservation or provide the requested services. Any Particular Data you have provided will be processed only in case of your explicit consent.
Legal basis of the processing: execution of the contractual relationship, legitimate interest of the Controller in relation to any disputes concerning the contractual relationship. In the case of the provision of particular data, the legal basis also includes your consent.
For this purpose, your data will be kept for the entire duration of the relationship and subsequently for 10 years (the time required for the ordinary prescription period). Any Particular Data you have provided will be stored only for the time strictly necessary to perform the service requested by you, unless you provide us consent to retain it for a longer period;
3.2 to fulfil the obligation pursuant to the "Consolidated Law on Public Security" (Article 109 of the Royal Decree No 773 of 18.6.1931.) that requires us to provide the Police Headquarters personal details of customers we accommodate, for purposes of public security, in accordance with the procedures established by the Ministry of the Interior (Decree of 7 January 2013). Since this concerns processing necessary to fulfil legal obligations, you are free to provide your personal data, however in case of failure to provide them we will not be able to provide the requested services, and we will not be able to accommodate you in our facility.
Legal basis of processing: implementation of legal obligations to protect public security.
Therefore, we do not store acquired data after the termination of the relationship referred to in point 3.1, unless you provide us with the consent to the conservation as provided in point 3.5;
3.3 to comply with current administrative, accounting and tax requirements. The data are processed by us and our representatives, and are communicated outside our organisation only to fulfil our legal obligations. Since this concerns processing necessary to fulfil administrative, accounting and tax obligations, you are free to provide your personal data, however in the event of failure to provide them, we cannot confirm the reservation or provide the requested services.
Legal basis of processing: execution of a contractual relationship, execution of administrative, accounting and tax legal obligations; legitimate interest of the Controller by right of defence (in case of audits by the authorities in charge).
For these purposes, your data will be kept for the time provided for by the relevant regulations;
3.4) to provide services which focus on customer satisfaction, carried out upon your request, concerning your needs and/or preferences, such as, for example, a room or a floor preference for accommodation, presence of items and/or other. You may decide to provide the Data Controller also Particular Data for this purpose. The Data Controller may only process these categories of data upon your express and free consent, expressed in writing at the bottom of this policy and revocable at any time.
Your refusal to grant consent to the processing will not prevent you from using the service referred to in point 3.1) and any additional services chosen by you. Legal basis for processing: your consent.
Data acquired for this purpose is not stored after the termination of the relationship referred to in point 3.1, unless you grant your consent to the conservation.
3.5) to speed up the registration procedures at the Hotel for the purposes referred to in 3.1, 3.2. and 3.3 in the case of your subsequent stays at our hotel. For these purposes, after obtaining your express and free consent, revocable at any time, your data, provided for the categories of data and purposes referred to in points 3.1, 3.2 and 3.3, will be used when you return to our hotel. Your refusal to grant consent to the processing will not prevent you from using the service referred to in point 3.1) and any additional services chosen by you.
Legal basis for processing: your consent.
Your data will be kept for a maximum period of 5 years for this purpose.
3.6) to guarantee the application of services referred to in point 3.4 (focused at achieving customer satisfaction) in the case of your subsequent stays at our hotel. For these purposes, after obtaining your express and free consent, revocable at any time, your data will be used when you return to our hotel. Your refusal to grant consent to the processing will not prevent you from using the service referred to in point 3.1) and any additional services chosen by you.
Legal basis for processing: your consent.
Your data will be kept for a maximum period of 5 years for this purpose.
3.7) for the protection of people, property and company assets through a video surveillance system of certain areas of the facility, identifiable by the presence of appropriate signs. Your consent is not required for this processing, as it pursues our legitimate interest in protecting people and property from possible aggression, theft, robbery, damage, acts of vandalism and for purposes of fire prevention and work safety.
Legal basis for processing: legitimate interest of the Data Controller for the purpose of implementing measures to protect people, property and corporate assets. Images recorded for these purposes are deleted after 24 hours, except holidays or other cases of closure of the facility, and in any case within one week. They are not communicated to third parties, except in cases where it is necessary to adhere to a specific investigation request by the judicial or police authorities.
3.8) to carry out tasks such as receiving messages and telephone calls addressed to you during your stay. Your consent is required for this purpose. You can revoke your consent at any time. In case of refusal to grant consent to the processing we cannot perform the service of receiving messages and phone calls addressed to you during your stay. Your refusal to grant consent to the processing will not prevent you from using the service referred to in point 3.1) and any additional services chosen by you.
Legal basis for processing: your consent.
Your data collected for this purpose will be kept until your departure from the hotel.
3.9) for marketing purposes and therefore to send you reminders and promotional communications, to send you updates on the rates and offers by the Data Controller, communications relating to events organised by the Data Controller. The Data Controller may process these categories of data only after obtaining your express and free consent, revocable at any time, expressed in writing at the bottom of this policy. Your refusal to grant consent to the processing will not prevent you from using the service referred to in point 3.1) and any additional services chosen by you.
Legal basis for processing: your consent.
Your data collected for this purpose will be kept for a maximum period of 8 years.
PROCESSING METHODS
Personal data will be processed using manual, software or electronic tools, suitable for guaranteeing security and confidentiality in accordance with the provisions of Articles 24 and 25 of the GDPR and will be performed by personnel duly trained to observe the GDPR.
Apart from the cases in which it is necessary to contact you for needs related to the management of your contractual position, where you consent to the processing of your data, you can be contacted via e-mail, sms, or through any equivalent electronic tool or by mail or phone call to all the contact details provided, for the purposes referred to in points 3.1) and 3.9). If you prefer to be contacted only at one or some of these addresses, you can make a specific request by contacting the Data Controller at the addresses indicated in point 1) of this policy. Your data will be stored in one or more appropriate archives or databases of the Data Controller, in compliance with the retention times indicated for each purpose, excluding Particular Data that will be kept only if we receive your express consent.
DATA PROCESSING LOCATION
Processing connected to the website services of Grand Hotel Minerva takes place at the offices indicated above and at the Travelclick server farm and are only handled by technical personnel in charge of processing, or by persons in charge of occasional maintenance operations.
No data deriving from the web service is disclosed.
Personal data provided by users who request sending of informational material are used only to provide the service requested and are communicated to third parties only where this is necessary for said purpose (e.g. shippers or carriers).
DATA TRANSFER
Personal data are stored on servers located in Italy, and in any case within the European Union. In any event, it shall be understood that, if necessary, the Controller reserves the right to relocate the servers, including outside the EU. In this case, the Controller guarantees as from now that the transfer of data outside the EU will take place in accordance with the applicable legal provisions, for example subject to the standard contractual clauses provided for by the European Commission.
ACCESS TO DATA. RECIPIENTS OF THE PROCESSING
Your data may be made accessible for the purposes indicated in this document to:
The processing managers are specifically appointed by the data controller on the basis of a written agreement pursuant to Articles 28 and 29 of the GDPR. The updated list of external managers is available at the registered offices of the Data Controller. You can request the updated list at any time by contacting the Data Controller at the addresses and contacts indicated in this document.
The Data Controller hereby ensures that wherever external data processing managers (Articles 28 and 29 GDPR) with servers located outside the EU are used, the assignment will be carried out in accordance with the applicable legal provisions, for example subject to the standard contractual clauses provided for by the European Commission.
RIGHTS OF THE DATA SUBJECT
Pursuant to Article 7 of Legislative Decree 196/2003 and Articles 15-22 of EU Regulation No 2016/679, you can exercise the following rights at any time:
AMENDMENTS
The Controller reserves the right to modify or amend this privacy policy posted on the website, at any time, especially as a result of the entry into force of new sector regulations. The users may check, at any time, the latest version of the web and cookies privacy policy on the website, as updated from time by time by the Controller.
Last update May 2018