PRIVACY | GDPR POLICY 679/2016
OUR COMMITMENT TO PRIVACY
Our company ORISSA INN S.p.A. (from now on Grande Albergo Maugeri) is committed to respecting your privacy and protecting your personal data.
- We will be completely transparent in the collection and processing of data.
- We will also use the data to try to get to know you better and send you personalized offers.
- If you tell us that you do not want to receive commercial information, we will stop sending. Naturally we will continue to send important information on the services eventually purchased and to keep it updated on the reservation.
- We will send you relevant information about the service purchased, to keep you updated on your booking and travel itinerary.
- We will take the necessary measures to protect and safeguard your information.
- We will respect the data protection rights and try to give you control over your own information.
PERSONAL DATA PROCESSING HOLDER
WHAT DO YOU MEAN BY PERSONAL DATA?
Personal data means those data that identify it or that could be used to identify it, such as for example the name, contact details and the history of travel and purchases. Information on your use of our website and mobile applications may also be included.
WHAT IS THE FIELD OF APPLICATION OF THIS POLICY?
This policy is applied to personal data collected, used and processed in the context of your relationship with the Grande Albergo Maugeri, as an actual or potential customer, including when you are staying with us or using our other services, when browsing our site, when contact our service operators or telephone assistance centres and when booking our services through third parties (by way of example but not limited to: travel agencies and tour operators, OTA, web booking portals).
HOW CAN YOU PROTECT YOUR PERSONAL DATA?
We make great efforts to protect the personal information you provide us. For its part, you can safeguard your data by adopting various measures that we indicate below.
Do not share the booking code
When you make a reservation, you receive a code. This reference code appears on the confirmation e-mail message.
Always keep the reservation code confidential.
If you share the code with third parties, they will be able to access your booking data through our system.
If you travel with other people and do not want them to have access to such data, it is perhaps preferable that each person makes the reservation independently.
To protect your private area on our website and mobile apps, don’t share your login information with anyone.
When you have finished using the website, online services or applications for mobile devices, log out, especially if there is a possibility that someone else has access to your computer or device. This is even more important if you use a public access computer.
Be cautious and defend yourself against possible Internet fraud and “Phishing”
There is a fraudulent practice on the Internet known as “Phishing” which consists of obtaining personal data using deceptive means. Unsolicited e-mail messages are sent to people included in lists illegally obtained from third parties and the recipients are asked to enter or confirm bank details or passwords on a cloned or false site.
WHEN DO WE COLLECT YOUR PERSONAL DATA?
We collect personal data about you every time you use our services (whether they are provided by us or other accommodation facilities acting on our behalf), including when you are staying with us, when using our website and when interacting with us in mode electronic or through our customer service centres. For more information, please read the section “What kind of personal data do we collect and store?” We can also receive personal information about you provided by third parties, such as, but not limited to:
- Companies entrusted by us for the provision of a service.
- Companies involved in its travel plans, including previous or subsequent airlines, tour operators, OTAs, booking web portals, airport operators and customs and immigration authorities.
WHAT KIND OF PERSONAL DATA DO WE COLLECT AND KEEP?
When using our services you must provide us with your personal data or those of the person or persons travelling. We collect the following categories of personal data:
- Data provided to the Grande Albergo Maugeri to complete and manage a booking or a service that requested us.
- Your name, address, e-mail, date of birth, gender, passport or ID card number, account details and payment information.
- If you book rooms or other services for other people, we can request your billing information, even if you contact the passenger directly for communications related to.
- We will know if you have booked your stay with www.hotel-maugeri.it or if you have used a different sales channel, such as a travel agency, a tour operator, an OTA, a booking web portal or our center of
- customer service.
- Data collected during your stay with us.
- In some cases we may record certain information such as how it interacts with staff before and during the stay.
- Upon check-in at the hotel we may collect additional information to facilitate the boarding on future occasions by taking advantage of new facial recognition technologies.
- Data on your travel plan.
- Data related to booking, travel itinerary, any type of additional assistance that may be required and other information related to your trip, such as special dietary requirements.
- Data on the services we have provided in the past.
- Data on previous trips, such as your previous stays in our hotel and any issues inherent to them, including the transition to higher classes (upgrades), assistance for luggage, problems at the airport, loss of luggage and your opinions as a customer.
- Data on your online registration and other interactions.
- We will keep your data to ensure proper interaction if you have registered with us via our website, Facebook or other social networks.
- We keep your data if you participate in a contest or a promotional initiative and if you interact with us through social networks like Facebook, Twitter, Instagram, Pinterest or other social networks.
- We will use the data recorded by cookies on your use of the site to learn more about your needs. This information could include, if you have entered them on our website, the booking data or the name of a passenger.
- Starting from your usage data, we will be able to know if you have visited the www.hotel-maugeri.com website and searched for a stay or other service offered by us, even if you do not complete the booking. We may use this information to contact you and offer you other booking information and location information.
- Information on the position of your device if you have navigated on the site www.hotel-maugeri.it or through our mobile app. This is his IP address.
- An IP address (or Internet Protocol) is a numeric code that can uniquely identify your computer or any other device and that can be deactivated on the device.
- Identifies the country from which you access the site or app, allows us to offer you contents that are more relevant to your interests and to use the most appropriate language.
- If you have consented, we can use the functionality of your device (eg Bluetooth, wifi and GPS) to identify your geographical location and offer you a personalised service (you can access or change this option by changing the location settings on your device).
WHEN AND WHY DO WE COLLECT SENSITIVE PERSONAL DATA?
Some personal data, such as those relating to racial origin, ethnicity, religion, health, sexual orientation or biometric data, fall into special categories subject to additional protection measures in accordance with EU data protection rules and they are considered “sensitive personal data” (special categories of data). We always try to limit the circumstances in which we collect and process data of this nature. Here are some examples of cases in which we may collect and process sensitive personal data:
- When he requests specific medical assistance from the Grande Albergo Maugeri, such as oxygen or a wheelchair.
- When you request authorization to stay with us under certain medical conditions or in a state of gestation beyond 28 weeks.
- When you decide to provide us with such information for any other reason or when such data is provided to us by third parties such as the travel agency through which you have booked.
- Furthermore, it may require a special service (for example a menu) which in itself is not a sensitive data, but may underlie or suggest information about its religion, health status or other data.
FOR WHAT PURPOSE DO WE USE YOUR PERSONAL DATA?
The main purposes of processing your personal data are those described below.
- To manage all the issues regarding your trip and to provide the services requested. We will need to use your name, address, e-mail address, contact details, date of birth, gender, passport number, account details and payment information to manage your reservations and services related to your stay, for collecting the amounts, to provide the necessary information to the competent authorities (ie law enforcement, tax, customs and immigration authorities) and why the Grande Albergo Maugeri can know who has booked a stay or service.
- To send you status updates and service announcements or procedures relating to the service purchased.
- To keep in touch with you before your stay.
- To watch over your security and meet certain legal requirements that can be applied to the Grande Albergo Maugeri.
- To lend you personalised services and offer you a personalised treatment.
- For marketing activities and to keep you informed about the services of the Grande Albergo Maugeri, only with the explicit consent of the interested party.
- We can send you information about our services by e-mail or text message.
- We may adapt the content of our sites, applications, e-mail messages and other communications to be as interesting as possible for you, also referring to destinations already visited with offers and / or services at the same locations or similar. We will be able to understand your preferences and send you information on offers such as, for example, the upgrade to higher classes (upgrade).
- If you have searched for rooms or other services, but you have not completed the booking, we will be able to remind you of our services through Facebook or Twitter depending on the services you are looking for.
- We will be able to combine anonymous data relating to the customer-supplier relationship with a third party (eg Google, Facebook) to ensure both companies greater knowledge of their behaviour, for example knowing what other websites they have visited. To send you updated information and communications. Even if you decide not to receive commercial information, we will continue to send you communications about the services you have booked, such as your stay. These communications will help you get detailed information on purchased services, including options and additional services. We may also send you communications on services already used, for example if you have had difficulties or problems, to contact you proactively and resolve the issue.
- To improve our site and the services offered.
- For management and administration purposes.
We may use and store your personal data, including purchase history, for administrative purposes, including accounting and billing activities, review, verification of credit cards and other payment cards, checks anti-fraud (also making use of credit reporting agencies and verification of payment cards), testing, maintenance and systems development.
WHEN SHALL WE SEND YOU COMMERCIAL COMMUNICATIONS?
At the time of data collection we may ask you whether or not you wish to receive our commercial communications. Please note that these commercial communications may relate to the services of the Grande Albergo Maugeri which may be of interest to you or promote our or third party services (for example, from our business partners).
We will respect your decisions regarding which communications you wish to receive and how.
HOW CAN YOU MODIFY THE TYPE OF BUSINESS COMMUNICATIONS YOU RECEIVE AND THE RECEPTION MODE?
If you decide not to receive commercial communications anymore, you can change the settings at any time. Below we indicate the channels enabled to exercise this right of choice.
Furthermore, in all the commercial communications that we send you by e-mail, there is the option to “cancel me”, which will allow you to interrupt the sending of commercial communications in electronic format. We try to cancel commercial promotions within 10 working days of receiving the request, however during this period you may still receive some messages.
Please note that even if you do not wish to receive commercial information, you will continue to receive communications (such as those described above) pertaining to the subscribed services, such as confirmation of booking messages or updates on your status.
If you ask us to stop sending commercial communications, please note that we will still retain your personal data to indicate that you do not wish to receive such information.
WHAT ARE THE LEGAL BASIS FOR THE TREATMENT OF YOUR PERSONAL DATA?
The Grande Albergo Maugeri will process your personal data only when there is a legal basis for doing so. This basis will depend on the reason or reasons for the collection and use of your data by the Grande Albergo Maugeri. Under the EU data protection rules, as well as local regulations, in almost all cases the legal basis will be:
- Need to use your data to process the booking, for the duration of the stay program and for the execution of the stipulated contract.
- Use of your personal information to operate and improve our business as a hotel as this is part of the legitimate interests of the Grande Albergo Maugeri.
- The need to use your personal data by the Grande Albergo Maugeri to fulfill a legal obligation.
- Protection of his vital interests or those of other people.
- Consent given to the use of your data by the Grande Albergo Maugeri for a specific purpose.
- Later you will find additional information on each legal basis.
- If the processing of your data is subject to any other law, the basis may differ from when indicated above and in such circumstances it may still be based on the consent you have given.
HOW LONG DO WE STORE YOUR PERSONAL DATA FOR?
We will keep your personal data for as long as necessary for the purpose that motivates the processing. For example, if you make a booking with us, we will keep the relevant information in order to be able to provide the specific travel services requested and, subsequently, for the time necessary to manage or respond to any complaint or consultation relating to the booking. We can also keep this information to continue to improve your experience with the Grande Albergo Maugeri and guarantee you the opportunity to take advantage of all the benefits of our loyalty programs.
We will actively review the data in our possession and will securely delete them when the applicable terms expire. In some cases the data will be made anonymous when there is no legal, commercial or constrained requirement with the customer that requires it to be kept.
EXECUTION OF THE CONTRACT
The Grande Albergo Maugeri will have to use your personal data to complete any reservation you make with us. For example, we will have to use your contact and payment information to provide you with the stay or other services purchased.
As a hotel and a provider of tourist services, the Grande Albergo Maugeri has a legitimate corporate interest in processing personal data collected to offer an effective service and carry out its business.
We will carry out analysis activities and use the databases to personalize your experience.
In cases where it is necessary for the exercise of legal actions.
FOR FULFILLING LAW OBLIGATIONS
There are situations in which the Grande Albergo Maugeri is subject to certain legal obligations and the use of your personal data is essential for these obligations.
In case of flight delay or loss / loss of your baggage.
By law we have an obligation to provide information about our passengers to the police
PROTECTION OF HIS VITAL INTERESTS OR THOSE OF THIRD PARTIES
There are situations in which we may have to use your personal data to protect your vital interests or those of other people.
If we collect and process health data in the event of a medical emergency and you are not in a position to give consent.
Alternatively, we may collect and process your personal data in cases where you have explicitly given your consent. We may ask you to provide us with additional information that we can associate with your profile or analyze to customize our interaction. If the basis of the processing of your personal data is the consent given, you can revoke it at any time by changing your preferences by contacting us at the address: Piazza Garibaldi 27 – 95024 Acireale (CT).
WHO DO WE SHARE YOUR PERSONAL DATA WITH?
We may share your personal data with our business partners such as, but not limited to: taxis and car rental companies. We may also disclose your personal information to third parties for the purposes indicated below:
- Law enforcement, and customs and immigration authorities of any country.
- Accommodation facilities and other suppliers necessary for the provision of the services requested when, for example, part of your travel stay includes an overnight stay in a different accommodation facility or the rental of a vehicle or the booking of an excursion. These accommodations and service providers will be indicated at the time of booking.
- Credit and debit card companies, credit reporting agencies and anti-fraud service providers, to process payments and (when necessary) carry out anti-fraud checks.
- In response to legal injunctions by governments and law enforcement agencies, such as law enforcement, customs and immigration authorities.
- External suppliers charged with providing services, such as marketing initiatives or customer surveys to be conducted in our name.
- Third parties such as law firms and courts to demand the execution or application of a contract entered into with you.
- Third parties such as law enforcement and regulatory authorities to protect our rights, our property or the safety of our customers, employees and resources.
- When it is necessary to fulfil a legal obligation in any jurisdiction, including when such obligation derives from action or omission of the Grande Albergo Maugeri.
- We do not market your personal data and we allow third parties to send you commercial communications only if you have given your consent.
IN WHAT COUNTRIES WILL YOUR PERSONAL DATA MAY BE SENT?
Your personal data may be sent to third parties located within the European Economic Area.
We may also transfer personal data to third parties located outside the country in which it is located for the provision of services associated with the services requested.
WHAT ARE YOUR RIGHTS AND HOW CAN YOU EXERCISE THEM?
Pursuant to European data protection regulations, as well as local regulations, you can exercise the following rights.
You can request a copy of all your personal data kept by the Grande Albergo Maugeri. This request is not subject to any cost.
You can change your personal data if they are inaccurate.
You can request the deletion of your personal data.
You may object to the processing of your personal data.
You can request treatment limitation in the following cases:
- During the verification of the appeal on the accuracy of your data.
- When, in the event of unlawful processing, you oppose the deletion of your data.
- When the Grande Albergo Maugeri no longer needs to process your data, but you need it instead for the exercise or defense of your claims.
- If you objected to the processing of data for the fulfillment of a public interest mission or to satisfy a legitimate interest, until the legitimacy of the purposes of the processing has been verified.
The request must be submitted in writing and must contain the following information:
- Name and postal address.
- Data subject of the request.
- Any information that allows the Grande Albergo Maugeri to locate the data object of the request, such as: Number of rooms booked and dates.
- Telephone register data (identification code, number from which the call was made, number and option chosen, date and time of the call or calls).
- You will also have to provide:
- A copy of your passport or ID to identify you and prevent third parties from exercising your rights fraudulently.
- Signature and date of the request.
- If you submit the request in the name of another person, in addition to what has been indicated so far, you must provide the authorization signed by the person concerned.
Send your request to:
Titolare del trattamento dei dati
Orissa Inn S.p.A.
Piazza Garibaldi 27
95024 – Acireale (CT)
You can also contact the Data Controller at the e-mail address firstname.lastname@example.org. Remember that if you think you could not exercise your rights satisfactorily, you can file a complaint with the corresponding Data Protection Authority (Privacy Guarantor).