This information describes the methods and purposes of collecting and processing certain Personal Data by this Website. The contact details will also be indicated to request access, modification or deletion of personal data at any time.
The processing of Personal Data of users of this Site will be carried out in Italy in compliance with:
- General Regulation on Data Protection EU 2016/679 (GDPR)
- The Italian Legislative Decree n. 196 of 30 June 2003, regarding the Protection of Personal Data
- The recommendation n. 2/2001 of the European Data Protection Authorities, to identify the minimum requirements for the collection of personal data online.
Owner and Data Controller
Following consultation of this Site, data relating to identified or identifiable persons may be processed. The Data Owter of the processing of such data is:
Le Tre Sorelle Wine Room
Via Cristoforo Colombo, 19
84017 Positano (Salerno) - Italy
Phone: +39 089.811635
The Owner undertakes to comply with a principle of strict necessity in the processing of data that may identify the User, even indirectly.
The Owner does not collect and treat in any way "sensitive data" according the definition of Reg.UE 679/2016.
Users' Personal Data will be processed by the Data Controller by taking appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of Personal Data.
The Site has been configured so that the use of personal data is reduced to the minimum necessary and makes use of anonymous data whenever it is possible to pursue the same purposes.
The Data Controller and the third party service providers used by it, unless otherwise specified, collect the User Data for purposes strictly related to the provision of its Services.
The purposes are:
to contact and respond to requests sent by the User, to collect statistical data on the use of the Website, to satisfy contracts stipulated with the User concerning the purchase or reservation of products and services, to display contents concerning their activity from and through other platforms.
To these are added purposes whose purpose is to provide a better experience to the User:
comment on contents, interaction with social networks and integration with external platforms.
With the explicit consent of the User, the purposes of:
sending commercial information via email, surveys on customer satisfaction, market research, promotional activities in general, profiling and analysis of the browsing experience for marketing and promotional purposes.
Collected data form this Website
The types of Personal Data collected and used for each purpose are indicated in the specific sections of this document.
Personal Data collected from this Site may be freely provided by the User or, in the case of Navigation Data, collected automatically during the consultation of the pages of this Site.
While browsing this Website, some personal data are acquired whose transmission is implicit in the use of Internet communication protocols and for which the User can not give consent.
Some examples of information on the devices we collect:
- Attributes such as operating system, hardware version, device settings.
- Connection information such as the name of mobile operator or ISP, browser type, language and time zone, IP address.
These data are used for the sole purpose of obtaining anonymous statistical information on the use of the Site and to check its correct functioning.
Such data could be used to ascertain responsibility in case of hypothetical computer crimes against the Site.
Personal Data explicitly provided by the User
The optional, explicit and voluntary sending of electronic mail to the addresses indicated on this Site or through pages / areas used for this function, involves the subsequent acquisition of the address / delivery of the sender, necessary to respond to requests, as well as any other data personal or not, included in the message.
The User assumes responsibility for the Personal Data of third parties published or shared via this Website and warrants that he or she has the right to communicate or disseminate them, freeing the Data Controller from any liability towards third parties.
An example of such data are: Navigation data, Name, Surname, E-mail, Telephone number, Address, ZIP code, Province, Country, State, Requests and additional data.
Data collected from third-party services
This Website uses third-party services for the purposes indicated in the respective section of this site. The information acquired is in any case subject to the User's privacy settings.
It is possible that, even if the users do not use the service, the same collect traffic data relating to the pages in which it is installed.
Google Analytics con IP anonimizzato (Google Inc)
Google Analytics is a web analytics service provided by Google Inc. ("Google"). Google uses Personal Information collected for the purpose of evaluating the use of this website, compiling reports and share them with other services developed by Google.
Google may use this personal information to contextualize and personalize the ads of its own advertising network.
Personal data collected: Cookies and usage data.
Processing location: USA
Google Tag Manager (Google LLC)
Google Tag Manager is a tag management service provided by Google LLC. It allows this site to integrate other scripts.
Personal Data collected: Cookies and Usage Data.
Processing location: USA
Google Maps (Google Inc.)
Google Maps is a map visualization service managed by Google Inc. that allows this site to integrate such contents within its pages. Personal Data collected: Cookies and Usage Data.
Processing location: USA
Facebook (Social Plugins)
Facebook "Like" button (social network facebook.com managed by Facebook, Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA). When the Sites are accessed by another website that contains this type of plug-in, the browser establishes a direct connection with the Facebook servers and sends this data to Facebook. This happens regardless of whether you are a member of Facebook, you have logged into the Sites as a member of Facebook or have clicked the plug-in. If you are a member of Facebook and you are connected to Facebook while you are on the Sites, Facebook will insert your visit to the Sites on your Facebook account, even if you do not click the social plug-in. Instead, if you click the plug-in, this information will be transmitted to your Facebook account, where it will be stored. We do not know in detail which of your data will be transmitted to Facebook or for which purpose Facebook will use such data. This information includes your IP address, the Facebook information on the site you have visited, the date and time of your visit and other information about the browser. If you enter the sites while you are still connected to Facebook, your login identification code will also be collected and processed and Facebook will assign this visit to your Facebook account. If you do not want Facebook to collect your personal data through the Sites, you must disconnect from Facebook before visiting the Sites. To know the purposes of the treatment and the subsequent use of such by Facebook, as well as your rights and possible settings on the protection of your privacy, please read the Facebook data protection guidelines carefully.
Facebook reserves the right to change the terms of this policy at any time, with or without notice.
Processing location: USA
Cookies are installed inside the browser while browsing a Website and may contain various information, some of which may allow us to identify User preferences.
This Website and its domain www.letresorellewineroom.com do not save Personal Information in cookies.
The saved data have the sole purpose of memorizing the preferences requested by the User, or, information necessary to allow the functionality of this Site and its safe and efficient browsing.
The cookies used by this site are:
- session cookies (which disappear when the browser is closed)
- persistent (expire on a pre-established date)
Data processing, sharing and methods
The Data Controller, in compliance with regulations, processes the Personal Data of Users by adopting appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of Personal Data.
The processing is carried out through IT and / or telematic tools, automated tools and with organizational and logical methods strictly related to the purposes indicated.
It is guaranteed by law that the processing of personal data is carried out in compliance with fundamental rights and the dignity of the person concerned, in particular as regards the secrecy, personal identity and the right to protection of the same.
Personal Data will be processed exclusively by persons in charge of processing specifically authorized and controlled by the Data Controller:
- employees in charge of the company organization:
administrative, commercial, marketing, legal, system administrators
- external subjects:
administrative, commercial, marketing, legal, system administrators...
- competent authorities:
law enforcement or with other governmental authorities in cases provided for by law or if strictly necessary to prevent, detect or prosecute any criminal acts and fraud.
External parties may also be appointed, if necessary, as Data Processors by the Data Controller.
In addition to the companies that act as data processors, the Personal Data are also made available to third parties, independent data controllers, for ancillary purposes related to the provision of the requested services.
The updated list of managers can always be requested at any time at the email address of the owner.
Place and communication of data
The Data are processed at the operational headquarters of the Data Controller and in any other place where the parties involved in the processing are located. For more information, contact the owner.
The User's Personal Data may be transferred to a country other than that in which the User is located, in any case they will never be transferred outside the countries belonging to the European Union, unless safeguard clauses are guaranteed or equal levels of protection of Personal Data.
The transfer will be made only to pursue Commercial Purposes agreed upon explicit request by the User.
The Data are processed and stored for the time required by the purposes for which they were collected.
- Personal Data collected for purposes related to the execution of a contract between the Owner and the User will be retained until the execution of the contract is completed.
- Personal Data collected for purposes related to the legitimate interest of the Data Controller will be retained until such interest is met.
When the processing is based on the consent of the User, the Data Controller may retain the Personal Data for a longer period until such consent is revoked. Furthermore, the Data Controller may be obliged to keep Personal Data for a longer period in compliance with a legal obligation or an order of an authority. At the end of the retention period the Personal Data will be deleted.
The User can know his rights, request further information and be up-to-date on the legislation regarding the protection of persons with regard to the processing of Personal Data by consulting the Website of the Guarantor for the protection of Personal Data at the address www.garanteprivacy.it .
The User has the right to:
- Revoke a previously expressed consent to the processing of personal data.
- Oppose to the processing of it data, if it occurs on a legal basis other than consent.
- Access to data and obtain all the information on the Data processed by the Data Controller.
The data will be provided by a copy of the Data in a format in common use, and readable by automatic device.
- Verify and request the correction of your data.
- Obtain the limitation of treatment, if certain conditions are met. In this case, the Data Controller will not process the Data for any other purpose other than its conservation.
- Request cancellation or removal (oblivion) of your Personal Data.
- Transferring data to another Data Controller, where technically feasible, obtaining or requesting the forwarding of data in a structured format, commonly used and readable by an automatic device. This provision is applicable when the Data are processed with automated tools and the processing is based on the User's consent, on a contract of which the User is a party or on contractual measures connected to it.
- Propose a complaint to the competent personal data protection authority or act in court.
The users may exercise their rights at any time by forwarding the request to the Owner ad Data Controller.
Defense in court
The User's Personal Data may be used for the defense by the Owner in court or in the stages leading to its possible establishment, by abuse in the use of the same or related services by the User.
The User is aware that the Data Controller may be required to disclose the Data at the request of the public authorities.
The Owner reserves the right to access, store and share information with regulatory bodies, law enforcement agencies or other subjects in the following cases:
- In response to a legal request, in terms of good faith and within the time limits set by law.
- For all cases where it is necessary to detect, prevent and resolve unauthorized uses of the Services or Products provided or sold by this Site, in order to detect violations of our contractual or regulatory conditions.
- In order to detect harmful or illegal activities, to protect the activity, in relation to the Owner of the Activity, the User and / or Third Parties.
The data that is collected can be consulted and stored for a prolonged period of time when they are the subject of a legal proceeding or obligation, a government investigation or investigations regarding possible violations of our conditions or regulations or to avoid damage.
We may also retain the Data for at least one year in order to avoid repetition of improper use or other violations of the conditions.
The GDPR guarantees that the processing of personal data will be carried out respecting the fundamental rights and freedoms, as well as the dignity of the interested party, with particular reference to privacy, personal identity and the right to protection of personal data.
Policy changes and updates
All documentation retrievable from this Site has been created and checked with the utmost care but the user is always required to check its accuracy and is responsible for its use.
In the event of defects, liability for direct or indirect damages suffered by the User or by third parties due to the use or non-use of the information collected is not attributable.
Although the contents of these pages are subject to continuous updating and verification, errors and / or omissions may still occur.
By accessing this Site, the User implicitly declares to have read, understood and accepted the information on Legal Notice and Privacy and declares to comply with all applicable laws and regulations..
If the User does not accept these conditions, he can not use this Site.
Last modified: Tuesday 11 September 2018