This document describes the management methods of the website www.lemerline.it (“Site”), with reference to the processing of personal data of users (“User/Users”) who consult it.

It is information provided pursuant to art. 13 of Legislative Decree no. 196/2003, so-called Code regarding the protection of personal data (“Privacy Code”) and article 13 of EU Regulation 679/2016 (“GDPR”), to all those who visit the Site and/or interact with the Le Merline home and breakfast web services accessible through the Site.

The information is provided only for the Site and not for other websites that may be consulted by the User via links on the Site.

1. Data controller

The data controller of your personal data is the Azienda Agricola Palucci Alice of di Palucci Alice – Cavagna region 7 San Fedele Albenga (SV), email info@lemerline.com, (hereinafter “Le Merline” or “Owner”).

2. Types of data processed

2.1 Browsing data

The computer systems and software procedures used to operate the Site acquire, during their normal operation, some personal data whose transmission is implicit in the use of internet communication protocols.

This is information that is not collected to be associated with identified subjects, but which by its very nature could allow users to be identified.

This category of data includes (i) the IP addresses or domain names of the computers used by users who connect to the Site, (ii) the URI (Uniform Resource Identifier) notation addresses of the requested resources, (iii) the time of the request, (iv) the method used to submit the request to the server, (v) the size of the file obtained in response, (vi) the numerical code indicating the status of the response given by the server (successful, error) and (vii ) other parameters relating to the operating system and the user’s IT environment.

These data are used for the sole purpose of obtaining anonymous statistical information on the use of the Site and to check its correct functioning and are deleted immediately after processing.

2.2 Cookies

The following types of cookies are used on this site:

2.2.1 Technical Cookies

This type of cookie allows the correct functioning of some sections of the site.

Only technical cookies are used on this website, i.e. those used for the sole purpose of “carrying out the transmission of a communication over an electronic communications network, or to the extent strictly necessary for the provider of an information society service explicitly requested by the subscriber or by the User to provide this service” (see art. 122, paragraph 1, of the Privacy Code).

They can be divided into navigation or session cookies, which guarantee normal navigation and use of the website:

cookies, assimilated to technical cookies when used directly by the site manager to collect information, in aggregate form, on the number of users and how they visit the site itself;

cookies, which allow the user to navigate according to a series of selected criteria (e.g. language, etc.) in order to improve the service provided to the user.

the prior consent of the users is not required , while the obligation to provide the information pursuant to art. 13 of the Code.

The acquisition and processing of data deriving from the use of technical cookies is mandatory for consulting the site. In the event of opposition by the user, it will not be possible to view the site completely and correctly.

At the moment this site does not install first-party profiling cookies and Google Analytics cookies have been anonymized.

2.2.2 Third Party Profiling Cookies

This type of cookie allows a website manager to be able to show targeted advertising to users who have visited their site based on their interests through the Google advertising network or on other advertising sites. The advertising shown is based on the web pages previously visited by the user and is subsequently shown on other websites that allow the display of Remarketing campaigns. Remarketing campaigns can be created through services offered by third parties (such as the Google Adwords Remarketing tool). Remarketing campaigns generate so-called profiling cookies.

We do not currently use this type of cookie on the site.

It is possible to change your choice and/or deactivate targeted advertising via Google at the following link:

www.google.com/settings/ads/onweb/

or

http://www.youronlinechoices.com/it/le-tue-scelte

2.2.3 Other Third Party Cookies

By browsing the site the user may receive third-party cookies.

Third-party cookies are set by a website other than the one the user is visiting. This is because on each site there may be elements (images, maps, sounds, specific links to web pages of other domains, etc.) that reside on servers other than that of the site visited.

List of third-party cookies used by this Site:

It is possible to act directly on your browser to manage cookies according to your preferences.

Below are the browser provider pages which illustrate in detail how to act on privacy and tracking preferences based on the type of browser used by the user:

– Mozilla Firefox

– Google Chrome

– Safari 6/7

– Safari 8

– Internet Explorer

– Safari iOS (mobile)

– Opera 

2.3 Data provided voluntarily by the user

The Data Controller processes personal, identifying and non-sensitive data (by way of example, but not limited to, name, surname, address, telephone, email, etc. – hereinafter, “personal data” or even data) communicated by the User on the occasion of registration on the web pages of the Site or on the Owner’s registration form, of completing and sending a contact form to the Owner or, in any case, of any other request.

The User assumes responsibility for the data of third parties published or shared through the Website and guarantees that he or she has the right to communicate or disseminate them, freeing the Owner from any liability towards third parties.

3. Purpose and legal basis of the processing

The processing of the User’s personal data by the Owner is aimed at:

pursue , in accordance with art. 6.1, letter . f) of the GDPR, its own legitimate interest, consisting in guaranteeing the security of the Site and the information exchanged on it, i.e. the ability of this Site to resist, at a given level of security, unforeseen events or illicit or malicious acts that compromise the availability, authenticity, integrity and confidentiality of the personal data stored or transmitted and the security of the related services offered or made accessible;

allow the User to send requests for information and the Owner to provide the User with any feedback on the requests made;

make it possible to register and authenticate the User;

for marketing purposes only with your specific and distinct consent in accordance with art. 23 and 130 Privacy Code and art. 7 of the GDPR: sending of newsletters, commercial communications and/or advertising material on the Data Controller’s products and services via email;

allow the Owner to receive the User’s personal data via Facebook and other social networks for which the user may provide contact details;

to exercise the rights of the Owner, for example the right of defence;
to fulfill the obligations established by law, by a regulation, by community legislation or by an order from the Authority.

The purposes referred to in letters c), d) and e) will be pursued exclusively after the User has expressed his/her specific consent and free consent to such processing, without prejudice to the possibility for the latter to always request the exclusion of some methods of automated or traditional communications.

4. Consequences of a possible refusal to respond

Apart from what is specified with reference to navigation data, which are necessary in order to allow the correct functionality of the Site, to cookies, in relation to which please read the relevant cookie policy, Users are free to provide their data personal to make requests for information and to register on the Site. Failure to provide data will make it impossible to obtain what is requested and use the Almablanca service.

5. Treatment methods

Personal data are processed with IT and automated systems, such as email, databases, spreadsheets, web services for the time necessary to achieve the purposes for which they are collected.

It is specified, in particular, that the User’s personal data are processed by subjects duly appointed to carry out these tasks, constantly identified and/or appointed, appropriately instructed and made aware of the constraints imposed by law, as well as through the use of security measures aimed at guaranteeing the protection of your privacy and avoiding the risks of loss or destruction, unauthorized access, processing that is not permitted or does not comply with the aforementioned purposes.

6. Communication and dissemination of data

In any case, the communication of data to companies expressly appointed to carry out certain services within the scope of the activity carried out by the Data Controller and/or, in general, in his favor, which will operate as independent data controllers and/or or data controllers, as well as the communication and/or dissemination of data requested, in accordance with the law, by police forces, judicial authorities, information and security bodies or other public entities for purposes of defense or security of the State or prevention, detection or repression of crimes.

The data is not subject to dissemination.

The updated list of Managers can always be requested from the Data Controller.

7. Data Transfer

Management and storage takes place on servers located within the European Union at the company Aruba SpA. In any case, it is understood that the Data Controller, if necessary, will have the right to move the location of the servers to Italy and/or o European Union and/or non-EU countries. In this case, the Data Controller ensures from now on that the transfer of non-EU data will take place in compliance with the applicable legal provisions by stipulating, if necessary, agreements that guarantee an adequate level of protection and/or adopting the standard contractual clauses envisaged by the Commission. European.

8. Rights of the interested party

Pursuant to art. 7 of the Privacy Code and articles. 15 et seq. of the GDPR, the User has the right to obtain:

confirmation of the existence or otherwise of personal data concerning you, even if not yet registered, their communication in an intelligible form and access to them;

a copy of your personal data;

the rectification of your possibly inaccurate personal data;

the deletion of your personal data;

the limitation of the processing of your personal data;

in a structured format, commonly used and readable by automatic device, the personal data that you have provided to us or that you have created yourself – excluding judgments created by the Data Controller and/or by the persons in charge pursuant to art. 4 of the Privacy Code / by the persons authorized to process the data in the name and on behalf of the Data Controller pursuant to art. 4 of the GDPR – and to transmit them, directly or through the Data Controller, to another data controller (so-called right to data portability);

the indication:

the origin of the personal data;

the categories of personal data processed;

of the purposes and methods of processing;

of the logic applied in case of processing carried out with the aid of electronic instruments;

the identification details of the Owner and any managers;

the retention period of your personal data or the criteria useful for determining this period;

of the subjects or categories of subjects to whom the personal data may be communicated or who may become aware of them as designated representatives in the territory of the State, managers or persons in charge pursuant to art. 4 of the Privacy Code / persons authorized to process the data in the name and on behalf of the Data Controller pursuant to art. 4 of the GDPR;

the updating, rectification or, when you are interested, the integration of the data;

the transformation into anonymous form or blocking of data processed in violation of the law, including those whose retention is not necessary in relation to the purposes for which the data were collected or subsequently processed;

the certification that the operations referred to in letters a) and b) have been brought to the attention, also with regard to their content, of those to whom the data have been communicated or disseminated, except in the case in which this fulfillment proves impossible or involves the use of means that are manifestly disproportionate to the protected right.

Furthermore, the User has the right to object, in whole or in part:

for legitimate reasons, to the processing of personal data concerning you, even if pertinent to the purpose of the collection;

to the processing of personal data concerning you for the purposes of sending advertising or direct sales material or for carrying out market research or commercial communication.

To exercise the aforementioned rights, Users can send a communication to the email address of the Owner, referred to in the previous art. 1, indicating in the subject “Privacy exercise of rights”.

Finally, we inform you that if you believe that your rights have been violated by the Data Controller and/or by a third party, you have the right to lodge a complaint with the Guarantor for the Protection of Personal Data and/or other competent supervisory authority in strength of the GDPR.

9. Duration of processing and storage of personal data

The User’s personal data will be processed by the Data Controller only for the period of time necessary to achieve the purposes of the processing referred to in the previous article 3, after which they will be stored solely in compliance with the legal obligations in force on the matter, for administrative and /or to assert or defend one’s rights, in the event of disputes and pre-disputes.

The user can always request the interruption of the Processing or the deletion of the data.

10. Changes

This document constitutes the Privacy Policy of the Site which may be modified and/or updated at any time. If the Owner intends to process the Users’ personal data for purposes other than those provided for in the previous art. 3, undertakes to provide Users, before such further processing, with adequate information regarding these different purposes and to carry out such further processing in compliance with current legislation.

11. Complaints

Finally, we inform you that if you believe that your rights have been violated by the Data Controller and/or by a third party, you have the right to lodge a complaint with the Guarantor for the Protection of Personal Data and/or other competent supervisory authority in force of the Regulation. On this page http://www.garanteprivacy.it/home/urp