We wish to inform you that your personal data, collected through registration or booking, will be used by Hotel delle Nazioni, in full compliance with the fundamental principles laid down by legislative decree n. 196 of 30 June 2003 (and s.m.i.) and by European Regulation 679/2016 - GDPR.
Below, we summarize all the operations we perform that involve the collection, storage or processing of your personal data, and the purposes we pursue with each of them:
1. Collection and storage of your personal data for the purpose of providing the booking / purchase service. Since these are treatments necessary for defining the contractual agreement and for its subsequent implementation, the provision is mandatory. If provided online, these data are acquired by data processors (Article 28 of EU Regulation 679/2016), whose list is available at the Hotel's headquarters. Failure to provide such data will make it impossible to provide you with the booking / purchase service.
2. Collection of your credit card data, as a guarantee for the payment obligation assumed. The provision of such data is mandatory, otherwise we will not be able to manage your booking. This data will be deleted as soon as the purpose for which it was collected has been extinguished.
3. For the purpose of compliance with the "Consolidated Law on Public Security" (article 109 of RD 18.6.1931 n. 773) which requires us to communicate to the Police Headquarters, for public security purposes, the personal details of the clients lodged according to the procedures established by the Ministry of the Interior (Decree 7 January 2013). The provision of data is obligatory, and in case of refusal to supply them we will not be able to host it in our structure. The data acquired for this purpose are not stored by us after communication to the competent authorities.
4. For the purpose of compliance with administrative, accounting and tax obligations. For these purposes the processing is carried out without the need to acquire his consent. The data are processed by our authorized and / or designated internal staff and, possibly, by external managers (eg administrative, tax, tax consultant), and are communicated to the outside only in compliance with legal obligations. In case of refusal to provide the data necessary for the above mentioned obligations, we will not be able to provide you with the services requested. The data acquired for these purposes are stored by us for the time required by the respective regulations (10 years, and even beyond in the case of tax assessments);
5. To speed up the registration procedures in the event of your subsequent stays at our facility. For this purpose, upon acquiring your consent upon arrival at the facility, your data will be stored and will be used when you will be our guest again for the purposes referred to in the previous points; these data will be kept for a maximum of ten years. You may revoke your consent to such processing at any time without this affecting the provision of the booking / purchase service.
6. For marketing and profiling purposes, that is to send you promotional newsletters, also in line with your preferences, by mail, sms, whatsapp (and similar means). These data will be kept for two years. You can revoke your consent to this treatment at any time without affecting the legality of previous processing based on consent.
Your data will be processed in both paper and computer formats.
The data can be communicated to the outside in compliance with legal obligations; they can also be transferred to a third country or to an international organization, within the limits and with the guarantees provided for in Chapter V of the GDPR.
The data controller is: HOTEL DELLE NAZIONI FLORENCE - Via Luigi Alamanni, 15 - 50123 Florence - Italy | Tel +39 055 283575. At any time you can exercise your rights towards the data controller, pursuant to articles 15-22 Reg UE 679/2016 (including access, rectification, cancellation, limitation, opposition) by sending an e-mail to [email protected] or a written communication to the office of the data controller or an email to the DPO [email protected] Subject to the right to lodge a complaint with the supervisory authority www.garanteprivacy.it