1. General information
Mister Holiday Srl as data controller (hereinafter, “Data Controller”), takes care of the protection of your (“customer” or “you”) personal data and respects the applicable privacy legislation (Legislative Decree no. 196/2003, “Italian Privacy Code”, European Regulation on the protection of personal data, “GDPR”). Your personal data are treated confidentially and are transferred to third parties solely on the basis of the provisions of this Policy, or with your consent.
We process the personal data you provide to us while using this Website, registering on the Website or using the mobile apps (if applicable), in particular, we process:
– the personal identification data (“Data” or “Personal Data”) that you provide to us by registering on the Site (eg in the event of a contact request) in accordance with the Italian Privacy Code and the GDPR;
– access to the pages; amount of data transferred; sessions.
2. Purpose of the data treatment
In principle, we process your Personal Data without your prior consent – in accordance with the Italian Privacy Code and the GDPR – for the following purposes:
- A) Service purposes
– to satisfy your requests (e.g. management of contact requests);
– to allow you to register on the Site;
– to provide you with our services;
– to allow the technical management of the site and its operational functions, including the resolution of all technical problems, statistical analysis, tests and research;
– to prevent or disclose fraudulent activities or abuses that damage the Site;
– to comply with the requirements of the laws in force, to safeguard the individual safety, rights and property of the Owner and to counter deception or technical problems.
Only on the basis of your prior and specific consent for the following purposes:
- B) Marketing purposes
– to send you commercial communications, information and news about our services or products.
3. Nature of the provision of data and consequences of your refusal to provide them
The provision of your data for the purposes described under point 2.A is mandatory. In the absence of the provision, we cannot guarantee your registration on the Site, nor the provision of the services listed in point 2.A. The provision of data for the purposes described in point 2.B, on the other hand, is optional. You may therefore decide not to provide any data or revoke the possibility of processing data previously provided by us. In this case, you will no longer receive our newsletters, while you continue to receive our services and you will maintain the right to register on the Site as provided for in point 2.A.enlisted here above.
4. Data processing methods
The processing of your Personal Data is carried out only if necessary and is carried out electronically through the operations indicated in the Italian Privacy Code and in the GDPR and, in particular: collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison , use, interconnection, access and communication, blocking, cancellation and destruction of data. These processing operations will be carried out by electronic and non-electronic means.
5. Access to Data
Your Personal Data will be processed by our staff responsible for the processing of personal data (including, but not limited to):
– employees and consultants authorized to manage the site and provide the related services in their capacity as data processors and / or internal managers and / or system administrators;
– employees and consultants of the legal, marketing, finance, administration and accounting departments and our other departments, in their capacity as data processors and / or internal data processors;
– third-party companies to which we, as Data Controller, outsource certain services, including processing operations, as external data processors.
6. Communication of Data
We may disclose your Personal Data to third parties in their capacity as independent data controllers and / or external data processors for the following reasons:
– to fulfill the obligations established by law, regulations, protocols and national and community legislation;
– to implement the provisions of the Authorities;
– to allow legal defense, for example, in the case of violations by web users.
7. Data transfer to non-EU / EEA countries
Information sent through our Site may be transferred to countries outside the European Union (“EU”) and / or the European Economic Area (“EEA”) such as the USA. For example this may happen if we use a technical service provider located in a country outside the EU / EEA. If we transfer Personal Data outside the EU / EEA in this way, we will take steps to ensure that your privacy rights are upheld. This means in particular that we will only transfer Personal Data to such third countries when we are allowed, for example, on the basis of an adequacy decision of the European Commission or on the basis of adequate guarantees provided by standard contractual clauses adopted by the European Commission.
8. Data retention and deletion
We, as Data Controller of personal data, keep Personal Data for the time necessary to achieve the purposes for which the Data are collected and subsequently processed, including the retention period required by applicable legislation and, in any case, for a maximum period of 10 years from the termination of our relationship with you in relation to the purposes of the service.
9. Cookies
Cookies consist of small text files that are saved on your computer when you use our Site. They are used in order to make websites work more efficiently, to improve the user experience, as well as to provide information on preferences expressed while visiting the site or authenticating to any protected areas. Our Site uses Cookies which remain on your computer for different times. Some expire at the end of each session and some remain longer so that when you return to our Site, you can benefit from a better user experience.
Web browsers allow you to exercise some control over Cookies through your browser settings. Most browsers allow you to block cookies or block cookies from certain sites. Browsers can also help you delete Cookies when you close your browser. However, you should keep in mind that this could mean that any preferences you have set on the site will be lost. We invite you to consult the technical information relating to your browser for instructions. If you choose to disable the cookie setting or if you refuse to accept a cookie, some parts of the service may not function properly or may be significantly slower.
Cookies can be technical, analytical and profiling. Our Site uses technical or “session” cookies and persistent proprietary cookies. Our Site also uses analytical cookies set by third party providers, for example, by Google Analytics. The Site does not use profiling cookies.
10. Social Plugins
Our Site may use social media plugins (“Plugins”). These services are offered by the companies Facebook Inc., LinkedIn, Twitter Inc. and Instagram LLC. (“Provider”).
If you access our site containing these plugins, your browser will create a direct connection to the servers of Facebook, LinkedIn, Twitter or Instagram. The content of the Plugins will be transmitted by the respective Providers directly to your browser and incorporated into the relevant site. By incorporating the Plugin, Providers will receive notification that your browser has accessed the site of our service, even if you do not have a profile or are not logged in. The information (which includes your IP address) is transmitted from your browser directly to a server of the Provider and stored there.
If you are connected to one of the services, the Providers can connect your visit to our Site directly to your profile on Facebook, LinkedIn, Twitter or Instagram. If you interact with Plugins, eg. By using the “Like”, “Twitter” or “Instagram” button, this information is also transmitted directly to a server of the Provider and stored there. Furthermore, this information is shown in the social network, published on your Twitter or Instagram account and shown to your contacts.
To learn more about the purpose and scope of the collection, processing and use of data by these Providers as well as the rights and settings to protect your privacy, please consult the respective privacy policies of the Providers.
If you do not want Facebook, LinkedIn, Twitter or Instagram to link the data relating to your visit to our Site directly to your profile of the respective services, you must log out of this service before visiting our Site
11. Your rights as a Data Subject
In accordance with the terms of the Italian Privacy Code and the GDPR, you have the following data protection rights as a user (“Data Subject”) of our service:
Information: the right to request information from us regarding your Personal Data processed by us, as well as access to and/or a copy of such data. This must include information about the purposes of the processing, the categories of Personal Data concerned, the recipients or categories of recipients of the data and, where possible, the proposed retention period or, if this is not possible, the criteria used for determining this period;
The right to rectification, erasure or restriction of processing: the right to request the rectification, erasure or restriction of processing of personal data;
The right to object and withdraw one’s consent: the right to object to consent or the right to withdraw the consent given at any time (without affecting the lawfulness of the processing based on the consent prior to its withdrawal);
Data portability: the right to receive the personal data you have provided to us in a structured, commonly used and machine-readable format and the right to have that data transmitted to another controller without objection from us; this includes, where technically possible, the right to have your personal data transmitted to another controller by us;
The right to object to processing: the right, on grounds relating to your specific situation, to object to processing;
Automated decisions: the right not to be subject to decisions based solely on automated processing, including profiling, which has legal effects that involve you or otherwise affect you. If such automated decisions take place in accordance with applicable laws, the right to receive meaningful information about the logic involved, as well as the meaning and consequences of such processing;
The right to lodge a complaint: the right to communicate with the Privacy Authority and, if appropriate, lodge a complaint with it.
12. Data Controller and Data Processor
The Data Controller of your Data is Mister Holiday Srl, with a registered office in Via Ordanino, 75 46043 Castiglione delle Stiviere (MN).
To exercise the above rights or to request information you can use the references indicated on the Contacts page or in the footer.
13. Changes to this Policy
We reserve the right to modify and amend this Policy in accordance with applicable privacy legislation.