Privacy Policy

INFORMATION ON THE PROCESSING OF PERSONAL DATA
PURSUANT TO ARTICLE 13 OF REGULATION (EU) 2016/679

Data subjects: users consulting the website www.hotelsarti.com of "HOTEL SARTI S.R.L."

WHY THIS INFORMATION
Pursuant to Regulation (EU) 2016/679 (hereinafter "Regulation" or "GDPR"), this page describes the methods for processing the personal data of users consulting the "HOTEL SARTI S.R.L." website, accessible electronically at the following address: www.hotelsarti.com

This information does not concern other sites, pages, or online services reachable via hypertext links that may be published on this site but refer to external resources outside the www.hotelsarti.com domain.

DATA CONTROLLER
Following consultation of the site, data relating to identified or identifiable natural persons may be processed. The Data Controller is "HOTEL SARTI S.R.L.", with registered and operational headquarters at Piazzale San Martino 4 – 47838 Riccione (RN), VAT No. 04863080406, e-mail info@hotelsarti.com, tel. 0541 600978.

DATA PROTECTION OFFICER
The Data Protection Officer (RPD / DPO) is the company Studio Paci & C. Srl (Contact person: Dr. Gloriamaria Paci), who can be reached at the following address: dpo@studiopaciecsrl.it, phone: 0541 – 1795431, and PEC: studiopaciecsrl@pec.it

TYPES OF DATA PROCESSED, PURPOSE OF PROCESSING, AND LEGAL BASIS

1) Navigation data

Legal basis: "data processing necessary for website navigation" – contractual obligation – Art. 6 par. 1 letter b) GDPR. The computer systems and software procedures used to operate this site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This category of data includes IP addresses or domain names of computers and terminals used by users, URI/URL (Uniform Resource Identifier/Locator) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.), and other parameters related to the operating system and the user's computer environment.

These data are processed by the controller for the purpose of:

• Obtaining aggregate and anonymous statistical information on the use of the Site;

• Checking the correct usability of the content offered by the Site;

• Preventing or countering any possible computer crime or fraudulent use of the site functionalities.

Retention period: In compliance with the principles of lawfulness and data minimization (Art. 5 GDPR), navigation data will be kept for a period not exceeding the achievement of the technical purposes described above, unless needed for investigating crimes by the Judicial Authority.

2) Data communicated by the user

Legal basis: "data processing necessary to answer user questions" – contractual obligation – Art. 6 par. 1 letter b) GDPR. The optional, explicit, and voluntary sending of messages to "HOTEL SARTI S.R.L." contact addresses, private messages sent to institutional profiles/pages on social media, and the filling out and submission of forms on the site entail the acquisition of the sender's contact data, necessary to reply, as well as all personal data included in the communications.

Retention period: Data communicated by the user are kept for the time necessary to manage individual requests. Subsequent storage for statistical purposes requires anonymization.

3) Identification via Social Media

Legal basis: "execution of contractual or pre-contractual measures adopted at the request of the interested party" – Art. 6 par. 1 letter b) GDPR. You are allowed to use your social profiles, such as Facebook and Google, for identification verification for online room bookings. We will only access information you have authorized (e.g., Profile ID, name, surname, email, mobile number).

4) Newsletter

Legal basis: "consent of the interested party" – Art. 6 par. 1 letter a) GDPR. Processing for newsletter management is described in a specific notice reachable via the dedicated newsletter form. Consent can be revoked at any time by unsubscribing or emailing info@hotelsarti.com.

5) Cookies and other tracking systems

We use:

• Technical cookies: Necessary for navigation. (Legal basis: Contractual/Functional).

• Analytical cookies: Used for aggregate statistical analysis. (Legal basis: Consent).

• Profiling cookies: Used to collect preferences for targeted marketing. (Legal basis: Consent).

Full details on cookies are available in the "Cookie Settings" document found in the footer.

6) Social Media Policy

For information on processing by Social Media platforms, please refer to their respective privacy policies. We treat data provided through our dedicated social pages to manage interactions (comments, posts, messages) in compliance with current regulations.

Used platforms:

• Facebook: https://www.facebook.com/hotelsarti.riccione

• Instagram: https://www.instagram.com/hotelsarti_riccione/

RECIPIENTS OF THE DATA
Recipients include subjects designated by the Controller as Data Processors (Art. 28 GDPR) such as web agencies, digital communication providers, and system assistance providers. A complete list can be requested at info@hotelsarti.com.

SECURITY OF PROCESSING
Personal data are protected by specific technical and organizational security measures (Art. 32 GDPR) to ensure confidentiality, integrity, and availability, and to prevent unauthorized access or loss.

TRANSFER OF DATA TO NON-EU COUNTRIES
The Controller does not transfer data to non-EU countries. However, by consenting to analytical/profiling cookies, data could be transmitted to the USA. Google has declared the implementation of supplementary security measures deemed sufficient by the Controller.

RIGHTS OF THE DATA SUBJECTS
Data subjects have the right to obtain access, rectification, erasure, limitation of processing, portability, or to object to processing and revoke consent (Articles 15 to 22 of the Regulation).

Requests should be sent to the Controller at the Riccione headquarters or by contacting the DPO at dpo@studiopaciecsrl.it. You may also use the form provided by the Data Protection Authority at this link: https://www.garanteprivacy.it/web/guest/home/docweb/-/docwebdisplay/docweb/9038275

RIGHT TO LODGE A COMPLAINT
If you believe your data is being processed in violation of the Regulation, you have the right to lodge a complaint with the Garante (Art. 77 GDPR) or take legal action (Art. 79 GDPR). The complaint form is available here: https://www.garanteprivacy.it/home/docweb/-/docweb-display/docweb/4535524