Privacy Policy
This statement will also explain your options and rights regarding the data provided, without which Deck s.r.l. may be unable, in part or entirely, to offer you its services.
This information is inspired by the European Directive ePrivacy 2002/58 and subsequent amendments, in light of the provision of 8 May 2014 ("Identification of simplified procedures for information and acquisition of consent for the use of cookies") and of the document of June 5, 2015 ("Clarifications regarding the implementation of the legislation on cookies") issued by the Privacy Authority.
This statement also draws on Recommendation no. 2/2001 which the European Authorities for the protection of personal data, in the Working Group established by Article 29 of Directive no. 95/46/CE, adopted on 17 May 2001 to determine some minimum requirements regarding the collection of personal data online, and, in particular, the methods, timeframes and nature of the information that data controllers must provide to users when they connect to websites, regardless of their reasons for connecting.
All in light of the changes introduced by the European Regulation on the Protection of Personal Data, GDPR 679/2016 to the law n. 196/2003 - Privacy Code, implemented within the Italian legal system by means of Legislative Decree n. 101 of 10 August 2018.
Any form of reproduction in whole or in part of the content of this document is prohibited.
Cookie policy
What cookies are
Cookies are small files of text that websites send to and register on your device during your navigation on the sites themselves. Such cookies are retransmitted to the websites during your next visit to the same website. The cookies record user actions and preferences so that it is no longer necessary to renew such indications when you visit the website again in the future or during navigation from one page to another. Cookies, therefore, can serve to execute user authentications, to monitor sessions and to memorise information about users who access the website. They can also contain a unique identification code to keep track of user activity on the website for the purposes of statistics or advertising.
While navigating on a website, a user may also receive cookies from other websites or web servers, known as third-party cookies. Some operations cannot be completed without the use of cookies, which therefore constitute essential technical means for the functionality of the website.
Types of cookies
Cookies, classified according to their characteristics and functions, may remain on the user's device for different periods of time: session cookies, for example, are automatically cancelled when the browser is closed; persistent cookies remain on the user's device until an established end of validity date.
According to the provisions in force in Italy, express consent is not always required for use of cookies. In particular, such consent is not required for technical cookies, meaning those that serve only to transmit a communication on a network, or as strictly necessary in order to provide a service that has been explicitly requested by a user. Such cookies are indispensable for the execution of website functions or are necessary in order to execute activities requested by the user.
The Italian authority for protection of privacy (see the General Regulation "Identification of simplified disclosure statements and acquisition of consent for the use of cookies - 8 May 2014') has classified the following as technical cookies, for which express consent is not required:
-
Analytical cookies, if used directly by a web master to collect information in aggregate form about the number of users on a website and about how the same users visit the website itself.
-
Navigation or session cookies that guarantee normal navigation and fruition of a website (allowing, for example, for making purchases or providing valid credentials for access to other reserved areas).
-
Functional cookies that allow for navigation based on a series of selective criteria (such as the language or the products chosen for purchase) in order to improve the service rendered to the user.
Profiling cookies, on the other hand, meaning those configured to create a user profile for the purpose of sending advertising messages aligned with the preferences expressed by the user during web navigation, must be authorised in advance by the user.
What types of cookies are used on this website
This website makes use of technical cookies, meaning navigation and session cookies that are required for proper functioning of the website and enable the user to access the content and services as requested by the same. Analytical cookies provide insight as to how the website is used by users. These cookies do not gather information about the user's identity or any personal data. Information is elaborated in aggregate and anonymous form. Functional cookies allow for navigation based on a series of selective criteria (such as the language or the products chosen for purchase) in order to improve the service rendered to the user. Third-party cookies, that is cookies from websites or web servers other than this one, are used to promote the purposes of such third parties. For more information about the elaboration of personal data as provided in article 13 of Legislative Decree 196/2003 - Privacy Code, see the specific Privacy Statement.
How to manage cookies in the leading browsers
The user can (totally or partially) authorize, block or cancel cookies by means of the specific functions available in the navigation programme or browser. However, if all or some of the cookies are disabled, it may not be possible to consult the website, some services or website functions may not be available or may not function correctly and/or the user may have to modify or manually insert some information or preferences on each new visit to the website.
Third party cookies on this website
Third party profiling cookies are those configured to create a user profile for the purpose of sending advertising messages aligned with the preferences expressed by the user during web navigation. Third-party cookies are cookies from websites or web servers other than this one, used to promote the purposes of such third parties. We cannot exercise any specific control over such parties and their cookies. For more information about such cookies, their characteristics, functionalities and granting specific consent for their use, contact the relative third parties directly. The user normally has the option to block use of third party cookies by means of the specific option in the user's own browser programme (see above).
More instruments and information about management of consent for use of third party cookies are available on the http://www.youronlinechoices.com website.
Third party services used by this website that may install cookies, including profiling cookies, on your device are listed below:
Google Analytics with anonymized IP
SERVICE DESCRIPTION
Google Analytics is a service of statistical analysis for websites provided by Google Inc. ("Google"). Through this service, Google collects a series of personal data of visitors to the site and uses them to track and examine how they use the site. This version of Google Analytics is "anonymized", then the data of the visitors come to Google but their IP address is made anonymous and therefore not attributable to specific individual visitor. The service can install third-party cookies.
Links: Privacy Policy Google Inc., How Google uses cookies, Opt-Out
On this page, we explain how we process the personal data of users of our site in accordance with Regulation (EU) 2016/679 (GDPR).
Data Controller and Owner
Hotel Canasta Via Campo di Teste 6, 80073 Capri, Italy | e) canasta@capri.it
Types of Data collected
The types of personal data that this website collects, directly or through third parties, include: cookies, usage data, email address, first name, last name, phone number, address, country, province, password, ZIP/postal code, and city.
Other personal data collected may be described in other sections of this privacy policy or via a separate explanation placed near the with the data collection point.
Personal data may be freely provided by the user, or collected automatically when using this website.
Any use of cookies or other tracking tools by this website or third party services used by this website is used to identify users and remember their preferences for the sole purpose of providing the service required by the user, unless stated otherwise.
Failure to provide certain Personal Data may make it impossible for this website to provide its services.
Users are responsible for any personal data of third parties obtained, published, or shared through this website, and confirm that they have the third party's consent to provide the data to the owner.
Subjects Who Access the Data
In addition to the data controller subjects involved in the organization of the site (administrative, commercial, marketing, legal, system administrators) or external subjects (such as suppliers of third party technical services, postal couriers, hosting providers, IT companies, communication agencies) may have access to some categories of data and may be appointed, if necessary, as data processors by the data controller. The updated list of those with access to data can be requested from the data controller at any time.
The use of the collected Data
Data concerning the user is collected to allow the owner to provide services, as well as for the following purposes: commenting on content, contacting the user, handling payments, managing support and contact requests, managing contacts and sending messages, interaction with live chat platforms, interaction with external social networks and platforms, advertising, registration and authentication, access to third party services' accounts, remarketing and behavioral targeting, analytics, displaying content from external platforms, and commercial affiliation.
The types of personal data used for each purpose are outlined in each specific section of this document.
Data is used to provide the user with the services requested and for additional purposes for which the user has given consent.
Specifically, data is used for:
-
allow users to register on the site and use services reserved for registered users, including the possibility to purchase online through the site;
-
respond to requests sent by the user, including those sent through the contact form on the site.
In these cases, data is being processing on the legal premise of fulfilling a contract or executing pre-contractual measures undertaken at the request of the party concerned.
To do so, the user's data will be stored and processed for the time necessary to complete the processing activities (for example, registration data will be stored until the account is closed, taking into account the technical time required), keeping in mind that once this deadline has passed, the Data Controller will store the user's data until the legal deadline established to fulfill the administrative, accounting, and tax obligations required by current legislation.
In these cases, the user is obligated to provide personal data, and refusal will make it impossible for the user to take advantage of the services offered by the site and, in particular, to conclude the purchase contract through the site.
-
send the user informative and promotional materials by e-mail and through the postal service (including the newsletters and special offers) referring to products and/or services of their own and/or third parties, as well as for direct sales purposes and for carrying out market research;
-
carry out marketing surveys and promotional activities via social media.
In these cases, the legal basis for processing and storage is the consent of the interested party, who has the right to withdraw consent at any time.
For these purposes, the user's data will be retained for up to 24 months following the last contact with the Data Controller, for example the initial sales communications sent by the Data Controller.
In these cases, the user is not obligated to provide personal data.
-
monitor and track user behavior on the site, collect and record data related to navigation (pages visited, for example) and purchasing data (type of product purchased, for example);
In these cases, the legal basis for storage and processing is the consent of the interested party, who has the right to withdraw consent at any time.
For these purposes, user data will be deleted no later than 12 months from the date of collection.
In these cases, the user is not obligated to provide personal data.
Detailed information on the processing and storage of Personal Data
Personal Data is collected for the following purposes and using the following services:
Access to third party services' accounts
These services allow this website to access personal data from your account with a third party service and perform actions with it.
These services are not activated automatically, but require explicit authorization by the User.
Access to Facebook accounts (Facebook, Inc.)
This service allows this website to connect with the user's account on the Facebook social network, provided by Facebook, Inc.
Permissions asked: Email.
Place of processing : USA - Privacy Policy
Access to Twitter accounts (Twitter, Inc.)
This service allows this website to connect with the user's account on the Twitter social network, provided by Twitter, Inc.
Personal data collected: Various types of data as specified in the privacy policy of the service.
Place of processing : USA - Privacy Policy
Managing contacts and sending messages
These services make it possible to manage a database of email contacts, phone contacts, or any other contact information to communicate with the user.
These services may also collect data concerning the date and time when the message was viewed by the user, as well as when the user interacted with the message by undertaking actions such as clicking on links included in the message.
Mailchimp (Mailchimp, Inc.)
Mailchimp is an email address management and message sending service provided by Mailchimp, Inc.
Personal data collected: Email address.
Place of processing : USA - Privacy Policy
Registration and authentication
Direct registration (this website)
The user registers by filling out the registration form and providing personal data directly to this website.
Personal data collected: address, city, country, email address, first name, last name, password, phone number, and ZIP/postal code.
Selling goods and services online
The personal data collected are used to provide the user with services or to sell goods, including payment and possible delivery. The personal data collected to complete payment may include the credit card or the bank account used for directs transfers, or any other means of payment. The specific types of data collected by this website depends on the payment system used.
Cookie Policy
This website uses cookies. For additional information and to see the complete Cookie Policy see Cookie Policy .
Right of access to personal data and other rights
Users may exercise certain rights with regarding their personal data processed and stored by the Data Controller and Owner.
Specifically, users have the right to:
-
withdraw consent at any time. The user can withdraw previously expressed consent to the processing and storage of their personal data.
-
oppose the processing and storage of personal data. Users may object to the processing of personal data when it occurs on a legal basis other than consent. Further details on the right of opposition are indicated in the section below.
-
access personal data. The user has the right to obtain information on the data processed and stored by the Data Controller and on certain aspects of the processing, and to receive a copy of the data processed.
-
verify and request corrections. The user can verify the accuracy of personal data and request updates or corrections.
-
obtain limitations to processing and storage. Under certain conditions, users can request the limitation of the processing of their data. In this case, the Data Controller will not process the data for any other purpose other than storage.
-
obtain the cancellation or removal of personal data. When certain conditions are met, the user can request the cancellation of personal data by the data controller or owner.
-
receive personal data or have it transferred to another holder. The user has the right to receive personal data in a legible format, commonly used and readable by an automatic device and, where technically feasible, to obtain the transfer without hindrance to another holder. This provision is applicable when personal data is processed with automated tools and based on the user's consent, on a contract in which the user is a party or connected contractually.
-
lodge a complaint. The user can lodge a complaint with the competent personal data protection authority or act in court.
Details on the right of opposition
Users can oppose the processing and storage of their personal data without providing any reasons when their data is used for direct marketing purposes. To find out if the Owner processes and stores data for direct marketing purposes, users can refer to the respective sections of this document.
How to exercise user rights
To exercise their rights, users can direct a request to the contact details of the data controller or owner indicated here. Requests can be made free of charge and processed by the Owner as soon as possible, at most a month.
Additional information about Data collection and processing
Place of data handling and transfer of data internationally
Personal data is processed at the operational headquarters of the data controller and in any other location where the parties involved in processing and storage are located. For more information, contact the data controller or owner.
Personal data may be transferred to a country other than the one in which users are located. To obtain further information on the processing site, users can refer to the section concerning the processing of personal data.
Personal data may be transferred outside the national territory to countries located in the European Union or outside the European Union, for example to the United States.
Data transfers follow the guidelines of the European Commission on the adequacy of the protection offered by the EU-US shield regime (the so-called "Privacy Shield").
Specifically, personal data is transferred to subjects who have declared themselves to follow the guidelines of the Privacy Shield and therefore guarantee an adequate level of protection for transferred data. The services involved in data transfer are listed in the respective sections of this document. Among them, those who adhere to the Privacy Shield can be identified by consulting the relative privacy policy or by checking the status of their registration on the official Privacy Shield list.
Users' rights under the Privacy Shield are described in an updated form on the US Department of Commerce website.
To obtain further information on the processing site, the user can refer to the section concerning the processing of personal data.
With reference to transfers outside the European Union to countries not considered adequate by the European Commission, the data controller and owner will adopt appropriate security measures to protect personal data.
Users have the right to request information regarding the privacy guarantees adopted for the transfer of personal data, and instructions on how to obtain a copy of personal data or the place where they were made available.
Legal action
The user's personal data may be used for legal purposes by the data controller, in a court of law, or in the preparation of possible legal action arising from improper use of this website or related services.
The user declares knowledge that the data controller may be required to reveal personal data upon request of public authorities.
Additional information
In addition to the information contained in this privacy policy, this website may provide the user with additional and contextual information concerning particular services or the collection and processing of personal data upon request.
System Logs and Maintenance
For operation and maintenance purposes, this website and any third party services used by it may collect system logs, which are files that record the interactions and that may also contain personal data, such as the user IP address.
Information not contained in this policy
More details concerning the collection or processing of Personal Data may be requested from the Data Controller at any time. Please see the contact information at the beginning of this document.
Changes to this privacy policy
The data controller reserves the right to make changes to this privacy policy at any time by giving notice to its users on this page. It is strongly recommended to check this page often, referring to the date of the last modification listed at the bottom. If a user objects to any of the changes to the policy, the user must cease using this website and can request that the data controller removes any personal data. Unless stated otherwise, the then-current privacy policy applies to all personal data the data controller has about users.