INTERNAL REGULATION FOR PERSONAL DATA PROTECTION
Ultimo aggiornamento: May 4th, 2022
Information about staying in our facilities (period and time of stay, room / structure occupied or reserved, reservations)
Information about the services requested or used (phone calls made, minibar, alarm clock, additional services provided by related companies or other suppliers, etc.)
Information that originates from the stay in our facilities (needs treated by the staff responsible for meeting them, requests and reservations sent to the reception or through the reception, etc.), which, in the absence of a specific consent or particular needs, are preserved only for the time necessary to ensure the best service
In some cases, known by the customer, data relating to the Organization (travel agency, company, association, etc.) that has organized or offered to the visitor the stay at our facilities
Data obtained from the questionnaires of "satisfaction rating" or during telephone interviews, always assessing the degree of satisfaction
When using the wifi internet access: information about visited sites and internet transactions associated with the IP address used by the guest (navigation log) more specifically, such data:
In the case of payment by credit card or check, a photocopy of the identity document can be requested and obtained as guarantee of correct identification of the customer, which will be kept, unless different requirements, until the payment is well completed and/or the in the case of possible controversy.
We recall that the law establishes special protection for sensitive data: data suitable for revealing racial or ethnic origin, religious, philosophical or other beliefs gender, political opinions, membership of parties, syndicates, associations or organizations of a religious, philosophical, political or trade union type, as well as personal data suitable for revealing the state of health and sexual life. " They may be processed only with the written consent of the person concerned. Some of the data described above, such as those relating to particular guest requests, might fall technically in this category; for this reason specific consent will be required to the person concerned, where the characteristics or the methods of treatment should be required.
We remind you that the rules establish special safeguards for data defined as "special" by art. 9 of the EU Reg. 2016/679 (personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, as well as genetic data, biometric data intended to uniquely identify a person physical, health or sexual life data or sexual orientation of the person). Some of the data described above, such as those relating to particular requests of the guest, could technically fall into this category; for this reason specific requests will be ask to the data subject, should the characteristics or methods of processing require it
(A) to comply with obligations deriving from Community laws, regulations and regulations, including the obligation to inform the Authorities provided in art.109 of Royal Decree 773 of 18 June 1931 and subsequent amendments;
B) fulfill contractual and accounting and tax obligations; The services required by the data subject or by third parties on behalf of the person concerned.
C) offer guests attentive and customized services throughout their stay in our facility including, for example: secretarial service, reception of mail, delivery of mail and parcels, passage of telephone calls, reservation of external services, communications concerning special offers or events;
D) Recognize the guest and always guarantee the same personalized services in all the facilities operated by HUMAN COMPANY Srl
E) purposes connected with the public relations, information, commercial and customer satisfaction. In particular, the addresses, email and email addresses provided may be used for sending courtesy and / or advertising material relating to services similar to those in the current business relationship. It is understood that the guest has the right to object at all times to this treatment.
In this regard, it should be noted that the law allows the use of the e-mail address provided by the data subject when purchasing a travel / subscription ticket, provided that it does not deny such use;
(F) assert or defend a right, even by acting as representative agents, either in an out-of-court or in an administrative or judicial capacity;
G) regarding any reports:
Ensure a timely and accurate response to guest reports, facilitating the creation of an effective communication channel between the Company and the Customer-user;
Enhance the customer acquisition system, needed for verification, to improve a service that is more and more adapted to environmental demand and constraints;
Provide systematic registration and systematic analysis of service disparities to correct defects.
as they are necessary to fulfill obligations deriving from a contract in which the data subject is a party as well as the related legal obligations or to satisfy his requests (in particular for the purposes referred to in the previous point a-b-c-g)
as necessary for the pursuit of legitimate interests of the data controller, consisting in the correct organization and planning of activities and the improvement of their service, in the protection of assets and credit, as well as in processing personal data for direct marketing purposes always keeping account of the reasonable expectations nurtured by the data subject based on his relationship with the data controller (ref. art. 130 c.4 D: Lgs. 196/2003) in particular for the purposes of the previous point letters c d e g,
having the data subject express their consent, in relation to the further storage, to the use of addresses, even different from the e-mail address, for marketing and communication activities, to the processing of data included in the special categories referred to in art. 9 EU Reg. 2016/679;
as necessary to assert or defend a right in court or to assess whether there is a right to be usefully protected in court
In any case, the administrative data will be kept in accordance with the terms of the law; the other data acquired or filed during the stay at the facilities will be kept in a confidential form, until the payment is well completed and the time available for any disputes is exceeded, however not for 6 months, except for different needs; With the consent of the person concerned, such data will be kept further (for a maximum period of three years from the customers’ last stay in our faciliaties) in a database of HUMAN COMPANYI Srl for the sole purpose of recognizing the guest and always guaranteeing the same personalized services in all the facilities managed by the subsidiary companies.
To the persons indicated by the guest or by someone acting on their behalf at the time of acceptance or during stay in our facilities
To the Public Safety Authority or to Public Bodies in compliance with statutory requirements
Limited to accounting and tax data to banks, lenders, data processing companies and credit card companies, for activities strictly related to the execution and administrative management of the contract.
To insurance institutes, public bodies and public bodies for the fulfillment of legal obligations.
Only at the guest's request, to foreign embassies / consulates / indicated by the guest,
To vector companies (Travel Agencies, Tour Operators, etc.) in the form of confirmation, who have direct contact with the guest and who have been involved in the organization of the stay;
The sole data concerning the presence in our facilities, possibly with reference to the occupied accommodation, may only be communicated with the consent of the guest:
To parent companies, subsidiaries and affiliates, always and for the purposes described in paragraph 3 above
To other subjects who need access to certain data for auxiliary purposes in accordance with the previous point 3, always within the strictly necessary limits to carry out the duties delegated to them, such as: tax compliance, accounting, assurance, insurance, information system management, financial services;
Of course, all the above-mentioned communications are limited to the data required by the recipient body (which will remain a self-titular holder for all subsequent treatments) for carrying out their duties and / or for achieving the purposes associated with the communication itself.
The processing of the data may also consist of their communication abroad, both inside and outside the European Union, to the country of origin or destination of the guest and to the strictly necessary data in relation to specific requests by the guest himself.
The data in question will not be disclosed.
However, it is important to remember that the facilities has many common areas where guests or visitors make video-photographic shots in which other guests or visitors could then appear, destined for publication, for example, on social channels or websites.
compulsory as far as is necessary for the treatments referred to in points (a) and (b) of paragraph 3 above and if not allowed it may make impossible the execution of the contract;
obviously optional in relation to points (c), (d) and (f) of paragraph 3 above, so a specific consensus is required, without which there will be no consequences except the inability to serve the host better.
It should be specified that most treatments are
Support staff in security and access control activities
Preventing from possible damages, thefts or goods removals
Ensure the safety of staff and guests by detecting situations of particular danger or accidents
Identify the most suitable form of intervention, enabling correct sizing in case of special hazard or accident
To allow for the reconstruction of the dynamics of significant facts for the protection of the safety of persons or in the case of illicit perpetrators of damage to the guests and / or to the facility and its staff
To comply with provisions issued by the Judicial Authority and / or the Judicial Police;
To claim or defend a right by a third party;
Eventually to complete the documentation accompanying the complaint filed with insurance companies.
The legal basis of this treatment consists in the legitimate interest of the Data Controller coinciding with the declared purposes.
Figline Agriturismo S.r.l. (Via Spadini 31 – Prato - P. IVA 01681640973) for Norcenni Girasole Village and Villa La Palagina
Elite Firenze Gestioni S.r.l. (Via Norcenni 7 - Figline Incisa V.no (FI) P.IVA 05813700480) for Plus Florence and Firenze Camping in Town
Roma Camping S.r.l. (Via Aurelia 831-Roma - P.IVA 00954081006) for I Pini Family Park e Roma Camping in Town
Elite Livorno Gestioni S.r.l. -(Via Norcenni 7 - Figline Incisa V.no (FI) - P.IVA 05813780482) for Park Albatros Village and Montescudaio
Delta S.r.l. (Via G.Leopardi 31 - Montevarchi (AR) - P.IVA 01954310510) for Jolly Camping in Town
Società Agricola Le Driadi S.r.l. (Via Norcenni 21 - Figline Incisa V.no P.IVA 05627800484) for Fattoria la Palagina
Plus Prague S.r.o. (Privozni 1562/1 - Praga - P.IVA CZ699003294) for Plus Prague
Adakitalia S.r.l. (Via Norcenni 7 - Figline Incisa V.no (FI) P.IVA 04719560486) for Norcenni Tour and Human Travel
Plus Berlin G.m.b.h (Warschauer Platz 6\8 - Berlino - P.IVA DE270699817) for Plus Berlin
Elite Veneto Gestioni S.r.l. - Via Norcenni 7 - Figline Incisa V.no (FI) P.IVA 05813690483) for Altomincio Family Park
Roma Gestioni S.r.l. (Via Aurelia 831 – Roma - P.IVA 08219321000) for Fabulous Village
ECV Shops S.r.l. (Via Generale C. A. Dalla Chiesa 13 - 50136 Firenze) P.IVA e C.F. 06441810485 Management of markets and bazaars
La Quarta S.r.l. (Via Generale C. A. Dalla Chiesa 13 - 50136 Firenze) P.IVA e C.F. 06441820484, Management of restaurant and bar activities
O’Tel S.r.l. (Via Generale C. A. Dalla Chiesa 9 - 50136 Firenze) [P. IVA 05467430483] | Real estate property - business rental
Holding Terza S.r.l. (Via Generale C. A. Dalla Chiesa 13 - 50136 Firenze) C.F. 06438440486, Holding restaurant and market branch
La Terra dei Sensi S.r.l. (Via Generale C. A. Dalla Chiesa 13 - 50136 Firenze) C.F. 06717970484, ANTS program management
Camping International S.A. (Um Birkelt n.1, Larochette, Lussemburgo) N° TVA: LU13005324, for Camping Birkelt
to ask the data controller to access personal data and to correct or delete them or limit the processing of personal data concerning them and to oppose their processing,
if the processing is carried out by automated means (computer) and on the basis of his consent, to receive the personal data concerning him / her and / or to obtain direct transmission in a structured, commonly used and automatically readable format, or to another data controller, if technically feasible.
to withdraw his consent at any time (without prejudice to the lawfulness of the processing based on the consent before the revocation), obviously this for the processing carried out on the basis of this assumption
to lodge a complaint with a supervisory authority: Garante per la protezione dei dati personali - Piazza di Monte Citorio n. 121 00186 ROMA - Fax: (+39) 06.69677.3785 - Centralino telefonico: (+39) 06.696771 - E-mail: [email protected] - posta certificata [email protected]
To exercise their rights, the Guests can send a communication to [email protected] or contact the Director of the accommodation facility where they stay or have stayed, who can be contacted through the reception or the addresses already known to the data subject , bearing in mind that it will not be possible to answer requests received by telephone where there is no certainty about the identity of the applicant.