Privacy e Cookie Policy

Processing of personal data

Macarro SRL informs you, pursuant to Article 13 of Legislative Decree no. 196 of 30.6.2003 (hereinafter, “Privacy Code”), Legislative Decree 101/2018, and Article 13 of EU Regulation no. 2016/679 (hereinafter “GDPR”), that your data will be processed in the following manner and for the following purposes:

1. Object of the Data Processing

The Data Controller processes the personal identification data (for example, name, surname, company name, address, telephone numbers, e-mail addresses, bank and payment details – hereinafter, “personal data” or just “data”) that you provide when entering into a service contract with the Data Controller.

2. Purpose of the Data Processing

Your personal data is processed:

A) without your express consent (Article 24, letters (a), (b), and (c) of the Privacy Code and Article 6, letters (b) and (e) of the GDPR) for the following service purposes:

  • 1. to respond to your requests for information;
  • 2. to stipulate contracts for the services provided by the Data Controller;
  • 3. to fulfil the pre-contractual, contractual and tax obligations arising from existing relationships with you;
  • 4. to fulfil the obligations established by Italian law, by a regulation, by European Community legislation, or by order of an Authority (for example relating to anti-money laundering);
  • 5. to exercise the Data Controller’s rights, such as the right of defence in court;

B) without your express consent (Article 24, letters (a), (b) and (c) of the Privacy Code and Article 6, letters (b) and (e) of the GDPR), for the following Service Purposes: preparation and sending of the estimate. 

C) marketing purposes and newsletters.
Subject to your consent, which is optional in itself, the company can process your personal data (email addresses, postal addresses and telephone number) to send you business proposals, new offers and newsletters.
We inform you that if you are already a customer of ours, we may send you commercial communications relating to the Data Controller’s services and products, similar to those you have already used, unless you dissent (Article 130(4) of the Italian Privacy Code).

3. Processing procedures

Your personal data is processed using the methods indicated in Article 4 of the Privacy Code and Article 4 (2) of the GDPR, and more precisely: collection, registration, organisation, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation, erasure and destruction. Your personal data is processed both on paper and electronically and/or by automated means.

The Data Controller will process personal data for the time needed to fulfil the above purposes and for a period not exceeding 10 years from the termination of the relationship for Service Purposes, and in the case of processing for preventive purposes, the data is stored for 3 years.
For the purposes of point C, the duration is 2 years.

4. Access to Data

Your data may be rendered accessible for the purposes referred to in Article 2 (a) and 2 (b)-2 (c):

  • 1. to employees and collaborators of the hotel, in their capacity as internal appointees and/or managers of the treatment and/or system administrators;
  • 2. to third-party companies or other entities (for example, web agencies) that carry out outsourced activities on behalf of the Data Controller, in their capacity as data processors.

5. Data communication

Without the need for express consent (pursuant to Article 24, letters (a), (b), and (d) of the Privacy Code and Article 6, letters (b) and (c) of the GDPR), the Data Controller may communicate your data for the purposes referred to in Article 2 (a) to Supervisory Bodies (such as IVASS – Italian Institute for the Supervision of Insurance), Judicial Authorities, insurance companies for the provision of insurance services, and to those subjects to whom communication is mandatory by law for the accomplishment of said purposes. These subjects will process the data in their roles as independent data controllers.

Your data will not be disseminated.

6. Transfer of Data

Personal data is stored on servers located within the EU and on local storage units at the company, also within the European Union. In any case, it shall be understood that, if necessary, the Data Controller reserves the right to relocate the servers, including outside the EU. In this case, the Data Controller thereby guarantees that the transfer of data outside the EU will take place in accordance with the applicable legal provisions, subject to the entering into of the standard contractual clauses provided for by the European Commission.

7. Nature of Data Provision and Consequences of Refusal to Respond

The provision of data for the purposes referred to in Article 2 (a) is mandatory. In their absence, we cannot guarantee the services outlined in Article 2 (a).
The provision of data for the purposes referred to in Article 2 (b) is mandatory. In the absence of the same, we will not be able to carry out the service described in the point in question.
The provision of data for the purposes referred to in Article 2 (c) is optional. You can therefore decide to not provide any data or to refuse the processing of data that had been provided at an earlier date. In this case, you will not be able to receive newsletters, commercial communications, and advertising material regarding the services offered by the Controller. However, you will still be entitled to the services referred to in Article 2 (a).

8. Rights of the data subject

As an interested subject, you have the rights referred to in Article 15 and et seq. of the GDPR, specifically:

i. get confirmation of the existence of your personal data, even if not yet registered, and communication of the same in an intelligible form;

ii. obtain information on: a) the source of personal data; b) the purposes and methods of processing; c) the logic applied in the event of processing by electronic means; d) the identification data of the data controller, data processors and the designated representative as per Article 5, paragraph 2, of the Italian Privacy Code and Article 3, paragraph 1 of the GDPR; e) the entities or categories of entities to whom personal data may be communicated and who may acquire such data in their capacity as designated representative(s) in the State’s territory, data processor(s) or person(s) in charge of processing;

iii. obtain: a) updating, rectification, and, when deemed of interest, integration of the data; b) erasure, conversion to an anonymous format or blocking of data that has been processed in violation of the law, including data that does not need to be retained for the purposes for which it was collected and processed; c) confirmation that the operations described in sections a) and b) were made known, including their content, to the parties to whom the data was communicated or transmitted, except in cases when it may not be possible to do so or when it necessitates a disproportionate effort compared to the protected right;

iv. object, in whole or in part: a) for legitimate reasons, to the processing of personal data concerning you, even if relevant to the purpose for which it was collected; b) to the processing of personal data concerning you for the purpose of advertising or direct sales material or for carrying out market research or commercial communication, through the use of automated calling systems without human intervention, by email and/or through traditional marketing methods by telephone and/or mail. Please note that, with regard to direct marketing through automated methods, the Data Subject’s right to object, as set out in point b) above, is extended to traditional methods, and that the Data Subject is able to exercise their right to object, even partially. Hence, the Data Subject may decide to receive only communications using traditional methods or only automated communications or neither of the above.

Where applicable, you are also guaranteed the rights set out in Articles 16-21 of the GDPR (Right to correction, right to erasure, right to restrict processing, right to data portability, right to opposition), as well as the right to lodge a complaint with a Supervisory Authority.

9. How to exercise your rights

You may exercise your rights at any time by sending a registered letter to the registered office of the Macarro SRL, Via Caduti 7/9/43 n13, 85040 Lauria (PZ).

10. Data Controller, Data Processor and those responsible for processing

The Data Controller is Macarro SRL, with registered office at Via Caduti 7/9/43 n13, 85040 Lauria (PZ).
For the data processing referred to in points a and b, I have read the information and give my consent …………………………………………
For the data processing in point c, I have read the information and give my consent …………………………………………

Cookies

What Are Cookies?
Cookies are text files containing information that are stored on your computer or on your mobile device each time you visit a site online through a browser. At each consecutive visit the browser sends these cookies to website that originated them or other sites. Cookies allow sites to remember information  in order to guarantee fast and easy navigation like the choice of  languages or recognition of access to the site after the first visit. There are two main types of cookies: session cookies and persistent cookies. Session cookies are temporary, they improve the user experience on the site and are deleted from your computer automatically when you close your browser. Persistent cookies are stored on your computer unless you delete them or until they reach their expiration date.

Cookies On Our Site
This website can be navigated without the use of cookies by users. We use technical cookies, used to provide better service and browsing experience of this site. This site uses Google Analytics to collect information about the use of users of its website. Google Analytics generates statistical and other information through cookies, which are stored on users’ computers. We use the data related to our website for reports about the way the site is used and to improve its usability, functionality, interface and communication. Google’s privacy policy is available at: 
http://www.google.com/privacypolicy.html In particular, the information generated by the cookie about your use of the website are managed from Google’s servers in the United States. Google may also transfer this information to third parties unless required by law or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google.

Cookies for Marketing / Remarketing Third Parties
Through the placement of cookies, browsing on this site can activate Remarketing/Display Ads on Google or third party sites that refer to this site.

These cookies are used by third parties in order to present advertising banners  of Hotel Majestic on sites other than his own. While browsing this site, these cookies can be used to show products that may interesting or similar to those already watched, based on your browsing history. The use of these cookies does not involve the processing of personal data but allows the connection to your computer or other devices and track the stored data: these cookies connect to the browser installed on your computer or other devices used during navigation on our site.

The user’s navigation history, recorded by cookies, helps the activation of ads Remarketing.

For more information on Google’s Remarketing you can visit this page

Users can disable the storage of google cookies from your browser by following the instructions on these pages:

By using this website, you consent to the processing of your data by Google in the manner and for the purposes set out above.

We suggest you to consult regulary these link to the pivacy policies of other third parties. These policies can change frequently.

Cookies Management
If you’d prefer that Google Analytics does not use the data collected in any way you can:

By using this website, you consent to the processing of your data by Google in the manner and for the purposes set out above.