Toggle navigation

Privacy Policy

PRIVACY POLICY OF vacanze2000.net

This Application collects personal data from its users.

Provider and Controller pursuant to Article 4(7) GDPR

Marchetti di Marchetti Manuel & Claudio S.N.C.
Via Lavei 16
37018 Malcesine (VR)
Italy

Tel. 045.7400327
Email: info@vacanze2000.net

Types of data collected

The personal data that this Application processes, either independently or through third parties, include: cookies, usage data and email. Full details on each type of personal data processed are provided in the relevant sections of this privacy policy or by specific explanation texts displayed prior to data collection. Personal data may be provided voluntarily by the user or, in the case of usage data, collected automatically when using this Application. Unless otherwise specified, all data requested by this Application are mandatory. If the user refuses to provide the data, this may result in this Application being unable to provide its services to the user. In cases where this Application explicitly states that certain personal data are optional, users are free not to provide such data without any consequences for the availability or functioning of the service. Users who are unsure which personal data are mandatory are invited to contact the Provider. Any use of cookies – or other tracking tools – by this Application or by third-party service providers used by this Application serves the purpose of providing the service requested by the user and any other purposes described in this document and, where available, in the cookie policy. Users are responsible for any third-party personal data obtained, published or shared through this Application and confirm that they have the third party's consent to provide the data to this Application.

Mode and place of processing the data

Methods of processing

The Provider processes user data in a proper manner and takes appropriate security measures to prevent unauthorised access, disclosure, modification or destruction of data. Data processing is carried out using computers and/or IT-enabled tools, following organisational procedures and modes strictly related to the stated purposes. In addition to the Controller, in some cases the data may be accessible to certain types of persons in charge, involved with the operation of this Application (administration, sales, marketing, legal, system administration) or external parties – such as third-party technical service providers, mail carriers, hosting providers, IT companies or communication agencies – appointed, if necessary, as data processors by the Controller. An updated list of these parties may be requested from the Provider at any time.

Legal basis of processing

The Provider may process personal data relating to users if one of the following applies:

  • The users have given their consent for one or more specific purposes. Note: In some legislations the Provider may be allowed to process personal data until the user objects to such processing ("opt-out"), without having to rely on consent or any of the following legal bases. This does not apply, however, whenever the processing of personal data is subject to European data protection law;
  • the provision of data is necessary for the performance of an agreement with the user and/or for any pre-contractual obligations thereof;
  • the processing is necessary for compliance with a legal obligation to which the Provider is subject;
  • the processing is related to a task that is carried out in the public interest or in the exercise of official authority vested in the Provider;
  • the processing is necessary for the purposes of the legitimate interests pursued by the Provider or by a third party.

In any case, the Provider will gladly help to clarify the specific legal basis that applies to the processing, and in particular whether the provision of personal data is a statutory or contractual requirement, or a requirement necessary to enter into a contract.

Place

The data are processed at the Provider's operating offices and in any other places where the parties involved in the processing are located.

Depending on the user's location, data transfers may involve transferring the user's data to a country other than their own. To find out more about the place of processing of such transferred data, users can consult the section containing detailed information on the processing of personal data. Users are also entitled to learn about the legal basis of data transfers to a country outside the European Union or to any international organisation governed by public international law or set up by two or more countries, such as the UN, as well as about the security measures taken by the Provider to safeguard their data.

If such a transfer takes place, users can find out more by checking the relevant sections of this document or by contacting the Provider using the information provided in the contact section.

Storage period

Personal data shall be processed and stored for as long as required by the purpose for which they have been collected.

Therefore:

  • Personal data collected for purposes related to the performance of a contract between the Provider and the user shall be retained until such contract has been fully performed.
  • Personal data collected for the purposes of the Provider's legitimate interests shall be retained as long as needed to fulfil such purposes. Users may find specific information regarding the legitimate interests pursued by the Provider within the relevant sections of this document or by contacting the Provider.

Furthermore, the Provider may be allowed to retain personal data for a longer period whenever the user has given consent to such processing, as long as such consent is not withdrawn. Moreover, the Provider may be obliged to retain personal data for a longer period whenever required to do so for the performance of a legal obligation or upon order of an authority.

Once the retention period expires, personal data shall be deleted. Therefore, the right of access, the right to erasure, the right to rectification and the right to data portability cannot be exercised after the expiry of the retention period.

Storage period

Purposes of processing

Personal data concerning the user are collected to allow the Provider to provide its services. In addition, data are collected for the following purposes: displaying content from external platforms, interaction with external social networks and platforms, remarketing and behavioural targeting, analytics, spam protection, tag management, handling payments and management of landing pages and invitation pages. Users may find further detailed information about such purposes of processing and about the specific personal data used for each purpose in the relevant sections of this document.

The rights of users

Users may exercise certain rights regarding their data processed by the Provider. In particular, users have the right to do the following:

  • Withdraw their consent at any time. Users have the right to withdraw consent where they have previously given their consent to the processing of their personal data.
  • Object to the processing of their data. Users have the right to object to the processing of their data if the processing is carried out on a legal basis other than consent. Further details are provided in the dedicated section below.
  • Access their data. Users have the right to learn if data are being processed by the Provider, obtain disclosure regarding certain aspects of the processing and obtain a copy of the data undergoing processing.
  • Verify and seek rectification. Users have the right to verify the accuracy of their data and ask for them to be updated or corrected.
  • Restrict the processing of their data. Users have the right, under certain circumstances, to restrict the processing of their data. In this case, the Provider will not process their data for any purpose other than storing it.
  • Have their personal data deleted or otherwise removed. Users have the right, under certain circumstances, to obtain the erasure of their data from the Provider.
  • Receive their data and have them transferred to another controller. Users have the right to receive their data in a structured, commonly used and machine-readable format and, if technically feasible, to have them transmitted to another controller without any hindrance. This provision is applicable provided that the data are processed by automated means and that the processing is based on the user's consent, on a contract of which the user is a part or on pre-contractual obligations thereof.
  • Lodge a complaint. Users have the right to bring a claim before the competent data protection authority.

Details about the right to object to processing

Where personal data are processed in the public interest, in the exercise of an official authority vested in the Provider or for the purposes of the legitimate interests pursued by the Provider, users may object to such processing by providing a ground related to their particular situation to justify the objection. Users must know that, should their personal data be processed for direct marketing purposes, they can object to that processing at any time without providing any justification. To learn whether the Provider is processing personal data for direct marketing purposes, users may refer to the relevant sections of this document.

How to exercise these rights

Any requests to exercise user rights can be directed to the Provider through the contact details provided in this document. These requests can be exercised free of charge and will be addressed by the Provider as early as possible and always within one month.

Legal information

This privacy policy has been prepared based on provisions of multiple legislations, including Art. 13/14 of Regulation (EU) 2016/679 (General Data Protection Regulation). This privacy policy relates solely to this Application, if not stated otherwise in this document.

BOOK NOW REQUEST INFO