The GDPR is the General data Protection regulation, the new European regulations for the protection of personal data operational since May 25, 2018 for the consent to the collection and to the treatment by the users.
Access to Data
The data may be made accessible by the holder of the Arcolaio in his capacity as appointee/authorized and/or internal manager of the treatment and/or system administrator and any additional internal appointees/authorised specifically indicated by the proprietor, third party companies or other entities that conduct outsourcing activities on behalf of the proprietor, (e.g. email service Manager, web agency, advertising agency, webmaster, credit card payment system) in their quality External processing managers within the meaning of article 29 of the Code relating to the protection of personal data.
Communication of data only for the purposes of service
Without the express consent of the user (ex art. 24 (a), b), d) Privacy code and art. 6 lit. b) and C) GDPR), the data controller may communicate the user’s information for the purposes of the service referred to in art. II. 1) to supervisory bodies, judicial authorities and to all other parties to whom the communication is compulsory by law for the purpose of the said purposes, as autonomous holders of the treatment. User data will not be disseminated.
Transfer of data
The personal data provided by the user may be used only to allow the sending of communications related to the requested service, by means of e-mail or telephone for initiatives and/or services proposed by the site and/or, in case of specific consent, Newsletters containing insights into the main topics related to the services offered. The user will have the right to exercise the rights set out in art. 7 Privacy code and art. 15 GDPR. In particular, the user has the right at any time to obtain from the holder the confirmation of the existence or not of personal data concerning him, even if not yet registered, and their communication in intelligible form. In relation to the treatments described in this statement, the person concerned may, under the conditions laid down by the GDPR, exercise the rights enshrined in articles 15 to 21 of the GDPR and, in particular, the following rights:
• Right of Access – Article 15 GDPR: Right to obtain confirmation whether or not a processing of personal data pertaining to it is in progress and, if so, obtain access to your personal data, including a copy thereof.
• Right of rectification – Article 16 GDPR: Right to obtain, without undue delay, the rectification of inaccurate personal data concerning and/or the integration of incomplete personal data;
• Right to cancellation (right to oblivion) – Article 17 GDPR: Right to obtain, without undue delay, the deletion of personal data concerning him.
• Right of limitation of treatment – Article 18 GDPR: Right to obtain limitation of treatment, when:
1. The person concerned shall dispute the accuracy of personal data, for the period necessary for the holder to verify the accuracy of such data;
2. The treatment is unlawful and the person concerned is opposed to the deletion of personal data and requests that its use be limited;
3. Personal data shall be necessary for the person concerned to ascertain, exercise or defend a right in court;
4. The person concerned has opposed the treatment pursuant to art. 21 GDPR, during the period of waiting for verification on the possible prevalence of legitimate reasons of the data controller with respect to those of the person concerned.
• Right to data portability – article 20 GDPR: Right to receive, in a structured format, of common use and readable by an automatic device, the personal data concerning it provided to the owner and the right to transmit them to another holder without Impediments, if the treatment is based on consent and is carried out by automated means.
• Right of Opposition – article 21 GDPR: Right to object, at any time for reasons related to its particular situation, to the processing of personal data concerning it based on the condition of lawfulness of the legitimate interest or of the execution of a task of public interest or of the exercise of public powers, including profiling, unless there are legitimate grounds for the holder to continue treatment which prevail over the interests, rights and liberties of the person concerned or For the establishment, exercise or defence of a right in court. In addition, the right to object at any time to treatment if personal data is processed for direct marketing purposes, including profiling, to the extent that it is connected to such direct marketing.
The above rights may be exercised, in respect of the rightholder, by contacting the above mentioned references.
The exercise of the rights as an interested party is free within the meaning of article 12 GDPR. However, in the case of manifestly unsubstantiated or excessive claims, even for their repetitiveness, the holder may charge a reasonable fee, in the light of the administrative costs incurred in handling the request, or deny the satisfaction of his request.
• Right of revocation:
The person concerned has the right to revoke his consent at any time. Withdrawal of consent shall not affect the lawfulness of the consent-based treatment prior to revocation.
• Right of complaint: mode of exercise of rights
In order to exercise the rights referred to in the previous article, you may, at any time, contact the B&B holder by email The person concerned has the right to propose a complaint to the Data protection Authority, Piazza di Montecitorio n. 121, 00186, Rome (RM)
Http:// Holder and responsible for the treatment
The data controller is Loredana Zavanella
Email: Information Updates
Please note that this statement will be subject to periodic updates.
This statement was updated on 25/05/2018.
<h2>About us</h2><p>The address of our website is:</p><h2>What personal data we collect and why we collect them</h2><h3>Comments</h3><p>When visitors leave comments on the site, we collect the data shown in the comments form in addition to the visitor’s IP address and the user agent string of the browser to facilitate spam detection.</p><p>A anonymously string created from your email address (otherwise known as a hash) can be provided to the Gravatar service to see if you are using it. The privacy policy of the Gravatar service is available here: After the approval of your comment, your profile image is visible to the public in the context of your comment.</p><h3>Average</h3><p>If you upload images to the website, you should avoid uploading images that include embedded location data (EXIF GPS). Website visitors can download and extract any data about the location from the images on the website.</p><h3>Contact Form</h3><h3>Cookie</h3><p>If you leave a comment on our site, you can choose to save your name, email address and website in cookies. They are used for your convenience so that you don’t have to re-enter your data when you leave another comment. These cookies will last for a year.</p><p>If you have an account and log on to this site, you will set a temporary cookie to determine if your browser accepts cookies. This cookie does not contain any personal data and is deleted when you close the browser.</p><p>When you log in, you will set up several cookies to save your login information and display options. The access cookies last two days while the cookies for the screen options last one year. If you select “Remember Me”, your access persists for two weeks. If you leave your account, the access cookies will be removed.</p><p>If you edit or publish an article, an additional cookie will be saved in your browser. This cookie does not include any personal data, but simply indicates the ID of the newly modified article. Expires after 1 day.</p><h3>Embedded content from other websites</h3><p>Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Content embedded by other websites behave exactly the same way as if the visitor had visited the other website.</p><p>These websites can collect data about you, use cookies, integrate additional third-party tracking, and monitor interaction with that embedded content, including tracking your interaction with embedded content if you have an account and You have accessed that website.</p><h3>Analytics</h3><h2>With whom we share your data</h2><h2>How long we keep your data</h2><p>If you leave a comment, the comment and its metadata are retained indefinitely. This is how we can recognize and automatically approve any subsequent comments instead of keeping them in a moderation queue.</p><p>For users who register on our website (if present), we also store the personal information they provide in their user profile. All users can view, modify or delete their personal information at any time (except their user name that they cannot change). Web site administrators can also view and edit this information.</p><h2>What rights do you have on your data</h2><p>If you have an account on this site, or you have left comments, you may request to receive a file exported from the site with the personal information we have about you, including the data you have provided us. You can also request that we delete all the personal information that concerns you. This does not include data that we are obligated to retain for administrative, legal or security purposes.</p><h2>Where we ship your data</h2><p>Visitors ‘ comments can be controlled through an automatic spam detection service.</p><h2>Your contact information</h2><h2>Additional Information</h2><h3>How we protect your data</h3><h3>What procedures have we prepared to prevent the violation of data</h3><h3>From which third parties we receive data</h3><h3>What automated decision making and/or profiling we do with the user’s data</h3><h3>Information requirements of the sector</h3>