Reserve a estadia dos seus sonhos
Privacy Policy
INFORMATION ON THE PROCESSING OF PERSONAL DATA
of the users visiting the website of Hotel Artemide
Pursuant to Article 13 of EU Regulation 2016/679
This page describes how the website is managed with regard to the processing of the personal data of users who browse it, and their privacy. This notice is also provided pursuant to Article 13 of Regulation (EU) 2016/679, the legislation on the protection of personal data, to individuals who interact with the web services of Hotel Artemide, which are accessible online through the following web address:
https://www.hotelartemide.it
which corresponds to the home page of the official website of Hotel Artemide on Via Nazionale, 22 - 00184 Rome.
This notice does not apply to other websites, pages or online services that may be reached through hyperlinks published on this website but relating to resources outside the domain of Hotel Artemide Srl.
DATA CONTROLLER
Following access to this website, data pertaining to persons that are identified or identifiable may be processed. The “Data Controller” of the personal data collected following a visit to our website and of any other data used for providing our services, is Hotel Artemide Srl, Via Nazionale, 22 - 00184 Rome.
DATA PROTECTION OFFICER
The Hotel Artemide Srl Data Protection Officer (DPO) can be contacted at: privacy@hotelartemide.it
PLACE WHERE DATA IS PROCESSED
Processing connected with the web services of this website (physically hosted by QNT S.r.l. a Socio Unico, www.qnt.it) takes place at our premises and is carried out only by our authorised and instructed personnel, or by persons appointed for occasional maintenance operations.
Personal data provided by users in connection with hotel bookings or requests for information material (including information, newsletters and registrations) is used solely for the provision of the requested services and is not disclosed to third parties, except in the following cases:
• Business partners of Hotel Artemide Srl, including SimpleBooking, (https://www.simplebooking.travel/it) and ResDiary (https://www.resdiary.com), to whom Hotel Artemide Srl transmits the data exclusively in order to process online reservations.
• Persons, companies or professional offices who lend assistance and consulting services to Hotel Artemide Srl, concerning accounting, administrative, legal, financial and tax matters;
• Subjects who are authorized to have access to the data by law or through requests by the authorities;
The credit card data used for booking will be automatically unavailable after six months from the date on which the stay ends.
CATEGORIES OF PROCESSED DATA – LEGAL BASIS – NATURE OF DATA PROVISION
NAVIGATIONAL DATA
The information systems and software procedures relied upon to operate this web site acquire personal data as part of their standard functioning; the transmission of such data is an inherent feature of Internet communication protocols. Such information is not collected in order to relate it to identified data subjects, however it might allow user identification per se after being processed and matched with data held by third parties.
This data category includes IP addresses and/or the domain names of the computers used by any user connecting with this web site, the URI/URL (Uniform Resource Identifier /Locator) addresses of the requested resources, the time of such requests, the method used for submitting a given request to the server, returned file size, a numerical code relating to server response status (successfully performed, error, etc.), and other parameters related to the user's operating system and computer environment. The data necessary for the use of web services are also processed in order to:
• obtain statistical information on the use of services (most visited pages, number of visitors by time or day, geographical areas of origin, etc.);
• check the correct functioning of the services offered.
The data may be used to ascertain responsibility in the event of hypothetical IT crimes against the site.
Legal Basis: The processing is necessary for the pursuit of the legitimate interest of the data controller or third parties, provided that the interests or fundamental rights and freedoms of the data subject who require the protection of personal data do not prevail, taking into account the reasonable expectations of the data subject and the activities strictly necessary for the functioning of the site and navigation itself. (Art. 6, par. 1, lett. f) and Recital 47 of the GDPR).
Nature of Data Provision: The provision of data is necessary for browsing the website.
DATA CARRIED OUT THROUGH SOCIAL MEDIA PLATFORMS
Regarding the processing of personal data carried out by the managers of the Social Media platforms used by the Data Controller, please refer to the information notice provided by them through their respective privacy policies. The Data Controller processes the personal data provided by users through the pages of the dedicated Social Media platforms, to manage interactions with users (comments, public posts, etc.) and in compliance with current legislation.
DATA VOLUNTARILY PROVIDED BY THE USER
Sending messages, on the basis of the user’s free, voluntary and explicit choice, to the contact addresses of this website, or sending private messages to the Data Controller’s social media pages and profiles (where available), and filling in and sending the forms made available on the Data Controller’s website entails the acquisition of the sender’s contact information, which is necessary to provide a reply, as well as of any and all the personal data communicated in that manner.
Data will be retained only for the requested subscription to send the newsletters or special offers and will not be disclosed to anyone.
No personal information relating to those who visit the website is collected or used. Visitors remain anonymous. The only exception concerns personal identification information required to fulfil the contractual booking obligations towards the user.
A. Newsletter
Site visitors can register for our newsletter service. By registering, the user's e-mail address will automatically be included in a list of contacts to which e-mail messages will be sent. The newsletter will contain periodic updates with information, including information of a commercial and promotional nature, relating to initiatives, events or promotions of the data controller.
To subscribe to the newsletter, you can use the registration forms on the site by entering your name and e-mail address. The information supplied with the registration form will be only used to send our newsletter via e-mail and will not be disclosed to third parties.
Legal Basis: the processing is based on the consent to the processing of personal data (Recitals 42 and 43 and art. 6, §. 1, lett. a) of the GDPR).
Nature of Data Provision: The data provision is optional. Failure to provide the necessary data will make it impossible to receive communications.
B. Reservations
In the event of reservations made through the website, the user must provide their name, telephone number, billing address, e-mail address, and information regarding the payment method and credit card used. Hotel Artemide Srl will use such information solely to process the reservation and to send information relevant to the confirmation, including the receipt, booking code, and applicable conditions.
The information provided will not be used for marketing purposes and will not be sold, transferred, licensed or otherwise disclosed to third parties in any way, except to the online booking service providers SimpleBooking (https://www.simplebooking.travel) and ResDiary (https://www.resdiary.com), which are entrusted with the processing of reservations, to credit card issuing companies that may be contacted solely for the purpose of verifying card validity, and to the online payment service providers Nexi Payments S.p.A. (https://www.nexi.it/it/ecommerce/xpay) and Stripe (www.stripe.com), exclusively for purposes related to the management of online reservations.
In any event, the website administrator guarantees the use of scrupulous procedures in order to protect the navigational data and the use of particular precautions to protect the credit card data provided when making online reservations.
Legal Basis: The processing is necessary for the performance of a contract to which the data subject is a party, or for the implementation of pre-contractual measures taken at the request of the data subject, (Recital 44 and Article 6(1)(b) GDPR).
Nature of Data Provision: The provision of personal data is necessary. Failure to provide the necessary data will make it impossible to complete the reservation.
C. Personal Data Processing Collected from Curriculum Vitae
You can use the Hotel Artemide Srl contact to send candidates' CVs both on paper and in an electronic format. The spontaneous and voluntary submission of a Curriculum Vitae will be treated as implicit informed consent, as provided by this notice, to the receipt and processing of the personal data contained therein, solely for purposes related to the selection of potential candidates.
The data processed for the purpose of selection of candidates are personal useful to search for the particular profile. In general, the nature of the data is normal, except in some cases where you may indicate any sensitive data necessary to identify the specific requirements of the regulations, such as specifying a particular protected class, the suitability for certain jobs and / or start-ups required, within the limits set by the General Provision of June 5, 2019 which modified the General Authorisation of the Garante (Italian Supervisor Authority) no. 1 of December 15, 2016 on the processing of sensitive data in work relationships;
Legal Basis: the processing is based on the consent to the processing of personal data (Recitals 42 and 43 and art. 6, §. 1, lett. a) of the GDPR) and/or the processing is necessary for the execution of a contract of which the data subject is a party or for the execution of pre-contractual measures adopted at the request of the same. (Recital 44 and Art. 6, §. 1, lett. b of the GDPR).
Nature of Data Provision: The provision of personal data is mandatory. Failure to provide the necessary data will make it impossible to apply.
General Rules for providing the CV
Any CV received spontaneously, replying to a job advertisement, will be stored directly by person in charge of the processing in accordance with the safety guidelines of personal data adopted in compliance with the security measures according to Chapter IV Section 2 of GDPR 679/2016. These will be printed only on the occasion of a meeting and a conversation with the data subject.
To submit Curriculum Vitae, please use the following address: Hotel Artemide Srl, Via Nazionale, 22, 00184 Rome, for the attention of the Human Resources Manager, email: info@hotelartemide.it
D. Administrative, Financial and Accounting Data Management
For organisational, administrative, financial nature and for accounting and customer/user data management, it is possible that the data controller may process the relevant personal data.
Legal Basis: The processing is necessary for the execution of a contract of which the data subject is a party (Recital 44) or for the fulfillment of legal obligations (Recital 45) - art. 6 §. 1 lett. b) and c) of the GDPR.
Nature of Data Provision: The provision of personal data is mandatory, as it is essential to be able to execute legal obligations.
COOKIES AND TRACKING TECHNOLOGIES USED
On this website, cookie technologies are used for different purposes, including IT authentication, session monitoring, and storage of specific technical information regarding users who access the web server provider, in compliance with the Guidelines on cookies and other tracking tools adopted on websites (10 June 2021) by the Italian Data Protection Authority and the Guidelines of the European Data Protection Board (EDPB) of May 2020. More information on the cookies adopted is available in the Cookie Policy of this website.
However, if the user blocks or deletes a cookie, it may be impossible to restore previously specified preferences or customised settings, and our ability to personalise the user experience will be limited.
Legal Basis: For the non-technical cookies and similar technologies, the processing is based on the consent to the processing of personal data (Recitals 42 and 43 and art. 6, §. 1, lett. a of the GDPR). The consent is given through the banner and the cookie policy of the website.
Nature of Data Provision: See the cookie policy in the website footer.
WHISTLEBLOWING
Hotel Artemide Srl has adopted an internal communication channel that can be reached through a specific link on this website, pursuant to and for the purposes of Legislative Decree no. 24 of 10 March 2023 concerning "the protection of people who report breaches of Union law and containing provisions regarding the protection of people who report breaches of national regulatory provisions", implementing Directive (EU) 2019/1937. The data will be processed through the platform made available by the Data Processor supplier ML Informatica Srl (https://www.mlinformaticasrl.it/), and will be managed in compliance with the organisational, physical and logical measures in compliance with the provisions of the art. 32 of the GDPR 2016/679.
Legal Basis: The processing is necessary for the fulfillment of legal obligations (Recital 45 - art. 6 §. 1 lett. c of the GDPR).
Nature of Data Provision: See the information on the reporting portal.
PERIOD FOR DATA RETENTION - CRITERIA USED
According to the provisions set forth in art. 5 par. 1 lett. e) of the Regulation (EU) 2016/679, collected personal data shall be kept in a form which permits identification of data subjects for a period not exceeding the purposes for which the personal data were collected and subsequently processed.
Data retention periods depend on the purposes of the processing:
• purposes related to technical navigation data for the correct functioning of the website: save for any establishment of liability, navigation data do not persist for more than seven days;
• purpose of reply to info request/services supply request (up to 12 months for contact requests; 10 years for administrative / accounting / financial documentation relating to the provision of a service);
• data collection for staff recruitment (up to 6 months). In principle, the data collected during the recruitment process will be deleted as soon as it becomes apparent that no job offer will be made or that the offer will not be accepted by the candidate;
• newsletter, marketing or promotional communications in general (up to 24 months -until withdrawal of consent)
• purpose of administrative / accounting / financial management: 10 years as required by law for the conservation of administrative / accounting / financial documentation.
• purpose of cookie management: See the cookie policy in the website footer.
• purpose of whistleblowing reports management: See the information on the reporting portal.
TRANSFERS OF PERSONAL DATA TO THIRD COUNTRIES
Personal data is not transferred to non EU third countries, in compliance with the provisions of Chapter V of the GDPR 679/2016.
OPTIONAL DATA PROVISION
Subject to the specifications made with regard to navigation data, users are free to provide the personal data listed in the request forms of Hotel Artemide Srl or referred to in contacting the hotel in order to provide CV, to make online reservations or to request delivery of information materials and other communications. Failure to provide such data may entail the failure to be provided with the items requested.
PROCESSING ARRANGEMENTS AND DATA PROTECTION MEASURES
Personal data is also processed with automated means for no longer than is necessary to achieve the purposes for which it has been collected indicated in this information. The Data Controller and the Data Processors ensure the adoption of appropriate technical and organisational measures to ensure a level of security appropriate to the risk and that personal data are processed adequately and in accordance with the purposes for which they are processed, in compliance with the provisions of the art. 32 of the GDPR 2016/679. Specific security measures are implemented to prevent the data from being lost, used unlawfully and/or inappropriately, and accessed without authorisation. There is no provision for an automated decision-making process for the processing of personal data.
DATA SUBJECTS' RIGHTS
The Data Controller is Hotel Artemide Srl, Via Nazionale, 22, 00184 Rome. The Data Protection Officer is Mr Massimo Bruno. Data subjects may contact either of them at any time to exercise their rights as provided for under Chapter III of GDPR 679/2016, including the right to request access to, rectification or erasure of personal data (right to be forgotten), restriction of processing, or to object to processing, as well as the right to obtain a copy of the personal data being processed and the right to data portability, by submitting a request, including by email, to: privacy@hotelartemide.it. The same address may be used to contact the Data Protection Officer.
RIGHT TO LODGE A COMPLAINT
If a data subject considers that the processing of personal data relating to him or her as performed through this website infringes the Regulation, he or she has the right to lodge a complaint with the Data Protection Authority pursuant to Article 77 of the Regulation, or to an effective judicial remedy pursuant to Article 79 of the Regulation.