Dear User, San Marino Cycling Experience (hereinafter “SMCE”) respects and protects your privacy. Pursuant to Article 13 of the Italian Privacy Code,Legislative Decree no. 196 of 30 June 2003, below is information concerning the processing of the personal data of users who interact with SMCE’s website (hereinafter the “Users”) starting at the address www.italyfamilyhotels.it (hereinafter the “Website”). We start out by saying that this information does NOT concern the collection and use of Users’ data by individual SMCE consortium members (hereinafter the “Consortium Members”), which are independent entities and have their own privacy policies, to which the User shall make independent reference.
1. Data controller
SMCE is the data controller of the Users’ personal data entered on the Website.
2. Data supervisor
SMCE’s legal representative is the data supervisor of the Users’ personal data entered on the Website.
3. Optional nature of data entry
Barring the provisions in relation to surfing data (see paragraph 5 below), the User is free to provide the personal data indicated on the application forms or in any event indicated on the Website to press for informative material or other communications to be sent and/or to obtain particular services upon request. However, failure to provide the data may result in the impossibility to fulfil the User’s request. In the event the User provides the data, he/she may later oppose, at any time, the processing of the personal data provided optionally, and may exercise his/her rights pursuant to Art. 7 of the Code by sending SMCE a simple request using the methods indicated in paragraph 9 below.
4. Data processing purpose
The data entered by Users on this form are collected and used for one of the following purposes:
- marketing activities, SMCE and/or the Consortium Members sending commercial communications, newsletters, and/or advertising and promotional material, email purchase proposals for products or services offered by SMCE or by the Consortium Members or by SMCE’s third-party partners operating in sectors which are directly or indirectly associated with family tourism;
- responding to Users’ requests to send or make SMCE’s catalogue available;
- responding to Users’ requests to have the Consortium Members send information, with or without regional filters;
- responding to Users’ requests to have the Consortium Members send quotations;
- processing Users’ bookings and purchasing the services requested;
and also for purposes associated with and/or instrumental to SMCE’s business, such as:
- providing a service or executing one or more transactions contractually agreed upon;
- allowing the Website to be surfed;
- meeting SMCE’s needs of an operational and in-house management nature such as, by way of example, bookkeeping and managing the computer system;
- occasionally sending Users important information concerning the Website;
- achieving in-house commercial goals such as data analysis, improving the Website and services, processing statistics, identifying the Website trends and frequency of use;
- tracking, processing and answering questions and/or communications by Users, also in compliance with Art. 7 of the Privacy Code.
5. Types of data processed
During their regular operation, the computer systems and software procedures used for the operation of this Website acquire certain personal data whose transmission is implicit in the use of internet communication protocols. This information is not collected for the purpose of being associated with individuals identified, but due the nature itself thereof allows Users to be identified through processing and associations with data held by third parties. This category of data includes IP addresses or domain names of computers used by Users to connect to the Website, URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used in sending the request to the server, the size of the file obtained by way of response, the numeric code identifying the status of the data response by the server (i.e. successful, error, etc.) and other parameters associated with the operating system and with the User’s computer environment. These data are only used for the purpose of obtaining anonymous statistical information on the use of the Website, to control the proper operation thereof and to improve Users’ surfing experience, and they are immediately cancelled after they have been processed. The data may be used for the ascertainment of responsibility in the case of hypothetical computer crimes to the detriment of the Website.
Data provided voluntarily by Users
The optional entry of data on the forms on the Website, as well as the optional, explicit and voluntary sending of data on the web forms or of emails to the addresses indicated on this Website to obtain specific services and/or communications and information, involves the subsequent acquisition of the sender’s address which is required to respond to the requests or to provide the services, communications and the information requested, and also of any other personal data entered.
6. Data processing methods
Processing is performed by means of automated (i.e. using electronic procedures and means) and/or manual (i.e. hard copy) tools for the time strictly required to achieve the sole purposes for which the data were collected and in any event, in compliance with the current legislation on the subject. Specific security measures are complied with to prevent the loss, illegal use or improper use of the data and unauthorized access thereto. Processing connected with the Website’s web services is performed at the Controller’s offices.
With reference to Website Users who only surf the Website without completing the forms or spontaneously transmitting their personal data, and barring that hereinafter specified with reference to specific software, cookies are not used to transmit personal information, nor are so-called persistent cookies of any kind used (i.e. systems for tracking users).
8. Realm of data communication and distribution
Users’ data may be communicated to the third parties indicated below:
- SMCE Consortium Members, whose names are listed, made available to Users and published on the Website.
Third parties used by SMCE to provide the services requested by Users and/or to regularly perform its business and commercial operations may also become aware of Users’ data. Such subjects are appointed by SMCE as external data processing supervisors and may have access to such data. They are:
- Third-party companies managing the Website and are restricted to technical access for maintaining the Website itself.
The User may, at any time, access the names of the subjects appointed by SMCE as processing supervisors (in-house and/or external) or those appointed with the processing by consulting the Website or contacting the in-house supervisor appointed for the purposes of exercising one’s rights pursuant to Art. 7 of the Privacy Code.
Users’ data shall in no way be distributed or revealed in any way to unspecified subjects.
9. User’s rights
Pursuant to Art. 7 of the Privacy Code, the User has the right, at any time, to obtain the confirmation of the existence or non-existence of the same data, to know the contents and origin thereof, and to verify the exactness or request the integration, updating or correction thereof. Pursuant to said Article, the User has the right to request the cancellation, anonymous transformation or blocking of data processed in violation of the law, and also to oppose, in any case, the processing thereof for legitimate reasons. Requests are to be sent to the in-house manager appointed by SMCE for such purposes (i.e. to the SMCE Marketing Office) to email address email@example.com, or by recorded delivery mail to the following address: San Marino Cycling Experience – Via Piana 55 – 47890 San Marino.
If the User no longer wishes to receive marketing newsletters or emails from SMCE, he/she may make such a request to SMCE according to the above methods. SMCE shall undertake to meet the User’s request as soon as possible. As for marketing newsletters or emails sent by Consortium Members, SMCE is not able to cancel the User’s data from the databanks of individual Consortium Members already having such data. Therefore, the User is to directly contact the Consortium Member(s) involved.
The User may exercise all rights set forth by Art. 7 of the Privacy Code, the entire contents of which are indicated below:
“Art. 7 Right to access personal data and other rights.
1. The party involved shall have the right to obtain the confirmation of the existence or non-existence of his/her related personal data, even if they still have not been recorded, and the communication there of in an intelligible manner.
2. The party involved has the right to obtain information concerning:
a) the origin of the personal data;
b) the processing purposes and methods;
c) the logic applied in the event processing is performed with the use of computers;
d) data identifying the data controller, supervisors and designated representative pursuant to Art. 5(2);
e) subjects or categories of subjects to whom the personal data may be reported or who may be informed thereof in their capacity as designated representative for the State, supervisors or appointees.
3. The party involved has the right to obtain:
a) the updating, correction, or when interested in doing so, the integration of the data;
b) the cancellation, anonymous transformation or blocking of data processed in violation of the law, including those whose storing is not required in relation to the purposes for which the
data were collected and subsequently processed;
c) a demonstration that the operations as per letters a) and b), including the contents thereof, have been brought to the attention of those to whom the data were communicated or distributed, with the exception of the case in which said fulfilment is impossible or requires the use of obviously disproportionate means with respect to the right protected.
4. The party involved has the right to partially or wholly oppose:
a) for legitimate reasons, the processing of his/her personal data, even if they are pertinent to the purpose for which they were collected;
b) the processing of his/her personal data for the purposes of distributing advertising, direct sales material and publicity or to perform market research”.
10. Links to other websites
This privacy information note exclusively refers to SMCE’s Website. The Website may contain direct or indirect links to third-party websites, including the websites of Consortium Members. SMCE has no control over such websites. Therefore, SMCE shall in no way be held responsible for possible data processing performed by such third parties, nor for the contents of such websites, nor for possible links on an associated website.
11. Transfer of data abroad
SMCE informs Users that, should SMCE intend to place its databanks abroad and/or to appoint external processing supervisors established abroad, it might be necessary to transfer Users’ personal data to other countries, both within and outside the European Union, including the United States of America.
12. Website contents
The Website is continuously updated and therefore Users are invited to periodically consult it for any changes. SMCE expressly reserves the right to modify, integrate, cancel, at any time, parts of the pages or the entire Website without notice, or also to temporarily or permanently interrupt the publication thereof. SMCE has carefully taken care of all aspects of the Website contents, however it declines all responsibility concerning the topicality, exactness and completeness of the information contained therein.