logo hidden experiences

PRIVACY POLICY AND PERSONAL DATA PROCESSING

DATA CONTROLLER

The Data Controller is:

IHE Tour Operator S.r.l.
Via Vincenzo Monti 57/4 – Milano
info@italyhiddenexperiences.com
Vat ID: 10599040960

that can be contacted at the following email address: admin@italyhiddenexperiences.com.

TYPES OF DATA COLLECTED

Browsing data: this data is automatically acquired by the computer systems during the use and navigation of the website. This information (such as IP addresses, browser information, or the device used by the user) is collected and used exclusively to obtain anonymous statistical information to verify the correct functioning of the site, and is deleted immediately after processing.

Personal data provided by the user: in order to respond to user requests, the website collects data voluntarily entered by users. In particular, such data includes: names, email addresses, and in some cases phone numbers. The user is free to provide or not provide the personal data requested by the site; it is understood that failure to provide required data or a partial provision of such data may result in the inability to obtain the requested services. The Data Controller does not process sensitive data or data belonging to special categories identified by Art. 9 of the GDPR. Such data, if required for the performance of the service requested by the user, is collected and processed directly by third parties without passing through the Data Controller’s servers.

Cookies: files sent by the website to users and used exclusively to store information der  to the user’s active session and the site. If the user prefers not to receive cookies or wishes to be informed about them in advance, he/she can change the settings of his/her browser. View the full Cookie Policy.

PROCESSING METHODS

User personal data is processed exclusively for the time strictly necessary for the purpose for which it was collected. Specific security measures are adopted to maintain the integrity of collected data, to prevent data loss and illicit use, and in order to avoid unauthorized access.

LAWFULNESS AND PURPOSE OF PROCESSING

User data will be used for the following purposes:

  1. Management of contacts and communications with users.
  2. Newsletter service.
  3. Proper performance of the service by the Data Controller.
  4. Site navigation and processing of anonymous statistics.
  5. Fulfilment of legal or administrative obligations related to the site’s activities.
  6. Protection of Data Controller or third parties rights.

The lawfulness of processing for the above activities is as follows (cf. Art. 6 (1) Reg. EU No. 679/2016 or GDPR):

  1. For the purposes listed in points 1 and 2: “consent of the data subject” pursuant to Art. 6 (1) (a) GDPR;
  2. For the purposes listed in points 3 and 4: “performance of a contract to which the data subject is party” pursuant to Art. 6 (1) (b) GDPR;
  3. For the purposes listed in points 5 and 6: “compliance with a legal obligation to which the Data Controller is subject” pursuant to Art. 6 (1) (c) GDPR.

PLACE OF PROCESSING

The processing of data collected by this site takes place at the headquarters of the Data Controller or on servers owned by third parties within the EU, and is carried out only by personnel authorized to process it.

DATA TRANSMISSION

Personal data are not disseminated but may be communicated to third parties to allow the correct performance of the service requested by the user. In particular, data may be communicated to entities to which communication is mandatory to comply with specific legal obligations, or to entities providing services instrumental to the activities of the Data Controller (such as OLTA, suppliers, consultants, professional firms). In this case, third parties are appointed as Data Processors pursuant to Art. 28 Reg. EU No. 679/2016.

RETENTION PERIOD

Personal data is processed and retained only for the time required by the purpose for which it was collected, in compliance with applicable regulations.

USER RIGHTS

At any time, the user may exercise the rights under Art. 15 and following of Reg. EU No. 679/2016. Users can request access to their personal data and information related to it; the correction of inaccurate data or the completion of incomplete data; the deletion or restriction of the processing of personal data concerning them; object at any time to the processing of personal data under specific circumstances; withdraw consent at any time, limited to cases where processing is based on consent: processing based on consent and carried out before its withdrawal retains its lawfulness.

Requests can be addressed to the Data Controller at: admin@italyhiddenexperiences.com.

It is also possible to lodge a complaint with a supervisory authority, such as the Italian Data Protection Authority (www.garanteprivacy.it).

Date of publication: 14 May 2024

Last modified: 27 June 2024

My Agile Privacy
This website uses technical and profiling cookies. Clicking on "Accept" authorises all profiling cookies. Clicking on "Refuse" or the X will refuse all profiling cookies. By clicking on "Customise" you can select which profiling cookies to activate.
AcceptRefuseCustomize