It is essential for the Data Controller to protect the protection and security of the Personal Data of all subjects (Users) who browse and use the Website www.ristorantelaterrazza.com.
For this reason, in accordance with the provisions of the law, the Data Controller processes the Personal Data of each User with the utmost care, in compliance with the legislation dictated by Regulation (EU) 2016/679, which entered into force on 25 May 2018, hereinafter GDPR, as well as by Legislative Decree 30 June 2003, n 196, amended by Law 27 December 2019, n. 160, by Legislative Decree 14 June 2019, n. 53, by the D.M. 15 March 2019 and by the Decree of adaptation to the GDPR (Legislative Decree 10 August 2018, n. 101).
This page intends to describe in a clear, detailed and exhaustive way the ways in which the Owner of this Website processes the Personal Data of Users.
This document (Information) is intended exclusively for all Users who navigate within this Website www.ristorantelaterrazza.com.
However, this information does not concern the other Websites that the User can access through links on the Website www.ristorantelaterrazza.com.
- 1 – DEFINITIONS
- 2 – OWNER OF THE TREATMENT
- 3 – PLACE OF TREATMENT
- 4 – COLLECTED DATA
- 4.1 – DATA PROVIDED BY THE USER
- 4.2 – NAVIGATION DATA
- 4.3 – COOKIES
- 5 – PURPOSE AND LEGAL BASIS OF THE PROCESSING OF THE COLLECTED DATA
- 6 – HOW THE COLLECTED DATA IS TREATED
- 7 – TIMES OF PROCESSING AND STORAGE OF DATA
- 8 – RIGHTS OF THE INTERESTED PARTY
- 9 – HOW TO EXERCISE YOUR RIGHTS
- 10 – COMPLAINTS
The User is the individual who consults, navigates and uses a Website.
Often the User coincides with the c.d. the interested party.
The interested party
The interested party is the natural person to whom the Personal Data and Navigation Data collected by a Website and processed by the Data Controller refer.
The Data Controller is the natural or legal person, public authority, service or other body which, individually or together with others, determines the purposes and means of processing Personal Data and the tools adopted, including the security measures relating to the operation and use of a website.
Personal Data is any information that identifies or makes identifiable a natural person. Personal Data is any information that identifies or makes identifiable a natural person. The identification of the natural person can be: direct, through, for example, the name and surname, images, etc; or indirect, through for example the tax code, the IP address, the license plate number, etc..
Navigation Data is information collected during the use of a Website by a User.
These data are collected to obtain anonymous statistical informations on the use of the Website by Users and to allow and check the correct functioning of the Website itself.
These data are not collected for the purpose of identifying a subject, however, even the Navigation Data, through subsequent processing and association with other data, can allow the identification of the User.
The Navigation Data collected are: the IP addresses or domain names of the computers used by the User who connects to this Website, the addresses in URI (Uniform Resource Identifier) notation, the time of the request, the method used in forward the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response from the server (successful, error, etc.), the country of origin, the characteristics of the browser and operating system used by the visitor, the various temporal connotations of the visit (for example the time spent on each page) and the details relating to the itinerary followed within the Website, with particular reference to the sequence of pages consulted, to parameters relating to the operating system and the environment information of the User.
Sensitive Data are particular categories of data that reveal racial or ethnic origin, religious or philosophical beliefs, political opinions, trade union membership, relating to the User’s health or sex life.
Processing of Personal Data
By Processing of Personal Data we mean any operation, or set of operations, performed with or without the aid of automated processes and applied to personal data, such as the collection, registration, organization, structuring, conservation, adaptation or modification, extraction, consultation, use, communication by transmission, diffusion or any other form of making available, comparison or interconnection, limitation, cancellation or destruction.
The Recipient of Personal Data is a natural or legal person, a public authority, service or other body that receives communication of personal data.
The Third Party is the natural or legal person, a public authority or another body, which receives, communicates, processes the User’s Personal Data, who is not the Data Subject, the Data Controller, the Data Processor or an authorized person to the processing of Personal Data under the direct authority of the Data Controller or Manager.
Consent of the interested party
Consent is any expression of will of the interested party, through which he expresses his consent to the processing of his Personal Data for a specific purpose. Consent must be free, specific, informed and given by the interested party in an unequivocal manner, through a positive action.
2. OWNER OF THE TREATMENT
The Data Controller of Personal Data is:
La Terrazza Di Caglianone C. & C. S.n.C.
located in Courmayeur (AO), Via Circonvallazione n. 73
e-mail address: firstname.lastname@example.org.
telephone number: 0165843330
3. PLACE OF TREATMENT
he processing of personal data takes place at the headquarters of the companyLa Terrazza Di Caglianone C. & C. S.n.C. , i.e. in Courmayeur (AO), Via Circonvallazione, n. 73, ZIP Code 11013.
4. DATA COLLECTED
The Personal Data collected by this Website are:
4.1 DATA PROVIDED BY THE USER
a)The User who writes to the e-mail address email@example.com provides the Data Controller with:
- e-mail address
- any Personal Data provided by the User in the text of the e-mail
b) The User who fills out the Form in the Contact Us section provides the Data Controller with the following data:
- the nominative (optional and can also be a fancy name)
- e-mail address
- the telephone number
- any Personal Data provided by the User in the text of the e-mail
c) If the User/Client requests the issuance of the invoice, the Data Controller, in order to process this specific request, must ask the User for the following Personal Data:
- to issue the invoice: name, surname, billing address, tax code and, possibly, the VAT number and Unique Code.
- to send a copy of the invoice to the User: the e-mail address
d) It may happen that the User, for health reasons (for example due to allergies, intolerances, etc.), asks the Owner, through the tools made available on the Website, for information about the ingredients used in the preparation of the dishes or you agree with the owner of the personalized menus. In this case, the User provides the Data Controller with personal data c.d. sensitive because they relate, in fact, to one’s state of health.
4.2 NAVIGATION DATA
The computer systems and software procedures used to operate this Website acquire some Personal Data of the User who navigates within the Website.
To understand what Navigation data are, read the definition in paragraph 1 of this privacy statement.
These data are used for the sole purpose of obtaining statistical and anonymous information on the use of the Website by Users
Cookies are small text files stored on your computer or mobile device when you visit a website.
5. PURPOSE AND LEGAL BASIS OF THE PROCESSING OF THE COLLECTED DATA
The Data Controller collects and processes the User’s Personal Data only and exclusively for specific purposes and on the following legal bases:
a)The Personal Data described in paragraph 4.1.a) of this privacy statement are used for the Data Processing Title to process requests for information sent by the User; in this case the processing is necessary to execute a contract or pre-contractual measures, pursuant to art. 6.1, lett. b) of the GDPR.
b) The Personal Data described in paragraph 4.1.b) of this privacy statement are used for the Data Processing Title to process requests for information sent by the User; in this case the processing is necessary to execute a contract or pre-contractual measures, pursuant to art. 6.1, lett. b) of the GDPR
c) The Personal Data described in paragraph 4.1.c) of this privacy statement are used for the Data Processing Title to fulfill a legal requirement, pursuant to art. 6.1, lett. c) of the GDPR.
d) The sensitive data described in paragraph 4.1.d) of this privacy statement are processed by the Data Controller only with the express consent of the User, pursuant to art. 9.2. 9.2. lit. a) of the GDPR
e) The Personal Data described in paragraph 4.2. 4.2. and 4.3 of this privacy statement, are used by the Data Controller to guarantee the functioning of the Site, as well as to acquire anonymous statistical data on the use of the Site by the User; in this case the processing is necessary to pursue a legitimate interest of the Data Controller, pursuant to art. 6.1, lett. f) of the GDPR
To obtain further information on the purposes of the processing and on the individual Personal Data processed, the User can contact the Data Controller at the e-mail address firstname.lastname@example.org or at the telephone number 0165843330.
6. HOW THE COLLECTED DATA IS TREATED
They can access the Personal Data provided by the User through this Website exclusively:
a) the Data Controller
b) collaborators and employees, specifically authorized by the Data Controller
The processing of Personal Data takes place through IT media (e.g. e-mail) or paper media (the so-called daily planning for managing reservations for the day).
The Data Controller undertakes to carry out the processing within the limits strictly permitted by the GDPR and by national legislation, taking care to manage, store and use the User’s Personal Data according to the prescribed indications
In particular, the Data Controller will pay greater attention in processing any Sensitive Data provided by the User, as defined in paragraph 4.d) of this privacy statement. These data will be communicated exclusively to the subjects necessary to best respond to the needs formulated by the Customer.
7. DATA PROCESSING TIMES AND STORAGE
The Data Controller keeps the User’s Personal Data for a period of time strictly limited to the achievement of the specific purposes, expressly indicated in paragraph 5 of this privacy statement (Purpose and legal basis of the processing of the collected data), for which such data was collected.
At the end of this retention period, the Personal Data provided by the User will be irreversibly deleted, destroyed or in any case rendered anonymous.
Personal Data may be kept for a longer time only and exclusively to implement legal obligations (for example for tax and/or administrative purposes), or to assert or defend one’s right (in the event of disputes and pre-litigation) .
The processing of Sensitive Data described in paragraph 4.1.d) will only last for the time strictly necessary to best respond to the User’s requests. In any case, the User can interrupt, at any time, the processing of Sensitive Data, revoking his consent to the processing.
8.THE RIGHTS OF THE INTERESTED PARTY
At any time, the User, pursuant to articles 15 to 22 of EU Regulation no. 2016/679, the right to:
a) ask the Data Controller to confirm whether or not Personal Data concerning him is being processed and, in this case, to obtain access to and a copy of such data;
b) ask the Data Controller for more information about the purposes of the processing and the legal basis on which the processing is based.
c) ask the Data Controller for the recipients or categories of recipients to whom the Personal Data have been or will be disclosed;
d) ask the Data Controller for the period, if any, for the retention of Personal
Data or, if it is not possible to identify this period with precision, ask what the criteria are used to determine this period;
e) ask the Data Controller to rectify or cancel the Personal Data collected.
f) obtain, when certain conditions are met, the limitation of the processing of your personal data.
g) obtain the portability of their Data, i.e. receive them from the Data Controller, in a structured format, commonly used and readable by an automatic device and, where technically feasible, to obtain the transfer of such Data to another Data Controller without impediments. This provision is applicable when the Data is processed with automated tools and the processing is based on the User’s written consent.
h) lodge a complaint with a supervisory authority.
9. HOW TO EXERCISE YOUR RIGHTS
To exercise the rights mentioned in paragraph 8 of this privacy statement, the User can send a written request to the e-mail address email@example.com, or to the postal address Via Circonvallazione, n. 73, Courmayeur (AO), ZIP code 11013
Requests are filed free of charge and processed by the Data Controller as soon as possible, in any case no later than one month. The Data Controller, who has to incur expenses (so-called secretarial expenses) to respond to the request formulated by the User, can charge these expenses to the User.
It is the User’s right to lodge a complaint with the Guarantor for the Protection of Personal Data.
The complaint is the tool that allows the interested party to contact the Guarantor for the Protection of Personal Data to complain about a violation of the regulations on the protection of Personal Data pursuant to art. 77 of the EU Regulation of 2016/679 and articles 140 bis and subsequent amendments of the Personal Data Protection Code.
More information on how to present it is available on the website of the Privacy Guarantor, at the web address www.garanteprivacy.it.
By virtue of any new interventions or regulatory changes, this privacy statement may undergo changes or additions.
Therefore, the Data Controller invites the User to periodically read this privacy statement.
The Data Controller will inform Users of any changes made and their consequences, giving notice on this Website.
The updated version of the privacy information, in any case, will be published on this page, with an indication of the date of its last update.
Last updated: March 13, 2023