GDPR (General Data Protection Regulation) 2016/679
Customer Privacy Notice
We would like to inform you about the personal data you voluntarily provide (by phone, fax, email or by registering on our website), for what reasons this is necessary and what your rights are with regard to their processing.
The processing of data provided by you is carried out in compliance with the principles of legality, correctness and transparency, in compliance with the provisions of the law in force and the EU 2016/679 Regulation of the European Parliament and the Council (GDPR 2016/679).
Owner and manager of data processing
The owner and manager of the processing of personal data collected from this site is:
B & B Mimosa and Lillà - VAT Number 04532580232, of Sembenini Giampaolo, with registered office in Fumane (VR), via Pietro Nicolis, 28
For further information contact us at the following addresses:
Tel. +39 3491719809
Purposes of the treatment
The processing of your personal data will be carried out using paper and computerized methods, in compliance with the provisions on the protection of personal data and, in particular, the appropriate technical and organizational measures pursuant to art. 32.1 of the aforementioned Regulations, and with the observance of every precautionary measure that guarantees its integrity, confidentiality and availability.
The owner of personal data undertakes to process your data in compliance with the principle of "minimization", or by acquiring and processing the data limited to what is necessary with respect to the following purposes:
a) to acquire and confirm your reservation and to provide the services requested.
Since these are necessary treatments for the definition of the contractual agreement and for its subsequent implementation, its consent is not required, except in the case in which particular, so-called sensitive data are given.
The processing will cease upon departure, but some of your personal data may or may continue to be processed for the purposes and with the methods indicated in the following points;
b) to comply with the provisions concerning the communication to the public security authorities of the arrival of persons accommodated in accommodation facilities, according to the procedures established by the Ministry of the Interior (Decree of 7 January 2013). The provision of data is mandatory and does not require its consent.
c) to comply with current administrative, accounting and tax obligations. For these purposes, the processing is carried out without the need to acquire his consent. The data are processed by us and by our representatives, and are communicated outside only in compliance with legal obligations. The data acquired for these purposes are stored by us for the time provided for by the respective regulations (10 years, and even more in the case of tax assessments);
d) to perform the function of receiving messages and telephone calls addressed to her during her stay. For this purpose, your consent is required. You can withdraw your consent at any time. The treatment will cease at its departure anyway;
e) to send you our promotional messages and updates on the rates and offers made. For this purpose, after obtaining your consent, your data will be kept for a maximum of one year and will not be disclosed to third parties. You can withdraw your consent at any time.
Legal basis of processing:
The provision of your personal data is required for the purposes referred to in points a), b), c) above and your refusal to provide data will determine the total impossibility of stipulation and execution of the contract.
Type of treatment
Your personal data are treated manually, but also electronically, mainly through the use of automated processes, depending on the objectives. In this case, we specifically use databases and computerised platforms that may be managed by both us and third parties. Each type of treatment guarantees the respect and the confidentiality of the data treated. We store such data and general information in the database and in the servers as logfiles.
In order to provide you with a unique navigation experience, we need to collect some technical data that are necessary for the correct operation of the website:
- Browser type and browser version
- Operating system
- The "referrer" website
- The on our website linked webpages
- Date and time of access
- IP address
- Other similar data and information
The legal basis for this type of treatment is article 6 of the GDPR. By accessing the website, computerised systems and management software automatically and indirectly collect and/or manage this number of data and information.
At first, the collection of these data in anonymous format is static. However, later on the data are treated to ensure a high level of protection and safety for any data that we collect
Personal data processed mainly are not disclosed, only and exclusively in certain cases, personal data may be disclosed to the following applicants:
a) Subcontractors for technical analysis and verification, payments, identification and delivery services, analytical providers or credit insurance agencies
b) The public administration and the Authorities, if there is a legal obligation
c) Credit institutions with which we maintain commercial relations for the management of credits / debits and with financial intermediation
d) any natural or legal person, public and / or private (legal, administrative and tax advice, courts, chambers of commerce, etc.) if the forwarding of data is necessary or relevant for the performance of our activity.
Disclosure of your data
In principle, the personal data are not forwarded. Only in some specific cases, personal data may be disclosed to the following suppliers:
a) Subcontractors for technical checks and analysis, payments, identification and addressing services, suppliers of analysis services or credit insurance companies
b) Public administration or authorities, should this be required by law
c) Credit institutions with whom we undertake commercial relations for the handling of credits / debits, financial reasons
d) Any physical or legal persons, public and/or private (legal, administrative and fiscal consultants, courts of laws, chambers of commerce, etc.), if the data transfer is necessary or relevant for providing our service activities.
Period of data conservation
In compliance with current laws, the owner of the treatment has defined different periods of data conservation depending on their usage:
1. As far as handling and answering your questions about products and activities, your personal data will be stored for a period of time strictly necessary for processing your request.
2. As far as managing activities connected with the navigation through our website, your personal data will be stored for a period of time strictly necessary to satisfy your requests.
3. As far as internal management and operational activities (for example time of conservation of invoices, administration, and tax information), your personal data will be treated for a period of time in line with the legal requirements for the specific purpose.
4. As far as the handling of disputes and litigations, your personal data will be stored for the whole time strictly necessary for pursuing such matters, and in any case not beyond the applicable prescription limits.
We would also like to inform you that the European Regulation recognizes certain rights, below we are summarizing the rights of an affected person:
a) Right to receive confirmation of the data treatment
Each affected person has the right to ask the owner of the personal data treatment if the data are being treated. Anyone wishing to exercise this right may contact us at any time.
b) Right of information
Each affected person has the right to obtain at any time and free of charge information regarding the treatment of their own personal data. The notification must contain the following information:
- the purposes of the treatment
- the types of personal data being treated
- the recipients and/or the categories of recipients to which the treated personal data may have received, with particular reference and attention to any recipients outside the EEC, or international organizations. Moreover, as far as transfer of the data to countries outside the EEC area, the user also has the right to receive additional information regarding the safety guarantees in place during the treatment
- the period of conservation contemplated for the treatment and the storage of the personal data
- the possibility to issue a complaint with the data protection authorities
- in those cases when the personal data were not collected or treated by the company, the possibility of obtaining appropriate information on their source and origin
- the possibility of automated decisions, even when contemplated by art. 22, par. 1 and 4 of the GDPR on the profiling of personal data, and in this case obtain appropriate and supported information regarding the logics followed for such decisions and the possible consequences that this solution may bring for the the affected person.
c) Right of correction of personal data
The affected person has the right to request the immediate correction of any errors in their own personal data.
d) Right to cancel
Any person involved in the processing of personal data has the right to request the data controller to immediately delete the personal data concerning him / her, provided that at least one of the following reasons is satisfied and that the processing of personal data is not required:
- Personal data has been collected or processed in other ways and is no longer needed.
- The interested party revokes the authorization for the treatment granted on the basis of the provisions of art. 6 paragraph 1 letter a) of the GDPR or art. 9 paragraph 2 letter a) of the GDPR but also in the event that the processing should be in contrast with further data protection regulations.
- The interested party presents an opposition to the treatment pursuant to art. 21, paragraph 1, of the GDPR and shows that there are no legitimate reasons for the elaboration.
- In the event that personal data should be processed in a non-compliant manner
- The deletion of personal data is required to fulfill a legal obligation under Union or national law, to which the controller is subject.
- Personal data have been processed regarding the request for services by minors in compliance with the provisions of art. 8 paragraph 1 of the GDPR.
e) Right of limitation of the treatment
- The affected person has the right to ask the owner of treatment to limit the processing if one of the following conditions persists:
The correctness of the personal data is disputed by the affected person. The limitation shall apply for a period of time that will give the responsible person the possibility to verify the correctness of the personal data.
- The treatment is not in compliance with current laws; the affected person refuses the cancellation of the personal data, asking instead their limitation.
- The owner of the treatment no longer needs the personal data for the purpose of the treatment, but the data subject requires the same to assert, exercise or defend their rights for legal action.
- The affected person has disagreed to current treatment according to art. 21, paragraph 1 of the GDPR and it has not yet been clarified if the legitimate reasons of the owner of the treatment have priority on those of the affected person.
f) Right to data portability
Any person involved in the processing of personal data has the right to receive, in a structured format, common and readable by a data processing machine, the personal data relating to the person concerned and made available by the data controller. The interested party also has the right to transfer this data to another data controller without any impediment of some fate by the transferring holder.
Furthermore, based on the content of Article 20 paragraph 1 of the GDPR, the subject involved in the processing of personal data has the right to demand that the data be transferred directly from the transferor holder to the new receiving owner as long as it is possible to identify a common technical solution to the parties and in compliance with the freedoms and rights of any third parties involved in the process.
g) Right to opposition
Every person involved in the processing of personal data has the right to object at any time to the processing of the same for reasons deriving from his particular position.
This principle also applies to profiling based on the provisions listed here.
In the event that there is an opposition to the processing of data, we provide for the processing of personal data, unless we can show valid reasons to continue processing, reasons that prevail over the interests, rights and freedoms of the data subject. but even if the treatment serves the affirmation, the exercise or the defense of legal claims.
In the event that we should use the processing of personal data for the purpose of direct marketing, the subject involved in the processing has the right to object at any time to processing of personal data for direct marketing purposes. This provision also applies to profiling, when it is used for direct marketing purposes.
h) Automated decisions including profiling
Any person involved in the processing of personal data has the right to object to a decision based solely on automated processing, including profiling, which has legal consequences and effects on him and which affects him significantly, unless the decision is taken to conclude or fulfill a contract between the data subject and the data controller.
If the decision to conclude or fulfill a contract between the data subject and the data controller is requested or has been made with the explicit consent of the data subject, we will take reasonable steps to safeguard the rights and freedoms of the data subject.
i) Right to the opposition of a consent to the processing of data
Every person involved in the processing of personal data has the right to revoke at any time the consent given to the data controller.
For any further information, and to assert the rights recognized by the European Regulation, you can contact: firstname.lastname@example.org.
This website uses Google Analytics, a Google Inc. (“Google”) advertising efficiency analysis service. Google Analytics uses so-called “cookies”, small text files that are stored on the visitor’s computers and allow assessing the use of the website. The information (including the user’s IP address) is collected through cookies and sent to a server in the USA, where it is stored. Google then uses this information to analyse the navigation of our website, create reports of the activities on the website and provide different services. In some cases, Google may also transfer the information to third parties, for example if required by law or to other companies that process data on its behalf. Your IP address can under no circumstances be used by Google for purposes other than those indicated above. By visiting the website users agree to the treatment of their own personal data by Google for the above purposes. The installation of cookies on your computer may be prevented by adjusting your browser settings accordingly. However, in this case you need to be aware that the disabling of cookies could limit the quality of your navigation through the website, or your use of the same. To prevent Google from collecting and processing data as explained above, you need to download and install the fllowing plugin: https://tools.google.com/dlpage/gaoptout?hl=gb. Further information on the conditions of use and the Google Analytics data protection policy is available at the following link:
https://www.google.com/analytics/terms/gb.html or https://support.google.com/analytics/answer/6004245?hl=gb. The website uses Google Analytics in IP-Masking mode, to ensure that IP addresses are collected in an anonymous format. It is important to point out that we use Google Analytics to evaluate and analyse AdWords data for statistical purposes, and also Double-Click-Cookie. Should you not be happy with this activity, you can disable it by visiting https://adssettings.google.com
This website uses Web Fonts to correctly display the graphic characters that are made available to Google. When our website is loaded, your browser loads the necessary web sources within the browser's Cache space to display the graphic characters correctly.
To this end, the browser you choose must necessarily connect to Google's servers, which will then be aware of the fact that your IP address will have uploaded our website. The use of Google Web Fonts is a consequence of the desire to offer a clean and attractive navigation. This represents a legitimate interest also based on the content of the art. 6 paragraph 1 letter f) of the GDPR.
More information on using Web Fonts can be found at the following link https://developers.google.com/fonts/faq or by consulting the information note on the processing of Google data at https://www.google.com/policies / privacy /.
We treat personal data collected on the website using computerised processes. Personal data are protected by Secure Socket Layer (SSL) encryption. This technology protects the user from the risk of unintentional disclosure of personal data when using an unprotected connection.
The user is notified when accessing a protected connection by a padlock icon. By clicking the padlock icon, the user can then make sure that the SSL certificate is valid and up to date.
By fulfilling the obligations set out in Art. 10 of the Directive n. 95/46 / EC, by Directive 2002/58 / EC, as updated by Directive 2009/136 / EC, by Article 13 of Legislative Decree 30 June 2003, number 196, and by the general provision (web document No. 3118884) of the Guarantor for the protection of personal data, published in the Official Gazette no. 126 of 3 June 2014, register of measures n. 229 of 8 May 2014 regarding cookies, we proceed with the information on these issues.
What are cookies?
Cookies are small texts that are installed on your computer or smartphone and tablet when you surf the web. The visited sites send cookies to the browser used (for example Internet Explorer, Mozilla Firefox, Google Chrome, Safari, Opera) that stores them and re-presents them to the same sites when they re-visit them. Cookies can be transmitted to your browser even from different websites or web servers, ie from third parties, this means that while browsing a specific website may be present elements from other sites that have such cookies, such as images, sounds, maps, links to other pages.
depending on the type of cookie and therefore the purpose with which it is used, some user data are stored, for example to make more effective the use of a site, to enable specific features, to monitor the visit sessions.
In particular, cookies allow you to store your preferences, avoid entering the same information several times during navigation (such as username and password), analyze the use of services and content provided by a site to optimize the browsing experience and the services offered.
Types of cookies
Cookies are divided into two macro-categories:
- Technical cookies, normally installed by the owner or the operator of the website, are intended to "transmit a communication on an electronic communication network, or to the extent strictly necessary for the provider of an information society service explicitly requested by the 'subscriber or user to provide this service "(see Article 122, paragraph 1, of the Privacy Code).
For the installation of technical cookies, the prior consent of users is not required.
Technical cookies are further subdivided into:
- Browsing or session cookies which guarantee the normal navigation and use of the website, allowing, for example, to make a purchase or authenticate to access restricted areas. These cookies are not stored permanently on the device used by the user and are deactivated automatically when the browser is closed. Their use is linked to the transmission of identification data necessary to allow a safe and efficient navigation on the pages. Session cookies do not allow in any way the acquisition of personal identification data of the user.
- Analytical cookies used to collect information on the use of the site, anonymously and to obtain both a statistical analysis of the pages displayed and the behavior of users. This anonymous analysis provides information and suggestions to improve the quality of the site and to make easily accessible the contents that are most sought-after and interesting for users. The analytics cookies can be sent either from the site, or from third-party domains and do not allow in any way the acquisition of personal identification data of the user. Cookies analytics, if installed by third parties (eg Google analytics), even if they collect data in anonymous form, are assimilated to profiling cookies, as indicated by the Guarantor for the protection of personal data.
- Functionality cookies: assimilated to technical cookies when used directly by the site operator to collect information, in aggregate form, on the number of users and how they visit the site. These cookies allow the user to navigate according to a series of selected criteria (for example, the language, the products selected for purchase) in order to improve the service provided.
- Profiling cookies are intended to create user profiles and are used to send advertising messages in line with the preferences expressed by the same in the context of surfing the net. These cookies are particularly invasive in the private sphere of the user, for this reason the European and Italian legislation provides that the user must be adequately informed about the use of the same, being able to express their consent. The art. 122 of the Privacy Code, whereby "the storage of information in the terminal device of a contractor or a user or access to information already filed is permitted only on condition that the contractor or the user has given his consent after have been informed with the simplified procedures referred to in article 13 of the Privacy Code, paragraph 3.
The data generated by Google Analytics are stored by Google as indicated in the Information available at the following link http://www.google.com/intl/it_ALL/analytics/learn/privacy.html
For info and details, see the link: https://statcounter.com/about/cookies/.
Buttons and widgets of social networks
Social buttons are those particular "buttons" on the site that depict icons of social networks (example, Facebook and Twitter) and allow users who are browsing to interact with a "click" directly with social platforms.
The site incorporates buttons and widgets of Facebook, Google through the AddThis service, which involve the installation of cookies, also profiling, of said Social. No information is instead shared by the site where the button and widget is embedded. For more information, including on the deactivation of these cookies, we recommend that you consult the following links:
For Facebook (Facebook inc.)
For Google (Google inc.)
Types of cookies used on our website
Our website uses technical cookies for which there is no request for consent from users with the sole purpose of ensuring normal navigation and use of the website, to collect information on the use of the site and to obtain both a statistical analysis of the pages displayed both of the behaviors held by users.
The Site uses Google Analytics and StatCounter.
The site incorporates AddThis buttons and widgets.
How to disable our cookies
You may at any time disable the cookies used on our website by yourself.
Generally, deactivation varies from the browser it uses
Below you will find the procedures for deactivation divided by browser.
Internet Explorer 9.0+
Internet Explorer 8.0+
Internet Explorer 7.0+
More information on disabling cookies for Microsoft Windows Explorerhttp: //windows.microsoft.com/en-us/windows-vista/block-or-allow-cookies
1. Open the Chrome browser
2. Click on the menu button
3. Click on “Settings”
4. Click on “Show advanced settings”
5. In the “Privacy” section, click on “Content settings”
6. Now, you can eliminate or block cookies in the “Cookie” section
7. Click on “OK”
For further information, go to: https://support.google.com/chrome/answer/95647?hl=en
1. Open the Internet Explorer browser
2. Click on the Settings button
3. Click on "Internet Options"
4. Click on "Privacy"
5. Move the slide bar to the desired privacy level (to block all cookies, slide to the top; to enable all cookies, slide to the bottom)
6. Click on “OK“
For further information, go to: https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies
1. Open the Firefox browser
2. Click on the Menu button
3. Click on “Options”
4. Click on the “Privacy” section
5. From the drop-down menu of the “Chronology” section, select “Use custom settings”
6. Remove the check mark from “Accept cookies from sites”
7. Click on “OK”
For further information, go to: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences
1. Open the Safari browser
2. Click on “Preferences”
3. Click on “Privacy”
4. In the “Cookies and other website data” section, define how Safari must behave with cookies
5. Click on “Details” to obtain further information on the cookies that are saved by your computer
For further information, go to: https://support.apple.com/kb/PH5042?locale=en_US
All other browsers
For information on how to manage cookies through other browsers, consult your documentation or online help files.
If this information is not enough I suggest you consult the "Help" of the browser for more details.
In general, it is advisable to consult the service made available by the site:
www.youronlinechoices.euche will allow you to identify all third-party cookies on your browser and proceed with their total or partial uninstallation.