Privacy Policy
Information on the processing of personal data of the users visiting the website of Villa Maria Regina, pursuant to Article 13 of EU Regulation 2016/679.
This page describes the policies for managing the website in regard to processing the personal data of the users who visit the site and their privacy. The information provided does not concern other websites, pages or services that can be accessed via hyperlinks on this website but relate to resources outside the Villa Maria Regina domain.
The Controller
Following access to this website, data pertaining to identified or identifiable persons may be processed. The Data Controller of the personal data collected following a visit to our website or any other data used for providing our services is O.R.S.A. 2004 Srl, Via della Camilluccia 687 – 00135 Rome.
Categories of processed data
Navigational data — The information systems and software procedures relied upon to operate this website acquire, during their standard functioning, certain personal data whose transmission is an inherent feature of Internet communication protocols. This category includes IP addresses, the URI addresses of requested resources, the time of the request, the method used to submit the request to the server, the response status code and other parameters related to the user's operating system and environment. These data are used only to obtain anonymous statistical information on website use and to check its correct functioning.
Data voluntarily provided by the user — Sending messages through the contact form or to the addresses mentioned on this website entails the acquisition of the sender's address and any personal data contained in the message, which is necessary in order to reply to the request. Said data is used solely to carry out the service or assistance requested and is not communicated to third parties except to providers who assist the hotel under a data-processing agreement.
Period for data retention
In accordance with Article 5(1)(e) of Regulation (EU) 2016/679, collected personal data is kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which it was collected. Indicatively: contact requests up to 12 months; administrative / accounting / financial documentation 10 years as required by law.
Transfers of personal data to third countries
Personal data is processed in compliance with Chapter V of GDPR 679/2016. Where a service provider processes data outside the EU, the transfer is governed by appropriate safeguards (e.g. Standard Contractual Clauses).
Data subjects' rights
Under Chapter III of GDPR 679/2016 data subjects have the right to request confirmation of the existence of their data, access, rectification, integration, erasure (right to be forgotten), restriction, the right to object to processing on legitimate grounds, and the right to data portability. These rights may be exercised by writing to privacy@villamariaregina.com.
Right to lodge a complaint
If a data subject considers that the processing of personal data relating to them infringes the Regulation, they have the right to lodge a complaint with the Garante per la protezione dei dati personali pursuant to Article 77, or to bring judicial proceedings pursuant to Article 79 of the Regulation.