Privacy and Cookie Policy

Declaration made in accordance with Art. 13 of EU Regulation 2016/679 issued by the European Parliament and Council on 27 April, 2016 concerning the protection of natural persons as regards the processing of their personal data, as well as the free circulation of such data, and which abrogates Directive 95/46/EC (General Regulations for the protection of data).

Privacy policy at a glance:
Our privacy policy informs you about anonymous data collection as well as the acquisition and the use of personal data that may be collected contacting us. This occurs, for example, when you visit our website or when you get in contact with us via online form, email, phone, personally or through cooperating media channels to request services, book, check-in/out, or make use of services that require personal data.

Personal data include for example: name, e-mail address, phone number, address, credit card details, birthday, or those data that contributes to the personal identification of a person.

In accordance with the EU General Data Protection Regulation (Regulation 2016/679 of the European Parliament and of the Council), we inform you about the following:

Controller of data processing:
Gasthof Stern d. Nußbaumer Stuefer Rosa Helene
Astfeld 12, 39058 Sarnthein, Italy
Phone +39 0471 623140
Fax +39 0471 622102
E-Mail info@sternhotel.it
VAT IT01101610218

 

Contents

  1. What data do we process?
  2. What is your data processed for?
  3. Legal ground for data processing
  4. To whom do we pass personal information?
  5. Storage of personal data
  6. Data acquisition on our web site
    6.1. Contact form
    6.2. SSL or TLS encryption
    6.3. Server log files
    6.4. Cookies
    a. What are cookies?
    b. What types of cookies do we use?
    c. How can I control or disable cookies?
  7. What rights do you have regarding your data?
  8. Characteristics of consent
  9. Alterations

 

1. What data do we process?

Pursuant to Art. 13 of the European General Data Protection Regulation, we process the following data:

  • personal data (surname, name, address, e-mail, telephone number, fax number, date of birth) as well as your language and the license plate of your vehicle
  • the data shown in your passport or identity card
  • data relative to the method of payment or otherwise connected with your payments (e.g. bank coordinates, details of credit card)
  • date of arrival and length of stay, as well as any personal preferences associated with your stay

 

2. What is your data processed for?

We collect and use your personal data in order to answer to requests for information and emails and to be able to provide our services as desired and to allow easy access to our website.
The data provided will be processed for the following purposes:

  • Memorization of the data for the purpose of future bookings and requests
  • For the implementation of pre-contractual and contractual requirements relative to the guest's visit (booking, period of stay, departure etc.)
  • Forwarding of communications and telephone calls directly to the guest
  • Management of fitness and wellness centres
  • Forwarding of information, special offers and new features offered by the hotel by e-mail, ordinary mail, and other means of communication concerning the hotel, the local area and any local events etc. The consent to the data processing referring to the sending of information, offers and news about the hotel and its surroundings is given on a voluntary basis. In case of no longer interest you can inform us any time. In absence of requested data we can't deliver any offer or news.
  • For compliance with legal obligations
  • For further information on the topic "what are your data processed for" see also point "Data collection" on our website

Your personal data will be processed in accordance with the contract and with current legislation, as set forth in the provisions of EU Regulation 679/2016 (GDPR). Consent for the processing of personal data included in special categories is given on a voluntary basis.
Should you refuse to release basic data, travel document data and bank data, it will not be possible to fulfil the contractual obligations and accommodate you at our establishment. We do not apply profiling and automated decisions.

 

3. Legal ground for data processing

  • Legal ground for the processing of your data:
  • compliance with obligations and pre-contractual and contractual requirements
  • your consent
  • compliance with legal and judicial obligations
  • legitimate interests (e.g. for improvements to our client service and our contacts with the clients – also regarding direct advertising – or video surveillance intended to protect persons and property from possible aggression, theft, robbery, damage and vandalism, as well as for fire protection and safety in the workplace). (For each purpose whose legal ground comprises legitimate interest, the nature of such legitimate interest must be specified).

 

4. To whom do we pass personal information?

We take the protection of your personal rights very seriously and assure you that we will not sell or rent your data to other providers.
In order to provide an exemplary service we may only transmit personal information to reputable contractors that are required to protect your information in accordance to our privacy policy. These companies can be the following:
(Subjects = Persons, companies or office communities)

  • Subjects with witch a cooperation is necessary to provide our services (e.g. our host provider
  • Subjects hired for the technical maintenance of our hard- and software.
  • Subject who assist and advise us on administrative, accounting, tax, legal, financial, marketing and communication issues, relating to the provision of services.
  • Subjects, authorities or other entities to which your personal information is required due to obligatory requirements.
  • Persons authorized by the controller to process personal data, required for activities related to the provision of services. They are committed to confidentiality or have a responsible legal obligation to maintain confidentiality (e.g. employees of the controller)
  • You can find more info about "when and to whom do we pass personal information" under the main issue "Data acquisition on our web site".

These companies are required to protect your data in accordance with our privacy policy for the protection of personal rights and they are as well subjects to the DSGVO. You can request more information by email.

 

5. Storage of personal data

The duration of the conservation of the data is calculated on the basis of the obligations for the conservation of the data and the requirements contemplated by the law. If your personal data are processed in order to comply with a legal requirement or a contractual obligation, they will be kept only for the time that is strictly necessary for their processing. If the data are processed with your consent, they will be kept until that consent is revoked.

 

6. Data acquisition on our web site

The following gives a simple overview of what happens to your personal information when you visit our website.

How do we collect your data?

Some data are collected when you provide it to us. This could, for example, be data you enter on a contact form on our website or on other portals.
Other data are collected automatically by our IT systems when you visit the website. These data are primarily technical data such as the browser and operating system you are using or when you accessed the page. These data are collected automatically as soon as you enter our website.

6.1. Contact form

Should you send us questions via the contact form, we will collect the data entered on the form, including the contact details you provide, to answer your question and any follow-up questions. We do not share this information without your permission.
We will, therefore, process any data you enter onto the contact form only with your consent per Art. 6 (1)(a) DSGVO. You have the right to withdraw your consent at any time simply contacting us per e-mail. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
We will retain the data you provide on the contact form until you request its deletion, revoke your consent for its storage, or the purpose for its storage no longer pertains (e.g. after fulfilling your request). Any mandatory statutory provisions, especially those regarding mandatory data retention periods, remain unaffected by this provision.

6.2. SSL or TLS encryption

This site uses SSL or TLS encryption for security reasons and for the protection of the transmission of confidential content, such as the inquiries you send to us as the site operator. You can recognize an encrypted connection in your browser's address line when it changes from "http://" to "https://" and the lock icon is displayed in your browser's address bar.
If SSL or TLS encryption is activated, the data you transfer to us cannot be read by third parties.

6.3. Server log files

The website provider automatically collects and stores information that your browser automatically transmits to us in "server log files". These are:

  • Browser type and browser version
  • Operating system used
  • Referrer URL
  • Host name of the accessing computer
  • Time of the server request
  • IP address

These data will not be combined with data from other sources.
The basis for data processing is Art. 6 (1) (f) DSGVO. The website operator has a legitimate interest to ensure an optimized service provided free of technical errors. Therefore server log files have to be stored.

6.4. Cookies

In order to ensure you a user-friendly experience, to help us improve our site and to analyse web traffic, like most websites, this one uses cookies too!
If you choose to disable cookies, you may lose some features and functionality and some contents of our website may not be displayed or may not function correctly.

a. What are cookies?

Some of our web pages use cookies. Cookies do not harm your computer and do not contain any viruses. Cookies help make our website more user-friendly, efficient, and secure. Cookies are small text files that are stored on your computer and saved by your browser.
Cookies which are necessary to allow electronic communications or to provide certain functions you wish to use (such as the shopping cart) are stored pursuant to Art. 6 paragraph 1, letter f of DSGVO. The website operator has a legitimate interest in the storage of cookies to ensure an optimized service provided free of technical errors. If other cookies (such as those used to analyze your surfing behavior) are also stored, they will be treated separately in this privacy policy.
According to their function, cookies are divided in following categories:

  • Technical and analytics cookies: According to Italian privacy legislation following types of cookies are considered "technical cookies" and can be used without the explicit consent of the user:
  • Navigation cookies: Navigation cookies are necessary to make the website work properly and to make users' experience easier and faster. They also make it possible to access secure areas of the website and to register i.e. to newsletters.
  • Function cookies: These cookies make it possible for specific features of the site to function, in order to make the website and your online experience more user-friendly.
  • Analytics / Statistic cookies: These cookies monitor website usage statistics without personally identifying individual visitors. These cookies help us understand how visitors interact with our websites by providing information about the areas visited, the time spent on the website, etc. These cookies don't identify you as an individual. All data is collected and aggregated anonymously.

 

Third Party Cookies:
This type of cookies can be set on your device by external suppliers on our behalf to allow them to deliver the services they are providing. You may receive cookies from third party websites when you use them on our site or if you are already logged in to them. Third parties cookies come for example from "social media plugins" such as Facebook, Google+, Twitter or from services of Google Analytics, Google Maps, YouTube, etc. and are generated and run by the external suppliers. We cannot control and have no authority on third party cookies and on their privacy settings. For this reason we herewith expressly declare that third party features implemented on our site are subject to the cookie and privacy policy of their owner.

To get more information about these cookies, see the links below.
Google Privacy and Terms
Facebook Cookie Policy/

Marketing / Profiling cookies:
Online behavioural advertising (also known as interest-based advertising) is a way of serving advertisements on the websites you visit and making them more relevant to you and your interests. This happens thanks to profiling cookies. The information contained in a cookie is used to track a user's activity when visiting pages online.
The information collected and used for this type of advertising is not personal, in that it does not identify you – the user – in the real world. No personal information, such as your name, address or email address, is used. Data about your browsing activity is collected and analysed anonymously.
Profiling cookies remain stored on users' device for a longer time.
Users can opt out behavioural advertising permanently by disabling interest-based advertising by Google here: https://www.google.com/settings/ads/onweb/

Detailed information and links about profiling and remarketing cookies are available on the official website or the European Interactive Digital Advertising Alliance: www.youronlinechoices.eu


b. What types of cookies do we use?

Technical cookies
that are necessary to show the pages correctly, to make the features of the website function properly and to access secure areas. Use this tool to check which cookies are set and used by our sites: www.cookie-checker.com

According to the current Italian legislation, not all types of cookies require a specific and express consent to be used. In the case of technical cookies express consent is not required, as the legislation recognises that technical cookies are indispensable for a website to work in a correct way.

Analytics / statistic cookies
Our website DOES NOT use analytics and marketing cookies.

Marketing / profiling cookies
Our website DOES NOT use marketing / profiling cookies.

c. How can I control or disable cookies?

In your browser you can disable cookies or delete the ones that have already been saved. By disabling cookies, some contents or features of our site may not function properly or may not be shown correctly.
Learn how to block, disable or delete cookies in the browser you use:

Third party cookies:
You can disable or delete each of them separately. On the site of the European Interactive Digital Advertising Alliance you find detailed instructions: www.youronlinechoices.eu

7. What rights do you have regarding your data?

Right of access by the data subject: In accordance with art. 15 of the GDPR, you are entitled to be informed of the personal data processed, their provenance, nature, possible forwarding to third parties (in such case identifying the same) and their utilization.
Right of rectification and erasure: In accordance with art. 16 of the GDPR, you may at any time require the rectification or completion of your personal data. Similarly, in accordance with art. 17 of the GDPR, you are entitled to require the erasure of the data. In the presence of published data, you also enjoy the "right to be forgotten", i.e. to request that the measures necessary to erase all the links, copies, replications and similar.
Right to object: You may at any time exercise your right to object as described in art. 21 of the GDPR and modify or entirely revoke your consent for the future.
Right of restriction (or blocking) of processing: In accordance with art. 18 of the GDPR, you may require the restriction of the processing of your personal data. The relevant data may be processed only subject to specific prior consent, i.e. their processing will be effectively limited.
Right to data portability: In accordance with art. 20 of the GDPR, you are entitled to request and receive the personal data provided by yourself in a structured, commonly used and machine-readable format, and you have the right to require their transmission to another controller.
In accordance with art. 77 of the GDPR, you have the right to lodge a complaint with the supervisory authority.

 

8. Characteristics of consent

Your personal data will be processed in accordance with the contract and with current legislation, as set forth in the provisions of EU Regulation 679/2016 (GDPR).
Consent for the processing of personal data included in special categories is given on a voluntary basis. In the absence of such consent, the personal data cannot be processed for any future bookings.
Consent for the processing of personal data as regards the forwarding of information, special offers and new features offered by the hotel, too, is voluntary. If the personal data are not provided, then offers and other information shall not be supplied.

 

9. Alterations

The person responsible reserves the right to change or update the content in whole or in part, also due to changes in applicable legislation.