Privacy Policy
WHAT’S PRIVACY POLICY
This page describes the website’s management methods as concerns the handling of the personal data of users visiting it.
This notice is provided pursuant to UE regulation n.679/2016 – Personal Data Protection Code to those who interact with web services of the company HELP IN ROME SRL, electronically accessible from the address: www.zonehotel.com
The information is provided only to the website HELP IN ROME SRL of the Controller company and not to other websites the user may visit via links.
This statement conforms to European Community standards and more precisely to UE regulation n.679/2016 that the European authorities for the protection of personal data, adopted to identify some minimum requirements for the collection of personal data on-line and, in particular, the manners, times, and nature of the information that data controllers must provide to users when the latter connect to web pages, regardless of the purpose of their connection.
THE DATA “CONTROLLER”
Pursuant to UE regulation n.679/2016, Controller of the Data is the Company HELP IN ROME SRL registered office at L.go Pietro Vassalletto, n.6 00196 Rome, ITALY
THE DATA “PROCESSOR”
Pursuant to UE regulation n.679/2016, Data Processor is HELP IN ROME SRL
Pursuant to UE regulation n.679/2016, the external data Controller for the site management and personal data acquisition during booking is the Company D-EDGE SAS Headquarters address: 64-66 rue des Archives 75003 Paris FRANCE Phone: +33 1 44 71 05 05, owner of the hotel booking engine (www.d-edge.com) incorporated into this website.
DATA PROCESSING LOCATION
The site is hosted on machines operated by an external company; however, the reports are forwarded to the data controller for the purpose of replying to users’ requests and guaranteeing the reservation.
The processing connected to this site’s web services, therefore, takes place on the premises of the controller and external processors in the relevant areas.
No data from the web service is communicated by the two companies to third parties unless strictly relevant to the purpose of the processing or imposed by law or regulation.
PURPOSE OF THE DATA PROCESSING.
The personal data provided voluntarily and optionally by users sending requests for information about the hotel facilities (rates, room availability, etc.), or simply requests for recruitment by sending CVs in electronic format, are used for the sole purpose of performing the service or provision requested and are not disclosed to third parties unless disclosure is required by law or is strictly relevant and necessary for the fulfillment of the requests.
In particular, personal data provided voluntarily by the parties concerned by the processing shall be collected and processed, including by electronic means directly and/or through delegated third parties (company for the e-mail service, company hosting the website) for the following purposes:
checking the availability of the requested room against information in the booking form;
to make and confirm the reservation by providing personal identification data and credit card data as a guarantee;
activating eventual promotional and commercial activities pursuant to UE regulation n.679/2016;
to comply with current administrative, accounting, and tax obligations, as well as with laws and regulations;
providing responses concerning our hotel services (room availability, prices, conference rooms, catering, etc.);
registering in the newsletter to receive periodic commercial or promotional communications;
assessing CVs that may be received for compatibility with any internal requirements;
for action by the Controller in court or in the preliminary stages leading to possible legal action against abuses arising from the illicit use of the website or related services by the User;
statistical purposes in an anonymous form (to assess the number of visits, etc.).
BOOKINGS
Personal data for the reservations shall be processed in electronic and paper format for the sole purpose of guaranteeing the rooms are booked in the conditions agreed.
The booking platform is owned by D-EDGE, the external processor, which will communicate the data of the party concerned to the hotel for the normal activities related to managing the accommodation
The data shall be recorded in our electronic databases and accessible to staff properly instructed and trained in personal data security and confidentiality.
To confirm the booking a credit card given as a firm guarantee must be provided, it is understood that the customer can choose to pay in cash at the end of the stay.
CURRICULA MANAGEMENT
This Statement prepared in accordance with UE regulation n.679/2016 can be used by the company HELP IN ROME SRL including for eventual advertisements on sites or portals not directly managed by the company HELP IN ROME SRL to recruit staff.
The Company shall process the curricula received by e-mail or through third-party recruiting companies (publications on portals, etc.) to evaluate the potential applications inside the company or that might be made in the near future.
The processing occurs electronically excepting curricula received by post.
The curricula considered “interesting” shall be stored at the company headquarters for a period not exceeding one year and shall be processed while fully complying with the minimum security measures referred to UE regulation n.679/2016.
The curricula deemed irrelevant as well as those retained over 12 months shall be trashed.
The curricula shall be retained at the headquarters of the company and not disclosed to unauthorized third parties.
The same may be assessed by the company’s employees or collaborators appointed to be responsible for the processing.
However, the applicants are still invited to respect the following rules in transmitting the curricula in electronic format:
Fill in your own CV in European format; transmit the curriculum in pdf format; avoid putting sensitive data (relating, in particular, to the state of health, religious, philosophical, or political beliefs) not relevant to the job offer in the curriculum; give consent to the processing.
The company reserves the right to trash the curricula that do not meet the above requirements.
The Company shall provide appropriate information pursuant to UE regulation n.679/2016 during any interviews with the applicants.
The purpose of the processing relating to managing the curricula shall concern activities closely relating to the appraisal, recruitment, or selection of personnel, for the purposes of collaboration, hiring on a temporary or permanent basis, internships, or rather to enable the successful applicant to prepare his degree thesis at our headquarters.
COMMERCIAL COMMUNICATIONS VIA E-MAIL
The society HELP IN ROME SRL reserves the option of sending promotional and commercial e-mails in accordance with UE regulation n.679/2016:
“if in the context of a sale of goods or of a service the Data Controller uses the customer’s e-mail address, the same address may be used for sending commercial and promotional material without seeking prior consent, provided the customer is duly informed at every mailing of promotional and marketing material and that he is able easily and freely to exercise the right to discontinue this processing.”
In that case, having received the first promotional message the data subject shall be able to cancel his subscription to the hotel newsletter with a simple click.
Sending these messages is entrusted to a third-party provider of email services.
DATA COMMUNICATION AND DISSEMINATION
Personal data collected from the website in question can be treated only by persons officially appointed and trained in the field of personal data privacy and security.
The contexts for communicating data subjects’ personal data may relate to:
Organizations or Public Offices on the basis of legal and / or contractual obligations; D-EDGE companies; external processors as companies or consultants who carry out activities for the proper functioning of the site and management of the information acquired through the same on the controller’s behalf;
the Postal Police for determining whether any activities may be harmful to the company website;
to employees or service-providing companies when communication is necessary for the person concerned to use the hotel services.
Personal data shall not be disclosed.
NAVIGATION DATA
During their normal operation software applications designed to run this website acquire some personal data whose transmission is implicit in the normal IP protocol of Internet communication.
While it is not collected to be associated directly with the data subjects, by its very nature through processing and subsequent correlation with data held by third parties (providers) this information could allow users to be identified.
This category of data includes IP addresses or domain names of computers used by users connecting to the site, the date and time of the request, the URI (Uniform Resource Identifier) of requested resources, the size of the files obtained in reply from the server, the digital code indicating the status of the response from the server (ok, error, etc..) and other parameters regarding the operating system and computer environment.
This data is used only to obtain anonymous statistical information about website usage and to check the site is functioning correctly; they are deleted immediately after processing.
This site may disclose personal data which, if required in accordance with the law, may be communicated to the judicial authorities for the purposes of defending the State or the prevention, detection or suppression of crime, serve to ensure the protection of the personal data of data subjets’ enjoying on-line services of the site, for eventual defensive investigations as per UE regulation n.679/2016, or in any event to assert or defend a legitimate right and interest of the Controller in court while still complying with the principles of relevance and proportionality with respect to the processing’s purpose.
NON-OBLIGATORY NATURE OF THE DATA PROVISION
Unless otherwise specified as concerns navigation data, the user is free to provide personal data to make an on-line reservation.
The advancement of the on-line booking procedure implies the data subject’s consent to the processing of his personal data following the privacy policy of this website.
The possible acquisition of other personal data via dedicated forms (e.g. recording in the newsletter) shall require the data subject’s explicit awareness of the information as authorization for processing his personal data.
Failure to provide the personal information provided by the website may make it impossible to fulfill the request.
Sending an optional, explicit, and voluntary e-mail to the addresses indicated on this website entails the subsequent acquisition of the sender’s address, which is necessary to respond to requests, as well as any other personal data included in the message.
PROCESSING METHODS
The personal data are processed in paper format and/or by automated tools for the time strictly necessary for the purpose for which they have been collected.
In order to prevent data loss, abuse, incorrect use, and unauthorized access specific security measures are observed.
DATA VOLUNTARILY PROVIDED BY THE USER
Sending an optional, explicit, and voluntary e-mail to the addresses indicated on this website entails the subsequent acquisition of the sender’s address, which is necessary to respond to requests, as well as any other personal data included in the message.
COOKIES
Cookies are small files stored on your hard drive. This allows easier navigation and makes the site easier to use.
Cookies usually allow access to information already stored on the computer of the person concerned for purposes which may be of a commercial nature (e.g. profiling) or technique (to ensure proper operation of the site visited).
According to UE regulation n.679/2016no explicit consent shall be required for the use of cookies because only session cookies will be used, or cookies for the proper functioning of the website.
Cookies for transmitting personal information shall not be used, nor the so-called persistent cookies of any kind, that is user tracking systems.
The use of the so-called session cookies (which are not permanently stored on the user’s computer and disappear when the browser is closed) is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to allow safe and efficient browsing of the site.
The so-called session cookies used in this website avoid using other computer techniques that potentially impair the confidentiality of user browsing data and which do not allow the user’s personal identification data to be acquired.
DATA SUBJECT RIGHTS
The data subjects have the right, at any time, to obtain confirmation of the existence or non-existence of the data concerned and to be informed of its content and origin, verify its accuracy or request it to be integrated, updated, or corrected.
Pursuant to the same article, the data subjects have the right to request the deletion, transformation into anonymous form, or blocking of data processed in violation of the law, and in any event, to refuse its processing on legitimate grounds.
Requests should be addressed to the Company HELP IN ROME SRL Controller of the personal data.
Below are the data subject’s rights in full.
– Right to access personal data and other rights
1. The data subject has the right to obtain confirmation of the existence or not of any personal data concerning him, even though not yet recorded, and to have them communicated in an intelligible form.
– Right to be forgotten:
2. The interested party has the right to obtain the cancellation of their personal data
3. The data subject has the right to obtain the following information:
a) the source of the personal details;
b) the purposes and procedures of the processing;
c) the logic applied in case of processing with electronic instruments;
d) the identity details of the controller, processors, and designated representative in the meaning of UE regulation 679/2016;
e) of the parties or categories of parties to whom the personal data may be communicated, or who can come to know them as appointed representatives in the territory of the State or as managers or employees.
4. The data subject has the right to obtain:
a) the updating, editing or, when he has an interest, the integration of the data;
b) the deletion, anonymisation, or blocking of data processed unlawfully, including data that does not need to be retained for the purposes for which it has been collected or subsequently processed;
c) certification that the operations under letters a) and b) have been notified, including as concerns their content, to the persons to whom the data have been communicated or disseminated, except where such performance proves to be impossible or entails an employment of resources obviously out of all proportion to the right protected.
The data subject has the right to object, in whole or in part:
a) on legitimate grounds to the processing of personal data concerning him, even if pertinent for the purposes for which they have been collected ;
b) to the processing of personal data concerning him for the purposes of sending advertising material, direct sales, for carrying out market research or commercial communications.