Information about privacy protection

Information pursuant to Legislative Decree 30th June 2003, n. 196 and of the UE Regulation 2016/679 (GDPR) about protection and processing of personal Data.

WARNING: This Privacy Policy is effective from 25th May 2018. The Owner can modify or simply update the content, partly or completely, also due to changes of the applicable legislation. The Owner will let know these changes as soon as they will be applied and they will be binding as soon as pusblishing them on the Website. So, the Owner invites you to regularly visit this section in order to find out the most recent and updated version of the Privacy Policy, so that you are always updated about received data and their use 

Moreover, this Privacy Policy is intended only for the website but it does not apply to other websites which are consulted via eternal links. 

1. Data controller and processors - article 13 co. 1 letter [a] [b] GDPR 2016/679

Data controller is the individual society/company YORK HOTEL S.A.S. DI BULLINI ALBERTO & C., whose registered office is in viale D'Annunzio, 41 47838-Riccicone ( RN ), Tax Code/VAT Number: 02377170408 which you can contact for exerciting the rights recognized by GDPR. The updated list of all the other data processing managers is available at the Owner's office, which you can contact for the vision. 

2. Types of Data processed and Purposes of treatment - article 13 co. 1 letter [c] [d] GDPR 2016/679

The Data being processed are of common type (of identification) and navigation Data (IP addresses, addresses in URI notation ect.), but if necessary are also particular and/or sensitive data, voluntary given for your particular needs (general and particular information about User's orientations and preferences; food intolerances; health issues; ect.);
The Owner will treat your data: 

A) without the need of your expressed accord for the following Service Finalities:

  • Fulfillment of contractual and residence obbligations (formulation of a price quotation, booking management, issue of bills, price quotations);
  • Fulfillment of normative obbligations, above all these accounting, fiscal and about safety;
  • Dispute management.

The processing of functional Data for the completion of these obbligations is required for a right management of the required service anche their conferment is mandatory by law for implementing the purposes indicated above. Failure Data release could make it impossibile for the Data Controller to find to a possible request from the interested party.

B) only with your specific and distinct accord for these Marketing Purposes:

  • sending you via e-mail, mail and/or SMS and/or phone contacts, newsletters, commercial or promotional communications and/or services offered by the Owner; sending informations anche commercial offerte, also from third parties; sending advertising and informative material; realizing commercial communications, including interactive; making direct sales or placement of products or services.
  • sending you surveys or other documents in order to detect satisfaction degree about quality of the services offered; processing studies and statistical researches about sales, customers and other information, and possibly communicating them to third parties; giving the data collected and processed with commercial purposes to third parties, including for sales or attempted saled including outside the European Union, that is to say for all those purposes permissible of a commercial and/or statistical nature. Taking part in prize draw connected to commercial promotions and events.
  • Wishing for the national holidays.

The failure to release the consent for the purposes of letter B) will not entail any consequences. Consent is an optional 

3. Data communication and dissemination - article 13 co. 1 letter [e] [f] GDPR 2016/679

The data may be communicated only to the interested party and to people explicitly indicated by the interested party. The data will not be further communicated and disseminated except to people and/or companies duly authorized by the owner for a better service management, in order to fulfill specific legal obbligations always deriving from offered service, including tax profiles, or rather for purposes strictly connected and instrumental to service operation. Data will not be transfered to a third country or ad international organization.

4. Processing methods - article 13 co. 2 letter [a] GDPR 2016/679

The processing of personal data is the collection, registration, organization, storage, communication of the same data. The processing of personal data is made for the purposed mentioned above, with automated and computerized methods in accordance with the provisions of article 5 of GDPR, in compliance with rules of lawfulness, legitimacy, reserve and safety required by current legislation. Data will be saved for a period necessary for the purposes for which they were collected or subsequently treated, in compliance with legal obligations and howewer not more than 5 years.

5. Rights of the interested party - article 13 co. 2 letter [b] [c] [ d] GDPR 2016/679

The interested party can get access to his personal data and to their correction. For legitimate reasons, the interested party can obtain the deletion of the data, or the limitation of the treatment which concerned them, or can oppose this processing, as well as, more generally, can exercise all the rights which are recognized by current laws. To exercise his rights, he can always contact the Owner, by sending his requests to address, in addition to the Authority for the protection of personal data.