Hotel Christof (hereinafter also the company) has drawn up the present data protection statement in order to inform visitors to the www.hotel-christof.com website about the terms and purposes of data processing. In particular, visitors and any person who makes use of the services offered on the websites, are informed, in accordance with Article 13 Italian Legislative Decree of 30th June 2003 No. 196 (Data Protection Code) about the processing of data. The present data protection statement relates exclusively to the aforesaid website and does not apply to linked sites, which may be visited by the users of our website.
Types of data collection and processing purpose:
- Navigation data
In normal use, the systems and software processes required for correct performance of the website collect some personal data, the transmission of which is part of the normal use of Internet communication protocols. These data concern information, which is not collected in order to identify the subject, but which by virtue of their properties allow users to be identified through the processing and compilation of data transmitted by a third party.
This category of data includes the IP addresses or the names of domains, the computer used by the users of the website, the URI (uniform resource identifier) of the resources requested, the time the enquiry was made, the method used to make the enquiry with the server, the size of the file received as response, the status data of the response given by the server (successful, error, etc.) as a numerical code and other parameters with respect to the operating system and the user’s computer environment.
These data serve exclusively for statistical purposes and are administered solely in anonymous form, in order to ensure their correct function. The data may be also used to establish responsibility in the event of hypothetical breaches of IT law resulting in damage to the website. With the exception of this case, the aforementioned data shall not be stored for more than 24 months.
- Data supplied voluntarily by the users/visitors
Data, which are transmitted by the visitor to the website, voluntarily and expressly for the purpose of using specific services (e.g. the newsletter, “work with us” service, etc.) and to the Hotel Christof by means of e-mail enquiries, may be automatically registered, in which case the information is used exclusively for the services specified in the communication of the information.
Your data are used for the purpose of responding to your specific queries, fulfilling contractual duties, tax or accounting duties, billing, debt collection and for compliance with the duties prescribed by the statutes in force.
With the exception of navigation data the Hotel Christof solely processes data, which has been submitted voluntarily and expressly by the user. If you refuse to transfer certain information, you may however find that you are restricted in the services offered.
Once the registration is made, the personal data are processed solely for the services specified in the communication of the information.
The visitor to the website may register for one or more of the following services:
- Information on services or products, offers, enquiries etc.
- Participation in various initiatives
- Purchases or reservations of the products offered on the website
- Announcing the visitor’s interest in working with the company and/or responding to a job vacancy advertisement
- Contacting the company using the form provided for this purpose
- Enquiring about the availability of rooms for a specified period and a specific number of persons
- Book directly on the website
There follows a short list concerning the specific use of personal data on the website. In order to use the services the user may be required to supply some or all of the following data: forename, surname, age, street, post code,e-mail address, city, country, date of birth, telephone number, mobile number, fax, payment method, period of stay, number of guests (adults and children), forename and surname of additional guests. Please, note that other information may also be requested.Newsletter
Visitors have the opportunity to subscribe to our newsletter. If you register, all personal data pursuant to the information letter or for the purpose of data processing in accordance with the internal process for administering contacts are processed.
In this section, the user may check room availability directly on the website by entering his search criteria. For this purpose the user must enter the following personal data:
In this section, the user can enter a binding booking via the website. For this purpose the user must enter the following personal data:
Visitors can send letters of application or reply to job offers via the Hotel Christof – Job offers, section. If you register, all your personal data pursuant to the information letter and for the purpose of data processing in accordance with the internal process for HR administration are processed.
Processing of personal data
Within the meaning of Article 28 of the Italian Legislative Decree of 30th June 2003 No. 196 (Data Protection Code) the Hotel Christof, a company under Italian law, with registered office in Monguelfo, Via Santa Maria, 10, registered under number 02213830215, is the rights holder of the administration and processing of all personal data, which may be collected via the aforesaid home page.
Personal data are processed solely within the meaning of the present data protection statement, by officers and employees of Hotel Christof who are expressly appointed as authorised agents for the purposes of date protection processing. The employees have been appropriately trained in this respect and work under the direct supervision and responsibility of the proprietor of the data protection processing.
The responsible officer for data processing is the current manager of IT security for the Hotel Christof. A current list of all data protection authorised agents may be requested by e-mail from the proprietor itself or from the data processing officer at email@example.com
Disclosure to third parties
In no circumstances are your personal data disclosed unless statutory provisions require that they be submitted to a judicial authority or other corporate bodies and institutes.
Hotel Christof does not intentionally collect sensitive or judicially relevant personal data via its website. Within the meaning of Article 4 Data Protection Code these are sensitive data on personal details concerning gender and ethnic origin, religious, philosophical or other views, political stance, membership of political parties, trade unions, associations or organisations with a religious, philosophical or trade union background, or information concerning health or sexual orientation. Within the meaning of Article 4 Data Protection Code judicially relevant data encompass those personal details, which may imply measures by virtue of Article 3 paragraph 1 letters a) to o) and r) to u) Decree of the President of the Republic No. 313 of 14th November 2002 entered on the Criminal Record, the Register of Administrative Penalties as a consequence of criminal offences and the procedures connected with this, or may imply status as an accused or suspected person within the meaning of Articles 60 and 61 Code of Criminal Procedure. We recommend that you do not enter such information on our website. Should this be essential (for instance in the case of assignment to protected groups of persons in the case of sending a curriculum vitae for the purpose of sending a job application, in reply to a offer of employment or in expressing interest in employment in our firm) we request that the specific declaration be sent by post. In this declaration please give your written permission for the treatment of the said personal and sensitive data.
Retention of the data
Information and personal data, which is collected on this website, including that which the visitor voluntarily submits, in order to receive informational material or other messages, by writing to the addresses given in the Contact section, are retained only for the period absolutely necessary to perform the required service. Once the service has been performed, all personal data are deleted on the basis of the data protection guidelines of the Hotel Christof, subject to conflicting governmental requirements or retention required by statute.
Exercise of existing rights
The person concerned has at any time the right in accordance with Article 7 Data Protection Code to receive confirmation regarding the existence or non-existence of personal data and to discover the content and origin of these data, to check their accuracy and completeness and to request that they be updated or corrected. Furthermore he is entitled to require that data, which have been used illegally, are deleted, anonymised or blocked and to oppose the use of the said data at any time for good cause. For these purposes the person concerned must contact the owner of the data processing system or the data security officer via the e-mail address firstname.lastname@example.org.
Hotel Christof protects personal data by means of internationally recognised security standards and by means of processes, which make
- unauthorised access
- unauthorised use and dissemination
- unauthorised modification
- loss and inadvertent or unlawful destruction impossible.
The website of the company, which is regulated by the present data protection statement, is not intended for the use of minors. We are aware of the necessity that data concerning minors must be protected, particularly in the online environment. Therefore, we do not collect and store – except on an accidental basis – any data from under-age visitors.
On our website you have the possibility to buy vouchers. To process your purchase and to save and store your data we use software provided by ADDITIVE s.n.c., 39011 Lana (BZ), Italy (“ADDITIVE”). Through the use of these services and systems your data will be processed and stored, at least in part, also outside of the EU or the EEC. The adequate level of data protection is based on an adequacy decision taken by the European Commission (“Privacy Shield”) or on data processing agreements.
The data you provide is required to fulfil the contract or to carry out pre-contractual measures. Without this data we cannot conclude a contract with you. The data will not be transferred to an outside third party, except for your credit card data which will be transferred to the payment provider and to our tax accountant to fulfil our tax obligations.
The data processing takes place in accordance with the requirements of art. 6 para. 1 lit a (consent) and/or lit b (processing necessary for the performance of a contract) of the GDPR.