Privacy & Cookies Policy

Privacy e cookies policy

How to manage www.hotelgregoriana.it web site
PROCESSING PERSONAL DATA

The present information policy is provided in accordance with the European Regulation 679/2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data voluntarily disclosed by the users of our website.

The present policy doesn’t apply to the information gathered, now or in the future, through other media than this website or other websites that can be reached from the same throughout links, of which Hotel Gregoriana is in no way responsible for.

DATA CONTROLLER

The data controller responsible for your personal information for the purposes of the applicable European Union data protection law is Hotel Gregoriana, owned by Maria Novella Panier Bagat e c. snc – via Gregoriana n.18 00187 Rome, e-mail: dataprotection@hotelgregoriana.it

PLACE OF PROCESSING, USAGE PURPOSES AND HANDLING METHOD

The processing operations of data connected to the website takes place at the headquarters of Hotel Gregoriana and are only handled by technical staff of the Office in charge of processing, or by persons in charge of occasional maintenance operations.
No data derived from the web service is communicated to third parties or disseminated. The personal data provided by users who request dispatch of informative material are used only to perform the service or provision requested and are communicated to third parties only if this is necessary for that purpose.

DigiHotel – Smart way snc, which provides management services of the hotel website, makes available to the data controller personal data gathered from the website, in compliance with the European Regulation 679/2016.
The user’s Personal Data may be shared, for the purposes referred to in this policy, exclusively with people, companies or professional firms that provide assistance and advice in accounting, administrative, legal, tax, financial and credit recovery matters related to the disbursement of the Services; subjects delegated to perform technical maintenance activities; subjects, bodies or authorities to whom it is mandatory to communicate personal data in accordance with the provisions of law or orders of the authorities and persons authorized by Hotel Gregoriana to process Personal Data necessary to perform activities strictly related to the provision of the services.

TYPOLOGY OF DATA PROCESSED

Navigation data
The computer systems and software procedures used to operate this site acquire, in normal operation, some personal data that are then implicitly transmitted in the use of Internet communication protocols. This information is not collected to be associated with identified interested parties, but which by their very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes IP addresses or domain names of the computers used by users connecting to the site, the addresses in the Uniform Resource Identifier (URI) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (success, error, etc.) and other parameters relating to the operating system and the user’s computer environment. This data is used for the sole purpose of obtaining anonymous statistical information on the use of the site, to check its correct functioning and are deleted immediately after processing. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the site.

DATA PROVIDED VOLUNTARILY BY THE USER

The optional, explicit and voluntary sending of e-mails to the addresses indicated on this website entails the subsequent acquisition of the sender’s address, necessary to respond to the requests, as well as any other personal data included in the message.

SAFE RESERVATIONS

By making a reservation from OUR site you will be connected to a booking interface and booking engine provided by our booking management partner, GlobRes. Since we believe safety is a fundamental and primary factor for our online customers, we chose our partner, Booking Engine, with awareness and attention. Information sent to this site in an SSL session is encrypted and protected against disclosure to third parties. GlobRes is certified as compliant with the Payment Card Industry Data Security Standards (PCI DSS).

METHODS, DURATION OF DATA PROCESSING AND RETENTION

The processing of personal data takes place using manual, computer and telematic tools in compliance with the European Regulation. Hotel Gregoriana, in full respect of the Art. 5.1 e) of the GDPR, will process the data acquired through the website for the duration of the contractual relationships established and for execution of the services requested. These data will be kept only for the time necessary to achieve the purpose for which they were collected, subject to different requirements arising from legal obligations. Later, personal data will be deleted. Cookies managed by third parties, have the durations mentioned in the Cookie Policy.
By adopting suitable and preventive security measures, the personal data processed will be kept in such a way as to minimize the risk of destruction or loss, even accidental, of the data, unauthorized access or unauthorized or non-authorized processing. in accordance with the purpose of the collection.
The legal basis for processing personal data is the provision of a service or the reply to a request in favor of the interested party.

DATA TRANSFER

Your personal data will be processed by the Data Controller within the territory of the European Union.

If for technical, operational or marketing reasons it will be made necessary to resort to entities located outside the European Union or transfer part of the data collected to cloud technical systems and services located outside the European Union area, the processing will be regulated in accordance with the provisions of Chapter V of the Regulation and authorized on the basis of specific European Union decisions. All necessary precautions will therefore be taken to ensure the most complete protection of personal data by basing this transfer: a) on adequacy decisions of the third country recipients expressed by the European Commission; b) on appropriate guarantees expressed by the third party recipient pursuant to art. 46 of the Rules; c) on the adoption of binding corporate rules, so-called. Corporate binding rules.

RIGHTS OF THE INTERESTED PARTY

• The right of access, expressly provided for by art. 15 of Regulation 679/2016, i.e. the right to access all personal information concerning the user;
• The right of rectification, expressly provided for by art. 16 of Regulation 679/2016, i.e. the right to obtain an update of inaccurate personal data concerning the user;
• The right to be forgotten, expressly provided for by art. 17 of Regulation 679/2016, i.e. the right to cancel personal data concerning the user without unjustified delay;
• The right to limit processing of the assumed data provided for by art. 18 of Regulation 679/2016;
• The obligation to notify, provided for by art. 19 of Regulation 679/2016, the Data Controller communicates to each of the recipients to whom the personal data have been transmitted the eventual corrections or cancellations or limitations of the processing carried out in accordance with the articles. 16; 17; 18;
• The right to data portability, expressly provided for by art. 20 of Regulation 679/2016, i.e. the right to obtain, in an interoperable format, the user’s personal data and/or the right to have the personal data transmitted to another data controller without impediments by the data controller;
• The right to object at any time to processing of personal data concerning him or her, expressly provided by art. 21 of Regulation 679/2016;
• The right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her (Profiling), expressly provided by art. 22 of Regulation 679/2016;

In relation to the processing of personal data, the interested party may contact the Data Controller at dataprotection@hotelgregoriana.it, to assert your rights as provided by the Regulation: more specifically, they may request access, correction, updating, blocking, revoking consent in accordance with applicable rules, processing limitations, data portability and deletion of data.
Finally, we remind you that you have the right to lodge a complaint with the Supervisory Authority that can be contacted at the following address: garante@gpdp.it or through the website http://www.gpdp.it.

COOKIES POLICY

The website uses cookies and other technologies to guarantee the correct functioning of the procedures and to improve the use of the applications. Cookies are text files placed on a computer's hard drive. The function of cookies is to streamline the analysis of traffic on the web and / or to indicate when a particular site is visited and allow web applications to send information to individual users.

The Hotel uses:
• "Technical" cookies
Cookies functional to navigation that guarantee the safe and complete exploration of the site. Persistent cookies and session cookies are included in this category. In absence of such cookies, the site or some parts of it may not work properly. They are always used, regardless of user preferences. Cookies of this type are always sent from our domain. The duration of these cookies is strictly limited to the work session or make use of a longer time spent in order to remember the choices of the visitor. Deactivation of strictly necessary cookies may compromise the user experience and navigation on the website.
COOKIE NAME: has_js
SUPPLIER: hotelgregoriana.it
TYPE: HTTP
EXPIRY DATE: Session
• "Analytical" cookies
Cookies used to collect and analyze the traffic and use of a website anonymously. These are third-party cookies collected and managed anonymously to monitor and improve the performance of the host site (performance cookies). These cookies, even without identifying the user, allow to detect if the same user returns to connect at different times. They also allow you to monitor the system and improve its performance and usability. The deactivation of these cookies can be performed without any loss of functionality. For more information on the Google cookies policy, please refer to the link http://www.google.com/intl/it_ALL/analytics/learn/privacy.html

The user can selectively disable the action of Google Analytics by installing on his browser the opt-out component provided by Google. To disable the action of Google Analytics, please refer to the link below: https://tools.google.com/dlpage/gaoptout

COOKIE NAME: _ga
SUPPLIER: hotelgregoriana.it
TYPE: HTTP
EXPIRY DATE: 2 years
Register a unique ID used to generate statistical data on how the visitor uses the website. 
Source: https://www.google-analytics.com/analytics.js 
Data sent to: United States

COOKIE NAME: _gat
SUPPLIER: hotelgregoriana.it
TYPE: HTTP
EXPIRY DATE: Session 
Used by Google Analytics to limit frequency of requests 
Data sent to: United States

COOKIE NAME: _gid
SUPPLIER: hotelgregoriana.it
TYPE: HTTP
EXPIRY DATE: Session 
Register a unique ID used to generate statistical data on how the visitor uses the website. 
Source: https://www.google-analytics.com/analytics.js 
Data sent to:United States

COOKIE NAME: collect 
SUPPLIER: google-analytics.com
TYPE:  Pixel
EXPIRY DATE: Session 
Data sent to: United States 

• Third-party cookies relating to "social plugins":
By visiting a website both cookies both from the visited site ("owners"), and from sites managed by other organizations ("third parties") can be received. These are parts of the page visited generated directly by the aforementioned sites and integrated into the page of the host site. Commonly, social plugins are aimed at sharing content on social networks. The presence of these plugins implies the transmission of cookies to and from all sites managed by third parties. The management of information collected by "third parties" is disciplined by the relevant policies to which reference is made.

To ensure greater transparency and convenience, we report below several web addresses together with the respective privacy and cookies policies and how to manage cookies.
Trip Advisor: https://www.tripadvisor.it/CookiePolicy
Instagram: https://help.instagram.com/1896641480634370?ref=ig
Facebook: https://it-it.facebook.com/policies/cookies/
You Tube: https://policies.google.com/technologies/cookies?hl=it
Advertising cookies (remarketing, segmentation and targeting) of Google and Facebook
Cookies intended to provide the user with advertising spaces that can be installed by third parties. Some are used to recognize individual advertising messages and to know which ones have been seen and when, allowing to display, during the visit on other affiliated sites, banners and / or advertising related to certain products based on the browsing history of the user. Users are given a technical identifier but under no circumstances personal identifying data, such as the user's name or address, are collected.

Other advertising cookies are used to hypothesize a "profile" of the user's navigation, in order to propose advertising messages in line with his behavior and interests. This "profile" is anonymous and information collected through these cookies does not allow us to trace the identity of the user.

In particular, we report the use of "Google Analytics" and "Facebook Ads", including the so-called "Advertising function".

This is a web analytics service provided by Google and Facebook that uses analytical cookies that installed on the user's computer to perform statistical analysis in aggregate form on the use of the website visited, as well as to allow visitors to profile the sites. (identified by "detection cookies") based on information contained in their "advertising cookies", which relates to three categories: age group, gender, marketing segments.

COOKIE NAME: CM
SUPPLIER: tripadvisor.com
TYPE: HTTP 
EXPIRY DATE: 10 years
Used to view Tripadvisor’s integrated content, including commissions’ payment and user tracking of different websites
Data sent to: United States (adeguate)

COOKIE NAME: PMC 
SUPPLIER: tripadvisor.com
TYPE: HTTP 
EXPIRY DATE: 2 years
Data sent to: United States (adeguate)

COOKIE NAME: ServerPool
SUPPLIER: tripadvisor.com
TYPE: HTTP 
EXPIRY DATE: Session
Used to view Tripadvisor’s integrated content, including commissions’ payment and user tracking of different websites
Data sent to: United States (adeguate)

COOKIE NAME: TACds
SUPPLIER: tripadvisor.com
TYPE: HTTP 
EXPIRY DATE: 2 months
Used to view Tripadvisor’s integrated content, including commissions’ payment and user tracking of different websites
Data sent to: United States (adeguate)

COOKIE NAME: TART 
SUPPLIER: tripadvisor.com
TYPE: HTTP 
EXPIRY DATE: 4 days
Data sent to: United States (adeguate)

COOKIE NAME: TASession
SUPPLIER: tripadvisor.com
TYPE: HTTP 
EXPIRY DATE: Session
Used to view Tripadvisor’s integrated content, including commissions’ payment and user tracking of different websites
Data sent to: United States (adeguate)

COOKIE NAME: TASSK
SUPPLIER: tripadvisor.com
TYPE: HTTP 
EXPIRY DATE: 179 days
Data sent to: United States (adeguate)

COOKIE NAME: TATravelInfo
SUPPLIER: tripadvisor.com
TYPE: HTTP 
EXPIRY DATE: 13 days
Used to view Tripadvisor’s integrated content, including commissions’ payment and user tracking of different websites
Data sent to: United States (adeguate)

COOKIE NAME: TAUD 
SUPPLIER: tripadvisor.com
TYPE: HTTP 
EXPIRY DATE: 13 days
Data sent to: United States (adeguate)

COOKIE NAME: TAUnique
SUPPLIER: tripadvisor.com
TYPE: HTTP 
EXPIRY DATE: 2 years
Used to view Tripadvisor’s integrated content, including commissions’ payment and user tracking of different websites
Data sent to: United States (adeguate)

More information about the Google service on the web page https://www.google.com/analytics/learn/privacy.html?hl=it 
More information about the TripAdvisor service on the web page https://tripadvisor.mediaroom.com/IT-privacy-policy
More information about the Facebook service on the web page https://it-it.facebook.com/privacy/explanation
On the web page http://www.google.com/intl/it/policies/privacy/, the Google Privacy Policy that regulates the processing of personal data of users who use Google products and services. To consult the privacy policy of Google Inc., the independent holder of the processing of data relating to the Google Analytics service, see the following link: http://www.google.com/intl/it/analytics/privacyoverview.html The list of cookies used by Google Analytics is available at the following address: https://developers.google.com/analytics/devguides/collection/analyticsjs...).

The user can decide whether or not to accept cookies using the settings of their browser.

TOTAL OR PARTIAL DISABLEMENT OF COOKIES
The total or partial disablement of technical cookies can compromise the use of the site features reserved for registered users. Public content is displayed also when cookies are completely disabled. Disabling "third parties" cookies or profiling does not affect the navigability of the site. The setting can be specifically defined for different websites and web applications. The best browsers allow you to define different settings for "proprietary" cookies and for those of "third parties". Below we report how to disable cookies through some browsers.
Google Chrome
1. Select Chrome icon in the menu.
2. Select Settings.
3. At the bottom of the page, select Show advanced settings.
4. In the "Privacy" section, select Content settings.
5. Select Prevent sites from setting data.
6. Select Fine.
Safari
1. Go to the Safari menu (icon at the top right of the browser) and select Preferences.
2. In the pop-up window that opens, select the Security icon (lock icon).
3. Under "Accept cookies", select the "Never" button.
Firefox
1. Click the menu button and select Options.
2. Select the Privacy panel.
3. Under History settings: select use custom settings.
4. To activate cookies, mark Accept cookies from sites; to turn them off, remove the mark from the item.
Explorer
1. Go to the Explorer menu and click on the Settings button and then on Advanced Options.
2. Click the Cookies tab to move the slider up to block all cookies or down to allow them all, and then click OK.
OPTIONALITY OF DATA SUPPLY
Besides what specified above concerning the navigation data, the user is free to provide personal data to request the services offered by the company. Failure to provide such data may make it impossible to supply the requested service.