Information pursuant to EU Regulation 2016/679 on the protection of personal data (“GDPR”)
With this document (“Information”) I intend to provide you with information regarding the processing of information, as specified below, which will be provided by you or otherwise available at my office. The Information, in particular, is provided pursuant to EU Regulation no. 679/2016 (“GDPR”) and subsequent national compliance regulations (together with the GDPR hereinafter “Applicable Regulations”).
Identity and contact details of the Data Controller, in practice who they are.
The Data Controller, i.e. the legal person that determines the purposes and means of processing personal data is Laura Patara, with registered office in Via Monte Bianco, 93 –01100 Viterbo, email: consulenze@laurapatara.it– my website is https://romeandyou.com (hereinafter “Data Controller”).
Contact details of the Data Protection Officer (so-called “DPO-DPO”)
The Data Controller, that is, I do not carry out activities that provide for the designation of the figure of the Data Protection Officer.
Purpose and legal basis of the processing
The Personal Data collected will be processed for the purposes of managing your contractual relationship or to implement pre-contractual measures (such as, for example, the request for information or that of a quote). In this case, you are free to provide your Personal Data, including particular ones; However, failure to provide it will not allow you to establish the aforementioned relationship and satisfy your request.
What personal data I collect and why I collect it
• Comments. When visitors leave comments on the site, I collect the data shown in the comments form and also the visitor’s IP address and browser user agent string to help spam detection. An anonymized string created from your email address (also called a hash) can be provided to the Gravatar service to see if you are using it. The privacy policy of the Gravatar service is available here: https://automattic.com/privacy/. After your comment is approved, your profile picture is visible to the public in the context of your comment.
.Media. If you upload images to the website, you should avoid uploading images that include embedded location data (EXIF GPS). Website visitors can download and extract any location data from images on the website.
• Contact form. In order for you to contact me, I use a form where I ask you to enter your name, email and message. I use this data to respond to you, whether it’s comments or e-mail responses. This data remains in the archive of my webmail (provided by Roundcube). In case of comments, in the database of my site, provided by Xlogic and in backups.
.Reviews. I ask for customers reviews in accordance third-part service. Third-part service providers who provide services or functions on my behalf, including payment processing, customer service., and review service.Third-party service providers have access to and may collect information only as needed to perform their functions and are not permitted to share or use the information for any other purpose
• Newsletter. Every 15 days or so I write a newsletter to those who have subscribed to my Mailing List. In the news:
• Projects I have in progress and any results
• Reflections on topics such as Content Marketing, Email Marketing or Social Media MarketingIf you want to subscribe, you can use the form published on the Contact me page and ask for registration, otherwise, you can directly use the “Subscribe to the newsletter” form that you find in the footer of the site or in my posts. I manage the newsletter with Mailchimp, your e-mail address is stored on its server located in the USA, by clicking on the link you can take note of how they comply with the GDPR requests.
• Add-on-Really Simple SSL and Really Simple SSL add-ons do not process any personally identifiable information, so the GDPR does not apply to these plugins or the use of these plugins on your website. You can read our privacy policy here.-Facebook pixel and Facebook pixel add-ons do not process any personally identifiable information, so the GDPR does not apply to these plugins or the use of these plugins on your website. You can read our privacy policy here.-Google Analytics and Google add-ons do not process any personally identifiable information, so the GDPR does not apply to these plugins or the use of these plugins on your website. You can read our privacy policy here
Type of data processed pursuant to Article 13
Within the limits of the purposes and methods described in this Policy, information that can be considered as “Personal Data”, which includes your personal details, may be processed. The data processed by me will be those you have provided me when subscribing to the newsletter or to request a quote and in particular, e-mail name, telephone number …
Recipients and categories of recipients
Personal data will not be disseminated, or will not be disclosed to indeterminate subjects. Instead, they may be communicated to well-defined subjects, in full compliance with the provisions of the law, for purposes strictly related to those previously indicated. Any access to your personal data is limited to me, Laura Patara as the data controller. The communication to the identified recipients, only if involved and functional, is linked to the achievement of the purposes referred to in point 3 above, therefore the personal data collected and processed may be:
• used anonymously for statistical purposes;
• made available to the collaborators of the Data Controller, as Managers or persons authorized to process personal data;
• communicated to third parties, physical or legal, Public administrations, professionals, law enforcement agencies, government bodies, regulatory bodies, courts or other public authorities authorized by law;communicated to commercial partners, only in case of prior and express consent;
• if necessary, transferred to another Data Controller in accordance with the provisions of the GDPR, also with regard to the right to data portability
• The information may, moreover, be communicated whenever the communication may be necessary to fulfill requests from the Judicial Authority or Public Security. The data collected will not be disseminated under any circumstances. Transfer of data abroadData will not be transferred outside the European Union.
Data retention period (determination criteria)
If you leave a commentor a review the metadata are retained indefinitely. This is how I can automatically recognize and approve any follow-up comments instead of keeping them in a moderation queue. For users who register on the website (if any), I also store the personal information they provide in their user profile. All users can see, edit or delete their personal information at any time (except their username which they cannot change). As a website administrator I can also see and edit requested information. Here are the indications of the storage times, i.e. the criteria for determining your personal data:
Purpose
• point 3, lett. a) contract management. Storage period : for the entire duration of the relationship and thereafter for 2 years (ordinary prescription).
• point 3, letter b) marketing purposes. Storage time: 2 years from collection, without prejudice to the possibility for you to modify and / or revoke your will at any time, so the principle of “accountability” of the GDPR is applied.
• Newsletter: to take advantage of my newsletter. To stop receiving the newsletter, click on the “UNSUBSCRIBE” button at the bottom of each newsletter. Storage time: your personal data after cancellation from the service is deleted from the database.
Methods and scope of processing:The processing will take place through the paper and digital collection of your personal data and the subsequent entry of the same using manual, computerized or telematic tools, suitable to guarantee its security and confidentiality. Your personal data will be processed exclusively by me, as the data controller. In addition to the cases in which it is necessary to contact you for needs related to the management of your position, where you consent to the processing of your data for the purposes referred to in point 3, letter b), you may be contacted by e-mail, newsletter, text message, or through any equivalent electronic tool or by paper mail or call to all the addresses provided. If you prefer to be contacted only at one or some of these addresses, you can make an express request by email addressed to info@romeandyou.com
.Reviews: to take advantage of your experience.Your personal data will be processed by me, as the data controller, and by Tripadvisor as data collector.
• Business partners with whom we may offer products or services in conjunction. If you choose to access these optional services, we may share information about you, including your personal data, with those partners. Please note that we do not control the privacy practices of these third-party business partners.
Rights of the interested party
At any time, you can exercise the following rights:• right of access to personal data and know the origin, purposes and purposes of the processing, the data of the subjects to whom they are communicated, the data retention period or the criteria useful for determining it.
• right to obtain the correction or cancellation of the same or the limitation of the processing that concerns you;
• right to data portability, where provided for to the extent technically possible. That is, the right to receive information concerning you in a structured format or to transmit information concerning you to you or to a third party indicated by you. The so-called “portability” of information concerning you and those that have been voluntarily provided by you;
• right to withdraw consent, the withdrawal of consent does not affect the lawfulness of the processing based on the consent given before the revocation;
• right to lodge a complaint with the supervisory authority (Privacy Guarantor). You also have the right to object to the processing of your Personal Data, including profiling. The aforementioned rights may be exercised by written request addressed without formalities to the Data Controller to the contacts indicated in point 1.Il Data Controller must do so without delay and, in any case, at the latest within one month of receipt of the request. The deadline may be extended by two months, if necessary, taking into account the complexity and number of requests received by the Data Controller. In such cases, within one month of receipt of your request, the Data Controller will inform you and inform you of the reasons for the extension. I remind you that, where the response to your requests has not been satisfactory in your opinion, you can contact and lodge a complaint with the Guarantor Authority for the Protection of Personal Data in the manner provided for by the Applicable RegulationsThe exercise of your rights may take place by sending a request by email to the address: info@romeandyou.com
External links
This website may include links to third party websites, plug-ins and applications. If you access other websites from the links provided on this website, the operators of those websites may collect or share information about you. This information will be used by them in accordance with their privacy policy, which may differ from our Privacy Policy. I do not control these third-party websites and recommend that you examine the privacy statements posted on those other websites to understand their procedures for collecting, using and disclosing personal data.
International transfer
Your personal data may be stored or transferred to countries outside the European Economic Area for the purposes described in this Privacy Policy. When I store or transfer your personal data outside the European Economic Area, I take the following precautions to ensure that your personal data is properly protected.
Whenever I store or transfer your personal data outside the European Economic Area, I will do so in accordance with applicable law and we will ensure a similar degree of protection is afforded to it by implementing appropriate safeguards. Transfers of personal data are made:
• to a country recognised by the European Commission as providing an adequate level of protection; or to a country which does not offer adequate protection but whose transfer has been governed by the standard contractual clauses of the European Commission or by implementing other appropriate cross-border transfer solutions to provide adequate protection.
By using my services, you understand that your personal data may be transferred to my facilities and those third parties with whom I share it as described in this Privacy Policy.
How contact me
To exercise your other rights you can file a request by e-mailing info@romeandyou.com. You may also have the right to lodge a complaint to the supervisory authority about the way I process your personal data. I would appreciate the chance to address your concerns before you approach the supervisory authority, so please contact me in the first instance:
Adress: Laura Patara via Monte Bianco,93 01100 Viterbo Italy mail info@romeandyou.com