GDPR PRIVACY NOTICE pursuant to Articles 13 and 14 of EU Regulation 2016/679

Dear User,

We inform you that the processing of your personal data through this website will be carried out in compliance with current personal data protection legislation, based on principles of fairness, lawfulness, transparency, and data protection. In accordance with EU Regulation 2016/679, please find below the general information regarding the processing of your personal data collected when using the services of this website.

This notice applies solely to data provided when consulting or using the services offered by the website https://www.hoteltorreargentina.com/ and does not apply to other websites or social networks that the user may access through links on this site.

Data Controller
The Data Controller, pursuant to Article 4 of the GDPR, is: HOTEL DELLA TORRE ARGENTINA SRL Via Lucullo, 3 | 00187 - Rome, Italy in the person of its pro-tempore legal representative.

Data Protection Officer (DPO):
The DPO can be contacted at the following email address: hta.dpo@gmail.com

1) Data Processing Location
Data related to the web service will be processed at the web farm of the service provider. No data derived from the web service will be disclosed or disseminated. As a rule, user data will not be transferred outside the European Union. Should this become necessary, we ensure that the recipient, acting as Data Processor, complies with the GDPR provisions, including specific rules on the transfer of personal data to third countries, by ensuring transfers are based on an adequacy decision or on standard contractual clauses approved by the European Commission.

2) Types of Data Processed
These include personal data whose transmission is implicit in the use of Internet communication protocols. The IT systems and software procedures used to operate this website acquire such data automatically during their normal operation. This category includes IP addresses or domain names of the computers used, request timestamps, and other parameters relating to the user's operating system and IT environment.
Although not collected to be associated with identified users, by their nature these data could, through processing and association with third-party data, allow users to be identified.

3) Cookies
Cookies are small text files that websites visited by users send to their devices, where they are stored and retransmitted to the same sites upon subsequent visits. For further information, please refer to the [cookie policy].

4) Nature of Data Provision
For browsing data, the provision of certain personal data is mandatory to allow the Company to handle user communications and requests and to fulfill obligations (e.g., contractual obligations).
These mandatory data are marked with an asterisk [*]; failure to provide them will make it impossible for the Company to fulfill its obligations or the user's request.
Provision of other data not marked with an asterisk is optional and failure to provide such data will have no consequences. The provision of personal data for marketing purposes is optional and refusal will have no impact. Consent for marketing includes authorization to send communications through both automated and non-automated methods.

5) Purposes and Legal Basis for Processing
The user’s personal data will be processed either based on the Data Controller’s legitimate interest or on the user’s express consent. The Company may process personal data for the following purposes:

• Use of services and features available on the site (e.g., contact forms),
• Management of user requests and feedback,
• Marketing activities: with the user’s specific and optional consent, the Company may send promotional and/or commercial communications related to its services through traditional (e.g., mail, phone calls) or automated (e.g., email, social media, SMS) channels.

6) Data Retention
Personal data collected through browsing, including cookies (which the user may delete independently), will be stored for seven days and then automatically deleted. These data are not used for profiling or other tracking methods.
Longer retention may occur if requested by competent authorities for crime prevention or prosecution, or to assert or defend legal rights.

7) Data Disclosure and Sharing
Personal data are not generally disclosed and will only be shared with:

• All parties entitled by law or contract to access such data;
• Individuals and/or legal entities, public and/or private, when communication is necessary or functional for the above purposes, in compliance with legal and contractual obligations;
• Data Processors and authorized personnel within their job duties;
• External providers (e.g., couriers, shipping services);
• Counterparties, authorities, etc., during legal or administrative proceedings.
• All processing related to the website’s web services is carried out exclusively by Data Processors and authorized personnel.

8) Data Subject Rights
In accordance with Chapter III, Section I of the GDPR, the data subject may exercise the following rights:

• Access to their personal data,
• Rectification of inaccurate or outdated data,
• Restriction of processing to necessary data,
• Deletion of data (right to be forgotten), including where disclosed to third parties,
• Objection to processing for legitimate reasons,
• Withdrawal of consent,
• Right to data portability.

Personal data will not be processed for automated decision-making or profiling.

Complaints: The data subject may lodge a complaint with the Italian Data Protection Authority:
Garante per la protezione dei dati personali
Piazza di Monte Citorio n. 121, 00186 Rome (RM), Italy.
Exercise of the data subject’s rights is free of charge pursuant to Article 12 of the GDPR.