1. Legal Information for The Code Hotel
Address for the Hotel: Via Sistina 79
Company Name: Downtown srl
Registered Company Address: Via Sambuca Pistoiese 65, 00138, Rome, (Italy)
VAT Number: 12900071007
Contact Phone No. / Email Address: +39 0681157521 firstname.lastname@example.org
Data Protection contact details: email@example.com
Legal Information for the Hosting Company:
Name of Hosting Company: Automatic Netware Limited, trading as Bookassist
Company Number: IE312796
Registered Address: 35 Fitzwilliam Place, Dublin 2, Ireland
Contact Phone No. / Email Address: +353 1 676 2913 / firstname.lastname@example.org
The privacy and confidentiality of user information is important. We are committed to maintaining the privacy and security of your user information. We may update this policy from time to time, so please check here frequently. The Hotel will not disclose identifiable user information to any third party without consent.
Data subject: Navigatori del portale www.thecodehotelrome.com..
Downtown S.r.l. with operational headquarters in Via Sistina n.79 - Rome and registered office in via Sambuca Pistoiese n. 65 - Rome, as Data Controller in relation to the processing of your personal data pursuant to (EU) Reg. 2016/679 (hereinafter 'GDPR')We inform you that the aforementioned regulation protects data subjects in relation to the processing of their personal data and that such processing will take place in a fair, lawful and transparent manner, protecting your privacy and your rights.
Your personal data will be processed in accordance with the terms of the above legal provisions and the confidentiality obligations contained therein.
During the indicated processing, the Controller may operate on common categories of personal data and in detail: personal data such as IP address and other common data managed in advertising cookies, personal data such as IP address and other common data managed in statistical cookies (performance cookies), personal data such as IP address and other common data managed in strictly necessary cookies.
Purposes and legal base of the processing: your data will be processed for the following purposes necessary to comply with contractual or pre-contractual obligations:
- management of cookies required for the portal;
- providing and managing booking services.
Further to your consent, your personal data may be used for the following purposes:
- management of non-technical marketing cookies for the portal;
- management of non-technical statistical cookies for the portal.
Your contribution of data is optional with regard to the abovementioned purpose, and any refusal of consent will not affect the continuation of the relationship or the congruency of the processing.
Processing procedures. Your personal data may be processed by the following ways:
- using electronic calculators running softwares managed by third parties;
- Using electronic calculators running self-managed softwares or directly engineered.
All data are processed in compliance with the procedures specified in articles 6 and 32 of the GDPR and with the adoption of the appropriate security measures required.
Your data will only be processed by persons specifically authorised by the Data Controller, and specifically by the following categories of authorized persons:
- internal operators to manage the web portal;
- Marketing office.
Disclosure. Your data may be disclosed to external entities for the correct management of the relationship and specifically for the following categories of Recipients, including all the duly designated Data Processors:
Protection of credit card acquisition data for payment management:
Please note that the payment management page managed by Bookassist is protected by Secure Sockets Layer (SSL) encryption technology. This SSL system encrypts your name, your credit card number and expiration date making every purchase made safe, ensuring the security of your credit card data.
In addition, credit card usage is verified directly through a secure real-time connection with the banking system at the time of debiting. This ensures that cards subject to malicious acts (thefts) cannot be used and that fraudulent transactions are minimised to the benefit of the consumer and the hotel.
- Bookassist booking service provider for exclusive booking purposes. In any case, the site administrator ensures the adoption of scrupulous procedures to protect browsing data and the use of special care to protect the credit card data provided during online bookings. PLEASE NOTE: The payment page managed by Bookassist is protected by Secure Sockets Layer (SSL) encryption technology. This SSL system encrypts your name, your credit card number and expiration date making every purchase made safe, ensuring the security of your credit card data. In addition, credit card usage is verified directly through a secure real-time connection with the banking system at the time of debiting. This ensures that cards subject to malicious acts (thefts) cannot be used and that fraudulent transactions are minimised to the benefit of the consumer and the hotel.;
- web service provider for the management and maintenance of the platform.
Communications to Third Parties: Your data may be communicated to external parties for the proper management of the relationship and in particular to the following categories of recipients identified as Third Parties:
- Google - https://policies.google.com/privacy?hl=en;
- Google reCAPTCHA - https://privacy.google.com/take-control.html.
Distribution: Your personal data will not be distributed in any way.
Data Storage Period. In accordance with the principles of lawfulness, limitation of purpose and minimisation of data, pursuant to art. 5 of the GDPR, the data storage period for your personal data is:
- 0.02 giorni: CloudFlare;
- 1 giorni: Google Analytics,;
- 24855.14 giorni: Bookassist;
- 390 giorni: DoubleClick/Google Marketing;
- 730 giorni: Bookassist, Google Analytics,;
- Permanente: Bookassist, Google;
- Sessione: Google Analytics, Google, Bookassist,.
Since each browser - and often different versions of the same browser - also differ significantly from each other if you prefer to act independently through the preferences of your browser, you can find detailed information about the procedure required in the guide of your browser. For an overview of the most common browsing modes, please visit www.cookiepedia.co.uk.
Advertising companies also allow you to opt out of receiving targeted ads, if desired. This does not prevent the setting of cookies, but interrupts the use and collection of some data by these companies.
For more information and cancellation options, visit www.youronlinechoices.eu/.
Data Controller: the Data Controller, as defined by the Law,is Downtown S.r.l. with registered office in (VIA SAMBUCA PISTOIESE 65 , 00138 Roma (ROMA), VAT no. 12900071007) in the person of its current legal representative and with its operational headquarters in Via Sistina n. 79 - Rome, contactable at the following e-mail address: email@example.com
The Data Protection Officer (DPO) designated by the data controller pursuant to art.37 of the GDPR is:
U.C.GROUP s.r.l with registered office in Via Lima 7, 00141 Roma, P. iva 11316521001, and can be contacted at the following e-mail address: dpo@uc- group.it
You are entitled, by application to the Data Controller, to obtain the erasure (right to be forgotten), restriction, updating, rectification and portability of your personal data, to object to their processing, and in general to exercise all your rights under articles 15, 16, 17, 18, 19, 20, 21 and 22 of the GDPR.
Regulation (EU) 2016/679: Articles 15, 16, 17, 18, 19, 20, 21, 22 - Rights of the Data Subject
- The data subject has the right to obtain confirmation as to whether or not personal data concerning him or her exist, regardless of their being already recorded, and disclosure of such data in intelligible form, and the right to lodge a complaint with the supervisory authority.
2. The data subject has the right to be informed of:
- the source of the personal data;
- the purposes and methods of processing;
- the logic applied i fthe data are processed by electronic devices;
- the identification data concerning the Data Controller, the Data Processors and the representative designated as per article 5, comma 2;
- the entities or categories of entity to whom or which the personal data may be disclosed and who or which may get to know said dataas designated representative in the State's territory, as data processors or as persons in charge of the processing.
3. The data subject is entitled to obtain:
- the updating, rectificationor, where interested therein, integration of the data;
- the erasure, anonymisation or blocking of data that have been unlawfully processed, including data whose retention is not necessary for the purposes for which they were collected or subsequently processed;
- certification to the effect that the operations as per letters a) and b) have been notified, as also related to their contents, to the entities to whom or which the data were disclosed or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared to the right that is to be protected;
- the portability of the data.
4. The data subject has the right to object, in whole or in part:
- on legitimate grounds, to the processing of personal data concerning himher, even though they are relevant to the purpose of the collection;
- to the processing of personal data concerning himher, where it is carried out for the purpose of sending advertising materials or direct selling or else for the performance of market or commercial communication surveys.