Privacy policy
Guest Registration
We invite you to provide a photo of your identity documents and to complete the details of all guests.
The transmission of guest data to the Public Security Authorities is a legal obligation of the property owner.
Information on the processing of personal data
Dear Guest,
we wish to inform you that EU Regulation 679/2016 (“Personal Data Protection Code” – GDPR) provides for the protection of individuals and other subjects with regard to the processing of personal data.
According to the aforementioned regulation, such processing shall be based on the principles of fairness, lawfulness, and transparency, and on the protection of your privacy and your rights.
Pursuant to EU Regulation 679/2016 (GDPR), we therefore provide you with the following information:
The data you provide will be processed for the purpose of fulfilling the obligations related to the communication of guest data to the Public Security Authorities (ref. paragraphs 1 and 2, art. 109 T.U.L.P.S. – arts. 1 and 2 Ministerial Decree 07/01/2013), to regional authorities for statistical purposes, and for the necessary administrative operations related to the booking.
The processing will be carried out using computerized methods.
The provision of data is mandatory, since the communication of guests’ identification details to the Public Security Authorities and the collection of regional statistical data are mandatory obligations of the host; in the absence thereof, it is not possible to allow the stay at the tourist accommodation.
The data will be communicated exclusively to the subjects necessary for such fulfillment, including third-party service providers who will handle, on our behalf, the collection and temporary storage of the data.
The Data Controller is: 2A Holidays di Anna Mattarelli – Via Martiri della Liberazione, 27 – Dervio (LC); the Data Processor is: Anna Mattarelli – E-mail: [email protected]
At any time, you may exercise your rights with respect to the Data Controller, pursuant to EU Regulation 679/2016.
The data provided will be retained for the minimum time necessary to carry out the stated purposes and will then be deleted. In particular, the data collected through the “KrossBooking” service, managed by Solutions Plus s.r.l. on behalf of the aforementioned Data Controller, are retained until the tenth day after the guest’s check-in date for transmission to the Data Controller itself and, upon its mandate, to the Public Security Authorities, and subsequently retained in reduced form (first name, last name, nationality, date of birth) until the tenth day after the check-in date for transmission to regional statistical authorities; thereafter, they will be permanently deleted from all media.
– Right of access to personal data and other rights –
The data subject has the right to obtain confirmation of the existence or non-existence of personal data concerning them, even if not yet recorded, and to receive such data in an intelligible form.
The data subject has the right to obtain information regarding:
a) the origin of the personal data;
b) the purposes and methods of processing;
c) the logic applied in the case of processing carried out with the aid of electronic tools;
d) the identification details of the Data Controller, the Data Processors, and the representative designated pursuant to Article 5, paragraph 2;
e) the subjects or categories of subjects to whom the personal data may be communicated or who may become aware of them as designated representatives within the territory of the State, processors, or persons in charge.
The data subject has the right to obtain:
a) the updating, rectification, or, where relevant, integration of the data;
b) the deletion, transformation into anonymous form, or blocking of data processed unlawfully, including data whose retention is not necessary in relation to the purposes for which the data were collected or subsequently processed;
c) certification that the operations referred to in points a) and b) have been brought to the attention, also as regards their content, of those to whom the data have been communicated or disclosed, except where such fulfillment proves impossible or involves a manifestly disproportionate effort with respect to the protected right.
The data subject has the right to object, in whole or in part:
a) on legitimate grounds, to the processing of personal data concerning them, even if relevant to the purpose of collection;
b) to the processing of personal data concerning them for the purpose of sending advertising material, direct sales, market research, or commercial communication.
We invite you to provide a photo of your identity documents and to complete the details of all guests.
The transmission of guest data to the Public Security Authorities is a legal obligation of the property owner.
Information on the processing of personal data
Dear Guest,
we wish to inform you that EU Regulation 679/2016 (“Personal Data Protection Code” – GDPR) provides for the protection of individuals and other subjects with regard to the processing of personal data.
According to the aforementioned regulation, such processing shall be based on the principles of fairness, lawfulness, and transparency, and on the protection of your privacy and your rights.
Pursuant to EU Regulation 679/2016 (GDPR), we therefore provide you with the following information:
The data you provide will be processed for the purpose of fulfilling the obligations related to the communication of guest data to the Public Security Authorities (ref. paragraphs 1 and 2, art. 109 T.U.L.P.S. – arts. 1 and 2 Ministerial Decree 07/01/2013), to regional authorities for statistical purposes, and for the necessary administrative operations related to the booking.
The processing will be carried out using computerized methods.
The provision of data is mandatory, since the communication of guests’ identification details to the Public Security Authorities and the collection of regional statistical data are mandatory obligations of the host; in the absence thereof, it is not possible to allow the stay at the tourist accommodation.
The data will be communicated exclusively to the subjects necessary for such fulfillment, including third-party service providers who will handle, on our behalf, the collection and temporary storage of the data.
The Data Controller is: 2A Holidays di Anna Mattarelli – Via Martiri della Liberazione, 27 – Dervio (LC); the Data Processor is: Anna Mattarelli – E-mail: [email protected]
At any time, you may exercise your rights with respect to the Data Controller, pursuant to EU Regulation 679/2016.
The data provided will be retained for the minimum time necessary to carry out the stated purposes and will then be deleted. In particular, the data collected through the “KrossBooking” service, managed by Solutions Plus s.r.l. on behalf of the aforementioned Data Controller, are retained until the tenth day after the guest’s check-in date for transmission to the Data Controller itself and, upon its mandate, to the Public Security Authorities, and subsequently retained in reduced form (first name, last name, nationality, date of birth) until the tenth day after the check-in date for transmission to regional statistical authorities; thereafter, they will be permanently deleted from all media.
– Right of access to personal data and other rights –
The data subject has the right to obtain confirmation of the existence or non-existence of personal data concerning them, even if not yet recorded, and to receive such data in an intelligible form.
The data subject has the right to obtain information regarding:
a) the origin of the personal data;
b) the purposes and methods of processing;
c) the logic applied in the case of processing carried out with the aid of electronic tools;
d) the identification details of the Data Controller, the Data Processors, and the representative designated pursuant to Article 5, paragraph 2;
e) the subjects or categories of subjects to whom the personal data may be communicated or who may become aware of them as designated representatives within the territory of the State, processors, or persons in charge.
The data subject has the right to obtain:
a) the updating, rectification, or, where relevant, integration of the data;
b) the deletion, transformation into anonymous form, or blocking of data processed unlawfully, including data whose retention is not necessary in relation to the purposes for which the data were collected or subsequently processed;
c) certification that the operations referred to in points a) and b) have been brought to the attention, also as regards their content, of those to whom the data have been communicated or disclosed, except where such fulfillment proves impossible or involves a manifestly disproportionate effort with respect to the protected right.
The data subject has the right to object, in whole or in part:
a) on legitimate grounds, to the processing of personal data concerning them, even if relevant to the purpose of collection;
b) to the processing of personal data concerning them for the purpose of sending advertising material, direct sales, market research, or commercial communication.