Privacy and Cookies Policy

Your privacy is important to us. Therefore, we limit the data we ask for to only what is necessary to provide the requested service, while committing to protecting and safeguarding it. Below, we explain how we use and manage the personal data we collect through our website, ensuring maximum transparency and the opportunity for you to exercise your rights.

First of all, we believe it is necessary to explain how online bookings work. As you may already know, you can book directly with Hotel all’Arco, through our online portal, or via third-party websites such as Booking. This process necessitates a shared platform for recording all bookings (hereafter “Channel Manager”) to avoid multiple bookings. Here’s how it works:

When you book through third-party portals, your data is collected by that entity and automatically forwarded to our property and the company managing the “Channel Manager.” Therefore, you must refer to the privacy policies of all three parties involved.

When you book through our portal, you provide your data to the “Channel Manager,” which then informs us by email. You must refer to the privacy and cookies policy provided by the company managing the system, and the consent you provide refers to that document. For browsing our site, requests sent via dedicated forms, and future management of your data related to the requested service, please refer to this document.

Finally, if you contact our property directly, please note that we must register your data on the “Channel Manager” to coordinate bookings, and therefore, you must refer to this policy as well as that of the software company.

If you choose to book, you will receive complete information upon arrival regarding all treatments and involved parties, and we will ask for consent for any treatments you voluntarily request.

We also clarify the following:

– This policy is applicable only to our websites and not to third-party websites that may be accessed through links. When you open a link to third-party content, you are leaving our website, and the personal data you provide will no longer be governed by this Policy. For information on how third parties collect and handle your personal data, we invite you to review their privacy policy.

– This policy is inspired by Recommendation No. 2/2001, adopted by European data protection authorities, to identify minimum requirements for collecting personal data online, especially regarding how, when, and what information data controllers must provide to users when they access web pages.

Any changes to this policy will be immediately published on www.hotelallarco.com; if these changes impact you (for example, if we intend to process your personal data for purposes other than those communicated in the past), you will be informed of such changes before new activities commence.

To read the full privacy policy for guests regarding personal data processing under current data protection regulations, click here.

Who is the data controller and the other parties involved?

The data controller is Impresa Costruzioni Mari & Mazzaroli S.p.A., located at 34144 TRIESTE, Via San Marco n.48, TEL: +39 040 301570, FAX: +39 040 305077, website: www.hotelallarco.com, email: info@hotelallarco.com.

What personal data do we collect and why?

Through the website, we collect only the data you voluntarily provide in the contact form for availability verification. Additionally, these data are not stored in any online database but sent directly to the Hotel All’Arco’s email address.

To process your bookings and fulfill the requested service, as well as legal obligations, we will ask for the following data:

a. Full name, place, and date of birth of all guests for whom you are booking.

b. Country of origin for all guests.

c. Residential address, tax code, and VAT number for all guests.

d. Contact phone number and email address.

e. Credit card details.

f. Bank account details (only if a refund is necessary).

g. Document type and number, date, and place of issue.

Cookie

Cookies are small pieces of text (letters and/or numbers) that allow the web server to store information on your browser for use during the same visit to the site (session cookies) or later visits, even days after (persistent cookies). Cookies are stored by the browser on the specific device used (computer, tablet, smartphone) based on user preferences.

Our website uses:

– Session “Technical” cookies: These are necessary for the site’s proper functioning and last only for the duration of the session (they are deleted when the browser is closed).

– · Google Analytics cookies: These are third-party cookies used to collect data anonymously to monitor and improve the website’s performance (performance cookies). We do not use Google Analytics to monitor or collect personally identifiable information. We have anonymized the IP address and updated our agreement with Google to minimize data collection, making these cookies equivalent to technical cookies.

You can prevent the installation of cookies by modifying your browser settings. However, please note that this may prevent you from using certain features of this website.

How do we process your data?

Your personal data will be processed in accordance with the principles of legality, fairness, and transparency, both in paper and electronic form, and entered into the relevant databases that authorized personnel can access. The data processing operations include: collection, registration, organization, structuring, storage, consultation, modification, use, dissemination, communication, extraction, comparison, interconnection, limitation, deletion, and destruction of data. All data processing operations are performed to ensure data integrity, confidentiality, and availability. Third parties providing specific processing, administrative, or instrumental services may also be involved.

Your data will not be subject to automated processing or profiling.

How long do we retain your data?

We retain your data for as long as necessary to fulfill administrative, accounting, and tax obligations related to the established relationship and in compliance with legal requirements. Data not subject to mandatory retention, such as credit card details, will be deleted shortly after check-out.

With whom do we share your data?

To confirm your reservation and manage the requested service, as well as to comply with legal obligations, we may share your data as follows:

– If a refund is necessary, we will share your name, surname, and IBAN details with our financial institutions.

-To comply with legal obligations, we must share some of your data with the Municipality of Trieste, the Police Headquarters, and Istat.

-The “Channel Manager” company receives all bookings forwarded via any channel to avoid booking duplication. Thus, all the data you enter during booking will be shared with them.

– Your data is shared internally and externally with the domain manager, but not stored on online databases.

Additionally, we may have to share your data with supervisory bodies, judicial authorities, and other public entities that request it for legal purposes.

How do we protect and store your data?

Your personal data is stored in paper format and/or on computerized media located at Hotel all’Arco and our office. However, please note that if necessary, the data controller may move the servers outside the EU. In this case, the controller ensures that the transfer of data outside the EU will comply with applicable laws, including through the use of standard contractual clauses adopted by the European Commission.

We implement appropriate security procedures and limitations to prevent unauthorized access to the data and any misuse. Only authorized personnel can access personal data during their work.

What rights do you have regarding your data?

As the data subject, you have the following rights related to the processing of your personal data, which you can exercise by requesting them from the data controller or the responsible party (if appointed), via email or registered letter:

– File a complaint with the Data Protection Authority for exercising your rights or for any other issue regarding the processing of your personal data

– Request confirmation of whether your personal data exists, access to it, correction, deletion, limitation of processing, portability to another data controller (Articles 15, 16, 17, 18, 20, and 21 of EU Regulation 2016/679).

– Object to processing for legitimate reasons and withdraw consent at any time (where provided), without affecting the lawfulness of processing based on consent prior to withdrawal (Article 21 of EU Regulation 2016/679).

– Request not to be subject to automated decisions, including profiling, that produce legal effects or similarly affect you, unless such processing is necessary for contract execution or based on consent (Article 22 of EU Regulation 2016/679).

Mandatory or voluntary nature of data provision and consequences of failure to provide them

As stated, we ask only for the personal data necessary to manage your booking. While you may choose not to provide them, we may not be able to offer the requested service if you fail to do so. Therefore, there is no need for you to consent to the processing of personal data.