Privacy and conditions
Registered office: Via Pietrasanta 12, 20141 Milan
Offices: Via Pietrasanta 12, 20141 Milan
Phone +39 02 02 83451699, +39 02 55004219
Company with sole shareholder
VAT number 10897350152
tax code 08792410154
Cap. Soc. €10,400.00 i.v
Registered in the Milan Business Register under no. 08792410154 – R.E.A. no. 1418960
INFORMATION ON THE PROCESSING OF PERSONAL DATA
(Art. 13-14 EU Reg. 2016/679 and Art. 13 Legislative Decree 196/2003)
Domina S.r.l. intends to use clarity and transparency in informing users about the personal data that will be collected and about the purposes and methods of using this information. Domina S.r.l. is committed to protecting user privacy.
Personal data is collected and processed with the support of paper, computerized, telematic and electronic means, in compliance with Italian and EU laws on the protection of personal data.
1. DATA CONTROLLER
Domina S.r.l. is a joint-stock company with sole shareholder, with registered office in Via Pietrasanta 12, 20141 Milan, tax code and company register number 08792410154, REA 1418960. Website: www.domina.it; email: firstname.lastname@example.org
Domina S.r.l. is the Data Controller (hereinafter also the “Owner”) of the user’s personal data (hereinafter the “Data Subject”).
2. PERSONAL DATA SUBJECT OF THE TREATMENT AND SOURCE OF ORIGIN
Personal data is information that makes it possible to make the interested party identified or identifiable (for example: name, an identification number, location data, an online identifier or one or more characteristic elements of his identity).
We receive data from the interested party when he requests information from us via our website or via email, letter, telephone or through social media, fills out coupons, expresses interest in entering into a contractual relationship or receiving one of our services, participate in our events, etc. . We also receive the personal data of the interested party from our commercial partner Domina Vip Travel S.r.l. and from Domina hotels.
Depending on the case and the services requested from us and that we offer, we may in particular collect the following categories of information:
1. Name and surname, age/date of birth, fiscal code, marital status, address, city and country of residence, e-mail address, telephone number, profession, passport data, identity card, domicile, credit card /debit and electronic payment systems, bank account details (Iban) and other payment and billing details;
2. Data that emerge from communications that are sent to us or exchanged with us by letter, e-mail, telephone, social media and our website.
Data concerning the health of the interested party are considered sensitive personal data. These data, like all those that the law defines as particular and sensitive (art. 9 paragraph 1 EU Reg. 2016/679 and art. 4 paragraph 1 letter d) Legislative Decree 196/2003) do not come from us treated, except for the case in which the interested party expressly communicates them to us and asks us to use such data by providing consent to the treatment. Such data will never be subject to automatic decision-making processes or profiling, and will in any case be processed for the sole purpose of providing a better service to the interested party (for example: information and services to help people with food allergies, information about the structures suitable for accommodating disabled people and communications pertinent to the same structures, etc.).
3. FOR WHICH PURPOSES WE USE PERSONAL DATA AND WHAT IS THE LEGAL BASIS OF THE TREATMENT
Depending on the cases and the services that are requested and that we offer, the data of the interested party can be used for the following purposes:
1a) Provide the interested party with the services requested by the latter;
2b) Contact the interested party to provide him with information about the services requested (for example: programs, dates and times, and anything else necessary or useful) and in the event of modifications to services or cancellations;
3c) Receive payments made by the interested party in relation to the services requested. We use the information provided by the interested party concerning credit/debit card data, current account and other payment data to receive payments and any deposits, carry out accounting, billing and insurance reports;
4d) Fulfill accounting-financial, administrative, legal and tax obligations and for communications to the competent Authorities;
5e) Provide information about our activities to the interested party where the latter requests us through our website, email addresses and telephone numbers, and therefore in response to a request from the interested party;
6f) Communications from Domina S.r.l. and its commercial partner Domina Vip Travel S.r.l. and Domina Hotels for informational and promotional purposes of the activities, events and services offered: we use some data of the interested party (name, surname, email and telephone contact details, date of birth, city or region of residence, hobbies and data relating to contracts signed with the owner) to provide information on the activities carried out by the organization , to offer our services and to promote them through newsletters, emails or paper or telephone communications.
The consent of the interested party is not required for processing for the purposes referred to in letters a), b), c), d), as and to the extent that such processing represents a necessary requirement for the execution of the contractual relationship or pre-contractual measures adopted at the request of the same. In this case, the communication of data is mandatory as failure to provide it makes it impossible to establish and execute the contractual relationship. The interested party is hereby informed that, once the contract has been categorized based on the amount invested by the user, automated or partially automated decision-making processes could be used with the aim of identifying and therefore providing the related services. The use of automated decision-making processes is also a necessary requirement for the conclusion and execution of the contract. Otherwise, the contract cannot be concluded. In any case, the interested party may at any time request that the manual control of the correctness of the process be carried out.
The consent of the interested party is required for the purposes referred to in letters e), f) and is optional in this case. However, failure to authorize the processing of data will make it impossible to provide the information. The interested party is hereby informed that the Data Controller and Domina Vip Travel and Domina Hotels could use fully or partially automated decision-making processes, including profiling, to provide the interested party with information and targeted offers and reserved discounts.
The interested party may at any time request the interruption of this information flow and revoke the consent to the treatment.
We inform you that, where the legal basis of the treatment is the consent for the purpose of receiving information and informative and promotional communications, the treatment can be carried out only if the interested party is at least 16 years of age. Only persons aged 16 or over can validly give their consent. For children and young people under the age of 16 it is necessary that the consent is given by the holder of parental responsibility.
We will therefore process the data of the interested party by basing our activities essentially on the following legal bases, different and relevant according to the cases and the services that are requested of us by the interested party and that we offer:
- in the case of the treatments from a) to d) above, the legal basis will be the establishment and execution of the contractual relationship and the consequent fulfilments, rights and legal obligations;
- in the event that the interested party communicates data relating to health or other particular and sensitive data defined by law, the legal basis will be the consent of the interested party and the data will be processed for the sole purpose of providing a service aimed at the user’s needs. (And without prejudice to the retention of data for the time necessary for the fulfilment of legal obligations, ascertain action to defend rights in court);
- in the event of a request for information by the interested party and communications for information and promotional purposes (processing referred to in letters e) and f) above) the legal basis will be the consent of the interested party (or of the subject exercising the parental authority and responsibility in the case of minors under the age of 16) and this consent may be revoked at any time.
5. HOW LONG WE WILL KEEP THE DATA
We will keep the data for as long as necessary to provide the services and services that have been requested of us and the fulfilment and execution of contractual obligations, and also after the end of these relationships for all the time necessary for the consequent administrative, legal, fiscal obligations , insurance, compliance with the applicable legislation and legal obligations, the resolution of any disputes, the assessment, exercise, defence of rights and legitimate interests also in court and in application of what is required and permitted by the applicable legislation (for example: Title V, Book VI, Italian Civil Code).
When we no longer need to process the data in relation and proportion to each purpose, they will be deleted in a secure manner.
6. TO WHICH CATEGORIES OF RECIPIENTS DO WE COMMUNICATE THE DATA AND ON WHICH OCCASIONS DO WE TRANSFER PERSONAL DATA TO THIRD COUNTRIES
For the purposes described in this Information, we may communicate the personal data of the interested party to the following third parties and categories of recipients, depending on the case and the services that are requested of us and that we offer:
- in the case of simple information requested by the Data Subject via the Data Controller’s website, letter, email, telephone and communications for information and promotional purposes, the data may be shared with the technicians and IT companies who take care of the website and the computer network, with cloud providers, with our appointees, employees and external managers appointed to manage relations with users and with public authorities.
- in the case of establishment of the contractual relationship aimed at providing the customer with our services, the data may be communicated to:
- Italian and foreign owners of the structures and real estate shares
- administrators of co-properties;
- condominium administrators;
- Italian and foreign Domina hotel group management companies;
- Tour operator for booking flights and packages requested by the interested party;
- Commercial partner Domina Vip Travel S.r.l.;
- Accountants, administrative and legal consultants, insurance companies and brokers, notaries and other consultants where necessary for the aforementioned purposes (by way of example, architects and surveyors);
- Subjects in charge of collection and invoicing activities, credit institutions (also for receiving/making instalments payments through the chosen system and for purposes related to the provision of the requested financing service), Italian and foreign companies issuing credit/debit cards and other means of payment and fraud screening, revenue agency;
- Technicians and IT companies who take care of the website and the IT network of the Owner and cloud providers.
The Data Controller has its registered office and operates in Italy. However, some partners may reside in European and non-European third countries. Example: companies that manage hotel services that can be based in Egypt, etc.). The transfer of data of the interested party in these countries takes place only on the legal basis constituted by the execution of the contractual relationship.
Also in this case the processing, consisting in the transfer of data to recipients residing in third countries, finds its legal basis in the establishment or execution of the contractual relationship is therefore necessary. The transfer of data to third countries is therefore mandatory in these cases on the basis of the contract and otherwise the contract cannot be concluded and executed.
We inform you that third countries do not always regulate the protection of personal data or do not issue strict laws on privacy and may be judged inadequate by the European Commission in terms of personal data processing, so that data may not be treated with the same protections. The countries that from time to time receive adequacy decisions can be found on the website of the Guarantor for the protection of personal data at the page: https://www.garanteprivacy.it/home/provvedimenti-normativa/normativa/normativa-comunitaria-e- international/data-transfer-to-third-countries #1.
7. RIGHTS OF THE INTERESTED PARTY
The interested party has the right to:
- Ask us if we have your personal data, from which source we learned it, for what purpose and how we treat it.
- Know the details of the Data Controller and data processors.
- Have an indication of the subjects or categories of subjects to whom the personal data are communicated.
- Request access to the personal data held by the Data Controller, receiving a copy of the same and request the updating, rectification and integration of data, thus correcting inaccurate or incomplete information.
- Request data portability (data transferability in a format that can be used electronically to the interested party or a third party), request the cancellation of personal data, the limitation, blocking of data processing, transformation into anonymous form or oppose their processing for legitimate reasons treatment (and request that said operations be brought to the attention of the subjects to whom the data have been communicated, unless this proves impossible or involves the use of manifestly disproportionate means), except in cases where the processing and storage of data constitutes a legitimate right/interest or legal obligation
- In cases where the treatment is based on consent, revoke the consent to the treatment at any time, for example to the receipt of promotional and information communications (which are not necessary for the establishment of a contractual relationship requested by the interested party or for its execution), to the processing through automated decision-making processes, including profiling, and to the processing of particular and sensitive data. Once we have received the revocation of consent, we will no longer process the personal data of the interested party for the purposes subject to legitimate revocation, except by virtue of another legitimate legal basis and purpose.
- Propose a complaint to the supervisory authority.
8. DATA PROTECTION OFFICER
The Data Protection Officer can be contacted at the following email address: Protezione.email@example.com.
The managers, authors and the owner of the website are not responsible for the contents of third party websites directly or indirectly connected to the owner’s website.
10. CHANGES TO THE DATA PROTECTION POLICY
The Data Controller regularly tries to improve its efforts to protect personal data. This Data Protection Information may be modified or updated in the light of legislative changes, at international, European and national level, and regulations and the interpretative guidelines of the Guarantor Authority.
The Data Controller will inform the interested party of the substantial changes to this Information with offline paper methods, via email or online means (for example, via the website).
The user can always find the most recent version of the Information on data protection on the website of the Owner, by clicking on the appropriate section dedicated to Privacy