Privacy Policy - 5 Star Hotel in Cannigione Sardinia

PRIVACY POLICY

Grand Hotel Cannigione – Montecorru SRL
Montecorru SRL, with registered office in Viale Aldo Moro 8 Piano 1 Int B, 07021 Arzachena (SS),
is committed to protecting the personal data collected in compliance with EU Regulation 2016/679 (GDPR), Legislative Decree 196/2003 (Privacy Code) and applicable regulations. This information describes how we collect, process, protect and share personal data, as well as the rights of the interested parties.

1. Data Controller
The Data Controller of personal data is: Montecorru SRL Registered office: Viale Aldo Moro 8 Piano 1 Int B,
07021 Arzachena (SS)
E-mail: info@ghcannigione.com
For questions regarding the processing of personal data, contact the address indicated above.

2. Type of personal data collected
We collect and process the following categories of data:
2.1. Identification data
 Name, surname, date of birth, tax code, identity document, address, telephone number and e-mail address.
2.2. Payment data
 Information relating to credit cards, bank details or other payment instruments, managed through secure platforms for booking and invoicing purposes.
2.3. Data relating to the booking and stay
 Arrival and departure date, special requests, personal preferences (e.g. dietary needs, specific rooms).
2.4. Special data (pursuant to art. 9 GDPR)
 Health information or information relating to specific conditions (e.g. allergies, need for disabled access) explicitly provided by the customer, with explicit consent.

2.5. Browsing data
 IP address, data relating to the device used for browsing, type of browser, operating system, data collected via cookies (see Cookies section).
2.6. Data collected through communications
 Information provided during interactions with our staff (e.g. via email, telephone or social media).

3. Purpose of processing and legal basis
Personal data are processed for the following purposes:
3.1. Contractual purposes
• Manage requests for bookings, stays and related services.
• Process payments and invoices. (Legal basis: art. 6(1)(b) GDPR – performance of a contract).
3.2. Fulfilment of legal obligations
• Register data with the competent authorities (e.g. communication to the Police for the guest register). (Legal basis: art. 6(1)(c) GDPR – legal obligation).
3.3. Marketing purposes
• Sending promotional communications, special offers, newsletters and other updates, subject to explicit consent. (Legal basis: art. 6(1)(a) GDPR – consent).
3.4. Improvement of services
• Collect feedback and analyse data to improve the quality of the services offered. (Legal basis: art. 6(1)(f) GDPR – legitimate interest).
3.5. Security and fraud prevention
• Monitoring and protection from fraudulent activities or unauthorized access to systems. (Legal basis: art. 6(1)(f) GDPR – legitimate interest).

4. Methods of processing
Personal data are processed by electronic and manual means, following appropriate security measures to:
• Guarantee the confidentiality and integrity of the data.
• Protect the data from unauthorized access, loss or accidental destruction.

5. Storage of personal data
The data will be stored for the time strictly necessary for the purposes indicated:
• Booking data: until the end of the stay, except for tax or administrative obligations (10 years).
• Marketing data: until the withdrawal of consent.
• Browsing data: according to the terms indicated in the Cookie Policy.

6. Communication and transfer of data
Personal data may be communicated to:
• Service providers: booking platforms, payment providers, legal and technical advisors.
• Public authorities: for legal obligations or explicit requests.

7. Rights of the interested party
The interested parties have the following rights, which can be exercised at any time:
1. Access: to know which data are processed.
2. Rectification: to request the correction of inaccurate data.
3. Erasure: request the erasure of data (right to be forgotten).
4. Restriction: request a temporary limitation of processing.
5. Opposition: object to processing, in particular for marketing purposes.
6. Portability: receive personal data in a readable format or request its transfer.
7. Revocation of consent: withdraw consent at any time.
8. Complaint: lodge a complaint with the Authority for the protection of personal data (www.garanteprivacy.it).
Requests can be sent to: info@ghcannigione.com.

8. Cookie Policy
Our site only uses cookies related to site traffic, managed through Plausible.io – resident and compliant within the EU.

9. Data Security
We implement technical and organizational security measures, including:
• Encryption of data during transmission.
• Authentication and access control systems.
• Periodic backups and system monitoring.

10. Changes to the information
This information may be updated to comply with new regulatory provisions or changes to business processes. We invite you to periodically check this page for any updates.
Last updated: December 10, 2024.
For more information, contact us by email: info@ghcannigione.com