Hotel Crystal, has a high regard for the  treatment of personal information and operates according to a series of strict rules,  which also conform to national and EU laws on privacy.

The data is processed solely for the purposes of correct and complete  fulfilment of the contractual, pre-contractual or commercial relationship  established and for notifying any future promotions.

Data is processed using the operations or set of operations indicated in art. 4,  paragraph 1, letter a) of the Consolidated Act: collection, recording, organisation,  keeping, interrogation, elaboration, modification, selection, retrieval, comparison,  utilization, interconnection, blocking, communication, erasure and dissemination  of data.

The operations may be carried out with or without the help of electronic or automated means.

Processing operations may only  be performed by the data controller or by persons in charge of the processing  that act under the direct authority of the data controller complying with the  instructions received in accordance with the provisions of art. 30 of Legislative Decree  no. 196/2003.

Supplying common personal data is strictly necessary for the purposes of  carrying out the activities referred to in point 1.

Any refusal by the data subject to supply the personal data referred to in  point 3 will make it impossible to fulfil the activities referred to in point  1.

Personal data may become known to those in charge of processing it and may be disseminated  outside the company for the sole purposes referred to in point 1, in particular  to:

  – our affiliated companies.

  – firms or professionals for accountancy purposes.

  – our network of agents

  – credit institutions

  – debt collection agencies

Personal data will not be disseminated to third parties.

Personal data may be transferred to countries within the EU and to third  countries outside the EU within the scope of the purposes referred to in point  1.

Art. 7  of the Consolidated Act allows  the data subject to exercise certain rights, including that of obtaining from  the controller confirmation as whether or not personal data concerning him/her  exists and communication of such data in intelligible form; the data subject  has the right to be informed of the source of the data, the purposes and the methods  used to process it, the logic applied to the processing, the identification  details regarding the data controller and the entities or categories of  entities to whom the data may be communicated; the data subject also has the  right to obtain updating, rectification and integration of the data, erasure, anonymisation  or blocking of data that has been processed unlawfully; the data subject has  the right to object to the processing of personal data on legitimate grounds.

The data controller is Hotel Crystal –  Via Terraglio 136 – 31022 Preganziol (TV)

 The person responsible for processing the data collected is the legal representative of Hotel Crystal , who can be contacted at the registered office in Via Terraglio 136 – 31022 Preganziol (TV) – Tel. +39 (0)423.630813 | info@crystalhotel.it  – Fax. +39 (0)42293713

2. A data subject has the right to be informed:

  a) of the source of the personal data;

  b) of the purposes and the methods used to process it;

  c) of the logic applied to the processing, if the latter is carried out with  the help of electronic means;

  d) of the identification data concerning the data controller, data processors  and the designated representative pursuant to article 5, paragraph 2;

  e) of the entities or categories of entities to whom or which the personal data  may be communicated and who or which may come to know such data in their  capacity as designated representative(s) in the State’s territory, data  processor(s) or person(s) in charge of processing.

3. A data subject has the right to obtain:

  a) updating, rectification or, where interested therein, integration of the  data;

  b) erasure, anonymisation or blocking of data that has been processed  unlawfully, including data whose retention is unnecessary for the purposes for which  it has been collected of subsequently processed;

  c) certification to the effect that the operations as per letters a) and b) have  been notified, also related to their contents, to the entities to whom or which  the data was communicated or disseminated, unless this requirement proves  impossible or involves a manifestly disproportionate effort compared to the  right that is to be protected.

4. A data subject has the right to object, in whole or in part:

  a) on legitimate grounds, to the processing of personal data concerning him/her,  even though relevant to the purpose of its collection;

  b) to the processing of personal data concerning him/her, where it is carried  out for the purpose of sending advertising materials or direct selling or for  the performance of market research or commercial communication surveys.