Privacy Policy

Information pursuant to Legislative Decree 196/2003 “Code regarding the protection of personal data” and EU Regulation 2016/679 – GDPR (General Data Protection Regulation) and subsequent amendments and additions

Marco Ungaro’s APULIAN HOUSE tourist lease (hereinafter, “APULIAN HOUSE”), with headquarters in Via De’ Castaldo, 10 – 72100 – Brindisi, Tax Code NGRMRC81S02B180Z, CIS structure identification code BR07400191000025279, (telephone +39 351.47745087, e- mail info@apulianhouse.eu) as “Owner” of the treatment, protects the confidentiality of personal data and guarantees them the necessary protection from any event that could put them at risk of violation. As required by the European Union Regulation n. 679/2016 (“GDPR”), and in particular to the art. 13, the information required by the legislation relating to the processing of personal data is provided below to the user (“interested party”).
 

LEGAL BASIS OF THE TREATMENT

This site processes data based on consent. By accessing the websites managed by APULIAN HOUSE, or using their content, you accept the terms of the APULIAN HOUSE Online Privacy Policy, as set out below, including any disclosure to third parties if necessary for the provision of a service. If you do not accept these terms, please do not access the sites and do not use their content. This information is also provided pursuant to and in accordance with article 13 of Legislative Decree 196/2003 “Code regarding the protection of personal data” and subsequent amendments, and in accordance with articles 13-14 of the GDPR (General Data Protection Regulation), EU Regulation 679/2016. The legal basis of these treatments is compliance with legal obligations and the legitimate interest of the Data Controller to carry out treatments related to the purpose of protecting the corporate assets of APULIAN HOUSE.
 

OBJECT OF THE TREATMENT

The Data Controller processes personal, identifying and non-sensitive data (by way of example but not limited to, name, surname, company name, address, telephone, tax code, e-mail – hereinafter “personal data” or even “data”) from communicated to you when registering on the website https://www.apulianhouse.eu (hereinafter, “Site”), online purchase of products, participation in opinion and satisfaction surveys, online request for clarifications or support and sending newsletters.
 

PURPOSE OF THE TREATMENT

To offer users the personalized services provided by its Internet sites, APULIAN HOUSE as Data Controller must process some identification data necessary for the provision of the Service. The provision of personal data for these purposes is not mandatory, but the refusal to supply them makes it impossible to provide the SERVICES. Personal data is processed:

1. 1. A) without your express consent (art. 24 letter a), b), c) Privacy Code and art. 6 lett. b), e) GDPR), for the following service purposes:

• • manage and maintain the Site;

• • allow you to use any Services requested by you;

• • process a contact request;

• • fulfill the obligations established by laws, regulations and community legislation, as well as by instructions given by Authorities legitimated by the law and by supervisory and control bodies;

• • prevent or detect fraudulent activity or abuse harmful to the Site;

• • exercise the rights of the Data Controller, for example the right to exercise a right in court.

1. 1. B) Only with your specific and distinct consent (Articles 23 and 130 of the Privacy Code and Article 7 of the GDPR), for the following Other Purposes:

• • send you opinion and satisfaction surveys, newsletters via e-mail.

SOURCE OF PERSONAL DATA

The personal data held by APULIAN HOUSE are exclusively those provided by the User when booking the rooms or requesting information.

COOKIES

Cookies are small files corresponding to individual text elements that can be recorded on the hard disk of the User’s computer. This allows for easier navigation and greater ease of use of the site itself. Cookies can be used to determine if a connection has already been made between the User’s computer and the pages of the APULIAN HOUSE site. Only the cookie stored on the User’s computer is identified. Naturally, it is possible to visit the site even without cookies. Most browsers accept cookies automatically. You can avoid the automatic registration of cookies by selecting the “do not accept cookies” option among those proposed. For more information on how to do this, you can refer to the browser instructions. Any cookies already present on the hard drive can be deleted at any time. Choosing not to accept cookies from the browser can limit the functions accessible on the APULIAN HOUSE website.

COOKIE USAGE

The APULIAN HOUSE site, for strictly technical IT security reasons, makes use of session cookies to keep track of the User’s visit and records the IP address of visitors who access restricted areas. This information does not personally identify the User. Each User therefore remains anonymous unless he has provided APULIAN HOUSE with personal information in other forms. The user can manage, or request the general deactivation or cancellation of cookies, by changing the settings of his Internet browser. However, this deactivation may slow down or prevent access to some parts of the Site. The settings for managing or disabling cookies may vary according to the Internet browser used, therefore, for more information on how to perform these operations, we suggest that the User consult the manual of his device or the “Help” or “Help” function of his Internet browser. Below are indicated to Users the links that explain how to manage or disable cookies for the most popular Internet browsers:

• • Google Chrome: https://support.google.com/chrome/answer/95647

• • Mozilla Firefox: http://support.mozilla.org/it/kb/Gestione%20dei%20cookie

• • Microsoft Edge: https://support.microsoft.com/it-it/help/4027947/windows-delete-cookies

• • Internet Explorer: https://support.microsoft.com/it-it/help/17442/windows-internetexplorer-delete-manage-cookies

• • Opera: http://help.opera.com/Windows/10.00/it/cookies.html

• • Safari: https://support.apple.com/kb/PH19255?locale=it_IT

THIRD PARTY COOKIES

Third-party cookies can be installed: these are analytical and profiling cookies from Google Analytics and Facebook. These cookies are sent from the websites of the aforementioned third parties external to our site. Third-party analytical cookies are used to detect information on user behavior on the site. The survey takes place anonymously, in order to monitor performance and improve the usability of the site. Third-party profiling cookies are used to create user profiles, in order to propose advertising messages in line with the choices expressed by the users themselves. The use of these cookies is governed by the rules set up by the third parties themselves, therefore, Users are invited to read the privacy information and the indications for managing or disabling cookies published on the following web pages:

For Google Analytics cookies: – privacy policy: https://www.google.com/intl/it/policies/privacy/ –
indications to manage or disable cookies: https://support.google.com/accounts/answer/61416?hl=it

For Facebook cookies: – privacy policy: https://www.facebook.com/privacy/explanation –
indications to manage or disable cookies: https://www.facebook.com/help/cookies/

COLLECTED DATA

NAVIGATION DATA

Like all websites, this site also makes use of log files in which information collected in an automated manner during user visits is kept. The information collected whose transmission is implicit in the use of Internet communication protocols can be:

• • internet protocol address (IP);

• • domain names of the computers used by users who connect to the site;

• • type of browser and parameters of the device used to connect to the site;

• • the country you are connecting from;

• • name of the internet service provider (ISP);

• • date and time of visit;

• • web page of origin of the visitor (referral) and exit;

• • possibly the number of clicks;

• • other parameters on the Operating System and the user’s IT environment.

COLLECTION OF PERSONAL INFORMATION

While the User performs activities such as requesting information, APULIAN HOUSE may ask to provide personal information by filling in and sending an electronic form. The User is totally free to accept or not this request. If you decide to join APULIAN HOUSE may ask you to provide personal information, such as name, address, e-mail address and other data that identify the User. If the User makes a reservation request, for example, the information is used to register the license and the right, if any, to make use of technical support, updates or any other advantages that may be offered to registered Users. APULIAN HOUSE also makes use of the information provided by the User to support the effort to keep it constantly updated on special offers. APULIAN HOUSE recognizes and attaches great value to responsible use of this information. The data collected by the site during its operation are used exclusively for the purposes indicated above and kept for the time strictly necessary to carry out the specified activities. In any case, the data collected by the site will never be provided to third parties, for any reason, unless it is a legitimate request by the judicial authority and only in the cases provided for by law, to ascertain responsibility in the event of hypothetical computer crimes against the Site.

DATA PROVIDED VOLUNTARILY BY US VISITORS

The optional, explicit and voluntary sending of e-mails to the addresses indicated on the APULIAN HOUSE website involves the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data included in the message. Specific summary information is progressively reported or displayed on the pages of the site set up for particular services on request. In particular, the e-mail addresses that are imported into the forms of the Site are used exclusively to offer the requested services and will not be disclosed to anyone; even those in charge of data processing of APULIAN HOUSE can have access to the addresses only to carry out maintenance activities or to restore the functionality of the services. If the Site allows the insertion of comments, or in the event of a request for information or specific services, some identification data of the user, including the email address, are automatically detected and recorded. These data are intended to be voluntarily provided by the user at the time of requesting service provision. By inserting a comment or other information, the user expressly accepts the privacy information, and in particular agrees that the contents inserted are freely disclosed to third parties as well. The data received are used exclusively for the provision of the requested service and only for the time necessary for the provision of the service. The information that users of the site will deem to make public through the services and tools made available to them, are provided by the user knowingly and voluntarily, exempting the owner from any liability regarding any violations of the law. It is up to the user to verify that they have permission to enter personal data of third parties or contents protected by national and international standards.

OPTIONAL PROVISION OF DATA

Apart from that specified for navigation data, the user is free to provide his personal data through the use of the appropriate sections of the Site and to request or solicit the sending of informative material or other communications. Failure to provide them can only make it impossible to obtain what has been requested. For the sake of completeness, it should be remembered that in some cases (not subject to the ordinary management of the Websites) the Authorities may request news and information pursuant to article 157 of Legislative Decree n.196/2003 and subsequent amendments for the purposes of monitoring the processing of personal data. In these cases, the answer is mandatory under penalty of an administrative fine.

DATA STORAGE TIMES

Unless the interested party explicitly expresses his will to remove them, personal data will be kept for as long as they are necessary with respect to the legitimate purposes for which they were collected. In particular, with regard to the management and provision of services relating to contact requests forwarded by the interested party, such data will be kept for no longer than a maximum period of 12 months; furthermore, in the event of acceptance of a contract, they will be kept for the entire duration of the contract itself and in any case no later than a maximum period of 12 (twelve) months from the last of the active Services connected to it, or if, within this period, there are no active and/or purchased Services of the Products through a contract. Personal data will in any case be kept for the fulfillment of obligations (e.g. tax and accounting) which remain even after the termination of the contract (art. 2220 of the civil code); for these purposes, the Data Controller will only keep the data necessary for the related prosecution.

SAFETY

The Data Controller has adopted specific and adequate security, technical and organizational measures, including encryption and authentication tools, to maintain the security of personal data. In particular, the security measures protect the data against the risk of loss, illicit or incorrect use and are intended to prevent unauthorized access, in compliance with the obligations to adapt to minimum security measures. Given the nature of the treatment and the specialization of APULIAN HOUSE in Web technologies, suitable and preventive security measures are adopted and implemented in accordance with the provisions of art. 31-34 of the Privacy Code and article 32 of the GDPR. For security purposes (spam filters, firewalls, virus detection), the automatically recorded data may possibly also include personal data such as the IP address, which could be used, in compliance with current laws, in order to block attempts to damage the site itself or to cause damage to other users, or in any case harmful activities or activities constituting a crime. These data are never used for user identification or profiling. This information is processed on the basis of the legitimate interests of the Data Controller for the purpose of protecting the site and its users.

PLACE OF TREATMENT

The data collected by the Site are processed at the headquarters of the Data Controller, and at the data center where the APULIAN HOUSE servers reside, which is located in Italy, in the European Economic Area managed by the Provider Aruba S.p.A. – via San Clemente, 53 – 24036 Ponte San Pietro (BG), which, in compliance with the provisions dictated by European Regulation 2016/679 (“GDPR”), has verified and adapted the technical and organizational measures aimed at guarantee the security of the personal data processed in the provision of services on behalf of the Data Controller. These measures are implemented and updated in the light of the regulatory evolution on the subject as described online in the section dedicated to the European “GDPR” legislation which can be consulted at the link:
https://www.aruba.it/documents/tc-files/it/11_it_privacy_policy_aruba_spa.aspx.  

METHODS OF TREATMENT

The processing of personal data is carried out by means of the operations indicated in art. 4 Privacy Code and art. 4 no. 2) GDPR using manual, IT and telematic tools with logic strictly related to the purposes indicated above and, in any case, in order to guarantee the security and confidentiality of the data. Personal data is processed only for the time necessary to fulfill the purposes for which it was collected.

DATA ACCESS

APULIAN HOUSE, without the consent of the interested party being necessary, can communicate the data necessary for the performance of specific tasks to proceed with the treatments that pursue the same purposes for which the data were collected. For this reason, the processed data can be accessed by:

• • employees and collaborators of the Data Controller, in their capacity as persons in charge and/or internal data processors and/or system administrators;

• • third-party companies or other subjects (as an indication, web server providers, e-payment service providers, suppliers, credit and digital payment institutions, hardware and software assistance technicians, shippers and carriers, professional firms, etc.) who carry out outsourced activities on behalf of the Data Controller, in their capacity as data processors.

The Data Controller requires its third-party suppliers and Data Processors to comply with security measures similar to those adopted in relation to the Data Subject, restricting the scope of action of the Data Processor to the processing connected to the requested service.

COMMUNICATION AND DISSEMINATION OF DATA

Unless explicitly indicated in the information relating to individual treatments, the personal data collected is not communicated to third parties or disseminated. Without the express consent of the interested party (ex art. 24 letter a), b), d) Privacy Code and art. 6 lett. b) and c) GDPR), the Data Controller may communicate the personal data being processed to Supervisory Bodies, Judicial Authorities as well as to all other subjects to whom the communication is mandatory by law.

DATA TRANSFER

The management and storage of personal data are carried out in Europe, on computers and servers located in Italy, by the Data Controller and/or third-party companies appointed and duly appointed as Data Processors. The personal data of the interested party are stored in paper, IT and telematic archives located in countries where the GDPR is applied (EU countries).

TRANSFER OF DATA TO NON-EU COUNTRIES

The Site may share some of the data collected with services located outside the European Union area. In particular, with Google and Facebook through social plugins and the Google Analytics service. The transfer is authorized on the basis of specific decisions of the European Union and of the Guarantor for the protection of personal data, in particular the decision 1250/2016 (Privacy Shield), for which no further consent is required. The companies mentioned above guarantee their adherence to the Privacy Shield.

DATA OF THE INTERESTED PARTY

The interested party has the rights pursuant to art. 7 Privacy Code and subsequent amendments and art. 15 GDPR and precisely the rights of:

• • obtain confirmation of the existence or not of personal data concerning you, even if not yet registered, and their communication in an intelligible form (right of access);

• • obtain the indication: a) of the origin of the personal data; b) the purposes and methods of processing; c) of the logic applied in case of treatment performed with the aid of electronic instruments; d) of the identification details of the owner, of the managers and of the designated representative pursuant to art. 5, paragraph 2 of the Privacy Code and subsequent amendments and art. 3, paragraph 1, GDPR; e) of the subjects or categories of subjects to whom the personal data may be communicated or who can learn about them as designated representative in the territory of the State, managers or agents;

• • obtain: a) updating, rectification or, when interested, integration of data; b) the cancellation, transformation into anonymous form or blocking of data processed unlawfully, including data whose retention is unnecessary for the purposes for which the data were collected or subsequently processed; c) the attestation that the operations referred to in letters a) and b) have been brought to the attention, also as regards their content, of those to whom the data have been communicated or disseminated, except in the case in which this fulfillment is proves impossible or involves the use of means manifestly disproportionate to the protected right;

• • oppose, in whole or in part: a) for legitimate reasons, the processing of personal data concerning you, even if pertinent to the purpose of the collection; b) to the processing of personal data concerning you for the purpose of sending advertising material or direct sales or for carrying out market research or commercial communication, through the use of automated call systems without the intervention of an operator by e-mail and/or by traditional marketing methods by telephone and/or paper mail. It should be noted that the right of opposition of the interested party, set out in point b) above, for direct marketing purposes through automated methods extends to traditional ones and that in any case the possibility remains for the interested party to exercise the right of opposition also only partially. Therefore, the interested party can decide to receive only communications using traditional methods or only automated communications or neither of the two types of communication;

• • as well as, more generally, to exercise all the rights recognized by the current provisions of the law.

Where applicable, you also have the rights pursuant to articles 16-21 GDPR (right to rectification, right to be forgotten, right to limitation of treatment, right to data portability, right to object), as well as the right to complain to the Guarantor Authority.

METHOD OF EXERCISE OF RIGHTS

The interested party can exercise the rights at any time by sending:

• • a registered letter with return receipt to: APULIAN HOUSE – Via De’ Castaldo, 10 – 72100 Brindisi:

• • an e-mail to: apulianhouse@gmail.com

HOLDER

The data controller is: APULIAN HOUSE di Marco Ungaro, based in Via De’ Castaldo, 10 – 72100 – Brindisi.   Tax ID code NGRMRC81S02B180Z structure identification code CIS BR07400191000025279 (telephone number +39 351 7745 087, e-mail info@apulianhouse.eu). The Data Controller has appointed a Personal Data Protection Officer (DPO) which can be contacted for any information and request via e-mail at the address: info@apulianhouse.eu. The updated list of data processors and persons in charge of processing is kept at the headquarters of the Data Controller.

Ultimo aggiornamento: 10/05/2023