Privacy Policy

According to the European Regulation n. 679 of 2016 “GDPR”, any processing of personal data must be grounded in a suitable legal basis. The bases of lawfulness of the processing are specified in Article 6 and coincide, in general with those currently provided by the Privacy Code of 2003 (consent, fulfillment of contractual obligations or pre-contractual measures, legal obligations to which the holder is subject to, the legitimate prevailing interest of the owner or of third parties to whom data is communicated, etc.).

As already stated by the Privacy Code, the European Regulation (Articles 13 and 14) requires that the data controller must take appropriate measures to provide the data subject with all the information regarding the processing in a concise, transparent, intelligible and easily accessible form, with a simple and clear language. The information is provided in writing or by other means, including, where appropriate, by electronic means.

With regards to the processing of personal data of customers or guests of the accommodation facility, we have developed a model, to be adapted to according to the characteristics of each specific property, aimed at informing the client or guest about ordinary data processing of accommodation facilities. Consequently, we have proceeded to elaborate samples for consent acquisition, in cases where consent is necessary.

The model assumes that the following data processing is carried out by the property:

• Processing guest data acquired by the accommodation facility to confirm the booking of the accommodation and ancillary services and to provide the requested services (general and contact details, tax code and / or VAT number, credit and debit card details provided to guarantee the reservation and / or to pay for the reservation, list of services and products requested and purchased, date of arrival and departure, etc.). These treatments are necessary for the definition of the contractual agreement and for its subsequent implementation, and therefore it is necessary to inform the customer that his consent is not required (except in the case where particular, so-called sensitive data is provided). In case of refusal to provide personal data, all or some services cannot be provided. The client must be informed that the treatment will cease upon departure, but some of his personal data may continue to be processed for other purposes, to be specified (described below).

• Processing of guest data to fulfill the obligation set forth in the “Consolidated Law on Public Security ” (article 109 RD 18.6.1931 No. 773) which requires to communicate to the Police Headquarters, for public security purposes, the personal information of the in-house guests according to the procedures established by the Ministry of internal affairs (Decree of January 7^th 2013) (personal information, ID documents, date of arrival, length of stay, kind of relationship, etc.). It is necessary to inform the customer that the provision of this data is mandatory and the processing does not require his consent, and in case of refusal to provide such consent he cannot be hosted at the accommodation facility. Data collected for this purpose will not be stored at the property, unless the customer provides specific authorization.

• Processing of customers’ data to comply with current administrative, accounting and tax obligations (general information and contact details, tax code and / or VAT number, credit and debit card details provided, services and products purchased reported in statements and tax documents, etc.). It is necessary to inform the customer that for such purposes the treatment is carried out without the need to acquire his consent. He should also be informed that certain data are communicated to third parties to comply with legal obligations, and that in case of refusal to provide the data necessary for the above obligations, the requested services cannot be provided. Finally, it is necessary to inform that for these purposes data is stored at the accommodation facility for the time provided by regulation (10 years, and even more in the case of tax assessments).

• Processing of data to be able to forward messages and phone calls addressed to the customer during his stay (personal information, his presence at the property, etc.). For this purpose, the customer’s consent is required. The client must be informed of the possibility of revoking the consent at any time and that the treatment will cease at his departure anyway.

• Processing of customer and guest data to send promotional messages (personal information, contact details, etc.). For this purpose, the customer must express his consent, which is revocable at any time. The company must establish a term for the storage of such data, to be reported in the privacy policy.

• Data processing for the protection of people, property and company assets through a video surveillance system. Customers and guests should be informed if a video surveillance system is installed in some areas of the accommodation facility, which must be identifiable by the presence of appropriate signs, and if the images are recorded or not. It is also necessary to inform that consent is not required for this treatment, as it pursues the legitimate interest of the company to protect the people and the property against possible aggressions, thefts, robberies, damage, acts of vandalism, fire prevention and job security. In case images are recorded, it is necessary to inform that they will be canceled according to the terms provided by the Guarantor (after 24 hours, except in case of national holidays, company closing dates; in any case no longer than a week) and that they cannot be disclosed to third parties, unless in the case in which it is necessary to adhere to a specific investigation request by judicial or police authorities.

The attached privacy model, once customized and modified by the property according to individual needs, must be provided to the customer at the time personal data is being collected, both during the booking phase and upon arrival at the property.

In addition to the privacy model, we attach a model for the acquisition of consent upon guest arrival (in case the accommodation facility intends to process data in ways that require consent) and a model of consent acquisition to be included in the website in the case the property intends to send newsletters or promotional offers to customers.

Privacy Policy

The policy that follows, integrated, customized and modified by the property according to its individual needs, must be provided to the customer when collecting his personal data, both during the reservation phase and upon arrival at the property.

Please note

The model may undergo changes or integrations following new national rules and regulations or following clarifications expressed by the Guarantor.

Dear Customer,

in accordance with the current legislation on the protection of personal data (EU Regulation No. 679 of 2016), we wish to inform you that the processing of your personal data is carried out correctly and transparently, for lawful purposes and protects your privacy rights.

The treatment of your personal data is also carried out with the support of IT tools for the following purposes:

1. to receive and confirm your reservation both in terms of accommodation services and ancillary services and to be able to provide the requested services. Since this processing is necessary for the execution of the contractual agreement and for its subsequent implementation, consent is not required, unless in the case in which particular, so-called sensitive data is provided. In case of refusal to provide personal data, we will not be able to confirm the booking or provide the requested services. The processing will cease anyway upon your departure, but some of your personal data may or must continue to be processed for the purposes and with the methods specified below;

2. to fulfill the obligation set forth in the “Consolidated Law on Public Security ” (article 109 RD 18.6.1931 No. 773) which requires us to communicate to the Police Headquarters, for public security purposes, the personal information of the in-house guests according to the procedures established by the Ministry of internal affairs (Decree of January 7^th 2013) The provision of this data is mandatory and does not require your consent, and in case of refusal to provide such consent we will not be able to host you at our property. Data collected for this purpose will not be stored by us, unless you provide the consent for storage defined at point 4.

3. to comply with current administrative, accounting and tax obligations. For these purposes, the processing is carried out without the need to acquire your consent. Data are processed by us and our representatives and are disclosed only to fulfill legal obligations. In case of refusal to provide the data necessary for the above-mentioned obligations, we will not be able to provide the services requested. The data acquired for these purposes is stored by us for the time required by the regulation (10 years and more in the case of tax assessments);

4. to be able to forward messages and phone calls addressed to you during your stay. For this purpose, we need your consent, which you will be able to revoke at any time. Treatment will cease at your departure anyway.

5. to send you promotional messages and updates on rates and offers. For this purpose, after obtaining your consent, your data will be kept for a maximum period of 24 mounth and will not be disclosed to third parties. You can withdraw your consent at any time;

6. to protect people, the property and company assets through a video surveillance system installed in some areas of the property, identifiable by the presence of appropriate signs. For this treatment, your consent is not required, as it pursues our legitimate interest in protecting people and the property against possible aggressions, thefts, robberies, damage, acts of vandalism, fire prevention and job security. The recorded images are deleted after 24 hours, except on public holidays or other company closing dates; in any case they will not be stored for longer than a week. They will not be communicated to third parties, unless in cases where it is necessary to adhere to a specific investigation request of the judicial or police authorities.

We also wish to inform you that the European Regulation recognizes you certain rights, including the right of access and rectification, or cancellation or limitation or opposition to processing, as well as the right to data portability, if and as applicable (articles 15 to 22 of EU Regulation No. 679 of 2016). You can also lodge a complaint with the supervisory authority, in accordance with the procedures established by current legislation.

For any further information, and to assert your rights recognized by the European Regulation, you can contact:

Data controller :  VEMAR sas di Dal Cero Maurizio & C.  – contact details: info@bellaveneziamare.it