1. Data controller
The Data Controller is the company Biasuzzi S.p.A. – Divisione turismo (hereinafter also referred to as “Data Controller”), which has its registered office in Ponzano Veneto (TV) in Via Morganella Ovest 55 and which can be contacted for matters relating to the protection of personal data at the email address email@example.com.
2. Categories of personal data processed
The Data Controller may collect and process the following categories of personal data, in addition to what has already been communicated in previous policies: first and last name, gender, date and place of birth, nationality, passport or other identification documents data, address, telephone number, email address, vehicle license plates.
3. Purposes of the processing, legal basis and storage period
Personal data will be processed by Biasuzzi S.p.A. – Divisione Turismo for the purposes and under the conditions indicated below.
Reception: for performing activities associated with check-in. Fulfilment of legal obligations: for the fulfilment of legal obligations, including the provision of customer details to the Police Headquarters.
Implementation of the contract. Fulfilment of legal obligations.
Data storage period
For the time necessary to process the application. For the period defined in the relevant legislation.
4. Necessity of data processing
The disclosure of personal data to Biasuzzi S.p.A. – Divisione Turismo for the purposes indicated at point A (Reception), is necessary to implement the contract. Without this, the Data Controller would not be able to process the corresponding customer requests.
The processing of personal data for the purposes specified at point B (Fulfilment of regulatory obligations) is necessary for the fulfilment by Biasuzzi S.p.A. – Divisione Turismo/Industrial Project of obligations dictated by the regulations in force; therefore, the customer cannot oppose the processing of personal data; otherwise, it will be impossible to use the Data Controller’s tourist services.
5. Processing methods
Biasuzzi S.p.A. – Divisione Turismo/Industrial Project have adopted specific security measures to prevent the loss of personal data, unlawful or incorrect use thereof and unauthorised access thereto.
6. Categories of recipients of personal data
For the achievement of the purposes indicated above, Biasuzzi S.p.A. – Divisione Turismo/Industrial Project may communicate, for their own needs or to fulfil legal obligations, the data of their customers to the categories of subjects indicated below: Public authorities and supervisory and control bodies; IT service providers (such as internet service and cloud computing); professionals or companies that provide the Data Controller with their services. Where necessary, data recipients will be designated as data controllers, in accordance with the provisions of Article 28 of the GDPR.
7. Transfer of data to third countries
Personal data processed by Biasuzzi S.p.A. – Divisione Turismo may be transferred to other companies based in the United States of America (USA) exclusively for the pursuit of the purposes described above. This transfer will take place exclusively following the signing with the companies receiving the personal data of standard contractual clauses (S.C.C.) adopted by the Commission of the European Union (pursuant to Article 46, paragraph II, points C and D of the GDPR).
8. Rights of data subjects
In relation to the personal data provided, data subjects have the right at any time to request: confirmation of whether or not personal data concerning them is being processed and, if so, to obtain access to the data and a copy thereof (Art. 15 of the GDPR); the rectification of any inaccurate personal data or the integration of incomplete data (Art. 16 of the GDPR); in the cases specifically provided for by the legislation, the cancellation of the data (Art. 17 of the GDPR), the limitation of their processing (Art. 18 of the GDPR), the opposition to their processing (Art. 21 of the GDPR) or their portability (Art. 20 of the GDPR).
If data subjects consider that their rights under data protection law have been infringed, they may lodge a complaint with the competent Supervisory Authority (www.garanteprivacy.it).