Privacy Policy – Web App

Privacy policy on data processing

1. Data controllers

The Data Controller is the company Biasuzzi S.p.A. – Divisione Turismo (hereinafter also referred to as “Data Controller”), which has its registered office in Ponzano Veneto (TV) in Via Morganella Ovest 55 and which can be contacted for matters relating to the protection of personal data at the email address privacy@biasuzzispa.com.

2. Categories of collected data

In order to make possible the use of the “BI4YOU” App the Data Controller will process data related to the users for the creation of the access profile (such as their personal details, email, user ID, password) and technical information on the devices used to access the service.

3. Purposes of the processing, legal basis and storage period

Personal data will be processed by Biasuzzi S.p.A. – Divisione Turismo for the purposes and under the conditions indicated below.

Purposes

Provision of services via App: for the booking and use of activities, events and services within the tourist facility. Registration credentials will be sent to users by email or given to them upon check-in.

Legal basis

Fulfilment of contractual obligations.

Data storage period

Until a request for cancellation of the account or termination of the service. However, the account and its data will be deleted after 5 years of non-use. If the customer does not activate the account after it has been created, the relevant data will be deleted within 30 days following the end of the stay at the facility.

4. Necessity of data processing

The processing of personal data for the purposes indicated above is necessary for the use of the service, as it is not possible to operate the App without them.

5. Processing methods

Biasuzzi S.p.A. – Divisione Turismo has adopted specific security measures to prevent unauthorised access, unlawful use or loss of personal data.

6. Categories of recipients of personal data

For the achievement of the purposes indicated in point 4 Biasuzzi S.p.A. – Divisione Turismo may communicate the data collected to the following categories of subjects: IT service providers; companies and other subjects providing assistance, consultancy and communication services. Where necessary, data recipients have been designated as data controllers as per the provisions of Article 28 GDPR.

7. Transfer of data to third countries

Personal data processed by Biasuzzi S.p.A. – Divisione Turismo may be transferred to companies based in the United States of America for the pursuit of the purposes indicated above. This transfer will take place exclusively following the signing with the companies receiving the personal data of standard contractual clauses (S.C.C.) adopted by the Commission of the European Union (pursuant to Article 46, paragraph II, points C and D of the GDPR).

8. Rights of data subjects

In relation to the personal data provided, data subjects have the right at any time to request: confirmation of whether or not personal data concerning them is being processed and, if so, to obtain access to the data and a copy thereof (Art. 15 of the GDPR); the rectification of any inaccurate personal data or the integration of incomplete data (Art. 16 of the GDPR); in the cases specifically provided for by the legislation, the cancellation of the data (Art. 17 of the GDPR), the limitation of their processing (Art. 18 of the GDPR) and the opposition to their processing (Art. 21 of the GDPR). In order to exercise these rights, data subjects may send their requests to Biasuzzi S.p.A. – Divisione Turismo at the addresses specified in point 1 of the Privacy Policy. If data subjects consider that their rights under data protection law have been infringed, they may lodge a complaint with the competent Supervisory Authority (www.garanteprivacy.it).