Purpose of this notice
This section explains how the website manages the processing of personal data for users who access it. This notice applies solely to the Monti Palace Hotel website, and does not apply to any other websites that users may access via external links. Please note that Monti Palace Hotel S.r.l. will process your personal data as the Data Controller, in full compliance with the General Data Protection Regulation (GDPR) 679/2016.
Data controller and data processor: MONTI PALACE HOTEL SRL
Operational Headquarters: 185 Via Cavour, Rome, Italy 00184
Tel: +39 06 480231
Tel: +39 06 480231
E-mail: info@montipalacehotel.com
The Hotel collects data directly (e.g. through online bookings and at the reception desk) and indirectly through external data processors (such as hotel booking portals and travel agencies), who act as intermediaries, triggering our role as Data Controller.
Legal basis for data processing The legal basis for the data processing is the consent of the data subject, which is requested separately from the consent given during online booking or registration at the hotel.
External Data Processors Our technical partners are listed below, identified by the following symbols: *** Blastness S.r.l., VAT/Tax Code: 01195440118, ECONOMIC AND ADMINISTRATIVE INDEX OF MILAN REGISTRATION NO. 2107189, Legal Headquarters: 2 Galleria del Corso – Milan, Italy 20122
Personal data processing operations and relative purposes. Each section described below allows for the collection of data for a specific purpose: failure to complete the fields marked as mandatory (indicated by an asterisk) will result in an inability to provide the requested service.
Your personal data, collected during the course of providing various hospitality services at our facility, will be collected by Monti Palace Hotel Srl and its technical partners, recorded and processed on paper and/or by electronic means, possibly stored in dedicated databases, and used solely for purposes required by the current Public Safety regulations;
Use of cookies: collected data (including country of origin, pages visited, and time spent on each page) will be used for statistical analysis and market research – please refer to the full privacy policy available at: https://www.montipalacehotel.com/en/privacy/
Your data will not be “disseminated”, published, or disclosed to any third parties, either in Italy, within the EU, or outside the EU, but may be accessed by Monti Palace Hotel Srl staff who have received appropriate training, and its technical partners, in compliance with the GDPR and listed as External Data Processors. Monti Palace Hotel Srl undertakes not to use any personal data identified as inaccurate until such inaccuracies have been corrected. All data are processed based on the legitimate interests of the Data Controller and will not be published, shared or transferred to any third parties, either within Italy or abroad.
Freedom to grant consent, consequences of refusal, duration of data retention Booking – the provision of your data is essential, and failure to do so, or the provision of incorrect data, will prevent us from accommodating you. The data received will be kept for the minimum duration required by law. Contacts – the provision of your data is essential, and failure to do so, or the provision of incorrect data, will prevent us from responding to your enquiry. The data received will be kept for 6 months. Meetings, Events, Business Breakfasts, and Weddings, Tiziano Terrace Rooftop & Cocktail Bar – the provision of your data is essential, and failure to do so, or the provision of incorrect data, will prevent us from providing the requested services. The data received will be kept for 6 months.
INTERACTION WITH SOCIAL NETWORKS AND EXTERNAL PLATFORMS These services allow for interaction with social networks or other external platforms directly from the pages of this Application.
However, the interactions and data acquired through this Application are subject to each User's privacy settings on the respective social networks.
If a service for interaction with social networks is installed, it may collect traffic data for the pages on which it is installed, even if the User does not actively use it. Facebook – Instagram Like button and social widgets (Facebook, Inc.)
The Facebook "Like" button and social widgets are services provided by Facebook, Inc. for interacting with the Facebook social network.
Personal Data collected: Cookies and usage data Place of processing: USA – Privacy Policy Google+ +1 button and social widgets (Google Inc.)
The Google+ “+1” button and social media widgets are services provided by Google Inc. for interacting with the Google+ social media network.
Personal Data collected: Cookies and usage data. Place of processing: USA – Privacy Policy Twitter Tweet button and social media widgets (Twitter)
The Twitter "Tweet" button and social media widgets are services provided by Twitter, Inc. for interacting with the Twitter social network.
Personal Data collected: Cookies and usage data. Place of processing: USA – Privacy Policy.
Rights of data subjects
You have the right to request the deletion (right to be forgotten), restriction, updating, rectification, and portability of your personal data, as well as to object to their processing, and may exercise any of the rights granted under Articles 15, 16, 17, 18, 20, and 21 of the GDPR. All the rights provided under Articles 15 (right of access), 16 (right to rectification), 17 (right to erasure), 18 (right to restriction), 20 (right to data portability), and 21 (right to object) of the GDPR (Regulation 679/2016) can be exercised by contacting the data controller indicated in the Data controller and data processor section.