Privacy notice of the Hotel Lindenhof in Naturns

Privacy Statement and Cookie Regulation

The Hotel Lindenhof GmbH with registered office at 39025 Naturno, Italy, via Chiesa 2, (hereinafter: Lindenhof) undertakes to protect the personal data of the users of its online presence. The present statement has been drafted pursuant to Article 13 Regulation (EU) 2016/679 (hereinafter: GDPR), in order to clarify our data protection guidelines and to explain to you how we manage your personal data, when you use our Internet sites (www.lindenhof.it, jointly hereinafter: Website). Where applicable, the present statement also serves as your informed consent to the processing and issuing of your personal data. (Consent is only valid for persons over 16 years of age.) The information and data delivered or otherwise transferred by you concerning the use of services from Lindenhof (e.g. booking enquires, negotiation of holiday packages, issue of vouchers, newsletter registration), hereinafter Services, are processed pursuant to the provisions of the GDPR and under a commensurate duty of confidentiality.

In accordance with the provisions of the GDPR Lindenhof processes data in good faith and pursuant to the principles of legality, transparency, restriction of processing and storage period, data restriction, accuracy, completeness and confidentiality.

Content

Controller
The personal data processed
1. Surfing data
2. Particular categories of personal data
3. Personal data provided voluntarily by the data subject
4. Cookies
Purpose of the data processing
Legal bases, voluntary nature or necessity of the processing
Recipients of the personal data
Transfer of personal data
Storage of data
Digital Marketing & Marketing Automation for Hotels
Rights of the data subjects
Amendments

1. Controller

Lindenhof is the controller, responsible for processing your personal data by means of the website. In order to receive specific information on the processing of your personal data by Lindenhof, such as the list of processors, who process data on behalf of the controller, please contact us at the following e-mail address: info@lindenhof.it.

2. The personal data processed

We should like to advise you that Lindenhof processes personal data when you surf on the Internet. Personal data are identifiers, such as a name, an identification number, an online identifier or one or more factors specific to the physical, physiological, economic, cultural or social identity of the data subject, by which the data subject is identified or can be identifiable (hereinafter: personal data).

By means of the website the following personal data are processed:

a. Surfing data

In normal operation the computing systems and software processes, which ensure the correct functioning of the website collect some personal data, the transfer of which is required by the application of Internet communication protocols. This concerns data, which are not collected for the purpose of categorising data subjects, but which by virtue of their characteristics can identify a user by processing the data and comparing them to the data of third parties. These data include IP addresses or domain names of the computer used by the user to access the website, the URI (Uniform Resource Identifier) addresses of the resources accessed, the time of access, the method, by which the server was accessed, the identification number of the response given by the server (correct, error, etc.) and other parameters concerning the user's operating system and computer environment. These data are used to collect anonymous statistical information for the use of the website, to check that it is functioning correctly, to identify malfunctions and/or abuse and are erased immediately after being processed. The data may be used to check liability in the event of cyber criminal offences, which harm the website or third parties. However, with the exception of this special case, the surfing data are stored for no longer than a few days.

b. Particular categories of personal data

When you use our services, it may happen that you transfer data, which belong to the "special categories of personal data". Under Article 9 of the GDPR the processing of personal data "revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation" is prohibited. We would ask you not to transfer this kind of data, unless it is absolutely necessary. We should like to advise you that in the event that special categories of personal data are transferred without the specific consent of the data subject to the processing of those data, Lindenhof accepts no liability and no charges may be brought against them, since the data in this case were published by the data subject pursuant to Article 9 (2) (e) GDPR. If you wish to transfer the aforesaid data, it is notwithstanding necessary to issue an express consent to the processing of the special categories of personal data.

c. Personal data provided voluntarily by the data subject

When you use some of the services on the website (for example, ordering vouchers or brochures or making booking enquiries) personal data, which you transferred to Lindenhof, may be processed. In this case you yourself become the controller and accept all the legal duties and responsibilities of processing. Within this meaning you undertake to indemnify and hold Lindenhof harmless in this respect in the event that third parties lodge complaints or assert claims, including claims for compensation etc., because your personal data have been processed in breach of the applicable legal provisions. If you transfer personal data when you are using the website or process personal data in any other way you must ensure that the processing relies on an adequate legal basis pursuant to Article 6 GDPR and that the processing of the data at issue is lawful.

d. Cookies

Definitions, features and application of the provisions
Cookies are small text files, sent by Internet sites visited to the user's computer or terminal, stored there and sent back the next time the same site is visited. Thanks to such cookies a website recognises the activities and preferences of a user (such as log-in data, choice of languages, size of characters, other display settings, etc.). Therefore it is not necessary to provide these again, when you next visit the website. Cookies are also used in order to perform EDP authentication, monitor sessions and store information on the surfing behaviour of the user of a website and may also contain an identification code, which makes it possible to trace the pages of the website accessed by the user for statistical or advertising purposes. When you surf on a website cookies, which do not originate from the website visited (third party cookies), may also be deposited on the user's computer. Some operations are not possible without the use of cookies; therefore to some extent these are also necessary with respect to the functioning of the website.

There are cookies with a variety of properties and functions and these can remain on the user's computer for longer periods, which vary. Session cookies are automatically erased when you close your browser; permanent cookies remain on the user's device until their determined duration has expired.

Under the provisions applicable in Italy the express consent of the user is not always required for the use of cookies. In particular "technical cookies" (i.e. cookies, which are used to transmit a message via a electronic communication network, or are absolutely necessary for the performance of a service expressly requested by the user) require no express agreement. These are always cookies, which are indispensable for the correct functioning of the website or are necessary for the performance of an activity requested by the user.

In accordance with the requirements of the Italian Data Protection Supervisory Authority (c.f. Individuazione delle modalità semplificate per l'informativa e l'acquisizione del consenso per l'uso dei cookie of 8 May 2014 and the following commentaries, hereinafter only Decree) technical cookies, which do not require express consent, also include the following:

Analytical cookies, provided that these are used directly by the operator of the website to collect information in a summarised form about the number of users of the website and their surfing behaviour;
Navigation or session cookies (for authentication);
Function cookies, which allow users to surf using criteria, which they have determined (for example language, the purchase of selected products, in order to improve the service provided.

Conversely, for profiling cookies, i.e. those which generate and use a profile of the user, in order to send advertising messages matching the preferences demonstrated by the surfing on the net, the previous consent of the user is necessary.

Cookies used by the website and selection/rejection

The website uses the following cookies, which can be selected or rejected (apart from cookies from third party providers, for which the procedure for accepting or rejecting cookies must be observed via the relevant links):

Technical navigation or session cookies, which are absolutely necessary for the correct functioning of the website or for the use of the contents or services offered;
Function cookies, which are necessary to activate specific functions of the website and a range of selected criteria (e.g. language) for the improvement of the service offered. PLEASE NOTE: If the technical and/or function cookies are rejected, it may not be possible to access the website and/or some services or specific functions of the website may not be available or functional and it may be necessary to enter some information or preferences on each occasion you visit our website.
Cookies from third party providers, i.e. cookies from Intent sites or servers, which are separate from Lindenhof and which are used by the third party providers for their own purposes. It is stressed that these third parties, who are listed below together with their respective links to the respective data privacy statements, are normally independent for the purposes of data collection by cookies deposited by them. Therefore, note should be taken of the availability cited of their guidelines on the processing of personal data, their legal notices and consent forms (selection and rejection or the relevant cookies). For the sake of completeness, we should also make you aware that Lindenhof does all that is possible to trace the cookies on their website. These are regularly updated in the table below, in which the cookies deposited by Lindenhof and their purposes are also listed. With respect to third parties, who deposit cookies via our website, we list the links to the relevant data privacy statement. As already stated, these third parties are liable for providing an adequate legal notice and for obtaining your consent. This liability does not apply to cookies directly deposited by third parties, but for any other cookies, which are deposited via our website when services, from which these third parties also profit, are used. Lindenhof is unable to exercise any control over these third party provider cookies and is unaware both of their features and their purposes.

Notices on cookies from third party service providers:

Google LLC: https://policies.google.com/privacy
Google Analytics: https://support.google.com/analytics/answer/6004245
Google Tag Manager: https://policies.google.com/privacy
Facebook: https://www.facebook.com/full_data_use_policy
Giggle Tips: http://giggle.tips/privacy
AddThis Inc.: http://www.addthis.com/privacy/privacy-policy

Details of the cookies deposited via the website by Lindenhof are as follows:

Cookies on the website

Type of cookie and owner	Technical designation of the cookie	Modes of operation and purpose	Duration of stay
ASP-Session Technical cookie	ASP.NET SESSION ID	Stores the session ID.	Browser session
Google LLC Third party cookie	_ga	Used to differ between users.	2 years
Google LLC Third party cookie	_gat	Limits the sent requests.	10 minutes
Google LLC Third party cookie	_utma	Identifies the user.	2 years
Google LLC Third party cookie	_utmb	Stores the timestamp when the user first enters the website. Used to determine the duration of the session together with _utmc.	30 minutes or browser session
Google LLC Third party cookie	_utmc	Used to determine the duration of the session.	Browser session
Google LLC Third party cookie	_utmt	Limits the sent requests.	10 minutes
Google LLC Third party cookie	_utmz	Records the traffic sources of the website: search engine, search queries, linked pages.	6 months
AddThis Inc. Function cookie	_atuvc	Refreshes the count of shreas after the user shared the content of the website.	2 years
AddThis Inc. Function cookies	uid, di/dt, bt, uvc, ssc/psc/uvc, loc, uss/ups, ssh/sshs, dbm	These cookies enable the operation of AddThis.	2 years
Function cookie	cmts-language	This cookie contains the selected language of the website.	1 month
Function cookie	cmts-sid	PHP-session id of the website	1 month
Function cookie	rmts-entrypage	First called page (entrance page) - will be sent with the inquiry, if there is any.	1 year
Function cookie	rmts-source	First referrer (source) - will be sent with the inquiry, if there is any.	1 year

Cookie settings

Technical and functional cookies may be blocked or erased in whole or in part via specific browser functions. However, we should like to make you aware that if you do not consent to technical cookies it may not be possible to use the website, to access its contents and to use its services. If function cookies are blocked, some services or specific functions of the website may not be available or may not function correctly and it may be necessary manually to input some data or preferences every time you visit the website.

The settings activated with respect to cookies on the website are stored in your own cookie. This cookie might not function correctly under certain circumstances. In these cases you should erase the unwanted cookies and also block their application through your browser settings.

In order to visit the website using a different browser you must refresh your cookie settings.

Display and modification of cookies via the browser

You can completely or partially block or erase cookies by means of certain functions in your browser. Further information on setting preferences by means of your browser with respect to the use of cookies is available in the following guidance notices:

3. Purpose of the data processing

We process your personal data (where necessary with your specific consent) for the following purposes:

Performance of the services requested by you i.e.: i) booking enquiries; ii) ordering holiday packages/vouchers; iii) fulfillment of the accommodation contract or booked services; iv) registration for the newsletter;
Response to requests and assistance;
Compliance with legal, accounting or tax obligations;
Marketing purposes: On your express and specific consent to the hotels in the DolceVita Group the data provided may be used for the transfer of advertising and marketing material, including the periodical despatch of the newsletter and marketing surveys by automated systems (SMS, MMS, e-mail, push-mails, fax) and other means (letter post, telephone calls).

4. Legal bases, voluntary nature or necessity of the processing

The legal base for the processing of personal data for the purposes stated in Sections 3.a and 3.b is Article 6 (1) (b) GDPR, since in this case the processing is necessary to perform the services or to respond to the request from the data subject. The provision of personal data for these purposes is voluntary; however the failure to provide data makes it impossible to activate services provided by the website or to respond to requests.

The purposes for the processing referred to in Section 3.c represent legitimate processing of personal data pursuant to Article 6 (1) (c) GDPR. Once personal data have been provided in these cases processing is necessary in order to comply with legal obligations, to which Lindenhof is subject.

Pursuant to Article 6 (1) (a) GDPR the legal base for the processing for the purposes in Section 3.e is the consent of the data subject. The lack of consent to this processing purpose does not affect in the least the provision of the services.

For processing, undertaken for the purposes of direct marketing, direct sales or to perform our own market research or to send business communications on the same products or services already purchased or booked by you the controller may use e-mail addresses and postal addresses without your consent. This is admissible pursuant to Article 130 (4) Legislative Decree 196/2003 and the order of the Data Protection Authority of 19 June 2008 and within the constraints provided therein. The legal base for the processing of your data for these purposes is the legitimate interests of Lindenhof pursuant to Article 6 (1) (f) GDPR.

5. Recipients of the personal data

For the purposes referred to in Section 3 your personal data may be transferred to:

third parties, who are typically responsible for processing the data, namely: i) persons, service providers or companies, who provide assistance and advice to Lindenhof on business, management, legal, tax, financial and debt-collection issues with respect to the exercise of the services; ii) third parties, with whom there is a reciprocal relationship for the provision of the service (e.g providers of host services); iii) third parties, who are commissioned with the performance of technical maintenance work (system administrators), including maintenance of the network devices and the electronic communications networks; (in the following jointly referred to as Recipients);
facilities or authorities, to which your personal data must be reported by virtue of legal provisions or orders;
third parties, who are commissioned by Lindenhof to process the personal data as part of the provision of services and who have been placed under a duty of non-disclosure or who are subject to a legal duty of confidentiality (e.g. Lindenhof employees).
Hotels in the DolceVita Group (Resort Lindenhof, Feldhof, Alpiana Resort, Preidlhof Resort and Jagdhof), which are included in the DolceVita Consortium and in accordance with the internal agreement appear as joint controllers in order to be able to process requests and provide the services requested.

6. Transfer of personal data

Some of your personal data are exchanged with recipients, who may be located outside the European Economic Area. Lindenhof guarantees that these recipients process your personal data in accordance with the GDPR. In fact the transfer of data may rely on a decision on fitness, on a standard contractual clause approved by the Council of the European Union or another appropriate legal base. Further information is available from Lindenhof on: info@lindenhof.com.

7. Storage of data

The personal data processed for the purposes referred to in Sections 3.a and 3.b is stored only for the period absolutely necessary for achieving these purposes. Since the data are processed for the provision of services, in this case Lindenhof stores the personal data for the period stipulated in the statute for the protection of it own interests (Article 2946 Italian Civil Code, as amended).

The personal data processed for the purpose specified in Section 3.c are stored for as long as is provided by the specific obligation or in the applicable statutory provision.

Conversely, the personal data stored for the purposes referred to in Section 3.d are stored until the data subject withdraws his or her consent, or for a maximum period regarded as reasonable, unless consent is withdrawn.

Further information on data storage periods on the criteria for the determination of this period is available from Lindenhof at info@lindenhof.com.

8. Digital Marketing & Marketing Automation for Hotels

ADDITIVE+ LANDINGPAGE - Online Marketing and Landing Pages

Beside our website we do also operate optimized landing pages for means of hotel online marketing. To process your request, reservation, order, activation, registration or the transmission of other contact forms on our website as well as to save and store your data we use cloud services, CRM systems and software provided by ADDITIVE Srl, 39011 Lana (BZ), Italy (“ADDITIVE”), our partner in the field of hotel digital marketing. The adequate level of data protection is based on data processing agreements with the respective company.

Our landing pages use Google Analytics, a web analytics service provided by Google Inc. (“Google”). Google Analytics enables website operators to analyse the user behavior of the visitors. The information about the user behavior is transmitted to and stored by Google on its servers.

Your IP address is collected but immediately anonymised (for example by deleting the last 8 bits). As a result the geolocation data is less accurate.

You can prevent the data collection connected to your use of our online services through cookies and the processing of this data by Google, by installing the browser-plugin available at the following link:
https://chrome.google.com/webstore/detail/google-analytics-opt-out/fllaojicojecljbmefodhfapmkghcbnh

ADDITIVE has an insight into data gathered through Google Analytics. This data will be used only to analyse the use of our websites and to evaluate our marketing and distribution strategies.

Our website and landing pages also use functions provided by ADDITIVE for the multi-channel monitoring of the use of our websites as well as marketing and distribution strategies like landing pages, newsletter and social media presence. Information about your visits and submitted forms on our websites are also transmitted to ADDITIVE in order to evaluate and optimize our marketing and sales measures.

The data processing takes place in accordance with the requirements of art. 6 para. 1 lit f (legitimate interests) of the GDPR.

Our objective in accordance with the GDPR (legitimate interests) is the improvement of our products and services and our web presence through the analysis of the use of our website as well as marketing and distribution strategies.

Our website and our landing pages also use remarketing functions provided by Google Inc. (“Google”) and by Meta Platforms Inc. (“Meta”). Therefore, Meta and Google will know that you have visited our website. This way visitors of our website and of our landing pages will find ads adapted to their interests on Google’s advertising platforms and on the social media platforms Facebook and Instagram.

The data processing takes place in accordance with the requirements of art. 6 para. 1 lit a (consent) of the GDPR.

When you visit our landing pages a banner will inform you about the use of cookies for remarketing functions. If you continue using the website or click on the respective button you consent to the use of cookies. You can deny your consent anytime, by visiting the page containing the cookie information and denying the use in the banner that will be displayed.

ADDITIVE+ MARKETING AUTOMATION - Direct Marketing

In order to increase customer loyalty and to sell our services and additional services we use hotel online marketing software provided by ADDITIVE Srl, 39011 Lana (BZ), Italy (“ADDITIVE”) within the field of hotel marketing automation.
Therefore your data, which we gather and process in connection with your request, reservation, order, activation, registration or the transmission of other contact forms on our website, will be analysed and used to provide you with automatically generated offers for our services and additional services. Through the use of these services and systems your data will be processed and stored, at least in part, also outside of the EU or the EEC. The adequate level of data protection is based on data processing agreements.

You can deny the use of your data for this purpose anytime by clicking on the “unsubscribe” link in the respective message.

The data processing takes place in accordance with the requirements of art. 6 para. 1 lit f (legitimate interests) of the GDPR.

Our objective in accordance with the GDPR (legitimate interests) is the prevention of competitive disadvantages, the increase in brand awareness and the maximisation of our economic success through an optimal use of the acquired contacts.

ADDITIVE+ NEWSLETTER

On our website you have the possibility to subscribe to our newsletter. For the subscription we need your email address and your consent to receive our newsletter through ADDITIVE, our provider for hotel e mail marketing. To provide you with relevant information we also gather and process voluntary information concerning interests, name, date of birth and country/region of origin in our hotel newsletter tool.

After signing up for our newsletter you will receive an email containing a link to confirm the subscription.

Your subscription can be cancelled any time by clicking on the cancellation link in the respective newsletter.

To process your subscriptions and to send our newsletters we use software provided by ADDITIVE Srl, 39011 Lana (BZ), Italy (“ADDITIVE”). Through the use of these services and systems your data will be processed and stored, at least in part, also outside of the EU or the EEC. The adequate level of data protection is based on data processing agreements.

ADDITIVE+ VOUCHERS

On our website you have the possibility to buy vouchers by using the integrated <a href="https://www.additive.eu/en/hotel-marketing-software-automation/hotel-voucher-software.html" target="_blank"> voucher software</a>. To process your purchase and to save and store your data we use software provided by ADDITIVE Srl, 39011 Lana (BZ), Italy (“ADDITIVE”) in the context of <a href="https://www.additive.eu/en/hotel-marketing-software-automation/coupon-marketing-hotel.html" target="_blank">voucher marketing</a>. Through the use of these services and systems your data will be processed and stored in the EU.

The data you provide is required to fulfil the contract or to carry out pre-contractual measures. Without this data we cannot conclude a contract with you. The data will not be transferred to an outside third party, except for your credit card data which will be transferred to the payment provider and to our tax accountant to fulfil our tax obligations.

The data processing takes place in accordance with the requirements of art. 6 para. 1 lit a (consent) and/or lit b (processing necessary for the performance of a contract) of the GDPR.

9. Rights of the data subjects

Pursuant to Article 15 et seq. GDPR you have the right at any time to request information on personal data concerning you processed by Lindenhof and the right to demand that the data be rectified or erased. In addition you may object at any time to the processing and in the cases provided for in Article 18 GDPR to demand restriction of the data. In the cases provided for in Article 20 GDPR you have the right to receive the data concerning you in a structured, current and machine-readable format. This request may be made in writing to: info@lindenhof.com.

In any case you have the right pursuant to Article 77 GDPR to lodge a complaint with a responsible supervisory authority (for Italy: the Data Protection Supervisor) if you believe that the processing of the personal data concerning you breaches the currently applicable legal provisions.

10. Amendments

This data protection guideline comes into force with effect from 25.05.2018. Lindenhof reserves the right to amend or to update in completely or in part the contents by virtue of the applicable provisions. Lindenhof shall publish amendments on the website as soon as these are introduced and the amendments shall apply with effect from the date of publication. Lindenhof recommends that you access this section on a regular basis, in order to check the latest version of data protection guidelines and to remain informed at all times on the data collected and the use of the same.