Privacy disclaimer

(pursuant to articles. 13 of the Regulation (UE) 2016/679 of the European Parliament and of the Council of 27/04/16)
The company Hotel Bar Ristorante Cavallo Bianco with registered office in Corso della Vittoria, 6 B, 28100, Novara (NO), Italy, item IVA IT01561460039 (hereinafter "Owner"), as Data Controller, The informs, pursuant to art. 13 of EU Regulation no. 2016/679 (hereinafter “GDPR”) that the data you provide will be processed in the manner and for the following purposes:

1. OBJECT OF THE TREATMENT:
   1.1 The object of the treatment will be personal data, identifiers (ad is. name, surname, business name, address, telephone, e-mail, bank and payment references) - hereinafter referred to as "personal data" or even simply "data" - communicated by you to the Data Controller on the occasion of the conclusion of the purchase contract with the same.
2. PURPOSE OF THE TREATMENT:
   2.1 Pursuant to art. 6 of Reg. UE 2016/679 Your data will be processed exclusively for the following purposes:
   • Execute the purchase contract concluded by you with the Data Controller;
   • Fulfill the pre-contractual obligations, contractual and fiscal deriving from the existing relationship with you;
   • Fulfill the obligations established by law, by a regulation, by Community legislation or by an order of the Authority (come, for example, on anti-money laundering);
   • Exercise the rights of the Owner, for example the right of defense in court.
   2.2. Only after obtaining your specific written consent, the data communicated by you will also be processed for the following purposes:
   • Enter – by email, mail and/or sms and/or telephone contacts, newsletter – of commercial communications and/or advertising material on products or services offered by the Data Controller;
   • Enter – by email, mail and/or sms and/or telephone contacts, newsletter – of commercial and/or promotional communications from third parties;
   2.3 We inform you that if you are already our customer, we will be able to send you commercial communications relating to the Controller's products and services similar to those you have already used, except for your express opposition to this type of treatment to be communicated to the Data Controller.
3. PROCESSING METHODS AND DATA STORAGE
   3.1 The processing of your personal data will take place through the operations indicated in art. 4 Privacy Code and art. 4 n. 2) GDPR and precisely: collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, usage, interconnection, block, communication, deletion and destruction of data. Your personal data will be subjected to both paper and electronic and/or automated processing.
   3.2 The Data Controller will process your personal data for the time necessary to fulfill the purposes referred to in art. 2) and in any case for no longer 10 years from the termination of the contractual relationship, also with regard to personal data acquired for marketing purposes. At the end of the aforementioned period, the data will be deleted or made anonymous.
4. DATA ACCESS
   Your data may be made accessible for the purposes referred to in art. 2.1 e 2.2:
   • To the Data Controller's employees and collaborators in their capacity as persons in charge and/or internal data processors and/or system administrators;
   • To third party companies or other subjects (by way of example only: credit institutions, professional studies, consultants, insurance company, ecc.…) who carry out outsourced activities on behalf of the Owner, in their capacity as external data processors.
5. DATA COMMUNICATION
   5.1 Your data may be communicated for the purposes referred to in art. 2.1 to supervisory bodies, Judicial authorities, to insurance companies for the provision of insurance services, as well as to those subjects to whom the communication is mandatory by law for the accomplishment of the aforementioned purposes. These subjects will keep the data in their capacity as independent data controllers.
   5.2 Your information will not be disseminated.
6. DATA TRANSFER
   Your personal data will be stored on servers located within the European Union. In any case, it is understood that the Owner, where necessary, will have the right to move the servers even outside the EU. Then, the Data Controller ensures from now on that the transfer of non-EU data will take place in compliance with the applicable legal provisions, subject to the stipulation of the standard contractual clauses envisaged by the European Commission.
7. NATURE OF THE PROVISION OF DATA AND CONSEQUENCES OF THE REFUSAL TO ANSWER
   7.1 The provision of data for the purposes referred to in art. 2.1 is required. In their absence, we will not be able to guarantee the execution of the purchase contract.
   7.2 The provision of data for the purposes referred to in art. 2.2 however, it is optional. You can therefore decide not to provide any data or to subsequently deny the possibility of processing data already provided: then, will not be able to receive newsletters, commercial communications and advertising material concerning the products offered by the Owner.
8. RIGHTS OF THE INTERESTED PARTY
   8.1 In your capacity as an interested party, you have the rights referred to in art. 15 GDPR.
   8.2 Where applicable, he also has the rights pursuant to articles. 16-21 GDPR (Rights of rectification, right to be forgotten, right to restriction of processing, right to data portability, right of opposition), as well as the right to complain to the Guarantor Authority.
9. METHOD OF EXERCISING RIGHTS
   You may at any time exercise the rights referred to in the previous point 8 sending:
   An email to info@hotelcavallobianco.com.
10. OWNER OF THE TREATMENT AND CONTACT DETAILS
    The data controller is the company Hotel Bar Ristorante Cavallo Bianco with registered office in Corso della Vittoria, 6 B, 28100, Novara (NO), Italy, item IVA IT01561460039. The updated list of data processors and persons in charge of processing is kept at the registered office of the Data Controller.