Skip to content
Hotel Apollon

Corporate Information

Company Name
Immobiliare S. Angelo SpA

Registered Office Address
Via Comandante Maddalena, 55
80081 Serrara Fontana (Na), Italy

VAT Number
04004891216

Privacy Policy

INFORMATION PURSUANT TO ARTICLES 13 AND 14 – EU REGULATION 2016/679

Data Subjects:
Website users

Processing of Personal Data

Below, the management methods of the service www.miramaresearesort.it, whose data controller is Immobiliare S. Angelo SpA, are described. This privacy notice is provided pursuant to Article 13 of Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 concerning the protection of natural persons regarding the processing of personal data. This notice only applies to the Miramare Sea Resort website and not to other websites that users may visit via links.

Data Controller

Following consultation of this site, data relating to identified or identifiable individuals may be processed.

Data Controller:
Miramare Sea Resort – Via Comandante Maddalena, 55 – 80081 Serrara Fontana
Email: HOTEL@HOTELMIRAMARE.IT
Company Name: Immobiliare S. Angelo SpA, Registered Office Address: Via Comandante Maddalena, 55 – 80081 Serrara Fontana (Na), Italy

Data Processing Location and Recipients

Data related to Miramare Sea Resort's web services are processed in ITALY at the OVH S.R.L., located at Via Carlo Imbonati, 18 20159 Milano. These entities act as subcontractors for Stinga Consulting (the primary data processor), headquartered at Via degli Aranci, 25 | 80067 — Sorrento (NA), responsible for website maintenance and management.

Types of Data Processed

Navigation Data
The software applications used to operate the Miramare Sea Resort website collect certain personal data transmitted via secure protocols. These data are not collected to be associated with identified data subjects, but they could, through processing and association with data held by third parties, allow users to be identified. This category of data includes IP addresses, browser identifiers (user agents), URIs (Uniform Resource Identifiers) of requested resources, request times, request submission methods to the server, numerical response codes from the server (e.g., success or error), and other parameters related to the user's operating system and IT environment. These data are used solely to obtain anonymous statistical information about website use and to ensure its proper functioning.

Data Voluntarily Provided by the User
To access certain services provided through the Miramare Sea Resort website, the optional and voluntary submission of some identifying data (email, name, contact details, and information necessary to provide the requested service) may be required.

Purpose and Legal Basis

Service Provision
Personal data provided by users who use the services of Miramare Sea Resort (e.g., browsing the site, filling out forms for various requests) are used solely to perform the requested service or task. The legal basis for this processing is the execution of pre-contractual measures to respond to your requests.

Additional Communications Following a Stay
After purchasing a stay, Miramare Sea Resort may send users further communications, including commercial ones, related to its services. The legal basis for the processing described above is the legitimate interest of the data controller (Recital 47 GDPR).

Direct Marketing
With specific consent (e.g., subscribing to the newsletter), Miramare Sea Resort may send information about new products, promotions, and special offers via email. Users may disable this service at any time through the provided procedure and/or methods indicated subsequently to exercise their rights. The legal basis for the processing described above is the consent of the data subject. Specific summary information, if necessary, will be provided or displayed on the pages of the website set up for particular additional services upon request.

Data Retention Period

The data retention period is the time necessary for the purposes arising from the requested services and an additional period of 36 months. If the requested information involves an online transaction, such data may be retained for accounting and tax purposes for a period of 10 years. Regarding technical data managed by the site, such as cookies, the retention period is defined by the technical characteristics of the cookies themselves and specified in the "Website Cookie" table. The data retention period is renewed for an additional period of 36 months whenever new consent for data processing is given and/or whenever access to services offered through personal credentials (e.g., login to personal area) is made.

Optional Nature of Data Provision

Apart from what is specified for navigation data, users are free to provide Miramare Sea Resort with the personal data required to use the services provided through the website. Failure to provide data for fields marked with an asterisk (mandatory) will make it impossible to use the offered service.

Methods and Security of Processing

The processing of personal data is carried out using IT tools suitable for ensuring the security and confidentiality of the data, and in compliance with the appropriate security measures as required by Article 32 GDPR, through secure communication protocols with SSL encryption algorithms. Personal data will be processed in accordance with the legislative provisions of the aforementioned regulation and the confidentiality obligations provided therein. "Best practices" include the Italian Data Protection Authority's provision “Guidelines on promotional activity and spam control” – July 4, 2013 (Published in the Official Gazette No. 174 of July 26, 2013), the "Guidelines on the processing of personal data for online profiling" – March 19, 2015, and the "Guidelines on Automated Decision-Making and Profiling” – WP251, defined based on the provisions of Regulation (EU) 2016/679.

Data Transfer to Non-EU Countries and Adequacy Guarantees

The service provider responsible for hosting, maintenance, and management of the Miramare Sea Resort website is Stinga Consulting, a web agency that ensures GDPR compliance located in Via degli Aranci, 25 | 80067 — Sorrento (NA). Pending the initiation of adequacy decision procedures by the European Commission, data processing is permitted where the data subject is a party to a contract or pre-contractual measures, or has given consent, informed of the possible risks of such data transfer (Article 49 GDPR – derogations in specific situations). Additional data transfers to non-EU countries may occur through the use of services provided by Facebook, Google, and other external providers or social media platforms located in the USA. Such data processing is guaranteed by the "Privacy Shield" agreements signed by the individual companies.

Recipients

To provide support for the functioning and organization of activities, some data may be shared or communicated to recipients. These entities are categorized as Third Parties, Data Processors, and Sub-processors, as well as authorized personnel under the authority of the Data Controller or Data Processor.

Third Parties
These are defined as natural or legal persons, public authorities, services, or other entities that are not the data subject, the data controller, the data processor, or persons authorized to process the data. For data processing related to administrative, accounting, legal obligations, customer management, and contracts, data may be communicated to:

  • Companies managing traditional or digital postal services.

  • Companies registering domain names.

  • Other entities whose data communication is necessary to achieve the aforementioned purposes or to fulfill legal obligations.

Data Processors and Sub-processors
These include natural or legal persons, public authorities, services, or other entities that process personal data on behalf of the Data Controller.

  • Stinga Consulting as the primary data processor, and other sub-processors providing technological infrastructure, connectivity, and hosting services: OVH S.R.L. which relies on additional Sub-processors for service provision, located at Via Carlo Imbonati, 18 20159 Milano where data are stored.

  • Other IT service providers necessary for service delivery, possibly located in the USA, with guarantees provided by the "Privacy Shield" adequacy agreement.

Within our Organization
Your data will only be processed by personnel expressly authorized by the Data Controller, with adequate instructions, training, and confidentiality agreements, including administrative staff.

Dissemination

Your personal data will not be disseminated in any way.

Rights of Data Subjects

Data subjects (individuals to whom the personal data refer) may exercise their rights under the Regulation at any time through a dedicated personal area. Access to this area is available by requesting the link via the procedure at the bottom of this privacy notice. Another method for exercising rights under the Regulation, if the user has subscribed to the newsletter service, is available through the link provided at the bottom of the received email. In particular, individuals may legitimately request the following rights under Articles 15 to 23:

  1. The deletion of all data.

  2. Rectification/Modification.

  3. Restriction of processing.

  4. Data portability.

  5. The right to object to automated decision-making (profiling).
    Additional requests may be noted in the comments section.

If applicable, data subjects also have the right to file a complaint with the Data Protection Authority as the supervisory authority according to the established procedures. For further information and to exercise your rights recognized by European regulations, please contact the Data Controller at the contact details provided above.

Consent

The undersigned data subject, having acquired the information provided by the Data Controller pursuant to Articles 13-14 of the GDPR, confirms having read this privacy notice regarding data processing for the purposes necessary to provide the service and to allow Miramare Sea Resort to correctly manage and appropriately process the data. This privacy notice also considers that the data processor Miramare Sea Resort relies on for website management is Stinga Consulting, pending the initiation of adequacy decision procedures by the European Commission.