Privacy Statement in compliance with art. 13 Eu. Reg. n. 2016/679 (G.D.P.R. General Data Protection Regulation)
This privacy statement covers the website www.scenarious.travel which is operated by the Travel Agency Italy by Design Travel Consultants Srls.
Content of the Privacy Statement:
- General data controller
- Information collected online about you
- Information use – Cookies Policy
- Sharing of Information
- Other information about general data processing
- Right of data subject
If you have questions or concerns regarding this statement, you should contact Italy by Design Travel Consultants Srls customer service by email.
1. General data Controller
Data Controller is Italy by Design Travel Consultants Srls, Via Cavour, 53 – 05022 Amelia (TR) P.I./C.F. 01591180557. The Controller can be contacted by email: email@example.com – p.e.c.: firstname.lastname@example.org
2. Information Collected Online About You
We will not sell, share or rent this information to others in ways different from what is disclosed in this statement. We are committed to strictly controlling the use of any information you provide to Italy by Design Travel Consultants Srls.
In case of your consent, the data may also be processed to send you our promotional messages and updating of rates and special offers.
You may request details of all information held about you by us at any time.
When you make a payment by credit card to Italy by Design Travel Consultants Srls, we use an external secure server from Nexi S.p.A. (a leading Italian bank specializing in payment systems). We never collect or store any information about your credit card on our servers.
3. Information Use – Cookies Policy
What are cookies?
What are cookies used for?
- For marketing purposes for example, to display personalized banner.
- To identify you as you travel around our site and to monitor your journey and record bookings. This enables us to identify issues and improve our customer journey.
- To provide site usage information, which together with booking information, will further help us improve and develop the products and services we offer.
- You may change your website browser settings to reject cookies. To learn how to disable cookies or opt out of their usage please visit www.aboutcookies.org. Please note, however, that some cookies are essential in order to book on the website and in the event you do reject cookies this may impair the functionality of the website and may mean that you are unable to book on the website.
- At no point do our cookies or those of our third parties store your personal payment information.
Are there different types of cookies?
We have classified our cookies into two different types: first and third party cookies. First party cookies are the cookies that Discover Your Italy sets to offer you a fully functional experience when visiting our sites. Third party cookies are set by our business partners such as Social Media and the like.
First party cookies
In order to be able to visit www.scenarious.travel we require your computer to accept cookies. Some of our cookies (classified as First Party cookies) are essential to enable the booking function on our website, without them you would not be able to visit www.scenarious.travel. Our cookies don’t store personal information such as name, address or any payment details.
Third party cookies
For further information about cookies and how to manage them visit www.allaboutcookies.org.
Like most standard Website servers we use log files. These includes internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, platform type, date/time stamp, and number of clicks. These files enable the analysis of trends, the administration of the site, the tracking of user’s movement in the aggregate, the diagnosis of problems with our servers and the collection of broad demographic information for aggregate use. Log files and IP addresses are not linked to personal information.
4. Sharing of information
Although we make every effort to preserve user privacy, Italy by Design Travel Consultants Srls may be required by law to disclose information you have provided in obtaining our product/service. Italy by Design Travel Consultants Srls may also disclose information against someone who poses a threat to Italy by Design Travel Consultants Srls’s interests (such as customer fraud) or whose activities could bring harm to others.
Aggregate Information (non-personally identifiable)
We can share aggregated demographic information with our partners and advertisers. This is not linked to any personal information.
When you reserve a Trip through Italy by Design Travel Consultants Srls, we provide some information about you (such as name) to the suppliers (such as hotel or third parties) involved to ensure the successful fulfillment of your travel arrangements. Italy by Design Travel Consultants Srls offers products from suppliers that are reputable companies, that should act according the privacy law. We cannot be held responsible of their use of your personal information.
If you were referred to www.scenarious.travel from another website, we will not share any personal information about you to the referring website. Italy by Design Travel Consultants Srls believes that the website companies from which you were referred to us are reputable companies, we have not placed limitations on the referring website companies from using or disclosing your information without your permission. However, we encourage you to review the information privacy statements of any website that referred you to www.scenarious.travel.
While we use encryption codes to protect sensitive information online, we also do everything in our power to protect user-information off-line. All of our user’s information is restricted in our offices. Only employees who need the information to perform a specific job (for example, our billing clerk or a customer service representative) are granted access to personally identifiable information. Furthermore, all employees are kept up-to-date on our security and privacy practices. Finally, the servers that store personally identifiable information are in a secure environment.
5. Other information
The owner processes your personal data lawfully, where the processing:
- is necessary to fulfill hosting services, pre-contractual measures and all the activities compatible with that purpose;
- is necessary to fulfill a legal obligation that hang over the Controller;
- is based on the express consent, if you have given it to receive our promotional messages and updating on rates and offers;
- is based on the legitimate interest of the Controller to promote its products through marketing activities, except for your unconditional right to object.
With regard to personal data necessary for the fulfilment of the contract of which you are a party or related to the fulfillment of a regulatory obligation, the failure to communicate personal data prevents the improvement of the contractual relationship itself.
Personal data, object of treatment for the above mentioned purposes, will be kept for the duration period of the contract and, subsequently, for the period in which the Owner is subject to conservation obligations for fiscal purposes or for other purposes required by the law, that means for 10 years from the end of the service provided.
Personal data are not subject to diffusion or to any fully automated decision making process, including profiling.
6. Rights of the customers
The rights recognized by the GDPR are the following:
- ask the Controller to access your personal data and information about them; correction of wrong data or integration of incomplete data; the cancellation of personal data concerning you (upon the occurrence of one of the conditions indicated in the art. 17, paragraph 1 of the GDPR and in compliance with the exceptions described in paragraph 3 of the same article); the restriction of the processing of your personal data (upon occurrence of one of the hypotheses indicated in art. 18, paragraph 1 of the GDPR);
- request and obtain from the Owner – in cases where the legal basis of the treatment is the contract or consent, and the same is done by automated means – your personal data in a structured and readable format by automatic device, also in order communicate such data to another data controller (so-called right to the portability of personal data);
- oppose at any time the processing of your personal data upon occurrence of particular situations that affect you;
- revoke the consent at any time. This only in case where the processing is based on your consent for one or more specific purposes and concerns common personal data (for example date and place of birth or place of residence), or particular categories data (eg data revealing your racial origin, your political opinions, your religious beliefs, your health or your sex life). The treatment based on consent and gave before the revocation of the same preserves, however, its lawfulness;
- make a complaint to a supervisory authority (Authority for the protection of personal data – www.garanteprivacy.it)