The benefits of GB Hotels - Abano Terme
All reservations include:
Live entertainment & music from a weekly programme
Privacy policy for the processing of personal data
Information note pursuant to and by effect of article 13 of the GDPR 679/2016
In compliance with the provisions of GDPR 679/2016, we inform you about the processing of personal data concerning you and those of your family members, including minors, acquired by us as a result of contractual relationships and to enable us to properly carry out our activity and in accordance with the provisions of the law in force. The methods of data processing, using both paper and IT means, meet the security guarantees required by the new regulations.
1. CONTACTS OF THE DATA CONTROLLER AND THE DATA PROTECTION OFFICER (DPO)
The Data Controller is G.B.THERMAE HOTELS s.r.l., with registered office in Abano Terme (PD), via Valerio Flacco, 99, tax code, VAT number and registration number, at the Companies Register of Padua, 00220810287, e-mail: amm@gbhotelsabano.it, certified email address: amm.gbthermaehotels@pec.it.
The Data Controller, pursuant to art. 37 of the European Regulation 679/2016, appointed a Data Protection Officer, which can be contacted by email at the following address: dpo@gbhotelsabano.it for all issues concerning the processing of personal data and the exercise of rights concerning it.
The identity of the DPO and further contact details are available on the website www.gbhotelsabano.it in the “Privacy” section.
2. PROCESSING PURPOSES AND LEGAL BASIS
The data will be processed by us for the performance of the following activities:
The provision of personal data even if it is not mandatory, is necessary to pursue the above mentioned purposes. Failure to provide the data makes it impossible to carry out the contractual relationship at the basis of the processing.
3. SCOPE OF COMMUNICATION AND RECIPIENTS OF THE PROCESSING
Your data may be communicated by us exclusively to the third parties indicated below, and to the Police authorities if it is required by law:
The aforementioned parties act as external Data Protection Officers for the personal data provided.
The treating doctors are co-data controllers of the processing of the specific data entrusted to them for the implementation of the health service provision.
4. STORAGE TIME OF THE DATA COLLECTED
Except for the legal obligations, the data collected will be stored for the entire period of the contractual relationship as well as for a further 5 years after the end of the relationship, in relation to the direct marketing and profiling purposes.
If the data are provided only during the pre-contractual stage, they will be stored for a 12-month period.
In the event of a dispute, the data will be processed and stored until the dispute is settled.
After the storage period, as described above, the data provided by you will be erased in full.
5. RIGHTS OF THE CONCERNED PARTY
European Regulation No. 679/2016 recognizes to the concerned party special rights, which can be exercised only by contacting the Data Controller:
6. COMPLAINT TO THE DATA PROTECTION AUTHORITY
The concerned party has the right to lodge a complaint at the Data Protection Authority in the event that the requests for information, or requests to exercise the rights specified in the previous paragraph 5, did not obtain the expected response.
The Authority of reference is the Data Protection Authortiy
http://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/4535524
Privacy policy for the processing of special categories of personal data
Information note pursuant to and by effect of article 13 of the GDPR 679/2016
In compliance with the provisions of GDPR 679/2016, we inform you about the processing of personal data concerning you and those of your family members, including minors, acquired by us as a result of contractual relationships and to enable us to properly carry out our activity and in accordance with the provisions of the law in force. The methods of data processing, using both paper and IT means, meet the security guarantees required by the new regulations.
1. CONTACTS OF THE DATA CONTROLLER AND THE DATA PROTECTION OFFICER (DPO)
The Data Controller is G.B. THERMAE HOTELS s.r.l., with registered office in Abano Terme (PD), via Valerio Flacco, 99, tax code, VAT number and registration number, at the Companies Register of Padua, 00220810287, e-mail: amm@gbhotelsabano.it, pec: amm.gbthermaehotels@pec.it.
The Data Controller, pursuant to art. 37 of the European Regulation 679/2016, appointed a Data Protection Officer, which can be contacted by email at the following address: dpo@gbhotelsabano.it for all issues concerning the processing of personal data and the exercise of rights concerning it.
The identity of the DPO and further contact details are available on the website www.gbhotelsabano.it in the “Privacy” section.
2. PROCESSING PURPOSES AND LEGAL BASIS
The data will be processed by us for the performance of the following activities:
The communication of categories of personal data by the interested party, even if it is not mandatory, is necessary to pursue the above mentioned purposes. Failure to provide the data makes it impossible to carry out the contractual relationship at the basis of the processing.
3. SCOPE OF COMMUNICATION AND RECIPIENTS OF THE PROCESSING
Your data may be communicated by us exclusively to the third parties indicated below, and to the Police authorities if it is required by law:
4. STORAGE TIME OF THE DATA COLLECTED.
The data collected will be processed for the entire period of the medical-healing treatments provided. Guests’ clinical records will be stored for the terms established by the law according to the agreements undertaken between the co-data controllers.
The data collected for the provision of aesthetic treatments will be processed for the entire period in which treatments are provided as well as for additional 5 years after the end of the relationship to allow adequate service provision to guests during subsequent stays. In the event of a dispute, the data will be processed and stored until the dispute is settled.
After the storage period, as described above, the data provided by you will be erased in full.
5. RIGHTS OF THE CONCERNED PARTY
European Regulation No. 679/2016 recognizes to the concerned party special rights, which can be exercised only by contacting the Data Controller:
6. COMPLAINT TO THE DATA PROTECTION AUTHORITY
The concerned party has the right to lodge a complaint at the Data Protection Authority in the event that the requests for information, or requests to exercise the rights specified in the previous paragraph 6, did not obtain the expected response.
The Authority of reference is the Data Protection Authortiy
http://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/4535524