top of page

PRIVACY POLICY

​​​

In this section we provide you, pursuant to Article 13 of European Regulation no. 2016/679, relating to the protection of natural persons with regard to the processing of personal data (hereinafter "GDPR"), some information relating to the processing of your personal data when you visit the site www.iskantelakecomo.it (hereinafter “Site”).

​

This information does not apply to third-party sites, applications and content in general, even if accessible from the site www.iskantelakecomo.it. In these cases, the data protection provisions of such third parties may apply, which may be different from these and which we recommend you consult before communicating any data.

​

The purpose of this document is to provide information on the methods, times and nature of the information that data controllers must provide to users when they connect to the web pages of www.iskantelakecomo.it, regardless of the purposes of the connection itself, according to Italian and European legislation.

​

The information may be subject to changes due to the introduction of new regulations in this regard, therefore the user is invited to periodically check this page.

​

DATA CONTROLLER

The data controller is the natural or legal person, public authority, service or other body which, individually or together with others, determines the purposes and means of the processing of personal data, also dealing with security profiles.

​

The data controller is Brenna Beatrice Elena with headquarters in Via Rimoldi 49 - Como (Co), 22100.

​

DATA PROTECTION OFFICER

Pursuant to art. 28 of Regulation (EU) no. 2016/679 upon appointment of the data owner, the data controller of the site www.iskantelakecomo.it can be contacted at Brenna Beatrice Elena with headquarters in Via Rimoldi 49, Como (Co); Tel. +39 331 11 71 165; email address info@iskantelakecomo.it.

​

PURPOSE OF THE PROCESSING, LEGAL BASIS AND RETENTION TERMS

 

a) Browsing data

The computer systems and software procedures used to operate this Website acquire, during their normal operation, in an automated manner, some personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified interested parties, but which, by its very nature, could, through processing and association with data held by third parties, allow users to be identified.
This category of data includes the IP addresses or domain names of the computers used by users who connect to the Sites, the URI (Uniform Resource Identifier) ​​addresses of the resources requested, the time of the visit, the method used to submit the request to the server, the size of the file obtained in response, the numeric code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user's IT environment.
This data is used for the sole purpose of obtaining anonymous statistical information on the use of the Sites and to check their correct functioning and is deleted immediately after processing.
For security purposes, automatically recorded personal data may be used, in accordance with applicable laws, to block attempts to damage the site itself or to cause harm to other users, or in any case harmful or criminal activities.

Therefore, the data could be used to ascertain responsibility in the event of hypothetical computer crimes against the Site.
The legal basis that legitimises the processing of personal data is the legitimate interest of the data controller.

​

b) Data provided voluntarily

In some sections of the Site, you will be asked to provide personal data. In this case, you will be provided with information pursuant to art. 13 of the GDPR regarding the processing of personal data in relation to the individual purposes pursued. In these sections of the site, in the case of specific services requested by the user, including the possibility of sending a Curriculum Vitae, for a possible working relationship, the site automatically detects and records some identifying data of the user, including the e-mail address. Such data are understood to be voluntarily provided by the user at the time of requesting the provision of the service. By entering your data, you expressly accept the privacy policy, and in particular you accept that the contents entered may be freely disseminated also to third parties. The data received will be used exclusively for the provision of the requested service and only for the time necessary for the provision of the service.

The information that users of the site will deem to make public through the services and tools made available to them, are provided by the user knowingly and voluntarily, exempting this site from any liability regarding any violations of the laws. It is up to the user to verify that they have the prerequisites for entering personal data of third parties or content protected by national and international laws.

​

The Data Controller processes the User's personal data if one of the following conditions exists:

-the User has given consent for one or more specific purposes. In some jurisdictions, the Data Controller may be authorized to process personal data without the User's consent or any other of the legal bases specified below, until the User objects (“opt-out”) to such processing. However, this does not apply if the processing of personal data is regulated by European legislation on the protection of personal data;

- processing is necessary for the performance of a contract with the User and/or for the execution of pre-contractual measures;

-the processing is necessary to fulfill a legal obligation to which the Data Controller is subject;

-the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Data Controller;

-the processing is necessary for the pursuit of the legitimate interest of the Owner or third parties.

However, it is always possible to ask the Owner to clarify the specific legal basis of each treatment and in particular to specify whether the treatment is based on the law, provided for by a contract or necessary to conclude a contract.

​

The data collected by the site during its operation are used exclusively for the purposes indicated above and are stored for the time strictly necessary to carry out the specified activities, and in any case no longer than 10 years.

The data used for site security purposes are stored for the period of time strictly necessary to achieve the purpose indicated above.

 

COOKIE

Information about the cookies used on this site can be found at the following URL (Informational cookies). 

​

DATA PROVISION

Apart from what is specified above for navigation data and in the information pursuant to art. 13 of the GDPR provided in the individual sections of the Site, the provision of data for additional purposes is optional. Failure to provide them may make it impossible to pursue such additional purposes.

​

RECIPIENTS OF THE TREATMENT

Your data will be processed by our employees and collaborators authorized to process them as they are responsible for pursuing the purposes indicated above and who have received, in this regard, adequate operating instructions.

Your data may be communicated to companies, independent data controllers, also established outside the European Union and in particular to:

  • authorities and supervisory and control bodies and in general public or private subjects authorised to request the data.

Your data may be processed by external parties, expressly appointed as data controllers, also established outside the European Union and in particular:

  • companies that deal with the management and technical maintenance of the sites;

  • other companies that offer IT services and/or software development and maintenance;

  • companies that offer tools to analyze user navigation.

The list of data recipients is constantly updated and can be easily and free of charge obtained by sending a written communication to the Data Controller at the address indicated above or an email to the address info@iskantelakecomo.it.

​

TRANSFER OF DATA OUTSIDE THE EUROPEAN UNION

The data may be transferred abroad to countries outside the European Union on the basis of an adequacy decision adopted by the European Commission pursuant to art. 45 of the GDPR or following the signing with the data importer of the standard contractual clauses adopted/approved by the European Commission pursuant to art. 46, 2, letters c) and d) of the GDPR.

A copy of the guarantees adopted can be obtained by sending an e-mail to: info@iskantelakecomo.it.

 

TREATMENT METHODS

Your personal data will be processed with automated tools for the time strictly necessary to achieve the purposes for which they were collected. This site processes user data in a lawful and correct manner, adopting appropriate security measures to prevent unauthorized access, disclosure, modification or unauthorized destruction of data. Processing is carried out using computer and/or telematic tools, with organizational methods and logic strictly related to the purposes indicated.

In addition to the owner, in some cases, categories of persons involved in the organization of the site (administrative, commercial, marketing, legal, system administrators) or external parties (third party technical service providers, postal couriers, hosting providers, IT companies, communication agencies) may have access to the data.

Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access.

 

USER RIGHTS

You may ask the Data Controller for access to your personal data (art. 15 GDPR), their rectification (art. 16 GDPR), the integration of incomplete personal data and the limitation of processing (in the cases provided for by art. 18 GDPR), opposition to processing in the cases of legitimate interest of the Data Controller (art. 21 GDPR), as well as the deletion of your data (art. 17 GDPR), transformation into anonymous form or blocking of data processed in violation of the law.

Furthermore, in cases where the processing is based on consent or on the contract and is carried out with automated tools, you have the right to exercise the right to data portability or to receive personal data in a structured, commonly used and machine-readable format, as well as, if technically feasible, to transmit them to another owner without impediments.

In the event of a violation of the law, you may lodge a complaint with the Personal Data Protection Authority, as well as resort to other means of protection provided for by applicable law.

These rights may be exercised by sending a written communication to the Data Controller at the address indicated above or an email to the address info@iskantelakecomo.it.​​

​

INFORMATION ON THE PROCESSING OF PERSONAL DATA PURSUANT TO ART. 13 OF REGULATION (EU) 2016/679 (GDPR) FOR THOSE WHO REQUEST AN OVERNIGHT STAY SERVICE BY COMPLETING THE CONTACT FORM ON THE SITE AND/OR THE FORM FOR THE OVERNIGHT STAY REQUEST

​

DATA CONTROLLERS

Brenna Beatrice Elena with headquarters in 22100 Como (CO), via Rimoldi 49;

The name of the person who, as Data Controller, may process your data can be found easily and free of charge by sending a written communication to the address indicated above or an email to info@iskantelakecomo.it.

​

DATA PROTECTION OFFICER (“DPO”)

Brenna Beatrice Elena with headquarters in 22100 Como (CO), via Rimoldi 49; telephone number +39 331 11 71 165, e-mail address info@iskantelakecomo.it.

​

WHY ARE YOUR PERSONAL DATA PROCESSED AND WHAT IS THE CONDITION THAT MAKES THE PROCESSING LAWFUL?

Your data is processed to have one of our operators contact you again to allow you to book our facility for which you have requested the overnight service using traditional contact methods (calls via operator) and automated methods (sms, e-mail).

The legal basis that legitimises the processing of personal data is the execution of the contract to which the interested party is a party or the execution of pre-contractual measures adopted at the request of the same.

​

IS THE PROVISION OF DATA MANDATORY?

The provision of data marked with an asterisk in the data collection form is mandatory for the achievement of the purposes listed above; therefore, any refusal to provide the data will not allow you to be contacted by our representative in order to complete the overnight stay.

Providing additional data is optional, but failure to provide information and/or providing incomplete and/or inaccurate personal data could result in the provision of incomplete and/or inaccurate services with respect to your interests and/or expectations.

​

HOW LONG ARE YOUR PERSONAL DATA KEPT?

For the duration of use of services and, after termination, for 10 years.

After the retention periods indicated above have elapsed, the Personal Data will be destroyed, deleted or made anonymous, compatible with the technical deletion and backup procedures.

​

CATEGORIES OF PERSONAL DATA PROCESSED

The data processed are those requested at the time of your request to use our services as well as those that may be subsequently collected: name, surname, telephone number, e-mail address and any additional data requested in the contact or request form.

​

DATA RECIPIENTS

The data may be processed exclusively by employees and/or collaborators of the company functions authorised to process them as they are responsible for pursuing the purposes indicated above. Such employees and/or collaborators have received, in this regard, adequate operating instructions.

The data may be processed by external parties, expressly appointed as data controllers and in particular by other companies that offer IT services and/or software development and maintenance.

The list of data recipients is constantly updated and can be easily and free of charge obtained by sending a written communication to the Data Controllers at the addresses indicated above or an email to the address info@iskantelakecomo.it.

​

TRANSFER OF DATA OUTSIDE THE EU

The data may be transferred abroad to countries outside the European Union, and in particular to the United States of America, following the signing with the data importer of the standard contractual clauses (Standard Contractual Clauses) adopted/approved by the European Commission pursuant to art. 46, 2, letter c) and d) of the GDPR.

A copy of the signed standard contractual clauses can be obtained by sending an email to: info@iskantelakecomo.it.

​

RIGHTS OF THE INTERESTED PARTY

You may ask the Data Controllers for access to your personal data, their rectification or deletion, the integration of incomplete personal data, the limitation of processing in the cases provided for by art. 18 GDPR as well as opposition to processing in the cases of legitimate interest of the Data Controller.

Furthermore, in cases where the processing is based on consent or on the contract and is carried out with automated tools, you have the right to exercise the right to data portability or to receive personal data in a structured, commonly used and machine-readable format, as well as, if technically feasible, to transmit them to another owner without impediments.

At any time, you may lodge a complaint with the Personal Data Protection Authority, as well as resort to other means of protection provided for by applicable legislation.

These rights may be exercised by sending a written communication to the Data Controllers at the addresses indicated above or an email to the address info@iskantelakecomo.it.

​

​

For your holidays on Lake Como book our apartment.

​

bottom of page