PURSUANT TO ARTS. 13 AND 14 OF THE GENERAL REGULATION ON DATA PROTECTION (EU) 2016/679 AND OF THE D. LGS. 196/2003 AND SS.MM.II.
During consultation of this website, information and personal data may be collected, as indicated in this statement. The information refers exclusively to this website.
The Data Controller
The Data Controller within the Hotel Maggiore is HIM S.r.l., with registered office in Via Emilia Ponente n. 62/3 – 40133 Bologna (BO), VAT number 03938541202, in the person of the legal representative.
The Data Controller has not identified the figure of the Data Protection Officer (RPD or DPO), as he is not subject to the designation obligation provided for by art. 37 of the Regulation.
Types of data processed and purpose of the processing
The computer systems and software procedures used to operate this site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This category of data includes the IP addresses or domain names of the computers and terminals used by users, the addresses in URI/URL (Uniform Resource Identifier/Locator) notation of the requested resources, the time of the request, the method used in submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user's IT environment.
These data, necessary for the use of web services, are also processed for the purpose of:
- obtain statistical information on the use of the services (most visited pages, number of visitors per hour or day, geographical areas of origin, etc.);
- check the correct functioning of the services offered.
The navigation data does not persist for more than seven days (except for any need for the investigation of crimes by the judicial authorities).
Data communicated by the user
The optional, explicit and voluntary sending of messages to the contact addresses of the Data Controller, private messages sent by users to social media profiles/pages (where this possibility is provided), as well as the compilation and submission of forms on the site of the Owner, involves the acquisition of the sender's contact details, necessary to reply, as well as all personal data included in the communications.
The provision of some personal data of the interested party is mandatory in order to be able to use the services requested and their failure to provide them could jeopardize access. Mandatory personal data are marked with an asterisk.
In cases where some data are indicated as non-mandatory, the interested party is free to refrain from communicating such data, without this having any consequence on the availability of the service or on its operation.
Interested parties who have doubts about which data are mandatory are encouraged to contact the Data Controller.
In particular, your data will be collected to make the reservation you request. The user is invited not to provide irrelevant personal data; in any case, irrelevant data will be eliminated or, in any case, will not be considered.
The data transmitted through this page are processed only for the purpose of making the customer's reservation, on the basis of the pre-contractual relationship between the parties.
Cookies and other tracking systems
For details, view the information on cookies presented on this website.
Legal basis of the treatment
The legal basis of the treatment is the following:
However, it is possible to ask the Data Controller to clarify the concrete legal basis of each treatment and in particular to specify whether the treatment is based on the law or provided for by a contractual or pre-contractual relationship.
Methods of treatment
The data is processed by the company personnel in charge and is not disclosed to unauthorized third parties.
The processing is carried out using IT and/or telematic tools and in an automated and/or manual form, in compliance with the provisions of art. 32 of the GDPR 2016/679 regarding security measures, by persons specifically appointed and in compliance with the provisions of art. 29 GDPR 2016/679.
The Data Controller adopts the appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of personal data.
In addition to the Owner, in some cases, other subjects involved in the provision of the services offered and in the organization of this website may have access to the data (hosting providers, IT companies, archiving, collection, printing and sending and management of e-mail, agencies of communication, postal couriers), as well as external subjects appointed, if necessary, as Data Processors by the Data Controller. The updated list of Managers can always be requested from the Data Controller.
Transfer of personal data
The data is processed at the Data Controller's operating offices and in any other place where the parties involved in the processing are located. For more information, contact the Owner.
The personal data of the interested party are not transferred outside the European Union.
In compliance with the principles of lawfulness, purpose limitation and data minimization, pursuant to art. 5 of the GDPR 2016/679, the personal data of the interested party will be kept for the period of time necessary to achieve the purposes for which they are collected and processed or to defend / exercise a right.
When the treatment is based on the consent of the interested party, the Data Controller can keep the personal data longer until said consent is revoked. Furthermore, the Data Controller may be obliged to keep personal data for a longer period in compliance with a legal obligation or by order of an authority.
At the end of the retention period, personal data will be deleted. Therefore, upon reaching this deadline, the right of access, cancellation, rectification and the right to data portability can no longer be exercised.
Rights of the interested party
At any time, the interested party may exercise, pursuant to articles from 15 to 22 of EU Regulation no. 2016/679, the right to:
a) request confirmation of the existence or otherwise of your personal data;
b) obtain information about the purposes of the processing, the categories of personal data, the recipients or categories of recipients to whom the personal data have been or will be communicated and, when possible, the retention period;
c) obtain the rectification and cancellation of data;
d) obtain the limitation of the treatment;
e) obtain data portability, i.e. receive them from a data controller, in a structured format, commonly used and readable by an automatic device, and transmit them to another data controller without impediments;
f) oppose the treatment at any time; interested parties are reminded that, should their data be processed for direct marketing purposes, they may object to the processing without providing any reasons.
g) ask the data controller to access personal data and correct or cancel them or limit their processing or to oppose their processing, in addition to the right to data portability;
h) withdraw the consent at any time without prejudice to the lawfulness of the treatment based on the consent given before the revocation;
i) lodge a complaint with a supervisory authority. The interested party has the right to lodge a complaint with the Guarantor for the Protection of Personal Data, based in Rome via di Monte Citorio 121 (tel. +39 06696771), following the procedures and indications published on the Authority's website www.garanteprivacy.it
Contacts of the Data Controller
To contact the Data Controller, you can contact the following contacts:
- by e-mail, at the address:
- by telephone: +39.051.381634
- by ordinary mail: Via Emilia Ponente n. 62/3 – 40133 Bologna (BO)
Bologna: the learned, the fat, the red. A city that represents a kaleidoscope of cultures, styles, curiosities and flavors.
Here are some unmissable stops during your stay in the Emilian capital.