Skip to Main Content

Privacy Reservations

Pursuant to articles 13 and 14 of the General Data Protection Regulation (EU) 2016/679 and of Legislative Decree 196/2003 and SS.MM.II.Drant the consultation of this website, it is possible that personal information and data are collected, according to what is indicated in this information. The information refers exclusively to this website.

The Data Controller
The Data Controller in the Hotel Maggiore is Him srl , with registered office in via Emilia Ponente n. 62/3 - 40133 Bologna (BO), P.IVA 03938541202, in the person of the legal representative.

The Data Controller did not identify the figure of the data protection manager (RPD or DPO), as it is not subject to the designation obligation provided for by art. 37 of the Regulation.

Types of data processed and purposes of
navigation data

The computer systems and software procedures in charge of the operation of this site acquire, during their normal exercise, some personal data whose transmission is implicit in the use of the Internet communication protocols. This category of data includes the IP or the domain names of the domain of computers and terminals used by users, the addresses in URI/URL notation (Uniform Resource Identifier/Locator) of the requested resources, the time of the request, the method used in subjecting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (good end, error, etc.) and other comparisons) relating to the operating system and the user's IT environment.

These data, necessary for the use of web services, are also processed for:

- obtain statistical information on the use of services (more visited pages, number of visitors by time or daily band, geographical areas of origin, etc.);

- check the correct functioning of the services offered.

The navigation data do not persist for more than seven days (except for any needs for the assessment of crimes by the judicial authority).

Data communicated by the user

The optional, explicit and voluntary sending of messages to the owner's contact addresses, the private messages sent by users to the profiles/pages on social media (where this possibility is foreseen), as well as the compilation and forwarding of the modules on the owner's website, entails the acquisition of the sender's contact data, necessary to respond, as well as all the personal data included in communications.

The provision of some personal data of the interested party is mandatory to be able to take advantage of the requested services and their failure to provide could affect their access. Mandatory personal data are characterized by an asterisk.

In cases where some data are indicated as not mandatory, the interested party is free to refrain from communicating such data, without this having any consequence on the availability of the service or on its operation.
Interested parties who should have doubts about which data are mandatory, are encouraged to contact the owner.

In particular, your data will be collected to make the reservation requested by you. The user is invited not to provide non -relevant personal data; In any case, the non -pertinent data will be deleted or, in any case, will not be considered.

The data transmitted through this page are processed only in order to carry out the customer's booking, on the basis of the pre-contractual relationship between the parties.

Cookies and other tracking systems

For details, view the cookie information presented on this website.

Legal basis of the treatment

The legal basis of the treatment is as follows:

  • The treatment is necessary to fulfill a legal obligation to which the owner is subject, pursuant to art. 6, paragraph 1, lett. c) of the EU Regulation 2016/679;
  • The treatment is necessary for the pursuit of the legitimate interest of the owner or third parties, pursuant to art. 6, paragraph 1, lett. f) of the EU Regulation 2016/679;
  • The treatment is necessary for the execution of a contract of which the interested party is part or the execution of pre -contractual measures adopted at the request of the same, pursuant to art. 6, paragraph 1, lett. b) of EU Regulation 679/2016;
  • The treatment is carried out on the basis of the expression of the consent of the interested party, pursuant to art. 6, paragraph 1, lett. a) of the EU Regulation 2016/679.

However, it is possible to request the owner to clarify the concrete legal basis of each treatment and in particular to specify whether the treatment is based on the law or provided for by a contractual or pre -contractual relationship.

Methods of processing
The data are processed by the company personnel in charge and are not communicated to unauthorized third parties.

The treatment is carried out mediated IT and/or electronic tools and in automated and/or manual form, in compliance with the provisions of art. 32 of the GDPR 2016/679 on safety measures, by subjects specially in charge and in compliance with the provisions of art. 29 GDPR 2016/679.

The owner adopts the appropriate security measures aimed at preventing access, dissemination, modification or destruction of personal data.

In addition to the owner, in some cases, other subjects involved in the provision of the services offered and in the organization of this website (hosting provider, IT company, storage, collection, printing and shipping of e -mail, communication agencies, postal couriers) may have access to the data), also appointed external entities, if necessary, responsible for the treatment by the owner. The updated list of managers can always be requested from the data controller.

Transfer of personal data

The data are processed at the owner's operating offices and in any other place where the parties involved in the treatment are located. For more information, contact the owner.
The personal data of the interested party are not transferred outside the European Union.

Period of conservation

In compliance with the principles of lawfulness, limitation of purposes and minimization of data, pursuant to art. 5 of the GDPR 2016/679, the personal data of the interested party will be kept for the period of time necessary for the achievement of the purposes for which they are collected and processed or to defend/exercise a right.

When the treatment is based on the consent of the interested party, the Data Controller can keep the personal data for longer until said consent is revoked. In addition, the owner could be obliged to keep personal data for a longer period in compliance with a legal obligation or by order of an authority.
At the end of the storage period, the personal data will be deleted. Therefore, upon reaching this term, the right of access, cancellation, rectification and the right to portability of data can no longer be exercised.

Rights of the interested party
at any time, the interested party will be able to exercise, pursuant to articles from 15 to 22 of EU Regulation no. 2016/679, The right to:
a) request confirmation of the existence or not of one's personal data;
b) obtain the indications about the purposes of the processing, the categories of personal data, the recipients or the categories of recipients to whom the personal data have been or will be communicated and, when possible, the conservation period;
c) obtain the rectification and cancellation of data;
d) obtain the limitation of the treatment;
e) obtain the portability of the data, that is, to receive them from a data controller, in a structured format, commonly used and readable by automatic device, and transmit them to another data controller without impediments;
f) oppose the treatment at any time; It should be noted to the interested parties that, where their data were processed with direct marketing purposes, they can oppose the processing without providing any motivation.
g) ask the data controller for access to personal data and the correction or cancellation of the same or the limitation of the processing concerning him or to oppose their processing, as well as the right to data portability;
h) revoke consent at any time without prejudice to the lawfulness of the treatment based on the consent given before the revocation;
i) propose complaint to a control authority. The interested party has the right to propose a complaint to the Guarantor for the protection of personal data, based in Rome via di Monte Cirio 121 (tel. +39 06696771), following the procedures and indications published on the Authority website www.garanteprivacy.it

Contacts of the data controller
To contact the data controller, you can contact the following contacts:
- by e-mail, at the address: This email address is protected from spambots. Javascript must be enabled to see it. 
- via phone: +39.051.381634
- via ordinary mail: via Emilia Ponente n. 62/3 - 40133 Bologna (BO)