Introduction
This Privacy Policy describes how we collect, use and protect your personal data when you visit our website cristalpalace.it (hereinafter “the Site”), use our services and purchase our products. We respect your privacy and are committed to protecting your personal data in accordance with the European Union’s General Data Protection Regulation (GDPR).
Data Owner
The owner of the processing of personal data is Cristal Palace Hotel, with registered office in Via Firenze, 35 – 76123 Andria (BT), email: info@cristalpalace.it, telephone: +390883556444.
Types of Data Collected
While using our site, we may collect the following personal data:
Browsing data: Information relating to your visit, such as IP address, browser type, pages visited and access time.
Data provided voluntarily: Information provided during registration, purchasing products or subscribing to the newsletter, such as name, email address, shipping and billing address, telephone number, payment information.
Data collected through cookies: We use cookies and similar technologies to collect information about your use of the site. For more details, consult our Cookie Policy.
Purpose of Data Processing
Your personal data will be processed for the following purposes:
Contract Performance: To process and manage your bookings and provide customer support.
Newsletter subscription: To send you promotional communications and updates on our products and services.
Service Improvement: To analyze site usage, improve our services and personalize your user experience.
Legal obligations: To comply with legal and tax obligations arising from commercial transactions.
Legal Basis of Data Processing
The processing of your personal data is based on the following legal bases:
Performance of a contract: Where processing is necessary to perform a contract to which you are a party or to take steps at your request before entering into a contract.
Consent: When you have given your explicit consent for specific treatments, such as subscribing to the newsletter.
Legal obligations: When processing is necessary for compliance with a legal obligation to which we are subject.
Data Sharing
Your personal data may be shared with:
Service Providers: Third parties who provide us with services such as website management, and booking processing.
Competent authorities: When required by law, to comply with legal obligations or to protect our rights.
Data Transfer
Your personal data will not be transferred outside the European Economic Area (EEA) without your consent or without adequate protection measures compliant with applicable laws.
Rights of the interested party
You have the right to:
Access: Obtain confirmation as to whether or not your personal data is being processed and, if so, to obtain access to the data itself.
Rectification: Obtain the rectification of inaccurate personal data concerning you.
Cancellation: Obtain the cancellation of personal data concerning you, in the cases provided for by the GDPR.
Limitation of processing: Obtain the limitation of processing in the cases provided for by the GDPR.
Data portability: Receive the personal data concerning you and which you have provided in a structured, commonly used and machine-readable format.
Object: Object to the processing of personal data concerning you in certain circumstances.
Revocation of consent: Revoke consent at any time, without prejudice to the lawfulness of the processing based on consent before revocation.
To exercise your rights, you can contact us using the contact details provided above.
Changes to the Privacy Policy
We reserve the right to update this Privacy Policy at any time. Changes will be posted on this page with appropriate notification. We recommend that you periodically review this page to be informed of how we are protecting your personal data.
Contact us
If you have questions or requests regarding this Privacy Policy or the processing of your personal data, you can contact us at the email address: info@cristalpalace.it.