Lariac Private Property Management Brand Icon

Privacy Policy Information

PRIVACY INFORMATION PURSUANT TO THE REG. EU 679/2016

EU Regulation 2016/679, known as the “GDPR,” establishes a system of safeguards to protect the processing of personal data. Specifically, pursuant to Article 13 of the aforementioned regulation, the Data Controller is required, even before processing any data, to provide a series of information regarding the purposes and methods of their processing.

Therefore, in relation to the personal data of those who interact with Lariac Srl’s web services, we wish to inform you of the following.

1) PURPOSE OF DATA PROCESSING

The processing of personal data is aimed at the registration and management and correct fulfillment of the services provided by the site.

2) CATEGORY OF DATA PROCESSED

NAVIGATION DATA

The computer systems and related software procedures used to operate this website acquire, during their normal operation, certain personal data whose transmission is implicit in the use of Internet communication protocols (cookies). This category of data includes, for example, IP addresses or domain names of computers used by users to connect to our website and other navigation-related information. This data is used by the website in “anonymous” and “aggregated” form exclusively for statistical and website operation purposes (e.g., login pages, exit pages, etc.).

PERSONAL DATA

The data controller primarily processes identification/contact data (name, surname, addresses, type and number of identification documents, telephone numbers, email addresses, tax/billing information, and other data) and, if commercial transactions are envisaged, financial data (banking data, in particular, current account identifiers, credit card numbers, and other data related to the aforementioned commercial transactions). The data controller’s processing, both for the performance of the contract and with the express consent of the Customer/data subject, generally does not involve special categories of personal data, known as sensitive data (revealing racial or ethnic origin, political opinions, religious beliefs, health, or sexual orientation, etc.), nor genetic and biometric data or judicial data (relating to criminal convictions and offenses).

Data provided voluntarily by the user: The optional, explicit, and voluntary sending of emails to the addresses indicated on this site entails the subsequent acquisition of the sender’s address, which is necessary to respond to requests, as well as any other personal data included in the message. The data will be retained solely for the requested subscription to receive newsletters, special offers, or commercial information, and not to send specific information relevant to confirmation, such as receipts, booking codes, and terms and conditions. The information provided will not be used for commercial purposes and will not be sold, transmitted, licensed, or otherwise disclosed to third parties, with the exception of our booking service provider, who is solely responsible for booking. In any case, the site administrator ensures the adoption of scrupulous procedures to protect browsing data and the use of particular measures to protect the credit card information provided during online bookings.

Newsletter: Site visitors can sign up for the newsletter service. By registering, the user’s email address will automatically be added to a contact list to which email messages containing periodic updates and information, including commercial and promotional information, regarding the data controller’s initiatives, events, or promotions may be sent. The data will be used solely for the purpose of sending the newsletter via email and will not be shared with third parties.

DATA PROCESSING METHODS

Data processing will be carried out in compliance with the limits and conditions set by EU Regulation 2016/679 and in particular:

  1. a) is achieved through operations or a set of operations that can be summarized as follows: collection; recording and organization; processing, including modification, comparison/interconnection; use, including consultation, communication; storage; deletion and destruction; security and protection, including accessibility and confidentiality, integrity, safeguard;
  2. b) is also carried out with the aid of electronic or automated means and in compliance with the minimum security measures dictated by EU Regulation 2016/679;
  3. c) is carried out directly by the Data Controller’s organization and/or by Service Companies external to the Data Controller’s structure in compliance with the relevant regulatory provisions, authorized for this purpose.

DATA COMMUNICATION

The data may also be communicated, strictly in relation to the purposes indicated above, to the following subjects or categories of subjects:

for the purposes referred to in point 1 above): to internal/external collaborators of our Company for consultancy and accounting and administrative compliance or for mandates following administrative/legal disputes; to any other parties to whom applicable legal and/or contractual regulations require disclosure;

DATA PROVISION

Providing your personal data for the purposes referred to in point 1) above is necessary in order to register and send requests through the website.

DATA DISSEMINATION

We will not disclose and/or transmit your personal data to third parties for purposes other than those set out in this policy.

TRANSFER OF DATA ABROAD

Data may be transferred abroad for purposes related to providing the requested services. In this case, the data may only be transmitted to entities operating within the European Union.

RIGHTS OF THE INTERESTED PARTY

EU Regulation 2016/679 grants data subjects specific rights, including the right to obtain confirmation from the data controller as to whether or not personal data concerning them exists and to have it made available in an intelligible form; to be informed of the source of the data, as well as the logic and purposes underlying the processing; to obtain the erasure, anonymization, or blocking of data processed unlawfully, as well as the updating, rectification, or, if interested, integration of the data.

The data subject has the right to object at any time, for reasons relating to his or her particular situation, to the processing of personal data concerning him or her; the data controller shall no longer process the personal data unless the controller demonstrates compelling legitimate grounds for the processing that override the interests, rights, and freedoms of the data subject, or for the establishment, exercise, or defense of legal claims.

The portability of the same data is guaranteed, upon request by the owner.

The interested party may also request a copy of the data to take it with them or transfer it to another Data Controller.

The interested party has the right to withdraw consent to data processing at any time, knowing that the consequence will be the immediate interruption of the provision of the service, without prejudice in any case to the Data Controller’s legal obligations regarding the retention of the acquired data.

The data subject has the right to lodge a complaint with a supervisory authority.

Therefore, at any time, you may exercise, pursuant to Articles 15 to 22 of EU Regulation no. 2016/679, the right to:

  1. a) request confirmation of whether or not personal data concerning you exists;
  2. b) obtain information on the purposes of the processing, the categories of personal data, the recipients or categories of

recipients to whom the personal data have been or will be disclosed and, where possible, the retention period;

  1. c) obtain the rectification and deletion of data;
  2. d) obtain limitation of processing;
  3. e) obtain data portability, i.e. receive them from a data controller, in a structured, commonly used format and

readable by an automatic device, and transmit them to another data controller without hindrance;

  1. f) object to the processing at any time, including in the case of processing for direct marketing purposes;
  2. g) to object to automated individual decision-making, including profiling.
  3. h) ask the data controller for access to personal data and for their rectification or erasure or limitation

of the processing of personal data concerning him or her or to object to their processing, in addition to the right to data portability;

  1. i) withdraw consent at any time without prejudice to the lawfulness of the processing based on the consent given

before revocation;

  1. j) lodge a complaint with a supervisory authority.

The interested party may exercise his/her rights by sending a written request to the data controller as identified above, to the postal address where his/her registered office is located in Via Gorgotto 74 22015 Gravedona ed Uniti (CO) or by certified email to the address: info(at)Lariac.it.

DATA CONTROLLER

The data controller is Lariac Srl.

For any further information regarding the processing of personal data, you can contact the “Personal Data Protection” function of the site manager directly by writing to info(at)lariac.com, which also maintains the updated list of “Data Processors.”