In compliance with the GDPR, your personal data will be processed according to the principles of fairness, lawfulness, transparency, and protection of your privacy and individual rights.
Holder and Controller of Personal Data Processing:
Holder of Personal Data Processing Rifugio Col Gallina Sas di Campigotto Raniero (below, Rifugio Col Gallina) located at 2, Passo Falzarego – 32043 Cortina d'Ampezzo
What data we collect
On booking, you are asked to provide your first name and family name, your phone number, your email address, and your credit card details.
Purposes of Personal Data Processing. Why we collect your data.
A. Your personal data is used to finalize and manage your booking. Data concerning payment are utilized as collateral for the reservation or for the collection of deposit. (See the Cancellation Policy)
B. Direct Marketing activities: we may use your email address to deliver information and offers. At any time, you may unsubscribe to stop receiving marketing communication by simply following the unsubscribe instructions contained in our newsletters.
Legal Basis for the Processing of your Personal Data
As to Purpose A, Rifugio Col Gallina utilizes as the legal basis for processing your personal data the need to implement the contract, specifically to finalize and manage your booking. Failure to provide your personal data, Rifugio Col Gallina cannot provide the service required.
As to Purpose B, in the case your email address provided on booking is utilized, Rifugio Col Gallina pursues the legitimate commercial interest to provide their services. When personal data are used for legitimate interest, Rifugio Col Gallina will balance your rights and the protection of your personal rights against the rights and legitimate interest of Rifugio Col Gallina.
Sharing and Disclosing Personal Information
We do not share with nor disclose to third parties any personal data you will provide us.
Protection of personal data. Processing Methods
We have implemented adequate and suitable technical and organizational measures to safeguard and protect your personal data. Such measures take into consideration the state-of-the-art of the IT system, implementation costs, the nature of personal data, and the risks around processing personal data. The purpose is to protect your personal data against accidental or unlawful damage, destruction, or loss, unauthorized disclosure or access, and other forms of unlawful processing.
In addition, we collect and process your personal data when it is adequate, relevant, and not excessive, as required to comply with the above mentioned purposes; we ensure that your personal data are updated and accurate.
Besides the Holder, under some circumstances, third party entities may have access to your personal data, either internally when involved in the development of our website (administration, marketing, legal entities or service providers) or externally (third party providers of technical services, hosting provider). Whenever needed, the Holder will name these entities as Controllers.
Storage of Personal Data
For the Purposes of Point A, your personal data will be stored for the period of the contract and further on as necessary to comply with our legal and tax obligations. After this period, your personal data will be deleted from our systems.
Credit card details, instead, will be stored until payment for the service is submitted and destroyed immediately after.
For the Purposes of Points B and C, your personal data will be retained as long as you withdraw your consent to processing or object to us using your email address for direct marketing activities (See below the "Your Rights" chapter)
The GDPR provides the following rights for data subjects:
- The right to rectification: you may require the Controller to rectify any errors in your personal data.
- The right to restrict processing: you may require a restriction of personal data processing when you contest the accuracy of your personal data, or in case of unlawful processing, or if you object to the processing.
- The right of access: at any time and free of charge you may require the Controller to provide information on your personal data (concerning you), including information on the categories of personal data concerned, the purposes of our processing, and the possible recipients we may have disclosed your personal data.
- The right to data portability: you may require the controller to transmit your personal data to another controller, if this is technically feasible and provided that the processing of your personal data is based on your consent or is necessary for the performance of a contract.
- The right to erasure: you may require the controller to delete your data when:
a) personal data is no longer necessary for the purpose for which it was originally collected or processed;
b) you withdraw consent to processing
c) you object to processing and there is no overriding legitimate grounds for continuing the processing
d) the data have been processed unlawfully
The right to erasure will not apply if the processing is necessary to comply with a legal obligation or for the establishment, exercise or defence of legal claims.
- The right to object: at any time you may object to the processing of your personal data for direct marketing purposes (Points B and C of this Policy) . In this case your personal data will no longer be processed for these purposes. Should you decide to exercise this right, please let us know whether you wish to delete your personal data or restrict their processing.
You may exercises these rights or obtain further information by emailing: firstname.lastname@example.org.
Cookies are small files of data that a website asks your browser to store on your computer or mobile device. Cookies may then be sent back to the server each time the browser requests a page from the server or may be sent to a different website able to recognize that specific cookie. The cookie allows the website to "remember" your device every time you return to that website.
Types of cookies in this website
A session cookie is used for a single session and will expire at the end of the browser session, when the web browser is closed. These technical cookies do not require the user's consent prior to their use.
This website also uses third party technical cookies like the ones provide by Google Analytics and You Tube.
Google Analytics is an Analysis Tool provided by Google which utilises performance cookies to collect anonymous navigation data (IP truncated at the last octet) and aggregate information to measure how users interact with the website content, to create reports on users' activities in the website and provide further information, such as the number of visitors and the pages they have visited. Google may also transmit this information to third parties when required by legal obligations or when third parties process this data on behalf of Google. Google will not associate your Ip address to any other data in their possession. Personal data provided to Google are stored on Google servers in the US.
In compliance with the specific agreement with Google, designated as controller of personal data processing, Google is committed to process this data in compliance with the Holder's requirements (see below) given by the software settings. Based on the settings, advertising and sharing options are disabled.
For further information on Google Analytics Cookie Usage visit: Google Analytics Cookie Usage on Websites.
Users may selectively disable data collection from Google Analytics by installing the opting out tool provided by Google on their browsers.
For further information on personal data usage and processing by Google, we recommend reading the information on the dedicated page prepared by Google and the page on How Google uses information from websites or apps that use their services.
How to control and delete cookies
Most web browsers support cookies, but users can change the settings of their browser to decline them, delete the existing ones or simply be informed when a new cookie is sent to their device.
To set their browsers to decline cookies, users can refer to the directions given by the browser provider (usually in the menu “Help”, “Tools” or “Modify”). The following link contains a more detailed guide about cookies: www.aboutcookies.org
At the time of booking, Rifugio Col Gallina will charge you 50% of the total amount as deposit.
For online reservations, the deposit will not be refunded in any circumstance by Rifugio Col Gallina.
The dates of the reservation cannot be changed
In case of dangerous weather conditions the manager may decide not to accompany the guests to the Starlight Room Dolomites for their safety. The whole deposit will be refunded.