Privacy Policy

This page describes how the website is managed with regard to the processing of personal data of users who consult it. This is a disclosure that is also made pursuant to theArticle 13 of the EU Regulation 2016/679 applicable from May 25, 2018 – General Data Protection Regulation (hereinafter referred to as GDPR – General Data Protection Regulation) to those who interact with the web services rendered by Imàgo Restaurant, accessible by telematic means from the telematic address: https://www.imagorestaurant.it

The information refers only for the indicated website and not also for other websites possibly consulted by the user through links.

DATA CONTROLLER

Pursuant to Art. 4 point 7 of RGPD 2016/679, the data controller of the Site is the company Hassler Roma S.p.a. with headquarters in Piazza Trinità dei Monti no. 6 – 00187 Rome, e-mail [email protected], tel. +39 (06) 699340 (hereinafter simply “Hassler”).

THE DATA PROTECTION OFFICER (DPO).

Hassler Roma S.p.a. has, in accordance with Article 37 of GDPR 2016/679, appointed a Data Protection Officer (DPO). The DPO is the company’s primary point of contact for all relevant issues on privacy legislation, encompassing the protection of personal data of customers-users and the exercise of their rights.

For any questions related to the processing of personal data, you can contact our DPO at the following references: [email protected]

PLACE OF DATA PROCESSING

Processing related to the web services of this site takes place at the headquarters of the company that owns the processing and at the IT companies that manage the site and its hosting, and is handled only by technical personnel of the service in charge of processing. No data from the web service is disclosed or disseminated externally.

TYPES OF DATA PROCESSED

Navigation data

The computer systems and software procedures used to operate this website acquire, in the course of their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified data subjects, but by its very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes IP addresses or domain names of the computers used by users connecting to the site, the URI (Uniform Resource Identifier) notation addresses of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters related to the user’s operating system and computer environment. This data is used for the sole purpose of obtaining anonymous statistical information about the use of the site and to check its correct operation and is deleted immediately after processing. The data could be used to ascertain liability in case of hypothetical computer crimes against the site: except for this eventuality, at present the data on web contacts do not persist for more than thirty days.

Data voluntarily provided by the user

The optional, explicit and voluntary sending of electronic mail to the addresses indicated on this site entails the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data included in the message.

The voluntary completion of data acquisition forms to request specific services or to join offers or the purchase of services and products involves the subsequent processing of personal data provided to ensure the performance of a contract to which the data subject is a party or to the execution of pre-contractual measures taken at the request of the same.

The company has taken specific measures to ensure that data processing is preceded by a voluntary action of the user to have read this privacy policy.

Cookies

Please refer to the extended Cookie policy that can be reached from the specific section of the cookie banner.

Minors

The services on this website are not intended for minors. We do not knowingly collect data, including Personal Data, from minors.

If we learn that we have collected Personal Data from a child, we will immediately delete it, unless we are required by law to retain such data. Please contact us if you believe that Hassler Roma S.p.a. has mistakenly or unintentionally collected information about a child.

MODE OF TREATMENT

Personal data are processed by automated means for as long as necessary to achieve the purposes for which they were collected. Specific security measures are observed to prevent data loss, illegal or incorrect use, and unauthorized access.

PURPOSE AND LEGAL BASIS AND NATURE OF CONFERMENT

The Personal Data you provide through the Site will be processed by Hassler Roma S.p.a. for the following purposes:

  1. purposes inherent in the performance of a contract to which the data subject is a party or the execution of pre-contractual measures taken at your request (e.g.: request for contact via the Contact form, reservation, adherence to special offers, etc.). Consent Not necessary;
  2. Purposes related to sending promotional and commercial material via email as a result of voluntary registration to the Hotel Hassler newsletter. Requires the explicit consent of the data subject or the exercise of soft spam;
  3. Purposes of research and statistical analysis on anonymous aggregate data, aimed at measuring the functioning of the Site, measuring traffic and evaluating usability and interest to make it more functional and performant; Consent not necessary as there is no processing of personal data
  4. Profiling purposes via third-party cookies; Consent required as per Cookie Policy
  5. purposes related to compliance with laws and regulations; Consent not Required
  6. purposes necessary to establish, exercise or defend a right in court or whenever judicial authorities exercise their jurisdictional functions. Consent Not Required

The data we process may include special categories of personal data as defined by Article 9 of GDPR 2016/679, i.e., personal data related to health status or religion (food allergies, services for the disabled, menus related to religion, etc.) that you voluntarily provide in the free fields of your request messages.

AREAS OF COMMUNICATION OF PERSONAL DATA

Personal data acquired through this website may be disclosed to:

  • Website hosting, maintenance and management company;
  • Companies that provide management and technical support services for the company’s IT infrastructure;
  • companies that operate booking platforms;
  • Third parties that manage cookies (according to the cookie policy);
  • Companies that provide email marketing platforms;
  • to Public Bodies or Offices in accordance with legal and/or contractual obligations;

An updated list of the data controllers appointed under Art. 28 of GDPR 2016/679.

TRANSFERS OF PERSONAL DATA TO THIRD COUNTRIES OR INTERNATIONAL ORGANIZATIONS

Some of the Data Subject’s Personal Data are transferred to Recipients located outside the European Community.

Hassler is committed to circumscribe the areas of circulation and processing of personal data (e.g., storage, archiving, retention of data on its servers) to countries that are part of the European Union, with an express prohibition to transfer them to countries outside the EU that do not guarantee (or in the absence of) an adequate level of protection, i.e., in the absence of protective tools provided by the EU Regulation 2016/679 – CHAPTER V (adequacy decision, Standard Contractual Clauses or explicit consent from the data subject).

It should be noted that in case of interactions and/or sharing with social platforms and channels, these third parties, will process the data as autonomous Data Controllers. Users are therefore urged to consult the relevant policies.

DATA RETENTION

Hassler will process the personal data of data subjects for as long as is strictly necessary to achieve the purposes stated in this policy.

By way of example, Hassler will process Personal Data for the newsletter service until the data subject decides to unsubscribe from the service by simply clicking in the email received.

Notwithstanding the above, Hassler will process your Personal Data for as long as permitted by Italian law to protect its interests (Art. 2947(1)(3) c.c.).

More information regarding the retention period of Personal Data and the criteria used to determine this period can be requested by writing to [email protected].

RIGHTS OF INTERESTED PARTIES

The subjects to whom the personal data refer have the right at any time to obtain confirmation of the existence or non-existence of the same data and to know its content and origin, verify its accuracy or request its integration or updating, or rectification (Art. 15 – 22 GDPR 2016/679). Pursuant to the aforementioned articles, the data subject has the right to request the deletion, transformation into anonymous form or blocking of data processed in violation of the law, as well as to oppose in any case, for legitimate reasons, their processing. Requests should be addressed to Hassler Roma S.p.a. Piazza Trinità dei Monti 6 – 00187 Rome at the contacts listed above.

Finally, remember that the data subject has the right to lodge a complaint with the Supervisory Authority (for Italy: Garante per la protezione dei dati personali).

The data subject also has the right to revoke consent at any time without affecting the lawfulness of the processing based on the consent given before revocation. For the complete and exhaustive list of rights that can be exercised by the data subject, please refer to Articles 15-22 of GDPR 2016/679.

Inquiries should be addressed by e-mail to: [email protected]

AUTOMATED PROCESSING

Hassler does not process based on automated decision making, nor does it process your personal data acquired through the company’s website for profiling purposes, however, it does use profiling cookies. See the Cookie Policy for details of the profiling cookies used and their interaction with social tools

UPDATE AND REVIEW

The privacy policy was updated to revision 2 on 08-05-2024 and may be subject to future revisions.