• Check-in
    Check-out
  • modify/cancel reservation
Menu
Contact Us
Follow us on:
book Close

Privacy

Privacy

This page describes the privacy policies adopted by Castel Monastero S.r.l. on its websites concerning the processing of personal data of visitors who consult them. The information provided below is also given pursuant to Article 13 of the European Regulation 679/2016 to those who interact with the web services of Castel Monastero S.r.l., accessible electronically.

Data Controller

Consulting this site may lead to the processing of data related to identified or identifiable individuals. The “data controller” for the processing of personal data is Castel Monastero S.r.l., with its registered office at Castelnuovo Berardenga (SI) Località Monastero D’Ombrone 19 - 53019.

Data Protection Officer

The Data Protection Officer is Ecoconsult S.r.l., with its registered office in Milan, Via Goldoni, 1. They can be contacted via email at dpo@ecoconsult.it.

Location of Personal Data Processing

The Castel Monastero S.r.l. site can be visited without providing any personal data. Personal data entrusted to Castel Monastero S.r.l. via the web are processed at the site manager’s office and at its administrative headquarters in Castelnuovo Berardenga (SI) Località Monastero D’Ombrone 19 - 53019. Personal data are managed solely by technical staff specifically assigned to processing and, occasionally, by those responsible for possible maintenance operations. Visitors using booking request forms and e-newsletter registration forms must provide personal data (name, surname, address, email address, phone number, etc.) and authorize its processing. Personal data collected through the web services offered by Castel Monastero S.r.l. are stored in Castelnuovo Berardenga (SI) Località Monastero D’Ombrone 19 - 53019 and at the facilities of external companies essential to providing these services (e.g., software houses, server farms, or web agencies). The data are managed only by technical staff appointed for processing or by those responsible for occasional maintenance. Additionally, the company will not process data with automated decision-making processes without explicitly obtaining consent.

Types of Data Processed

The IT systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This includes information not collected to be associated with identified data subjects but which could, through processing and association with data held by third parties, identify users. This category of data includes IP addresses or domain names of computers used by users connecting to the website, URI (Uniform Resource Identifier) addresses of requested resources, request time, method used to submit the request to the server, size of files obtained in response, numerical code indicating the status of the server's response, and other parameters related to the user’s operating system and IT environment. This data is used solely to obtain anonymous statistical information on the use of this website and to check its proper functioning. It may also be used to ascertain possible responsibilities in the event of hypothetical computer crimes against the site; otherwise, personal data are kept for no more than thirty days.

Other Purposes of Data Processing

Apart from what is specified for navigation data, users are free to provide personal data to request the sending of informational material or other types of services, such as accommodation bookings, offered by Castel Monastero S.r.l. Failure to provide data may result in the inability to obtain the requested service.

Processing Methods

Personal data are processed with automated tools for the time strictly necessary to achieve the purposes for which they were collected and, in any case, in compliance with the principles of necessity, purpose, relevance, and non-excessiveness as laid down by the Regulation. Specific security measures are observed to prevent data loss, unlawful or incorrect use, and unauthorized access.

Rights of Data Subjects

Finally, we inform you that Articles 15-22 of the Regulation grant data subjects specific rights. Under the Regulation, data subjects have the right to obtain confirmation from the controller of the existence or non-existence of their personal data and to have such data provided in an intelligible form; to know the origin of the data as well as the logic and purposes of the processing; to obtain the deletion, anonymization, or blocking of data processed in violation of the law, as well as the updating, correction, or, if of interest, integration of data; to object, for legitimate reasons, to the processing itself. The European Regulation also recognizes the right to lodge a complaint with the supervisory authority, the right to withdraw consent at any time, and the right to data portability. To exercise these rights, you may contact our Company directly at Castelnuovo Berardenga (SI) Località Monastero D’Ombrone 19 - 53019 or at the email address: privacycmr@castelmonastero.com.