Privacy Policy

Why this notice

This notice is provided solely for the website www.granfondolivigno.eu (hereinafter also referred to simply as the “site”) and not for any other websites that may be accessed by the user via links contained within this site. This privacy policy also draws upon Recommendation No. 2/2001 of May 17, 2001, Opinion No. 04/2012 on Cookie Consent Exemption of June 7, 2012, and Working Document 02/2013 providing guidance on obtaining consent for cookies of October 2, 2013, which were adopted by the European data protection authorities within the Article 29 Working Party established under Directive 95/46/EC. These documents set out certain minimum requirements for the collection of personal data online, particularly regarding the methods, timing, and nature of the information that data controllers must provide to users when they access web pages, regardless of the purpose of the connection.

Data Controller

Following consultation of this site, data may be processed relating to identified or identifiable natural persons (so-called data subjects).

The data controller is Azienda di Promozione e Sviluppo Turistico srl, with registered office at Plaza dal Comun, 93 I-23041 Livigno (SO) – Italy, VAT no. 92015260141, represented by its legal representative.

Methods and Purposes of Data Processing

Data processing will be carried out in compliance with current regulations and principles of fairness, lawfulness, transparency, relevance, completeness, and data minimization. The data will be collected and recorded solely for the purposes described below and stored for a period strictly necessary for those purposes.

Processing may include collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, restriction, erasure, or destruction of data and will be carried out using electronic tools suitable to ensure data integrity and confidentiality.

The subjects or categories of subjects who, in relation to the purposes indicated, may become aware of the data or to whom the data may be communicated include internal staff and external parties (such as suppliers, firms, or other parties providing legal, accounting, financial, technical, or data processing services, as well as banks, insurance companies, debt recovery agencies, and affiliated companies) who may be designated, if necessary, as data processors.

Data may also be communicated to public entities, police forces, or other public and private institutions, but only for legal or regulatory compliance purposes.

Unless otherwise specified via other pages of the site (each with their own privacy policy), data collected through the website is processed for the following purposes:

  1. Providing the services requested by users and responding to user inquiries;
  2. Offering user support;
  3. Conducting statistical analyses (on an anonymous basis) to improve service offerings;
  4. User registration and access management;
  5. Fulfilling legal obligations related to the above purposes;
  6. Measuring user satisfaction anonymously.

Data may be shared in aggregated and anonymous form for statistical purposes only.

If processing includes so-called “sensitive” personal data (such as data revealing racial or ethnic origin, religious, philosophical or political beliefs, party or union membership, health data, or sexual orientation) or “judicial” data (concerning criminal convictions and offenses), it will be carried out in accordance with the authorizations of the Italian Data Protection Authority and under EU Regulation 679/2016, strictly limited to what is necessary for the proper provision of services and fulfillment of legal obligations.

Users are advised not to include unnecessary sensitive or judicial data, as such data may lead to the message being deleted.

The web-related processing activities (“contacts”) of this site are carried out at the aforementioned office and are handled exclusively by the data controller.

Aside from what is specified for navigation data, users are free to provide personal data via contact/application/registration forms. Failure to provide such data may result in the inability to obtain the requested service.

Personal data are processed using automated tools for the time strictly necessary to fulfill the purposes for which they were collected. Specific security measures are implemented to prevent data loss, unlawful or incorrect use, and unauthorized access.

Data Retention Period

Data is processed and stored for the time required to fulfill the purposes for which it was collected. Therefore:

Personal data collected for purposes related to the performance of a contract between the controller and the user will be retained until the contract is fully executed and thereafter only as required by law or for the protection or exercise of legal rights.

Where processing is based on user consent, the data may be retained until the consent is withdrawn. The controller may also be required to retain personal data for a longer period to comply with a legal obligation or by order of an authority.

After the retention period expires, personal data will be deleted. Therefore, after this period, rights of access, deletion, rectification, and data portability can no longer be exercised.

Data Subject Rights

Data subjects have the right to request confirmation of whether or not their data is being processed, to access their personal data, to verify its accuracy or request its rectification, restriction, portability, or deletion, and to object to its processing (EU Regulation 679/2016).

Requests may be addressed to the operational office of Azienda di Promozione e Sviluppo Turistico srl (Via Rasia, 999 I-23041 Livigno (SO) – Italy), or via email to info@livigno.eu (opens in a new window).

Place of Data Processing

The processing related to this site’s web services takes place mainly at the controller’s registered office and in any other location where the parties involved in the processing are located.

Types of Data Processed

Information Collected Automatically

The computer systems and software procedures used for the operation of this website acquire, during their normal operation, certain personal data whose transmission is implicit in the use of Internet communication protocols.

This information is not collected to be associated with identified data subjects, but by its very nature could, through processing and association with data held by third parties, allow users to be identified. This includes the computers used by users who connect to the site, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the server’s response (successful, error, etc.), and other parameters related to the user’s operating system and computing environment.

When visiting the site, the following information is automatically collected:

  1. User hostname. The hostname or Internet Protocol address of the user requesting access to the site.
  2. HTTP header, and the “user agent” string, which includes: the type and version of the browser used, and the operating system the browser is running on.
  3. System date. The date and time of the user’s visit.
  4. Full request. The exact request made by the user.
  5. Content length. The size, in bytes, of each document sent to the user.
  6. Method. The request method used.
  7. Universal Resource Identifier (URI). The location of the resources on the server.
  8. URI query string, that is, everything found after the question mark in the URI.
  9. Type of device used to access the site.
  10. Protocol. The transmission protocol and the version used.

The information automatically collected by Azienda di Promozione e Sviluppo Turistico srl through access to the website is used to improve the quality of the service offered to site users. This information is collected for the purpose of conducting (anonymous) statistical surveys to determine which data/content are more or less useful/interesting to users and to improve the effectiveness of the material available on the site.

Data Provided Voluntarily by the User

The voluntary, explicit, and optional sending of emails to addresses listed on this site entails the subsequent acquisition of the sender’s address, needed to reply to requests, as well as any other personal data included in the message.

Users are free to provide personal data in contact/application/registration forms. Certain fields may be marked as mandatory, as they are necessary to fulfill user requests. Failure to provide such data may make it impossible to fulfill those requests.

Through such data collection, the user consents to the processing of personal data for specific services (e.g., site registration, applications, info requests, newsletter subscriptions). This consent can be revoked at any time.

Specific notices may appear on pages related to particular services upon request.

Cookies

The controller uses so-called cookies to enable secure and efficient navigation of the website, for profiling and marketing purposes, and for interaction with social networks. For more information, users can consult the cookie policy, which forms an integral part of this notice.

Social Buttons and Widgets

This site may include social buttons/widgets—icons of social networks (e.g., Facebook, Twitter, Instagram, Pinterest, Google+) allowing users to access those platforms with a single click. These tools may collect user visit data. As mentioned, this privacy policy does not apply to the processing of user data by social networks, for which users should refer directly to the respective platforms’ privacy notices. Unless the user chooses to share browsing data with social networks via these buttons/widgets, the controller does not disclose any personal data to those platforms.