Introduction
Information on the processing of personal data pursuant to Articles 13 and 14 of EU Regulation 2016/679
This page represents the "Privacy Policy" of this website and is intended to provide you with information on how the personal data of users who interact with this website are processed, who use the services rendered by the same to users.
This information is provided only for this site and not for other websites that may be consulted by the user through links on the web pages of this site.
Regulation (EU) 2016/679 on the protection of personal data (hereinafter, the "Regulation") establishes rules relating to the protection of individuals with regard to the processing of personal data, as well as rules relating to the free movement of such data and protects the fundamental rights and freedoms of natural persons, with particular reference to the right to the protection of personal data.
Art. 4 of the Regulation provides that for:
- "Personal Data" must be understood as any information concerning an identified or identifiable natural person (hereinafter, "Data Subject") – Article 4 no. 1 of the Regulation
- "Processing" must instead be understood as any operation or set of operations, carried out with or without the aid of automated processes and applied to Personal Data or sets of Personal Data, such as collection, registration, organization, structuring, storage, adaptation or modification, extraction, consultation, use, communication by transmission, dissemination or any other form of making available, comparison or interconnection, limitation, cancellation or destruction - Article 4, n. 2 of the Regulation.
Pursuant to Articles. 12 et seq. of the Regulation, it is also provided that the interested party must be made aware of the appropriate information relating to the processing activities that are carried out by the data controller and the rights of the interested parties.
Data Controller
Laziomar S.p.A., with registered office in Stazione Marittima - Molo Angioino int. Porto - 80133 Napoli as data controller, will process your personal data in accordance with the provisions of current legislation on the protection of personal data and this statement.
Data Protection Officer
Laziomar S.p.a. has appointed a Data Protection Officer (DPO) who can be contacted at the following email address: This email address is being protected from spambots. You need JavaScript enabled to view it.
Purposes of the processing and legal bases
The user's personal data will be processed for the pursuit of the following purposes and with the legal bases indicated below:
1. for the correct management of the request for information sent via form and / or email to the addresses on the site, as well as for the processing of the request itself; the legal basis for the listed treatments is represented by Article 6 par. 1 letter .b) of EU Regulation 2016/679;
2. for the purchase of tickets, the management of reservations, the submission of complaints, requests for reimbursement and other treatments related to them; the legal basis for the listed treatments is represented by Article 6 par. 1 letter .b) of EU Regulation 2016/679;
3. make it possible and functional to browse the site, as well as ensure an adequate level of security, integrity and availability; the legal basis for this type of processing is represented by the legitimate interest of the Data Controller as provided for in Article 6 paragraph 1 letter f);
4. analysis of statistical data on aggregated or anonymous data, with the aim of monitoring the correct functioning of the Site, usability traffic and interest; the legal basis for this type of processing is represented by the legitimate interest of the Data Controller as provided for in Article 6 paragraph 1 letter f);
5. ascertain, exercise or defend a right in court; the legal basis for this type of processing is represented by the legitimate interest of the Data Controller as provided for in Article 6 paragraph 1 letter f);
6. to fulfill the obligations established by law, by a regulation, by community legislation or by an order of the Authority; the legal basis for this type of processing is represented by the legitimate interest of the Data Controller as provided for in Article 6 paragraph 1 letter .c);
Type of data
The Data necessary for the pursuit of the aforementioned purposes will be collected and processed:
1. identification data
2. contact details
3. data relating to the contractual relationship
Navigation data
The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
This information is not collected to be associated with identified interested parties, but by their very nature could, through processing and association with data held by third parties, allow users to be identified.
This category of data includes IP addresses or domain names of the computers used by users who connect to the site, the addresses in URI (Uniform Resource Identifier) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user's computer environment.
These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning and are deleted immediately after processing.
The data could be used to ascertain responsibility in case of hypothetical computer crimes against the site.
Cookie
Regarding the installation of cookies by this website, please refer to the Cookie policy
Refusal to provide data
Apart from that specified for navigation data, users / visitors are free to provide their personal data. The provision of Data is in some cases necessary because any refusal to provide them, could result in the failure to conclude or incorrectly fulfill the contract of which the interexed is a party and / or failure to comply with the legal obligations to which the Data Controller is subject.
The provision of Data for processing that requires consent is optional, failure to provide it will not make it impossible to use the products / services offered by the Data Controller. Even in case of consent, the interested party will still have the right to subsequently oppose, in whole or in part, the processing of their Personal Data for the purposes set out above, making a simple request to the Data Controller at the addresses indicated above.
Data source
The Data will be provided by the data subject.
Processing methods
In accordance with the provisions of art. 5 of the Regulation, the personal data being processed will be:
1. processed in a lawful, correct and transparent manner towards the interested party;;
2. collected and recorded for specific, explicit and legitimate purposes, and subsequently processed in terms compatible with these purposes;
3. adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;
4. accurate and, if necessary, updated;
5. processed in such a way as to ensure an adequate level of security;
6. stored in a form that allows the identification of the interested party for a period of time not exceeding the achievement of the purposes for which they are processed.
The treatment will be carried out both with manual and/or IT and telematic tools with organization and processing logics strictly related to the purposes themselves and in any case in order to guarantee the security, integrity and confidentiality of the data in compliance with the organizational, physical measures and logics required by current provisions.
Data communication
Personal data may be communicated to the subjects authorized to process, as well as to the external data processors appointed by the owner (the complete list of external managers is available from the Data Controller), responsible for managing the purposes set out above. As part of the pursuit of the aforementioned purposes, the data may be disclosed to other subjects who act as independent Data Controllers
Data Dissemination
Personal data will not be disseminated.
Transfer of data abroad
For the purposes indicated above, Personal Data will be processed within the European Economic Area (EEA). If they are transferred to third countries, in the absence of an adequacy decision of the European Commission, the provisions of the applicable legislation on the transfer of Personal Data to third countries, such as the Standard Contractual Clauses provided by the European Commission, will still be respected.
Data retention
In general, Personal Data will be kept for the time strictly necessary to pursue the purposes for which they were collected and processed, including the retention period required by applicable legislation and, in any case, for a maximum period of 10 years from the termination of the relationship with the Data Controller.
Rights of the data subjects
Pursuant to European Regulation 679/2016 art. from 15 to 22 and of the national legislation in force, the data subject may, in the manner and within the limits established by current legislation, exercise the following rights:
- request confirmation of the existence of personal data concerning him (right of access);
- know its origin;
- receive intelligible communication;
- have information about the logic, methods and purposes of the processing;
- request the updating, rectification, integration, cancellation, transformation into anonymous form, blocking of data processed in violation of the law, including those no longer necessary for the pursuit of the purposes for which they were collected;
- as well as, more generally, to exercise all the rights that are recognized by the current provisions of the law.
The exercise of rights may take place by sending a request that must be addressed without any formalities to the Data Controller at the addresses indicated above.
Before providing an answer, the Data Controller may need to identify the interested party, by requesting to provide a copy of his identity document.
Written feedback will be provided without undue delay and, in any case, no later than one month after receipt of the request.
In the event that the interested party considers that the processing of their personal data violates the provisions of EU Regulation 2016/679, he has the right to lodge a complaint with the Guarantor Authority for the Protection of Personal Data, pursuant to Article 77 of the Regulation itself, as well as appeal to the judicial authority.