Privacy Policy

1. Data Controller

The data controller for the processing carried out through the Site is Pompei Centrum as defined above. For any information regarding the processing of personal data by the data controller, including the list of data processors handling data, you can write to the following address: info@pompeicentrum.it

2. Personal Data Subject to Processing

Following navigation of the Site, we inform you that the data controller will process personal data which may consist of an identifier such as name, identification number, online identifier, postal address, email address, telephone number (landline and/or mobile), or one or more characteristics of your physical, physiological, mental, economic, cultural, or social identity capable of identifying or making the data subject identifiable (hereinafter only “Personal Data“).

The Personal Data processed through the Site are as follows:

1. Navigation Data

Computer systems and software procedures used for the operation of the Site acquire, during their normal operation, some Personal Data, the transmission of which is implicit in the use of Internet communication protocols. These are pieces of information that are not collected to be associated with identified individuals, but which by their very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes IP addresses or domain names of the computers used by users who connect to the Site, URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.), and other parameters relating to the user’s operating system and computer environment. This data is used solely to obtain anonymous statistical information about the use of the Site and to ensure its proper functioning, to identify anomalies and/or abuses, and is deleted immediately after processing. The data may be used to ascertain responsibility in the event of hypothetical computer crimes against the site or third parties: except for this possibility, at present the data collected by the site are removed within a short period of time.

2. Data Voluntarily Provided by the Data Subject

In using certain Services of the Site (such as the request/contact/booking form), personal data of third parties sent by you to the controller may be processed. In relation to such hypotheses, you act as an independent data controller, assuming all legal obligations and responsibilities. In this sense, you provide the broadest indemnity with regard to any dispute, claim, request for compensation for damage from processing, etc. that may be received by the controller from third parties whose personal data has been processed through your use of the Site functions in violation of applicable data protection laws. In any case, if you provide or otherwise process personal data of third parties in using the Site, you hereby guarantee – assuming all related responsibilities – that this specific processing scenario is based on an appropriate legal basis under Article 6 of the Regulation that legitimizes the processing of the information in question.

3. Cookies

General Information about Cookies

Cookies are small text files that are stored on the hard drive of your computer via a web page and through your browser to store small amounts of information about the page for a limited period of time. There are different types of cookies. Some are essential for the operation of the site, such as navigation cookies or shopping cart cookies. Additionally, there are so-called analytics cookies, which collect information such as the number of visitors to the website and the path visitors take to reach the site. Functional cookies allow the site to remember the selection made (such as selected filter settings or the language setting of a site).

Furthermore, there are so-called profiling cookies, which record user preferences and actions. Based on this information, a user profile is created. This serves to match advertising messages with user interests and thus allows for more targeted advertising for specific target groups. In many cases, the site operator uses third-party cookies to deliver personalized advertising.

Mandatory Consent for Cookies

Site visitors must actively consent to the use of non-essential cookies for the operation of the website and have the right to withdraw their consent at any time.

This website uses a technology called CMP (Consent Management Platform) to manage this right. When you access the site, a banner appears informing the user about the use of cookies, offering various consent options (accepting all cookies, individual categories of cookies, or each individual cookie separately), and providing detailed information about the different types. The CMP stores the user’s choices and applies them to the next visit to the site.

How to Avoid Installing Cookies Directly Through Your Browser

Firefox:

1. Click on the menu and then on Settings.
2. Select the Privacy panel.
3. In the History section, select Use custom settings.
4. In the options that appear now, uncheck “Accept Cookies.”
5. Click OK.

For more detailed information, see: https://support.mozilla.org/it/kb/Bloccare%20i%20cookie

Google Chrome

1. Click on the menu and then on Settings.
2. At the bottom, click Show advanced settings.
3. In the Privacy section, click Content settings.
4. In the Cookies section, select Store cookies and site data.
5. Click Done.

For more detailed information, see: https://support.google.com/chrome/answer/95647?hl=it

Internet Explorer

1. Select the Tools menu and then Internet Options. If you do not see the toolbar, hover over the menu symbol and select Internet Options.
2. Select the Privacy panel.
3. Using the scroll device, you can select different cookie processing modes. If the device is at the top, all cookies are disabled, while if it is at the bottom, all cookies are enabled.
4. Click OK.

For more detailed information, see: http://windows.microsoft.com/it-it/windows-vista/block-or-allow-cookies

Safari

1. In the settings section, select Privacy.
2. Under Accept Cookies, you can define whether and how Safari should store site cookies. For more information, click on the help panel, represented by a question mark.

For more detailed information, see: https://support.apple.com/kb/PH5042?locale=en_US

3. Purposes of the Processing

The processing that we intend to carry out, with your specific consent, where necessary, has the following purposes:

1. Allowing the provision of the Services requested by you;
2. Responding to requests for assistance, information, or reservations;
3. Fulfilling any legal, accounting, and tax obligations;
4. Marketing purposes: the data provided may be processed, subject to explicit and specific consent, for sending promotional and marketing communications, including newsletters and market research, through automated (SMS, MMS, email, push notifications) and non-automated (postal mail, telephone with operator) tools. The legal basis for the processing of your data for these purposes is Article 6, paragraph 1, letter a) of the Regulation. Direct marketing processing is optional and depends on your free choice; therefore, failure to give your consent for this purpose will not affect the use of the services.

4. Legal Basis and Mandatory or Optional Nature of the Processing

The legal basis for the processing of Personal Data for the purposes referred to in section 3 (a-b-c) is Article 6(1)(b) of the Regulation (performance of a contract) as the processing is necessary for the provision of the Services or for responding to requests from the data subject. The provision of Personal Data for these purposes is optional, but failure to provide it would make it impossible to activate the Services provided by the Site or respond to requests.

The purpose referred to in section 3.d represents a legitimate processing of Personal Data pursuant to Article 6(1)(c) of the Regulation (compliance with a legal obligation). Once the Personal Data is provided, the processing is indeed necessary to comply with a legal obligation to which the data controller is subject.

The legal basis for the processing for the purposes referred to in section 3.e is Article 6(1)(a) of the Regulation (user consent). For processing carried out for the same purposes that involve the direct sending of advertising material or direct sales or the performance of one’s own market research or commercial communications relating to products or services similar to those purchased by you, the Data Controller may use, without your consent, email and postal addresses, in accordance with and within the limits permitted by Article 130, paragraph 4 of the Code and by the provision of the Guarantor for the protection of personal data of June 19, 2008. The legal basis for the processing of your data for this purpose is Article 6(1)(f) of the Regulation (legitimate interest).

5. Recipients of Personal Data

Your Personal Data may be shared, for the purposes set out in section 3 above, with:

1. Subjects acting typically as data processors, namely: i) individuals, companies, or professional firms that provide assistance and advice to the data controller in accounting, administrative, legal, tax, financial, debt recovery, marketing, and communication matters concerning the provision of the Services; ii) subjects with whom it is necessary to interact for the provision of the Services (e.g., hosting providers) iii) or subjects delegated to perform technical maintenance activities (including maintenance of network equipment and electronic communication networks); (collectively “Recipients”);
2. Subjects, entities, or authorities to whom it is mandatory to communicate your personal data by law or by orders of the authorities;
3. Persons authorized by the data controller to process Personal Data necessary to perform activities strictly related to the provision of the Services or to the other purposes set out above in section 3, who have undertaken to maintain confidentiality or have an adequate legal obligation of confidentiality (e.g., employees of the data controller).

6. Transfers of Personal Data

Some of your Personal Data is shared with Recipients who may be located outside the European Economic Area. The data controller ensures that the processing of your Personal Data by these Recipients complies with the Regulation. Indeed, transfers may be based on an adequacy decision, on the Standard Contractual Clauses approved by the European Commission, or on another suitable legal basis. Further information is available from the data controller by writing to the following address: info@pompeicentrum.it

7. Data Retention

Personal Data processed for the purposes described in section 3(a-b) will be kept for the time strictly necessary to achieve those same purposes. In any case, since these are processing activities carried out for the provision of Services, the data controller will process Personal Data until the time permitted by Italian law to protect its interests (Article 2946 of the Italian Civil Code and subsequent articles). Regarding CVs transmitted through the Site or via email as described in section 3.c, Personal Data will be retained for a period considered appropriate in relation to the purpose for which the data is acquired. The data controller reserves the right to contact the candidate shortly before the expiration date to request an extension of this retention period.

Personal Data processed for the purposes described in section 3.d will be retained until the time prescribed by the specific obligation or applicable legal norm.

Personal Data processed for the purposes described in section 3.e will instead be retained until the revocation of consent by the data subject, or, in the absence of such revocation, for a maximum period deemed appropriate.

Further information regarding the data retention period and the criteria used to determine this period can be requested by writing to the data controller at the following address: info@pompeicentrum.it

8. Rights of the Data Subjects

Under Articles 15 and following of the Regulation, you have the right to request from the data controller, at any time, access to your Personal Data, rectification or erasure of such data, or restriction of processing in cases provided for in Article 18 of the Regulation. You also have the right to receive the Personal Data concerning you, which you have provided to the data controller, in a structured, commonly used, and machine-readable format and have the right to transmit those data to another controller, where technically feasible, in accordance with Article 20 of the Regulation.

Requests should be addressed in writing to the data controller at the following address: info@pompeicentrum.it

Furthermore, you always have the right to lodge a complaint with the competent supervisory authority (Garante per la Protezione dei Dati Personali), pursuant to Article 77 of the Regulation, if you believe that the processing of your Personal Data is not in compliance with the applicable regulations.

9. Changes

This privacy policy is effective from 02.04.2024. The data controller reserves the right to modify or simply update its content, in part or in full, also due to changes in the applicable legislation. The content of the website and this privacy policy may be subject to changes; therefore, the Data Controller invites you to regularly check this section to stay informed about the most recent and updated version of the privacy policy in order to always be informed about the data collected and its use.