1. Introduction and scope
This privacy policy provides information about the nature, scope, and purpose of the collection and use of personal data on our website www.borgo-vecchio.com. The protection of your personal data is very important to us. We therefore process your data exclusively on the basis of the legal provisions, in particular the EU General Data Protection Regulation (GDPR) and the national data protection laws of Italy that apply to us. This statement applies to all visitors and users of our website.
2. Data controller
The responsible party within the meaning of the GDPR and other national data protection laws of the member states as well as other data protection regulations is:
BORGOVECCHIO SRL SEMPLIFICATA
60 Vencareto Street
61039 San Costanzo (PU)
Italy Represented by the legal representative:
Mr. Eimer Philipp Martin 3. Principles and legal basis of data processing
Personal data is any information relating to an identified or identifiable natural person (Art. 4 No. 1 GDPR). This includes, for example, your name, your email address, or your IP address.
We only process your personal data if one of the following conditions is met:
•Consent (Art. 6 para. 1 lit. a GDPR): You have given us your voluntary and informed consent for one or more specific purposes (e.g., for sending newsletters or using certain cookies).
•Contract fulfillment (Art. 6 para. 1 lit. b GDPR): Processing is necessary for the performance of a contract to which you are party or in order to take steps at your request prior to entering into a contract (e.g., for a booking request).
•Legal obligation (Art. 6 para. 1 lit. c GDPR): Processing is necessary for compliance with a legal obligation to which we are subject.
•Legitimate interest (Art. 6 para. 1 lit. f GDPR): Processing is necessary to safeguard our legitimate interests or those of a third party, unless your interests or fundamental rights and freedoms requiring the protection of personal data prevail.
4. Data processing when visiting our website
4.1 Hosting and server log files
Our website is hosted by Strato AG, Otto-Ostrowski-Straße 7, 10249 Berlin, Germany. Each time our website is accessed, our host's system automatically collects data and information from the computer system of the accessing computer and stores it in so-called server log files. The following data is collected:
•IP address of the requesting device (in anonymized form)
•Name and URL of the retrieved file
•Website from which access is made (referrer URL)
•Browser used and its version
This data is processed on the basis of our legitimate interest (Art. 6 (1) (f) GDPR) in the secure, stable, and high-performance provision of our website. The data is required to ensure system security and for error analysis. This data is not merged with other data sources. We have a data processing agreement (DPA) in accordance with Art. 28 GDPR.
4.2 Cookies and cookie consent tool
Our website uses cookies. These are small text files that are stored on your device. We use the consent management tool CookieYesto obtain your consent to the storage of certain cookies and to document this in accordance with data protection regulations.
•Technically necessary cookies: These are essential for the basic operation of the website. Their processing is based on our legitimate interest (Art. 6 para. 1 lit. f GDPR).
•Functional, analysis, and marketing cookies: These cookies are only set with your express consent (Art. 6 (1) (a) GDPR). They serve to improve functionality and user-friendliness, analyze website usage, and personalize content.
You can revoke your consent at any time for the future via the cookie settings on our website.
4.3 Contacting us (email and contact form)
If you contact us by email or via the contact form provided on the website (implemented with the MetForm plugin), we will use the information you provide to contact you. MetForm), the data you provide (e.g., name, email address, your request) will be stored by us for the purpose of processing your request and in case of follow-up questions. Processing is carried out for the purpose of implementing pre-contractual measures or fulfilling a contract (Art. 6 para. 1 lit. b GDPR).
4.4 Newsletter
You can subscribe to our newsletter via our website. To do so, we need your email address and your consent. To ensure that you are the owner of the email address, we use the double opt-in procedure. After registering, you will receive an email with a confirmation link. Only after clicking on this link will you be added to the distribution list.
The processing of your data for the purpose of sending the newsletter is based exclusively on your consent (Art. 6 para. 1 lit. a GDPR). You can revoke this consent at any time by unsubscribing via the unsubscribe link in the newsletter.
5. Services and plugins used
5.1 Web analytics with WP Statistics
We use the WP Statistics plugin on our website. WP Statisticsplugin on our website to analyze user behavior and optimize our offering. This is a self-hosted solution that does not transfer any data to external servers. We have configured WP Statistics to store IP addresses anonymously. Processing is based on our legitimate interest (Art. 6 (1) (f) GDPR) in the statistical analysis of user behavior for optimization purposes.
5.2 Google Fonts
To ensure uniform font display, we use Google Fonts on this website, which are provided by Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland). When you visit a page, your browser loads the required fonts directly from Google's servers. Your IP address is transmitted to Google in the process. Since Google also operates servers in the USA (Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA), data transfer to the USA cannot be ruled out.
The use of Google Fonts is based on your consent (Art. 6 para. 1 lit. a GDPR), which you give via our cookie banner. We would like to point out that the USA is classified as an unsafe third country in terms of data protection law. You can revoke your consent at any time.
5.3 Multilingualism with Weglot
In order to offer our website in multiple languages, we use the Weglot service. Weglot (Weglot SAS, 138, rue Pierre Joigneaux, 92270 Bois-Colombes, France). Weglot enables the translation of website content. When using this service, technical data (e.g., IP address) may be transferred to Weglot. The processing is necessary for the provision of a multilingual website and thus for the fulfillment of the contract (Art. 6 (1) (b) GDPR) as well as for the protection of our legitimate interests (Art. 6 (1) (f) GDPR). We have concluded a data processing agreement with Weglot.
5.4 Social Media
On our website, you will find links to our profiles on Facebook and Instagram. These are pure links, not embedded plugins. Only when you click on the corresponding link will a connection to the servers of the respective social network be established. For information on data processing by these providers, please refer to their privacy policies.
6. Your rights as a data subject
You have the following rights regarding your data processed by us:
•Right to information (Art. 15 GDPR)
•Right to rectification (Art. 16 GDPR)
•Right to erasure ("right to be forgotten") (Art. 17 GDPR)
•Right to restriction of processing (Art. 18 GDPR)
•Right to data portability (Art. 20 GDPR)
•Right to object (Art. 21 GDPR)
•Right to withdraw consent (Art. 7(3) GDPR)
To exercise your rights, you can contact us at any time using the contact details provided in Section 2.
7. Right to lodge a complaint with the supervisory authority
If you believe that the processing of your personal data violates the GDPR, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement, without prejudice to any other administrative or judicial remedy (Art. 77 GDPR).
The supervisory authority responsible for us in Italy is:
8. Data security
When you visit our website, we use the widely used SSL (Secure Socket Layer) procedure in conjunction with the highest level of encryption supported by your browser. You can recognize an encrypted connection by the lock symbol in the address bar of your browser and by the URL beginning with "https://".
9. Current status and changes to this privacy policy
This privacy policy is currently valid. Due to the further development of our website and offers or due to changed legal or official requirements, it may become necessary to amend this privacy policy. You can access and print out the current privacy policy at any time on the website.
