According to the General Data Protection Regulation (GDPR) 2016/679 we hereby inform you about the following :
1. Your personal information will be collected and processed in order to let you obtain tourist services on the web-site www.rometours365.com.
2. Providing the requested data collection is a compulsory matter, it won’t be possible to release any of our services without it.
3. Data will be communicated exclusively to the subject necessaries to create a valid contract (i.e. the transportation company which will handle the service). There will be no dissemination of given data.
4. The processing of given data is totally by computerized means.
5. The data controller is :
Via Pian due Torri 90 – 00146 Rome (RM) – Italy
6. Any other information could be requested at : firstname.lastname@example.org
At any time you will be entitled to exercise your rights according to Italian Legislative Decree no. 196 dated 30 June 2003, as follows:
(Right to Access Personal Data and Other Rights)
1. A data subject shall have the right to obtain confirmation as to whether or not personal data concerning him exist, regardless of their being already recorded, and communication of such data in intelligible form.
2. A data subject shall have the right to be informed :
a) of the source of the personal data;
b) of the purposes and methods of the processing;
c) of the logic applied to the processing, if the latter is carried out with the help of electronic means;
d) of the identification data concerning data controller, data processors and the representative designated as per Section 5(2);
e) of the entities or categories of entity to whom or which the personal data may be communicated and who or which may get to know said data in their capacity as designated representative(s) in the State’s territory, data processor(s) or person(s) in charge of the processing.
3. A data subject shall have the right to obtain :
a) updating, rectification or, where interested therein, integration of the data;
b) erasure, anonymization or blocking of data that have been processed unlawfully, including data whose retention is unnecessary for the purposes for which they have been collected or subsequently processed;
c) certification to the effect that the operations as per letters a) and b) have been notified, as also related to their contents, to the entities to whom or which the data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected.
4. A data subject shall have the right to object, in whole or in part,
a) on legitimate grounds, to the processing of personal data concerning him/her, even though they are relevant to the purpose of the collection;
b) to the processing of personal data concerning him/her, where it is carried out for the purpose of sending advertising materials or direct selling or else for the performance of market or commercial communication surveys.