Poseidon / Giardini Poseidon Terme - Ischia

Politique de confidentialité

Privacy Law Compliance

Privacy policy of the site and Privacy of the guests of the Poseidon Thermal Gardens Resort s.a.s. of Lucia Staudinger

Site's Privacy Policy

The site's management of the personal date of the users who consult it is described below.

This information only applies to the website www.giardiniposeidonterme.com and not to any other website accessed via links.

THE DATA "CONTROLLER"

Following consultation of this site, data may be processed on identified or identifiable people.

The Data Controller is the POSEIDON THERMAL GARDENS S.A.S. OF LUCIA STAUDINGER (henceforth POSEIDON THERMAL GARDENS S.A.S.)

TYPES OF DATA PROCESSED - Navigation data

The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.

This information is not collected to be associated with identified individuals, but by its very nature could, through processing and associations with data held by third parties, allow users to be identified.

This category of data includes the IP addresses or domain names of computers used by users connecting to the site, the URI (Uniform Resource Identifier) addresses of requested resources, the time of the request, the method used to submit the request to the server, the file size obtained in response, the numerical code indicating the status of the response from the server (successful, error, etc.) and other parameters relating to the user's operating system and computer environment.

This data is only used to obtain anonymous statistics on site usage and to check its correct functioning. The data could be used to ascertain responsibility in the event of hypothetical computer crimes against the site. No data deriving from the web service is disclosed.

Data provided voluntarily

In some pages on the Site, personal data may be requested. In this case, you will be provided with the information pursuant to art. 13 of Legislative Decree No. 196/2003 concerning the processing of personal data in relation to individual purpose.

Specific synthesis information will appear below this.

Other than that specified for navigation data, the provision of data for further processing purposes is optional. Their absence can make it impossible to pursue such additional purposes.

DATA PROCESSING METHOD

Personal data is processed by automated tools for the time strictly necessary to achieve the purposes for which it has been collected.

The processing operations connected to the web services of this site is managed by the staff of the Poseidon Thermal Gardens s.a.s. or others responsible for occasional maintenance operations.

Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorised access.

No data deriving from the web service is disclosed.

The personal data provided by users who request the dispatch of informative material (newsletters, answers to questions, etc.) is only used to perform the service requested and are only communicated to third parties where necessary for that purpose.

NOTICE: the cookie policy is available through the appropriate disclaimer present when first opening a section of the site.

DATA PROVISION

Other than that specified for navigation data, the user is free to provide the personal data requested during the course of navigation to request the sending of informative material or other communications.

Their absence can make it impossible to fulfil the request.

When the user visits a part of the Site that requests the collection of personal data, a link is always provided to this document and, if necessary, agreement is required.

The optional, explicit and voluntary sending of e-mails to the addresses listed on this site entails the subsequent acquisition of the sender's address, which is necessary to respond to any requests, and any other personal data included in the message.

You will find below specific information related to the pages of the site designed for special services upon request or through which personal information can be acquired.

Contacts

The personal data provided spontaneously by the data subject via the contacts area:
  • a) are processed with automated tools primarily to:
    • obtain a certain response, and to timely meet the needs of the data subject,
    • comply with the legal obligations arising from the laws, rules and community regulations, comply with the instructions issued by the Judicial Authority,
    • power the public knowledge acquisition system, necessary for verifications, to improve and design a more efficient service that's appropriate for the request,
    • may be handled by sales agents, maintenance personnel of the information systems responsible for ensuring the functionality of the systems, data security and backup operations, other employees within the limits of the assignments received and the provisions of company procedures and others providing services for auxiliary purposes to fulfil the requests of the data subject, only to the extent strictly necessary to carry out their duties;
  • b) may be disclosed or made available:
    • to parties who may access the data under provisions of the law, regulation or legislation, to the extent permitted by these standards;
    • to other third parties providing services for purposes related to the fulfilment of the requests of the data subject, to the extent strictly necessary to carry out their duties.


Finally, it is stated that legislation requires the acquisition of a consent for the processing of judicial data and data defined as "sensitive" (that is, the data "revealing racial or ethnic origin, religious, philosophical or other beliefs, political opinions, membership of parties, unions, associations or organisations of a religious, philosophical, political or trade union nature, as well as personal data disclosing health status or sex life"); therefore THE USER IS INVITED TO NOT include in the initial contact request any information falling within these categories CONSIDERING THAT, in this information can not be processed without explicit consent

Any Newsletter Subscriptions

The personal data provided spontaneously by the data subject by subscribing to the Newsletter:
  • are processed primarily using automated tools for the sole purpose of meeting the requests of the data subject, who has the right to terminate the above processing at any time.
  • may be handled by marketing and communication personnel, maintenance personnel of the information systems responsible for ensuring the functionality of the systems, data security and backup operations, other employees within the limits of the assignments received and the provisions of company procedures and others providing services for auxiliary purposes to fulfil the requests of the data subject, only to the extent strictly necessary to carry out their duties
  • may be disclosed or made available:
    • to parties who may access the data under provisions of the law, regulation or legislation, to the extent permitted by these standards,
    • to other third parties providing services for purposes related to the fulfilment of the requests of the data subject, to the extent strictly necessary to carry out their duties.
    • to affiliated companies (subsidiaries - parent) only for current administrative and accounting purposes related to meeting the requests of the data subject

Rights of Data Subjects

The subjects to whom the personal data refers have the right to obtain confirmation of the existence or otherwise of such data and any time and to know its content and origin, verify its accuracy or request its integration, updating or correction (art. 7 Legislative Decree 196/2003).

Pursuant to the same Article, users have the right to request the cancellation, transformation into anonymous form or blocking of data processed unlawfully, and to oppose in any case, for legitimate reasons, their processing.

Requests should be sent to the POSEIDON THERMAL GARDENS S.A.S. via the contact area of the site www.giardiniposeidonterme.com or by sending an e-mail to direzione@giardiniposeidonterme.com

Privacy of Park Guests

As part of the continuous updating activities of our procedures to respect the Privacy of our guests and the obligations imposed by Legislative Decree 196/2003, we thought it appropriate to summarize in this document all information relating to the processing of personal data already present in the documents made available to guests, supplemented with more specific guidance in order to give full transparency to our work for all data acquired in taking reservations, issuing free or reduced rate tickets, managing some forms of payment, public relations and relations with the public.

Why the data is processed

The data provided by the guest directly or through a third party (name, surname, any identification document if necessary, and for the purchasing/booking of tickets at a reduced rate for companions, special requests to meet special needs or their companion, documentation certifying the degree of disability) data relating to the services purchased and the Park entry intended to be made or already made (e.g.: schedule, arrangement, for any special services requested for the disabled) in certain cases relating to the Institution (travel agency, company, association, etc.) which organised or offered access and use of the services at our facilities to the guest.

The ticket office will occasionally make a photocopy of an identity document of the person making the payment by credit card or cheque as a guarantee of the guest themselves, photocopies are destroyed as soon as the need for such a guarantee ceases. We remind you that the standard (art. 26 of Legislative Decree 196/2003) establishes special protections for data defined as "sensitive", that is, the data "revealing racial or ethnic origin, religious, philosophical or other beliefs, political opinions, membership of parties, unions, associations or organisations of a religious, philosophical, political or trade union nature, as well as personal data disclosing health status or sex life". This data may only be processed with the written consent of the data subject and the prior consent of the Privacy Guarantor. Some of the data described above, such as that acquired in connection with the issuance of reduced rate tickets for the disabled, fall into this category, for this reason the data subject's specific consent will be required, should the characteristics or processing methods require.

How the data is processed

In relation to the aforementioned purposes, the processing of personal data may take place with paper, computer and telematic systems. Always while guaranteeing absolute confidentiality, relevance and not excessive compared to the purposes described above, in terms of data recording and retention periods.

Data relating to reservations and reduced rate tickets in particular is stored in the Poseidon Thermal Gardens s.a.s database for the purposes outlined in the paragraph above.  

Who it can be processed by

The data may be processed by the following categories of employees and/or managers:
  • business administration and management,
  • ticketing/subscriptions personnel,
  • reservations personnel, call centre personnel,
  • access control personnel,
  • administrative personnel for the management of administrative aspects,
  • marketing personnel,
  • with the exception of consultation, the maintenance personnel of information systems that is responsible for ensuring the functionality of the systems, data security and backup operations, companies/consultants, appointed external managers, who need to access some data to manage auxiliary services requested by the data subject, to the extent strictly necessary to perform the duties assigned to them such as: assistance in the execution or the direct execution of tax/accounting/welfare obligations, computer system management, financial services, health care, only to the extent necessary to effectively perform their functions.

Who it can be disclosed to

Personal data may be disclosed or made available:
  • to parties who may access the data under provisions of the law, regulation or legislation, to the extent permitted by these standards;
  • to public or private institutions that manage mail delivery services;
  • limited to accounting and tax nature to banks, financial institutions, data processing companies and companies issuing credit cards, for activities strictly related to the execution and administration of the contract;
  • to other entities (companies/consultants) who need to access certain data to manage auxiliary services requested by the data subject, to the extent strictly necessary to perform the duties entrusted to them such as assistance in the execution or the direct execution of tax/accounting/welfare obligations, computer systems management, financial services;
  • to institutions which were able to make reservations or purchase named tickets (associations, travel agencies, etc.) in the form of confirmation, that have direct relationships with the guest; in this context the data processing in question may also consist of communication abroad, both within and outside the European Union to the guest's country of origin, with prior authorisation (if provided).

All the communications outlined above are of course limited to only the data necessary for the recipient Institution/Office (which will remain the autonomous Data Controller for all subsequent processing) to fulfil their duties and/or achieve the purposes related to the communication itself.

When data disclosure is required

The communication and updating of their data is only in relation to the performance of contractual and fiscal obligations provided for by the currents laws and the enforcement of obligations under the contract (ref. Letters a-b-c-d of point 2). Failure to comply with this obligation by the party concerned would make it impossible for POSEIDON THERMAL GARDENS S.A.S. to meet the guest's requirements and perform all the normal practices related to ticket issuance or the acceptance of a reservation. Of course, in each case, a compulsory data communication indication is always given depending on the means used (via highlighting on forms and on forms present on the internet site or indication given by staff of the POSEIDON THERMAL GARDENS S.A.S.)  

Dissemination of data

It should be specified that most processing carried out is not subject to the acquisition of consent in accordance with art. 24 of Legislative Decree 196/2003, except in some cases (such as the processing required for issuing tax invoices, tickets or subscriptions, or the purchase of treatments offered by the wellness centre) for which specific forms have been prepared.

Personal data will not be disclosed by POSEIDON THERMAL GARDENS S.A.S..

However, it is necessary to point out that during TV filming/recordings/photographic services intended for broadcast, made by other guests, some identifiable resort guests may occasionally appear.   

Data Controller

The data Controller is the POSEIDON THERMAL GARDENS S.A.S. – Via Giovanni Mazzella (Citara Bay) – 80075 FORIO (NA)  

Who to contact for more information

To exercise your rights pursuant to art. 7 of Legislative Decree 192/2003 which we report integrally attached, those interested may contact the Manager for this purpose at the park's Sales and Marketing Department by telephoning the number +39 081 908 71 11, sending a fax to the number +39 081 908 71 30, or sending an e-mail to: direzione@giardiniposeidonterme.com  

NOTICE:

to avoid abuse by guests, reduced rate tickets are personal and staff may require the submission of a document to verify the identity of the beneficiaries. It is recommended that you look after your tickets carefully, notifying any loss to the number 081 908 71 11.

Art. 7 of Legislative Decree 196/2003. Rights allocated to the data subject.

  1. The data subject has the right to obtain confirmation of the existence or not of any personal data concerning themselves, even if not yet recorded, and their communication in intelligible form.
  2. The data subject has the right to obtain information:
    • a. on the origin of the personal data;
    • b. on its purposes and processing method;
    • c. on the logic applied when processing via electronic tools;
    • d. on the identification of the data controller, managers and representative appointed under Article 5, paragraph 2;
    • e. on the recipients or categories of recipients to whom the personal data may be communicated or who may come to learn of it as appointed representatives in the State, managers, or agents.
  3. The data subject has the right to obtain:
    • a. the updating, rectification or, when interested, the integration of the data;
    • b. the cancellation, transformation into anonymous form or blocking of data processed unlawfully, including data whose retention is unnecessary for the purposes for which the data was collected or subsequently processed;
    • c. the certification that the operations in letters a) and b) hvae been notified, also as regards their content, to those to whom the data was communicated or disclosed, except where such compliance is impossible or involves a manifestly disproportionate use of the methods with respect to the protected right.
  4. The data subject has the right to object, in whole or in part:
    • a. for legitimate reasons, to the processing of personal data, pertinent for collection purposes;
    • b. to the processing of personal data for the purpose of sending advertising materials, direct selling or for carrying out market research or commercial communication.

Last updated: January 2016

Information in accordance with the decision of 15 May, 2013

Information concerning the processing of personal data pursuant to Article 13 of Legislative Decree 196/2003 (Personal Data Protection Code) in accordance with the regulation issued by the Italian Data Protection Authority for the protection of personal data "regarding the handling of personal data for 'direct marketing' purposes through "traditional and automated contact methods" of 15 May 2013 (Official Journal no. 174 of 26 July, 2013)

The company Poseidon Thermal Gardens s.a.s of Lucia Staudinger, acting as Data Controller, hereby informs you that the processing of your personal data to send communications, information, newsletters, studies and research, as well as personalised advertising material regarding the Poseidon Thermal Gardens thermal park and/or the purchase of services offered at its facilities, as well as for conducting market research and/or to send communications, information, newsletters, studies and research, as well as personalised adertising material concerning third party products and services where you have given your consent, may be done wither by automated contact methods (e-mail, fax) or traditional contact methods (paper-based mail, operator calls).
We remind you that in accordance with Article 7 of Legislative Decree 196/2003, you may object freely, in whole or in part t the processing of your personal data for the purposes of sending advertising materials, direct selling, or for the performance of market research or commercial communications made either by automated (e-mail, fax) or traditional (paper-based mail, operator calls) contact methods.

If it is your intention that the processing of your personal data for the above purposes is carried out solely by traditional contact methods, you will be able to object to the processing of your personal data via automated contact methods.
To exercise your rights, you may contact the Data Controller by sending a letter to Poseidon Thermal Gardens s.a.s. Via Giovanni Mazzella (Baia di Citara) – 80075 Forio (NA) - Tel. 081 908 71 11 - Fax 081 908 71 30 or an e-mail to direzione@giardiniposeidonterme.com.