menu
/
Cancel/modify
reservation
WhatsApp
Call
Book
GPS
Privacy policy 1

Privacy policy

The purpose of this document is to inform the natural person (hereinafter “Data Subject”) about the processing of his/her personal data (hereinafter “Personal Data”) collected by the data controller, Sixters Rooms SNC di Rudia e Veronica Salvati, with registered office in Via Milazzo 8, 00185 Roma (RM), Tax Code/VAT No. 14615481000, e-mail address amministrazione@47steps.it, (hereinafter “Data Controller”), via the website www.47steps.it (hereinafter “Application”).

Changes and updates will be effective as soon as they are published on the Application. In case of non-acceptance of the changes made to the Privacy Policy, the Data Subject shall stop using this Application and may ask the Data Controller to delete his/her Personal Data.

Categories of Personal Data processed

The Data Controller processes the following types of Personal Data voluntarily provided by the Data Subject:


The Data Controller processes the following types of Personal Data collected automatically:


If the Data Subject decides not to provide Personal Data for which there is a legal or contractual obligation, or if such data is a necessary requirement for the conclusion of the contract with the Data Controller, it will be impossible for the Data Controller to establish or continue any relationship with the Data Subject.


The Data Subject who communicates Personal Data of third parties to the Data Controller is directly and exclusively liable for their origin, collection, processing, communication or divulgation.

Legal basis and purpose of data processing

The processing of Personal Data is necessary:

  1. for the performance of the contract with the Data Subject and especially:
    1. fulfillment of any obligation arising from the pre-contractual or contractual relationship with the Data Subject
    2. registration and authentication of the Data Subject: to allow the Data Subject to register in the Application, to access it and to be identified in it, also via external platforms
    3. support and contact with the Data Subject: to answer the Data Subject's requests
    4. management of payment: to manage payments by credit card, bank transfer or other methods

  2. for legal obligations and especially:
    1. the fulfilment of any obligation provided for by the applicable norms, laws and regulations, in particular, on tax and fiscal matters

  3. for the legitimate interest of the Data Controller, for:
    1. marketing purposes by e-mail of products and/or services of the Data Controller  to directly sell the Data Controller's products or services using the email provided by the Data Subject in the context of the sale of a product or service similar to the one being sold
    2. management, optimization and monitoring of the technical infrastructure: to identify and solve any technical issue, to improve the performance of the Application, to manage and organize the information in a computer system (e.g. server, database, etc.)
    3. security and anti-fraud: to guarantee the security of the Data Controller’s assets, infrastructures and networks
    4. anonymous data based statistics: in order to carry out statistical analysis on aggregated and anonymous data in order to analyze behaviors of the Data Subject to improve products and/or services provided by the Data Controller and better meet the expectations of the Data Subject

  4. on the basis the Data Subject's consent, for:
    1. profiling the Data Subject for marketing purposes: to provide the Data Subject with information on the Data Controller's products and/or services through automated processing designed to collect personal information to predict or assess the Data Subject's preferences or behaviors
    2. retargeting and remarketing: to reach with a customized advertisement the Data Subject who has already visited or shown interest in the products and/or services offered by the Application using his Personal Data. The Data Subject may opt-out by visiting the Network Advertising Initiative page
    3. detection of the exact location of the Data Subject: to detect the presence of the Data Subject, to control logins, times and presence of the Data Subject in a specific place, etc.


On the basis of the legitimate interest of the Data Controllerowner, the application allows interactions with external web platforms or social networks whose processing of personal data is governed by their respective privacy policies to which please refer. The interactions and information acquired by this Application are in any case subject to the privacy settings that the Data Subject has chosen on such platforms or social networks. Such information - in the absence of specific consent to processing for other purposes - is used exclusively to allow the use of the Application and to provide the information and services requested.The Data Subject's Personal Data may also be used by the Data Controller to protect itself in judicial proceedings before the competent courts.Data processing methods and receivers of Personal DataThe processing of Personal Data is performed via paper-based and computer tools with methods of organization and logics strictly related to the specified purposes and through the adoption of appropriate security measures.Personal Data are processed exclusively by:


The subjects listed above are required to use appropriate measures and guarantees to protect Personal Data and may only access data necessary to perform their duties.Personal Data will not be indiscriminately shared in any way.PlacePersonal Data will not be transferred outside the territory of the European Economic Area (EEA).Personal Data storage periodPersonal Data will be stored for the period of time that is required to fulfill the purposes for which it was collected. In particular:


At the end of the conservation period, all Personal Data will be deleted or stored in a form that does not allow the identification of the Data Subject.Rights of the Data SubjectData Subjects may exercise specific rights regarding the Personal Data processed by the Data Controller. In particular, the Data Subject has the right to:


In order to use their rights, Data Subjects may send a request to the following e-mail address amministrazione@47steps.it. Requests will be immediately treated by the Data Controller and processed as soon as possible, in any case within 30 days.

Last update: 02/04/2021