Privacy Policy of “28 Posti”
This Privacy Policy indicates the methods for collecting and processing User Data collected through interactions with Il Luogo di Aimo and Nadia ("Il Luogo", the Data Controller) for the use of our Services – including telephone or e‐mail contacts, access to the website, reservations, Social channels, any app or other digital services (each of them is a "Service", overall they are "The Services").
The methods implemented include the EU 2016/679 Regulation of the European Parliament, known as GDPR (General Data Protection Regulation) – concerning the protection of persons, with particular regard to the processing and transmission of Personal Data. Through the use of the Services, the User consents to the terms of this Policy.
Data Controller
The Data Controller of Personal Data is:28 Posti
Via Corsico 1
20144 Milano
P.IVA 07922910968
E‐mail: 28posti@gmail.com
Data collected by the Data Controller
When the User interacts with us through the Services, we may collect data from the User or from other sources.Data we collect consists of:
· Data provided directly at the time of registration or use of the Services. This data may vary, but typically consists of a name, email address, postal address, telephone number, and other similar contact information.
· Demographic data (country and language).
· Payment details, such as credit card information or billing address.
· Data about the physical device, as device type, Operating System.
· Usage data, such as functionality and services accessed.
· Location data: IP address and geographical macro zone.
· Information on User preferences.
· Third‐party integration. If the User uses the Services through a third party (for example, Social Media or a Booking Platform), this third party may share some Data with us.
The User assumes the responsibility of the Personal Data of third parties published or shared through this Site and guarantees to have the right to communicate or disseminate them, freeing the Data Collector from any liability to third parties.
How the Data Controller uses the collected Data
We treat Users' Personal Data by taking appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of Personal Data. Processing is carried out using IT and / or telematic tools, with organizational methods and with logic strictly related to the purposes indicated.In addition to the Data Controller, in some cases, the Data may have access to the data of the persons involved in the organization of the site (administrative, commercial, legal, system administrators) or external subjects (such as third party technical service providers, mail carriers, hosting providers, IT companies, communication agencies) also appointed, if necessary, Responsible for the Processing of Personal Data by the Site.
The updated list of the Managers can always be requested to the Place, Data Controller. We use the collected data for the following purposes:
Provide our Services.
We use the data collected to provide our services. In particular (and in non‐exhaustive terms):
· Register reservations.
· Memorize any specific requests of the User (for example the request for particular menus).
· Issuing invoices.
Communicate with Users.
We use the Data collected to communicate with Users, including answers to questions or requests from the User. In particular:
· Respond to requests from users who contact us for requests, information or reservations.
· Provide information on a User's Personal Data.
· Send newsletters and information on events or initiatives.
We may also use the Data in other ways, indicated at the time of collection, or on which we have received explicit consent. The information in this Statement does not set limits with respect to the treatments we will perform on aggregate, pseudonymised or anonymized data.
How we share data with third parties
The Data we collect may be shared with third parties. When this happens, it is for the following purposes:Provide the Services.
We collaborate with other companies to manage the Services or perform certain functions on our behalf, for example, maintaining our database, sending newsletters, managing our websites and digital platforms. We may provide these companies with access to User data to enable them to perform these functions in a manner consistent with this Policy.
When necessary in special circumstances.
We may disclose Users' Personal Data when disclosure is necessary for:
· Respect the laws, or against any requests from the Authorities.
· Prevent fraud, abuse or other illegal or unauthorized activities.
· For the defense by the Owner in court, or in the preparatory stages for its eventual establishment.
The User declares to be aware that the Data Controller may have to disclose Personal Data in case of request by public Authorities.
Data Processing Office
Data are processed:· at the Data Controller headquarter.
· at the (operational) headquarters of any third parties (see the previous Paragraph).