Sereno Hotels is committed to protecting our customer privacy and takes its responsibility regarding the security of customer information very seriously. We will be clear about the information we are collecting and what we will do with that information. This Policy sets out the following:
- What personal data we collect and process about you in connection with your relationship with us as a customer and through your use of our website;
- Where we obtain the data from;
- What we do with that data;
- How we store the data;
- Who we transfer/disclose the data to;
- How we deal with your data protection rights;
- And how we comply with the data protection rules.
- All personal data is collected and processed in accordance with Italian and EU data protection laws.
DATA CONTROLLER “Sereno Hotels”, “Il Sereno”, “Le sereno” (reffered to as “we”, “us”, “our” or “ourselves” in this policy) in this policy primarily refers to Sereno Hotels and its affiliates directly involved in the management and operation of properties in the following jurisdictions: in Italy this is Le Sereno Lago di Como Srl, Sereno Restaurants Italia Srl, Sereno Italia Srl, and in Saint Barthélemy this is Blue SAS, Le Sereno Sarl, Ser2 Sarl. Sereno Hotels is the “data controller “of all personal information that is used and collected about Il Sereno & Le Sereno customers for the purposes of GDPR 679/2016.
1. WHAT PERSONAL DATA WE COLLECT
Personal data means any information relating to you which allows us to identify you, such as your name, contact details, booking reference number, payment details and information about your access to our website. Specifically, we may collect the following categories of information:
- Contact information (such as name, email address, mailing address, and phone number);
- Payment information (including payment card numbers, billing address, and bank account information);
- Demographic data (such as age, gender, country, and preferred language);
- Information related to your reservation, stay, or visit to any property of Sereno Hotels(including where you have stayed, date of arrival and departure, and goods and services purchased);
- Information necessary to fulfill your special requests and/or specific accommodations;
- Loyalty program member information, online account details, profile or password details and any frequent flyer or travel partner program affiliation;
- Copies of your correspondence if you contact us;
- Your interests and preferences;
- Information collected through the use of closed circuit television systems, card key and other security systems; and
- Information related to your use and interaction with our website.
Personal details about your physical or mental health are considered “sensitive” personal data under applicable data protection laws. We will process any such data only if you have given your explicit consent, or it is necessary (for instance if you request special assistance), or you have deliberately made it public.
2. WHERE WE DO WE OBTAIN THE DATA FROM
Your data may be collected in a variety of ways, including:
- Security Systems: When you visit our managed properties, information may be collected about you through such properties’ closed circuit television systems, electronic key cards and other security systems.
- Information from Other Sources: We may receive information about you from other sources, such as public databases, joint marketing partners, and other third parties. This may include information from your travel agent, airline, credit card, and other partners.
- Age Limitations: Sereno Hotels do not knowingly collect personally identifiable information from our websites from any person under the age of 18. Sereno Hotels may collect personally identifiable information from people under the age of 18 as part of the guest registration process, but always with the consent of such person’s parent or guardian.
3. WHAT DO WE USE YOUR PERSONAL DATA FOR, WHY AND FOR HOW LONG
Your data may be used for the following purposes:
- Fulfillment of Reservation and Other Purchases: We may process information relating to transactions that you enter into with us and/or through our website (“transaction data”). The transaction data may be processed for the purpose of completing your room reservation, supplying the purchased goods and services, customizing our services to your preferences, seeking your feedback on your stay at our properties, and keeping proper records of those transactions.
- Response to Inquiries: We may process information contained in or relating to any communication that you send to us (“correspondence data”). The correspondence data may include the communication content and metadata associated with the communication and may be processed for the purposes of communicating with you and record-keeping.
- Internal Business Purposes: For our internal business purposes, such as data analysis, audits, developing new products, enhancing the website, improving our services, identifying usage trends and visiting patterns, determining the effectiveness of our promotions, and meeting contractual obligations.
- Administrative and Other Communications: To send you important information regarding our website, changes to our terms, conditions, and policies, or other administrative information (e.g., information about your travel reservations, such as reservation confirmations).
- Marketing and Promotions: To communicate news and promotions to you relating to products and services that we think may be of interest to you. You will be given the opportunity on every e-communication that you receive to indicate that you no longer wish to receive our marketing material.
- Safety and Security: To maintain your safety and security as well as that of other guests and personnel, while you visit our managed hotels and villas.
- Our Legal Duties: To comply with legal and regulatory requirements or demands in accordance with applicable law, a court order, subpoena, or other legal process.
- Additional Uses: We may also use your data other ways as described to you when you provide such information to us.
- Credit or other payment card verification/screening: we use your payment information for accounting, billing and audit purposes and to detect and/or prevent any fraudulent activity.
- Customs control safety: we are obliged to provide your information to Questura /Central Police Station.
We will only process your personal data where we have a legal basis to do so. The legal basis will depend on the reasons we have collected and need to use your personal data for. The data process must be in compliance with applicable laws, regulations, court orders or other legal process. Only children aged 16 or over can provide their own consent, otherwise consent of the children’s parents or legal guardians is required. We will retain your data only for a strictly necessary time in order to fulfill the purpose it is processed for. To determine the appropriate retention period, we take into consideration the amount, nature and sensitivity of the personal data, the purposes for which we process it and whether we can achieve such purposes through other means. Your personal data will be securely deleted or destroyed when we no longer need it. We will also consider if and how we can minimize and anonymize the personal data we use so that it can no longer identify you. In such circumstance, we may use that information without further notice to you.
4. SECURITY OF YOUR PERSONAL DATA
The data you provide to us is protected by reasonable administrative, organizational, technical safeguards and security measures to protect it against accidental loss, destruction or damage. We regularly review and monitor such safeguards and security measures.
5. INTERNATIONAL DATA TRANSFER
Sereno Hotels operates business in multiple jurisdictions and we require the services providers to process your information in a secure manner. As an international hotel management company with global diversity of our business, it is fundamental that we share information across multiple jurisdictions in order to provide you with the best possible service.
6. SHARING YOUR PERSONAL DATA
The specific kind of information we share will depend on the context of your interactions with Sereno Hotels, and the services you use. Accordingly, your personal information may be shared with the following parties as reasonably necessary for the purposes, and on the legal bases, set out in this policy:
- to any hotels and residences managed by us;
- to the representative or travel advisor that has supplied us with your personal information (for example, your travel agent, personal assistant, employer or spouse who has provided us with your details);
- to third parties not affiliated with Sereno Hotels when we have your consent to do so;
- to our marketing and advertisement partners to provide you with more-relevant ads;
- to any third parties to the extent necessary with respect to a sale of all or part of our business operations or assets.
7. DATA PROTECTION RIGHTS
Under certain circumstances, by law you have the right to:
- Request information about whether we hold personal information about you, and if so, what that information is and why we are holding/using it.
- Request access to your personal information which enables you to receive a copy of your data subject access request to check that we are lawfully processing it.
- Request correction of the personal information that we hold about you.
- Request erasure of your personal information where there is no good reason for us to continue processing it or after having exercised your right to object to processing.
- Object to processing of your personal information and where we are processing your personal information for direct marketing purposes.
- Object to automated decision-making including profiling of your personal information.
- Request the restriction of processing of your personal information, by asking to suspend the processing of such information.
- Withdraw consent in the circumstance where you have provided your consent to to the collection, processing, and transfer of your personal information for a specific purpose.
If you want to exercise any of these rights, please contact our Data Protection Officer (DPO) at firstname.lastname@example.org.