Sereno Hotels is committed to protecting our customer privacy and takes its responsibility regarding the security of customer information very seriously. We will be clear about the information we are collecting and what we will do with that information. This Policy sets out the following:
- What personal data we collect and process about you in connection with your relationship with us as a customer and through your use of our website;
- Where we obtain the data from;
- What we do with that data;
- How we store the data;
- Who we transfer/disclose the data to;
- How we deal with your data protection rights;
- And how we comply with the data protection rules.
- All personal data is collected and processed in accordance with Italian and EU data protection laws.
DATA CONTROLLER “Sereno Hotels”, “Il Sereno”, “Le sereno” (reffered to as “we”, “us”, “our” or “ourselves” in this policy) in this policy primarily refers to Sereno Hotels and its affiliates directly involved in the management and operation of properties in the following jurisdictions: in Italy this is Le Sereno Lago di Como Srl, Sereno Restaurants Italia Srl, Sereno Italia Srl, and in Saint Barthélemy this is Blue SAS, Le Sereno Sarl, Ser2 Sarl. Sereno Hotels is the “data controller “of all personal information that is used and collected about Il Sereno & Le Sereno customers for the purposes of GDPR 679/2016.
1. WHAT PERSONAL DATA WE COLLECT
Personal data means any information relating to you which allows us to identify you, such as your name, contact details, booking reference number, payment details and information about your access to our website. Specifically, we may collect the following categories of information:
- Contact information (such as name, email address, mailing address, and phone number);
- Payment information (including payment card numbers, billing address, and bank account information);
- Demographic data (such as age, gender, country, and preferred language);
- Information related to your reservation, stay, or visit to any property of Sereno Hotels (including where you have stayed, date of arrival and departure, and goods and services purchased;
- Information necessary to fulfill your special requests and/or specific accommodations;
- Loyalty program member information, online account details, profile or password details and any frequent flyer or travel partner program affiliation;
- Copies of your correspondence if you contact us;
- Your interests and preferences;
- Information collected through the use of closed circuit television systems, card key and other security systems; and
- Information related to your use and interaction with our website.
- Information related to your employment or if you apply for a job with us.
Personal details about your physical or mental health are considered “sensitive” personal data under applicable data protection laws. We will process any such data only if you have given your explicit consent, or it is necessary (for instance if you request special assistance), or you have deliberately made it public.
2. HOW DO WE OBTAIN YOUR PERSONAL DATA
Your personal data may be collected in a variety of ways, including:
- Security Systems: When you visit our managed properties, information may be collected about you through such properties’ closed circuit television systems, electronic key cards and other security systems.
- Information from Other Sources: We may receive information about you from other sources, such as public databases, joint marketing partners, and other third parties. This may include information from your travel agent, airline, credit card, and other partners.
- Age Limitations: Sereno Hotels do not knowingly collect personally identifiable information from any person under the age of 18. Sereno Hotels may collect personal information from people under the age of 18 as part of the guest registration process, but always with the consent of such person’s parent or guardian. If you believe we have improperly collected the personal data of a person under the age of 18, please contact us at email@example.com and we will delete the data.
3. HOW WE USE YOUR PERSONAL DATA AND FOR HOW LONG
Your personal data may be used for the following purposes:
- Fulfillment of Reservation and Other Purchases: We may process personal data relating to transactions that you enter into with us and/or through our website (“transaction data”). The transaction data may be processed for the purpose of completing your room reservation, supplying the purchased goods and services, customizing our services to your preferences, seeking your feedback on your stay at our properties, and keeping proper records of those transactions. (Legal Basis: contractual necessity, consent);
- Response to Inquiries: We may process personal data contained in or relating to any communication that you send to us (“correspondence data”). The correspondence data may include the communication content and metadata associated with the communication and may be processed for the purposes of communicating with you and record-keeping. (Legal Basis: contractual necessity, consent);
- Internal Business Purposes: For our internal business purposes, such as data analysis, audits, developing new products, enhancing the website, improving our services, identifying usage trends and visiting patterns, determining the effectiveness of our promotions, and meeting contractual obligations. This includes sharing personal data within the Sereno Hotels family of companies. (Legal Basis: contractual necessity, consent);
- Administrative and Other Communications: To send you important information regarding our website, changes to our terms, conditions, and policies, or other administrative information (e.g., information about your travel reservations, such as reservation confirmations). (Legal Basis: contractual necessity, consent);
- Marketing and Promotions: To communicate news and promotions to you relating to products and services that we think may be of interest to you. You will be given the opportunity on every e-communication that you receive to indicate that you no longer wish to receive our marketing material. (Legal Basis: Consent, legitimate interest in marketing.)
- Safety and Security: To maintain your safety and security as well as that of other guests and personnel, while you visit our managed hotels and villas.
- Legal Reasons: To comply with legal and regulatory requirements or demands in accordance with applicable law, a court order, subpoena, or other legal process, as part of a merger or acquisition of one of our properties, or to exercise our legal rights and to protect and defend us in connection with any legal action.
- Additional Uses: We may also use your data other ways as described to you when you provide such information to us. (Legal Basis: contractual necessity, consent);
- Credit or other payment card verification/screening: we use your payment information for accounting, billing and audit purposes and to detect and/or prevent any fraudulent activity. (Legal Basis: contractual necessity, consent);
- Customs control safety: we are obliged to provide your information to Questura /Central Police Station. (Legal Basis: Compliance with a legal obligation.)
We will only process your personal data where we have a legal basis to do so. The legal basis will depend on the reasons we have collected and need to use your personal data for. The data process must be in compliance with applicable laws, regulations, court orders or other legal process. Only children aged 16 or over can provide their own consent, otherwise consent of the children’s parents or legal guardians is required. We will retain your data only for a strictly necessary time in order to fulfill the purpose for which it is processed. To determine the appropriate retention period, we take into consideration the amount, nature and sensitivity of the personal data, the purposes for which we process it and whether we can achieve such purposes through other means. Your personal data will be securely deleted or destroyed when we no longer need it. We will also consider if and how we can minimize and anonymize the personal data we use so that it can no longer identify you. When personal data is anonymized, it no longer relates to you and is not considered personal data.
4. SECURITY OF YOUR PERSONAL DATA
The data you provide to us is protected by reasonable administrative, organizational, technical safeguards and security measures to protect it against accidental loss, destruction or damage. We regularly review and monitor such safeguards and security measures. Although we take reasonable steps to safeguard personal data, no practices are 100% secure, and we do not guarantee the security of your data.
5. INTERNATIONAL DATA TRANSFER
Sereno Hotels operates business in multiple jurisdictions and we require our services providers to process your information in a secure manner. As an international hotel management company with global diversity of our business, it is fundamental that we share information across multiple jurisdictions in order to provide you with the best possible service. Such transfers may be to a country which may not provide the same level of privacy protection as that provided by the country in which you are located, but we will take reasonable steps to ensure that while your personal data is within our control, we will provide reasonable security and confidentiality procedures to keep your personal data secure and confidential. You may contact us at firstname.lastname@example.org to obtain more information about these safeguards.
6. SHARING YOUR PERSONAL DATA
The specific kind of personal data we share will depend on the context of your interactions with Sereno Hotels, and the services you use. Accordingly, your personal data may be shared with the following parties as reasonably necessary for the purposes, and on the legal bases, set out in this policy:
- to any hotels and residences managed by us;
- to the representative or travel advisor that has supplied us with your personal information (for example, your travel agent, personal assistant, employer or spouse who has provided us with your details);
- to third parties not affiliated with Sereno Hotels when we have your consent to do so;
- to our marketing and advertisement partners to provide you with more-relevant ads;
- to any third parties to the extent necessary with respect to a sale of all or part of our business operations or assets.
8. DATA PROTECTION RIGHTS
Under certain circumstances, by law you have the right to:
- Request information about whether we hold personal data about you, and if so, what that data is and why we are holding/using it.
- Request access to your personal data which enables you to receive a copy of your data subject access request to check that we are lawfully processing it.
- Request correction of the personal data that we hold about you.
- Request erasure of your personal data where there is no good reason for us to continue processing it or after having exercised your right to object to processing.
- Object to processing of your personal data and where we are processing your personal data for direct marketing purposes.
- Object to automated decision-making including profiling of your personal data.
- Request the restriction of processing of your personal data, by asking to suspend the processing of such information.
- Withdraw consent in the same manner in which you provided your consent to to the collection, processing, and transfer of your personal data for a specific purpose.
If you want to exercise any of these rights, please contact our Data Protection Officer (DPO) at email@example.com.
9. PRIVACY POLICIES OF OTHER WEBSITES
11. CONTACTING THE SUPERVISORY AUTHORITY
Should you wish to report a complaint about how we treat your personal data, you may contact the Italian Supervisory Authority (Garante per la protezione dei dati personali):
Piazza di Monte Citorio, 121
+39 06 696771
12. HOW TO CONTACT US