In compliance with the Italian Legislative Decree No 196 dated June 30, 2003 on Privacy Code, together with subsequent amendments and additions, we herewith provide you with the necessary information on the purposes and methods of the processing of your Personal Data. This privacy statement applies only to our site and does not apply to other websites that the user may consult via links on the websites under the data controller’s domain name that shall not be held liable under any circumstances for websites of third parties. This information notice is provided pursuant to Article 13 of Legislative Decree No 196/2003 - Personal Data Protection Code. The information notice has also been based on the Recommendation No 2/2001 which was adopted on May 17, 2001 by the European Data Protection Authorities that convened as part of the Working Group under Article 29 of Directive No 95/46/EC. The purpose of this Recommendation was to identify certain minimum requirements for the on-line collection of personal data and, in particular, the methods, timescales and nature of the information the data controllers must provide to users when they visit web pages, regardless of the purpose of their visit, including the provisions provided for by Directive 2002/58/EC, and updated by Directive 2009/136/EC, on cookies.

1. THE "DATA CONTROLLER" is Grand Hotel Imperiale SPA in the person of its pro-tempore legal representative, pursuant to Article 28 of the Italian Personal Data Protection Code.
THE “DATA PROCESSOR” is Umberto Butti • Via Durini SNC, 22010 Moltrasio Como, pursuant to Article 29 of the Italian Personal Data Protection Code.

Personal identification data
‘Personal Data’ shall mean all information relating to a natural person, identified or identifiable, even indirectly, through reference to any other information, including a personal identification number. ‘Identification Data’ shall mean all of your personal information which permit direct identification of the Data Subject (e.g. first name, last name, date of birth, address, telephone number, email address etc.) .
Browsing data
During their ordinary course of operation, the IT systems and software procedures required to run this website acquire certain Personal Data, whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified Data Subjects but, by its very nature, it could enable identification of the users through the processing and matching of data held by third parties.
This data category includes IP addresses or domain names of computers used by the users who visit the site, as well as the URI addresses (Uniform Resource Identifier) of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file received in reply, the numerical code indicating the status of the reply from the server (done, error, etc.) and other parameters related to the operating system and the IT environment of the user.
These data are only used to obtain anonymous statistical information on the use of the website and to control its correct functioning. They are cancelled immediately after processing.
Legal Defence
The user’s Personal Data may be used by the owner of the website in a legal defence, or during the preparatory stages of potential proceedings, against any abuse by the user of the website or its connected services. The data may be used to ascertain responsibility in the event of any potential computer crimes against the site.
The User's Personal Data may be processed due to additional procedures and purposes linked to maintenance.
Data provided voluntarily by the user
The optional, explicit and voluntary dispatching of electronic mail to the addresses indicated on this website and/or the completion of a data collection form entails the subsequent acquisition of the sender’s address, necessary to publish all comments received on the web site, as well as other personal data included in the email message.
The software applications used to run this website can contain cookie technology. Cookies are mainly used to help users navigate their websites efficiently and perform certain functions. Cookies may provide information about website navigation and enable the provision of certain services that require the identification of the user path profile through the navigation pages. Regardless of whether or not cookies are present, whenever you have access to the portal, the type of browser (e.g. Internet Explorer, Netscape), the operating system (e.g. Macintosh, Windows), the host and URL of the visitor as well as the data on the requested page are recorded. Users may set their browsers to warn of the presence of cookies, allowing the users to decide whether to accept the cookie or disable it. More details about cookies can be found on the websites of each browser provider.
Types of cookies
There are two types of cookies: session cookies and persistent cookies. Session (transient) cookies are not saved to the hard drive and are deleted from the cache when the user closes the session. Persistent cookies are stored on a user's hard drive until they expire or are deleted.
The cookies of the software applications used for this website are anonymous and cannot be traced back to the user’s Personal Data. No use is made of cookies for the transmission of information of a personal nature nor is any type of so-called persistent cookie used, i.e. user-tracking systems. The use of these cookies (which are not saved persistently on a user’s computer and are automatically removed once the browser session is terminated) is strictly limited to the transmission of session identifiers (random numbers generated by the server) necessary to allow a safe and efficient website navigation.
Thanks to these session cookies our website can avoid using other information technologies which might jeopardise the user's confidentiality and the acquisition of the user's personal identification data.
First party cookies are only readable by the domain creating them. Third party cookies are created and readable by domains external to this website. The software, used for website and platform, creates a cookie to the user in order to generate usage statistics, for example through Google Analytics. The data generated by this cookie are stored at Google Inc.
For the operation of cookies by Google Analytics consult the official documentation provided by Google at the url:

3. Purposes of Personal Data processing for which consent has been granted when requested (Article 23 of the Italian Legislative Decree No 196/03)
Personal Data and any other Sensitive Data spontaneously provided shall be processed, unless the Data Subject objects to the processing, exclusively for the purposes of:
- browsing on this website;
- performing general administrative/accounting activities;
- providing the information requested / disseminating your Personal Data and the comment You live in / through the data collection form in the specific sections of this website.

4. Processing methods and data retention
The processing shall be carried out automatically and/or manually, with methods and instruments that guarantee maximum security and confidentiality, carried out by authorised persons only in accordance with the provisions of Article 31 et seq. of the Italian Legislative Decree No 196/03. The data shall be retained for a period that does not exceed the purposes for which the data have been collected and subsequently processed.

5. Scope of data communication and dissemination
Your Personal data collected to be processed shall not be disseminated, except and only to the extent expressed in this Privacy Policy and Consent Form. However, they may be communicated to companies that are contractually bound to Grand Hotel Imperiale SPA, within the European Union, in accordance with and within the limits set forth in Article 42 of the Italian Legislative Decree No 196/2003. Personal Data may be transferred abroad to countries outside the EU, within the scope and within the limits imposed by Articles 43 and 44, letter b, of the Legislative Decree No 196/2003 in order to comply with contractual obligations and related purposes. The data may be communicated to third parties that fall under the following categories:
- entities that provide management services for the computer system and the telecommunications networks (including e-mails) used by Grand Hotel Imperiale SPA;
- offices and organisations as part of support and consultancy relationships;
- competent authorities to comply with legal obligations and/or provisions from public bodies, as requested.
The third parties that fall under these categories shall perform the role of Data Processors or operate in complete autonomy as separate Data Controllers. The list of Data Processors is constantly updated and available from the head offices of Grand Hotel Imperiale SPA. Any further communication or dissemination shall be possible only after the explicit consent of the Data Subject.

6. Nature of data provision and refusal.
The provision of data is necessary for browsing this website. Failure to provide them may make it impossible to browse the site.
The provision of data for the other purposes set out above is optional but necessary. As a matter of fact, if you refuse to provide the required data, we will not be able to perform closely related essential activities, such as providing you with any requested information/material or allowing you to benefit from the services of the Data Controller.

You may exercise your rights as expressed under Articles 7, 8, 9 and 10 of the Italian Legislative Decree No 196 dated June 30, 2003, by contacting the Data Controller, by calling our head offices at the following phone number +39-031346111 – Mr. Umberto Butti, or by sending an e-mail to the following address Questo indirizzo email è protetto dagli spambots. È necessario abilitare JavaScript per vederlo.. You have the right to obtain confirmation at any time on the existence, or not, of your data and to know its contents and origin, to verify its accuracy or to request that it is supplemented, updated or corrected (Article 7 of the Italian Personal Data Protection Code). Pursuant to the same Article, you also have the right to request the cancellation, anonymisation or blocking of any data being processed illegally. You are also entitled to reject any processing of these data on legitimate grounds.
When contacting the Data Controller, please provide your e-mail address, name, address and/or telephone number(s) so your request can be handled correctly.

8. Changes to this Privacy Policy Statement
The Data Controller reserves the right to amend, update, supplement or remove parts of this Privacy Policy Statement at its own discretion and at any time. We encourage you to periodically review our Privacy Statement. For your convenience, when we post changes, we will revise the "last updated" date at the bottom of the statement. By using the website following the publication of any amendments, you agree to these changes.

The Data Controller is Grand Hotel Imperiale SPA, Via Durini SNC, 22010 Moltrasio Como in the person of its pro tempore legal representative.
The Data Processor is Umberto Butti, Via Durini SNC, 22010 Moltrasio Como