DATA PROTECTION DECLARATION
This privacy statement is addressed to all parties using this website in accordance with the regulation (EU) 2016/679 of the European Parliament and of the Council of 27.04.2016 (General Data Protection Regulation - GDPR).
The declaration only applies to the mentioned page and not to any other pages that may be accessible to the user by clicking on a hyperlink.
The operator of this site guarantees that, in accordance with the law, personal data will be processed in compliance with the basic rights and freedoms and with the dignity of the person concerned, in particular for the purposes of confidentiality, personal identity and the right to the protection of personal data.
1. Name and address of the responsible person and of the data protection officer
Responsible person in the sense of GDPR:
Bio Hotel & Residence Kaufmann
South Tyrol– Italy
+39 0471 810 004
Data Protection Officer:
2. Location of data processing
ALL-INKL.COM – Neue Medien Münnich
D- 02742 Friedersdorf
Ubicazione del server: Germania.
ALL-INKL.COM è uno dei pochi operatori che dispone di diversi centri di elaborazione dati propri. Questi sono ubicati a Dresda/Germania. Pertanto tutti i dati dei nostri utenti verranno memorizzati unicamente su server siti in Germania e sono dunque soggette, in materia di privacy, anche alla legislazione tedesca, considerata particolarmente severa.
3. Extent and legal basis of the processing of personal data
We generally only process personal data of our users as far as this is necessary for the provision of a functional website as well as of our contents and services. Processing of personal data is carried out only with the consent of the user. An exception applies in those cases in which it is not possible to obtain prior consent for actual reasons and the processing of the data is permitted or provided for by legal regulations.
The legal basis for the processing of personal data is Art. 6 GDPR and, if necessary, specific contractual agreements with the user and associated obligations.
4. Data deletion and storage period
Unless specifically stated, we store personal data only for as long as necessary to fulfil the purposes pursued.
In some cases, the law prescribes the retention of personal data. In these cases, we only store the data for these legal purposes, but do not process it elsewhere and delete it after the legal retention period has expired.
5. General purposes of the processing
We use personal data for the purpose of providing this website and for the purposes set out below.
6. What data we use and why
Access data / server log files
When you use this website, information about your usage behaviour and your interaction with the site, as well as data about your computer or mobile device, is automatically collected (so-called server log files). This data includes:
- Name and URL of the website accessed
- Date and time of access
- Browser type and version
- Operating system
- Referer URL (i.e. the previously visited page)
- IP address of the client/user
All log files listed above are automatically deleted from our server after 365 days. The IP address of the user is only stored partially anonymised during this period. The collection of data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website. We use this log data without assigning it to you personally or otherwise profiling it for statistical evaluations for the purpose of the operation, security and optimisation of our website, but also for the anonymous recording of the number of visitors to our website (traffic) and the extent and type of use of our website and services, as well as for accounting purposes in order to measure the number of clicks received from cooperation partners. This information allows us to provide personalised and location-based content and to analyse traffic, find and fix errors and improve our services.
This is also our legitimate interest in data processing according to Art 6 (1) f) GDPR.
In addition, accesses with the full IP address are administratively logged by the website operator, among other things, for the purpose of detecting and defending against cyber-attacks. This data is deleted after a maximum of seven days.
The following cookies are used on this page:
Further information on the use, management and deletion of cookies can be found under the following link: [Click here]
According to its own information, Google has submitted to the Privacy Shield Agreement concluded between the European Union and the USA and has been certified for this purpose. Google thereby agrees to comply with the standards and regulations of European data protection law. You can find more information in the following linked entry: [Click here]
We have activated IP anonymisation on this website (anonymizeIp). This means that your IP address is shortened beforehand by Google within member states of the European Union or in other contractual states of the Agreement on the European Economic Area. Only in exceptional cases the full IP address is transmitted to a Google server in the USA and shortened there.
Further information on the use, administration and deletion of cookies can be found under the following link: [Click here]
You can also prevent the transmission of data generated by cookies and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link: [Click here]
As an alternative to the browser plug-in or within browsers on mobile devices, you can click on the following link to set an opt-out cookie that will prevent the collection by Google Analytics within this website in the future (this opt-out cookie only works in this browser and only for this domain. If you delete the cookies in your browser, you must click this link again): [Click here]
Google Web Fonts
This site uses so-called web fonts provided by Google for the uniform display of fonts. When you open a page, your browser loads the required web fonts into its browser cache in order to display texts and fonts correctly.
For this purpose, the browser you are using must connect to Google's servers. This informs Google that our website has been accessed via your IP address. Google Web Fonts are used in the interest of a consistent and appealing presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6 (1) f) GDPR.
If your browser does not support web fonts, a standard font from your computer will be used.
Contact form and e-mail contact
Our website contains a contact form that can be used for electronic requests. If a user makes use of this option, the data entered in the form will be transmitted to us and stored.
For the processing of the data, your consent is obtained during the sending process and reference is made to this data protection declaration. The legal basis for the processing of the data is therefore your explicit consent in accordance with Art. 6 Para. 1 a) GDPR.
As an alternative, it is possible to contact us via the e-mail address provided. In this case, the user's personal data transmitted with the e-mail will be stored. The legal basis for the processing of the data is therefore your explicit consent in accordance with Art. 6 Para. 1 a) and b) GDPR.
In this context, the data will not be passed on to third parties. The data is used exclusively for processing the conversation.
The processing of the personal data from the input mask serves us solely to process the contact. In the case of contact by e-mail, this also constitutes the necessary legitimate interest in processing the data.
The other personal data processed during the sending process (server log files) serve to prevent misuse of the contact form and to ensure the security of our information technology systems.
The user has the option to revoke his or her consent to the processing of personal data at any time.
Widget Google Maps
We integrate maps (Google Maps) from the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, in one or more places on this website. These are integrated via a script, whereby your IP address and your location data are sent to Google (but not without your consent, usually in the context of the settings made on your end device). The data may be processed in the USA.
Google is certified under the Privacy Shield agreement (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active) and thereby offers a guarantee of compliance with European data protection law.
7. Your rights as a person affected by data processing
If your personal data is processed, you are a person concerned within the meaning of the GDPR and you have the following rights towards the responsible person:
- the right to confirmation and information
- the right to rectification
- the right to erasure ("right to be forgotten")
- the right to restriction of processing
- the right to be informed
- the right to data transferability
- the right to object
- the right to revoke the declaration of consent under data protection law
- the right not to be subject to automated decision-making, including profiling
- the right to lodge a complaint with the supervisory authority.
Detailed information on the individual rights can be found under the following link: [Click here]
8. Data security
We are very concerned about the security of your data within the framework of the applicable data protection laws and technical possibilities.
Your personal data is always transmitted in encrypted form. This applies in particular to your orders and also to the customer login. You can recognise an encrypted connection by the fact that the address line of the browser changes from http:// to https:// and by the lock symbol in your browser line. We use the SSL (Secure Socket Layer) coding system, but we would like to point out that data transmission on the Internet (e.g. when communicating by e-mail) can have security gaps. Complete protection of data against access by third parties is not possible.
To protect your data, we maintain technical and organisational security measures in accordance with Art. 32 GDPR, which we continuously adapt to the state of the art.
We also do not guarantee that our service will be available at certain times; disruptions, interruptions or failures cannot be excluded. The servers we use are carefully backed up on a regular basis.
9. Disclosure of data to third parties
Generally, we only use your personal data within our company. However, we cannot exclude that when data is transferred to third parties, it may be transferred to another EU or non-EU country or to an international organisation, provided that this is in accordance with the purpose of the data processing.
If and to the extent that we involve third parties in the performance of contracts (such as logistics service providers), they will only receive personal data to the extent that the transfer is necessary for the relevant service.
In the event that we outsource certain parts of data processing (commissioned processing), we contractually oblige commissioned processors to use personal data only in accordance with the requirements of data protection laws and to ensure the protection of the rights of the data subject.
10. Further information
If you have any questions or concerns about data protection, please contact our controller/data protection firstname.lastname@example.org
Competent supervisory authority (Italy): Garante per la Protezione dei Dati Personali, Piazza di Monte Citorio 121, 00186 ROME, Tel: (+39) 06.696771, Fax: (+39) 06.69677.3785, E-mail: email@example.com, Website: http://www.garanteprivacy.it/.