Privacy – Information on current legislation
GDPR – Article 13 of European Regulation 2016/679
Privacy Policy pursuant to Art. 13 of the European Data Protection Regulation 2016/679 and Art. 13 Privacy Code (Legislative Decree No. 196/2003), taking into account Recommendation No. 2/2001 adopted on 17 May 2001, to users accessing this site and using the services made available by Ramingo Travel as described in detail in the terms of service and relates to all personal data that Ramingo Travel collects and holds on its users and their account.
This information is provided for the service accessible from this website and not for other websites and/or applications that may be consulted by the user via links to external third-party pages.
The data controller is Ramingo Travel, based in Piazza brigata Pavia no. 7 – 48124 Ravenna (RA), VAT no.: 02624750390, e-mail: ramingotravel@frigerioviaggi.com
The data will be stored in databases owned by the data controller, in data centres located within the European Union.
Data processing is normally carried out at the Data Controller’s premises, by staff or external collaborators duly designated as data processors or persons in charge of processing.
Data collected
The personal data processed are data collected as:
(a) provided directly by the person concerned;
(b) collected automatically.
a) The data provided directly by the data subject are all the personal data entered by the user within the site for the use of the service or which are in any case provided to the Data Controller by any means.
b) Automatically collected data are navigation data. The computer systems and software procedures used to operate this website acquire, in the course of their normal operation, certain personal data whose transmission is implicit in the use of Internet communication protocols. This is information that is not collected in order to be associated with identified data subjects, but which by its very nature could, through processing and association with data held by third parties or by the data controller, allow users to be identified. This category of data includes the IP addresses or domain names of the computers used by users who connect to the site, the URI notation addresses of the resources requested, the time of the request, the method used to submit the request to the server, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user’s operating system and IT environment. This data is used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning. The data could be used to ascertain liability in the event of computer offences against the site or other users: except in this case, web contact data are currently not retained for more than 24 months.
In particular, the data processed are:
Mail address
Name and surname of the customer or his nominee
Non-personal customer identification data referring to a legal entity (head office, VAT or tax code, company name)
Following the sending of newsletters relating to information on the service, the platform used makes it possible to detect the opening of a message and the clicks made within the newsletter itself, together with details of the IP and browser/device used. The collection of this data is crucial for the operation of the dispatch platform.
Recipients
Data of a personal nature provided may be disclosed to duly appointed recipients who will process the data as data processors and/or as persons in charge of processing, in order to fulfil contracts or related purposes.
In particular, the personal data of the data subject may be communicated to recipients belonging to the following categories:
competent authorities to fulfil legal obligations and/or provisions of public bodies, upon request;
banks and other credit institutions;
computer equipment repair and/or maintenance companies;
professional firms, companies or trade associations providing certain accounting or tax services;
The data controller does not disclose any of the data subjects’ information to third parties without their consent, except where required by law. The dissemination of processed personal data is in any case excluded. The full list of data processors and persons in charge of processing personal data can be obtained by sending a request to ramingotravel@frigerioviaggi.com.
Purpose of processing
Data are processed exclusively for the purposes for which they are collected, as described below. The data controller uses the data provided by the data subjects for:
Ensure the proper fulfilment of contractual obligations in order to execute the services made available through the website;
Manage the account of registered users to benefit from the related services offered by the Data Controller;
Improving the Service and Offering Customer Support;
Fulfilment of legal obligations, regulations, EU legislation;
Managing customers (administration of customers, contracts, orders, shipments and invoices);
Only in the event of specific consent of the user, in order to allow adhesion to specific and additional services such as the sending of future informative and promotional communications.
The provision of the data listed in the “Collected Data” section for the purposes set out in points 1 to 5 is compulsory in order to allow the user to access and make full use of the functionalities of the service, and the legal basis of the processing for the aforementioned purposes is to be found in contractual or pre-contractual requirements and for the fulfilment of legal obligations to which the Data Controller is subject. For this reason, any refusal to process or the failure, inaccuracy or partial provision of data may result in the impossibility of proper provision of the Service.
The provision of data for the purposes referred to in point no. 6 (newsletters for promotional, informational or research purposes) is optional and refusal to consent to such processing nevertheless allows the contractual relationship with Ramingo Travel to be executed, but will result in the impossibility of being updated on commercial initiatives and/or promotional campaigns, of receiving offers or other promotional material and/or of sending the user personalised offers.
Data Transfer
In the event that personal data is transferred outside the European Union, for technical operational purposes and to ensure a high continuity of service, the Data Controller shall ensure that the transfer is based on an adequacy decision of the Commission, in order to ensure that the level of protection of natural persons guaranteed by the applicable legislation and in particular by the EU Regulation 2016/679 is not affected.
More information can be obtained by sending a request to ramingotravel@frigerioviaggi.com.
Treatment modalities
Personal data are processed by automated and manual means for the time strictly necessary to achieve the purposes for which they were collected.
As soon as personal data are no longer necessary for the purposes for which they were collected, the data controller shall delete them unless the law provides for archiving obligations or the user has consented to their processing for a longer period of time.
In particular, the personal data collected are stored and processed for the entire duration of the existing contractual relationship with the user in relation to the type of service chosen. In any case, the personal data collected shall be definitively deleted 24 months after the termination of the contractual relationship, unless the law requires storage for longer periods of time.
Specific security measures are observed to prevent loss of data, unlawful or incorrect use and unauthorised access.
Rights of the data subject
Pursuant to Articles 12 – 23 of EU Regulation 2016/679 each data subject has the right to request access to personal data, rectification, deletion of personal data, restriction of processing, objection to processing and the right to data portability.
The provision of data for the purpose of sending newsletters for promotional, information or research purposes has as its legal basis the consent given by the person concerned. For this reason, the right to revoke such consent at any time is recognised, without prejudice to the lawfulness of the processing based on the consent before revocation and without such revocation causing any detrimental consequences for the data subject.
The data subject also has the right to lodge a complaint with a supervisory authority.
Requests under the above points should be sent by e-mail to ramingotravel@frigerioviaggi.com .
The data controller will, within the time limits established by the applicable legislation, provide timely responses to requests to exercise the rights of data subjects.
Updates and modifications
The Data Controller reserves the right to amend, supplement or update this Policy from time to time in accordance with applicable legislation or measures adopted by the Data Protection Authority.
The aforementioned changes or additions will be brought to the attention of those concerned by e-mail and by means of a link to the Privacy Policy page on this site. Every data subject is in any case invited to regularly review the Privacy Policy in order to check the updated Information Notice.