Book Now
Info

Privacy Policy

Pursuant to Article 13 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 regarding the protection of natural persons with respect to the processing of personal data (hereinafter “GDPR”)

Dear Customers,
As of 25 May 2018, the GDPR referred to above has become fully effective and applicable. This regulation aims to make companies’ handling of information about natural persons (data subjects) more transparent when such information is used to provide the requested services.

In compliance with current European and Italian legislation, our Company ensures the protection, confidentiality, and integrity of your personal data. To this end, we have adopted specific organisational and security measures regarding the collection, use, storage, and deletion of personal information provided to us by data subjects — that is, by you.

We invite you to read this brief notice, which contains useful information on how we process your personal data, why we request it, and how you can exercise the rights granted to you under current legislation.

1. Data Controller

The Data Controller is La Quarta Isola di Maggio Antonino, VAT No. 01478880840, to whom you may address any request to exercise the rights recognised by the GDPR at the following contacts:
Email: info@laquartaisola.it

The Company has designed and developed an integrated search and consultation service, accessible remotely (the “Service”), through a dedicated online software platform that allows searches within the database and the display of results (the “Software Platform”) of multimedia thematic dictionaries. The Service is managed and provided via the website https://laquartaisola.it/ (the “Website”).

2. Data Processors

For certain processing activities (such as managing electronic payment transactions, handling tax obligations related to invoicing, storing data on servers), we use external parties specifically appointed as Data Processors. They guarantee — in compliance with the contract signed with the Controller — that data processing will be carried out according to the instructions received, ensuring the protection of the data subjects’ rights and the safeguarding of their personal data.

3. What personal data is collected and processed?

The personal data processed by the Company are mostly common data. Specifically, we collect and process only the data strictly necessary to execute the contract for which they are requested/provided and/or to fulfil legal obligations (particularly in tax matters), as well as to provide the Service under the agreed terms and conditions.

Examples of data processed include:
a) first name, last name, tax code, business name;
b) personal contact details (address, phone number, email address);
c) service payment details (credit or debit card number, cardholder name, expiry date, CVV code);
d) access credentials (“user ID” and “password”), strictly confidential, associated with the personal account created to access the Service;
e) data implicitly transmitted through the use of internet communication protocols (IP addresses, domain names of the computers used by Users who browse the site, or URI addresses – Uniform Resource Identifier), collected by the IT systems and e-commerce platforms necessary for the functioning of the Website and the associated Software Platform;
f) account information that enables the Service to be personalised, improving usability for Users;
g) information related to the use of the Service (number and duration of accesses, applications used, searches performed).

4. Why do we process personal data?

We collect and manage your data solely to enable you to use the Service covered by the contract through registration and the creation of a user account to access the Website.

Specifically, your personal data is processed exclusively for the following purposes:

  • Pursuing a legitimate interest of the Company;

  • Executing the contract for the provision of the requested Service;

  • Receiving electronic payment for the Service (1);

  • Recording the service rendered/payment received and fulfilling related tax obligations;

  • Managing the customer database;

  • Sending service communications;

  • Carrying out statistical activities, proportionate to the purposes pursued and in compliance with the fundamental rights and interests of Users;

  • Personalising and improving the Service for the benefit of Users.

(1) Note: When payment is made by credit (or prepaid) card, the transaction is handled by an external service provider.

5. On what legal bases do we process data?

The various processing operations indicated above, depending on the type of data and the purposes involved:
a) are necessary to execute the contract signed with the Company;
b) are necessary to pursue a legitimate interest of the Company (as Data Controller);
c) are necessary to comply with legal obligations to which the Company is subject, including tax obligations;
d) are based on the prior, freely given consent of the Client.

6. Are you required to provide the requested personal data?

You are not obliged to provide your personal data; however, such data is strictly necessary to execute the Service contract you have requested. Without them, the Company would not be able to perform the contract.

Regarding the data referred to in points f) and g) above, please note that allowing the Company to process such data is optional and subject to your consent. However, refusal of consent may — without any liability on our part — limit the functionalities of the Website and, consequently, the provision of the Service.

Consent may be revoked at any time by simply contacting the Company.

7. How is your data processed?

Data processing involves collection, registration, organisation, consultation, processing, storage, communication, and deletion.

Processing is carried out both on IT and paper media, as well as by telematic means (email). Relevant documentation (containing personal data) is stored digitally, in specific folders on the Company’s internal server, and in paper form, in folders stored in areas not accessible to the public.

Data is also organised using specific registers (Excel files), stored digitally, in such a way that does not allow the immediate identification of data subjects by directly associating all information relating to them.

All personal data provided during the registration procedure and the creation of the user account to access the Website is recorded in electronic databases installed on cloud servers managed by La Quarta Isola di Maggio Antonino (Data Processor), whose data centres are physically located in Europe.

We do not collect your data for direct marketing purposes; we carry out statistical analysis activities solely with reference to the data referred to in points f) and g) above.

Cookie Policy

A “cookie” is a small amount of data sent to the user’s browser by a web server and stored on the hard drive of their computer.

The Website uses cookies to facilitate navigation, storing and sometimes tracking user data strictly necessary for the operation of the system applications linked to the Website itself and to the consultation of the Works (so-called “Application Cookies”).

The Website also uses the code and logs of “Google Analytics” (2) for statistics.

The cookies used allow, in particular, the Company and the Website to:

  • Access account information in order to offer a better personalised service (this cookie is set when the user registers and updated during subsequent visits to the Website);

  • Analyse the number of accesses to the Website, their duration, and the functions used (one cookie is sent to each browser that accesses the Website, used to quantify repeated use of the services).

No personal data such as first name, last name, email address, or phone number will ever be collected or stored through cookies.

Cookies can be disabled (3); however, if this choice is made, we will not be able to carry out the activities described above, and the Service provided to Users may be affected.

For more information on cookies, please consult the FAQs of the Italian Data Protection Authority.

(2) Google Analytics is a web analytics service provided by Google Inc. (“Google”). Google Analytics uses the personal data collected to track and examine the use of the online space where the Website operates, collecting and analysing information (including the IP address) on Users’ behaviour in anonymous form. The Website does not use (and does not allow third parties to use) Google’s analysis tool to monitor or collect personal identification information. Google Analytics does not associate the IP address with any other data held by Google, nor does it attempt to link an IP address with the identity of a user.

(3) For enabling or disabling cookies, the following guides are available for the main browsers: Chrome, Internet Explorer, Firefox, Safari, Android, iPhone, iPad.

8. Who has access to the data?

Data is processed exclusively by the Controller, the appointed Data Processors, and the Company’s staff responsible for managing the Website, the Software Platform, and related support services, all of whom are expressly authorised to process data.

Data is never transferred to third parties based or operating outside the European Union, except for Google Inc. — limited to the functionalities of Google Analytics — which is based in a country (USA) that ensures an adequate level of protection (being included in the so-called Privacy Shield List: https://www.privacyshield.gov/welcome).

Furthermore, data may be communicated or made available to Public Authorities (e.g. postal police, tax authorities, judicial authorities) upon explicit request, within the limits and for the purposes provided by law.

9. How long is personal data retained?

Personal data referred to in points a), b) and c) of section 3 are retained for the period required by law (with reference to the exact execution of the contract, also pursuant to Article 2946 of the Italian Civil Code) and to comply with tax obligations. At the end of this period — and in any case, after 10 years from collection — personal data will be deleted in such a way as to ensure it is not disclosed or disseminated, even accidentally, to third parties.

Personal data referred to in point d) of section 3 are retained for the duration of the Service and for 12 months following termination, after which they will be deleted.

Personal data referred to in points e), f) and g) of section 3 are retained for a maximum period of 26 months from their acquisition and then automatically deleted by Google Inc.

10. What are your rights?

The GDPR grants data subjects — and we are committed to ensuring the full, legitimate exercise of — the following rights:

  • Right of access and to obtain a copy of personal data (Art. 15)
    Data subjects have the right to request confirmation that we are processing any of their personal data. In such cases, they may access their personal data and certain information about its processing. In some cases, they may request the Company to provide an electronic copy of the processed personal data.

  • Right to rectification of your personal data (Art. 16)
    If the personal data we hold is incomplete or incorrect, data subjects may request that we update or correct such data.

  • Right to restriction and erasure of data (Arts. 18 and 17)
    In certain circumstances, data subjects have the right to request a restriction of processing of their personal data and/or the deletion of such data. They may submit this request at any time, and the Company will assess whether it can be accepted, while balancing this right with legal obligations arising from the execution of the contract and/or compliance with legal obligations. Otherwise, the Company will promptly comply with the request and will also inform the Data Processors (so that they may delete the data in turn).

  • Right to data portability (Art. 20)
    Data subjects have the right to request and receive free of charge (except for reimbursement of costs, e.g. when data is provided on compact disc and shipped) their data in a structured, commonly used, and machine-readable format, and to transmit the data from one Controller to another “without hindrance.”

  • Right to lodge a complaint with the Data Protection Authority (Art. 77)
    If they believe that their data is being processed in violation of the provisions of the GDPR, without prejudice to their right to take legal action before the competent civil or administrative authorities, data subjects may lodge a complaint with the Data Protection Authority, within its remit.

Consent to the Processing of Personal Data

Having read the above Privacy Policy, being aware of the type of data and the processing methods, and with reference to the provision of the Service I have requested and the rights granted to me, by signing this form I, the undersigned, with reference solely to the categories of data referred to in section 3, points f) and g) of the above Policy:

  • Give my consent to processing, carried out via cookies, consisting of access to and processing of information from different accounts in order to offer a better personalised service (this cookie is set when the user registers and updated during subsequent visits to the Website);

  • Give my consent to processing, carried out via cookies, consisting of access to information for the purpose of analysing the number of accesses to the Website, their duration, and the functions used (one cookie is sent to each browser that accesses the Website, used to quantify repeated use of the services).

Lampedusa dal mare a portata di mano

Scarica l’app ufficiale de La Quarta Isola

qr code
Inquadra con la fotocamera del tuo telefono!
scarica l'app
logo

Lampedusa from the sea, at your fingertips

Get the official La Quarta Isola App

qr code
Scan with your phone camera!
download google play app la quarta isola
logo
Whatsapp info@laquartaisola.it +39 335 6133335
Download the app!