Privacy and Cookie Policy
This information illustrates your rights as provided for by the General Regulations for the Protection of Personal Data (EU) 2016/679 (GDPR).
Destination Basilicata S.r.l. (hereinafter DB), Data Controller, processes the personal data provided to www.destinazionebasilicata.com (hereinafter, the "Platform") in accordance with this Privacy Policy.
If you provide personal data of third parties, you declare that you have their authorization and that you have communicated this policy to them.
1. Type of Personal Data collected
DB collects: name and surname, address, email, ID and password, telephone number, tax code or other unique identification code/number (hereinafter "Personal Data") when provided by you.
2. Processing, purpose and legal basis
User Type: Registered User
Purpose: Contact or registration (*) – Legal basis: Your request – Treatment: Registration, consultation, modification at the request of the interested party.
Purpose: Purchase of products or services from Merchants (*) – Legal basis: Contract – Treatment: i. Registration, consultation, modification at the request of the interested party; ii. Transmission to Merchants (Independent Holders).
Purpose: Problem solving and verification of the successful outcome of the purchase (*) – Legal basis: Contract – Treatment: i. Registration, consultation, modification at the request of the interested party; ii. Contact for solution and/or verification; iii. Transmission to any partner (Data Processor).
Purpose: Sending information on promotional initiatives of the Platform (**) - Legal basis: Your consent - Processing: i. Registration, consultation, modification at the request of the interested party; ii. Sending newsletters, Direct E-Mail Marketing, loyalty campaigns, etc. relating to the Platform, also by any partner (Data Processor).
Type of User: Merchant
Purpose: Purchase of DB services (*) – Legal basis: Contract – Treatment: i. Registration, consultation, modification at the request of the interested party; ii. Transmission to any partner (Data Processor).
Purpose: Fulfill fiscal or administrative obligations (*) - Legal basis: Legal obligations - Processing: Registration, consultation, modification at the request of the interested party.
The Personal Data collected for the purposes (*) are necessary for the stated purpose.
If you do not provide such data, these activities cannot be taken care of.
With your consent pursuant to (**), DB or its partner appointed as Data Processor, may send you commercial information on the Platform. This consent is optional and modifiable.
The Processing is carried out by electronic and non-electronic means, to pursue the aforementioned purposes, based on the law and the principles of correctness, limitation and minimization, applying standard security measures to reduce the risk of disclosure. User data is sent to the Merchant to complete the purchase; the Merchants are Independent Data Controllers. The same data can possibly be viewed by partners to verify the successful completion of the purchase; the partners are Data Processors.
DB uses the Microsoft Azure cloud with servers located in the European Union which cannot share or communicate the data received and applies standard security measures.
DB uses one of the main online payment tools: Stripe, appointed as data controller pursuant to the GDPR. Stripe, in compliance with PCI DSS payment management security standards, provides some or all of its services from systems located within the United States of America or from countries outside of Italy, applying the related European Standard Contract clauses. The entity responsible for the collection and processing of personal data for residents of the European Economic Area and Switzerland is: Stripe Payments Europe Ltd., a company registered in Ireland and with offices at: 1 Grand Canal Street Lower, Grand Canal Dock, Dublin. To exercise your rights, you can contact the Data Protection Officer at dpo@stripe.com.
DB will process the Personal Data for the time necessary to fulfill the requests, and, in any case no later than 5 years after the last contact, only for administrative purposes.
The Platform is intended for people over the age of 18, use by minors is possible with the consent of the exercisers of parental responsibility. If DB becomes aware of personal data of minors without the valid consent of the guardians of parental responsibility, it reserves the right to delete them.
3. Transfer of Personal Data
In case of transfer of data outside the European Union, DB guarantees that the same will take place in compliance with the provisions of the applicable law.
4. Rights of the interested party
The user can always exercise his rights, in accordance with the applicable law. In particular, according to the art. 15 of the GDPR, you can request that your Personal Data be deleted and obtain that your Personal Data are: made available in an intelligible form, destroyed, made anonymous, blocked if processed in violation of the law, updated, modified, integrated. In the event of a cancellation request, it will be the User's responsibility to provide a copy of their documents. The cancellation will be made as soon as possible, and in any case within 15 days, with the exception of any documents necessary for administrative purposes and to comply with the law.
The User can request information on the Owner and Manager, if appointed, on the origin of their Personal Data, their treatment and related purposes, their possible communication to third parties and the identity of such third parties, unless it is impossible to find them or an effort disproportionate to the need and risk of the data subject is required.
5. Data Controller and Contacts
The Data Controller is: Destinazione Basilicata S.r.l., with registered office in via Federico Fellini, snc – 75025 Policoro (MT).
6. Cookie Policy
Cookies usually contain information that:
They allow you to customize the browsing experience (technical cookies and session cookies), or
Collect and analyze aggregated and anonymous information to study access to the Platform, improve the performance and design of the same or of a specific campaign (analytic cookies), or
They obtain information on browsing habits and recognize habitual users in order to create anonymous profiles to provide advertising materials (profiling cookies).
IT