INFORMATION ON THE PROCESSING OF PERSONAL DATA
Pursuant to Article 13 of EU Regulation 2016/679
This page contains a description of the policies for managing the website in regard to processing the personal data of the users who visit the site and their privacy. This information is provided pursuant to article 13 of GDPR 679/2016 – Laws concerning the Protection of Personal Data and the individuals who interact with the web services of DG PLATINUM TRAVEL S.R.L. (hereinafter also “TRAVEL COMPANY”), which is accessible by telematics means through the following web address: https://www.dgplatinum.club
This informative note is provided only for the aforementioned website and not for other websites eventually accessed by the user through links.
The “TRAVEL COMPANY”, as data controller, provides the following information about the processing of personal data that you, the purchaser and/or traveler (“customer” and “passenger” and “you/your”), as an interested party, have communicated to us:
a) For the organization of a tourist package;
b) To facilitate the purchase of linked tourist services;
c) For intermediation in the purchase of a tourist package organized by third parties or individual tourist services provided by third-party suppliers (i.e. hoteliers, carriers);
d) For intermediation in the purchase of ancillary financial services / insurance and linked to packages / tourist services facilitated or purchased individually (medical policies – baggage, cancellation, assistance to the traveler in difficulty, financing consumer credit);
e) To fulfill the task of issuing visas;
f) To register on our website and fill out the forms on the website;
“DATA CONTROLLER”
Following access to this website, data pertaining to persons that are identified or identifiable may be processed. The “Data Controller” of the personal data collected following a visit to our website or any other data used for providing our services is DG PLATINUM TRAVEL S.R.L., Via Ennio Flaiano n. 66– 09134 Cagliari (CA).
The Data Protection Officer is Ms. Atzeni Alessandra, who can be contacted at contact@dgplatinum.club
PLACE WHERE DATA IS PROCESSED
Data processing pertaining to the web services of this website, hosted on the Wix.com platform, is carried out at the aforementioned headquarters and said data is processed only by the technical personnel in charge of processing of the Data Processing Office, or by eventual persons in charge of processing who are entrusted to process occasional maintenance operations. The personal data obtained from the users through informative material (informative notes, newsletters, registration, etc) is used only to carry out the services or assistance requested and is not transmitted to third parties, except in the following possible cases:
Persons, companies or professional offices who lend assistance and consulting services to DG Platinum Travel S.r.l., concerning accounting, administrative, legal, financial and tax matters.
Moreover, Wix.com provides us with the online platform that allows us to sell our products and services to you. Your data may be stored through Wix.com’s data storage, databases and the general Wix.com applications. They store your data on secure servers behind a firewall. All direct payment gateways offered by Wix.com and used by DG Platinum Travel S.r.l. adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
CATEGORIES OF PROCESSED DATA
Navigational data
The information systems and software procedures relied upon to operate this web site acquire personal data as part of their standard functioning; the transmission of such data is an inherent feature of Internet communication protocols.
Such information is not collected in order to relate it to identified data subjects, however it might allow user identification per se after being processed and matched with data held by third parties.
These data are only used to extract anonymous statistical information on website use as well as to check its functioning; they are erased immediately after being processed.
The data might be used to establish liability in case computer crimes are committed against the website; except for this circumstance, any data on web contacts is currently retained for no longer than seven days.
Data voluntarily provided by the user
Sending e-mail messages to the addresses mentioned on this website, which is done on the basis of a freely chosen, explicit, and voluntary option, entails acquisition of the sender’s address, which is necessary in order to reply to any request, as well as of such additional personal data as is contained in the message(s).
Data will be retained only for registration request to send the newsletters or special offers and will not be disclosed to anyone.
Marketing purposes include:
A) promotional activities of the TRAVEL COMPANY, and / or commercial partners, realized both with automated methods (i.e. email, text messages, instant messaging applications, etc.) and with non-automated methods (i.e. postal mail, telephone with operator, etc.). In particular, the TRAVEL COMPANY may use your email address, provided at the time of purchase of packages or tourist services, to transmit information and promotional communications related to the services and products similar and offered by the TRAVEL COMPANY and / or Commercial Partners also without your consent, provided you do not object to such use.
The Commercial Partners belong to the following product categories:
a) accommodation activities;
b) airlines / shipping companies; railway carriers; vectors on rubber;
c) travel agencies and travel agency networks, foreign tour operators;
d) insurance.
B) profiling activity, i.e. analysis of your travel preferences and market research in order to improve the services offered and the commercial information presented by us, making them more adaptive to your interests. This activity may also take place through the administration of satisfaction questionnaires and / or the use of profiling cookies used during navigation on our sites and apps.
The treatment for marketing purposes (therefore both for promotional and profiling activities) can only take place with your consent.
Nature of the provision of data and consequences of any refusal.
The provision of your personal data is optional, however, in the absence of the data required for the purposes indicated in points a) and b) (purposes related to contractual and legal performance) the requested performance or part of it cannot be performed and you do not will be able to take advantage of the opportunities mentioned above.
The provision of sensitive/ particular personal data is voluntary; however, in the absence of such consent, the TRAVEL COMPANY may not be able to comply with some contractual obligations related to the processing of such data.
The personal information regarding the individual who visited the website will not be disseminated. The visitors remain anonymous.
Categories of recipients of personal data.
Your data may be communicated, exclusively for the purposes mentioned above, to the following categories of subjects:
• the internal staff of the TRAVEL COMPANY, as the person in charge and / or in charge of the processing;
• the suppliers of tourist services included in the packages sold, or who lend the connected or individual services purchased at the TRAVEL COMPANY;
• insurance companies that lend the accessory covers and connected with the packages and tourist services purchased;
• persons, companies, associations or professional firms that provide services or activities of assistance and advice in favor of the TRAVEL COMPANY in order to protect their own right (for example, accountants, lawyers, tax advisors, auditors, consultants in the field of operations of auditing or due diligence, etc.);
• subjects to whom the right to access your data is recognized by provisions of law and secondary legislation or by provisions issued by Authorities legitimated by the law, including airport, port, customs and border authorities.
PERIOD FOR DATA RETENTION – CRITERIA USED
According to the provisions set forth in art. 5 par. 1 lett. e) of the Regulation (EU) 2016/679, collected personal data shall be kept in a form which permits identification of data subjects for a period not exceeding the purposes for which the personal data were collected and subsequently processed.
Data retention periods depend on the purpose of the processing:
purposes related to technical navigation data for the correct functioning of the website: retention only for the related session, after which the data are deleted;
purpose of reply to info request/services supply request (up to 12 months for contact requests; 10 years for administrative / accounting / financial documentation relating to the provision of a service;
newsletter, marketing or promotional communications in general (up to 24 months -until withdrawal of consent);
purpose of administrative / accounting / financial management: 10 years as as required by law for the conservation of administrative / accounting / financial documentation;
COOKIES
None of the user’s personal data is purposely acquired by the website. Cookies are, in fact, not used for the transmission of information of a personal nature, nor are any kind of persisting cookies used, or rather systems for tracing the user. The use of session cookies (which are not memorized persistently on the user’s computer and vanish when the browser is closed) are strictly limited to the transmission of session identification data (made up of causal numbers generated by the server), which is necessary in order to allow safe and efficient exploration of the website. The session cookies used in this website avoid resorting to other informatics techniques that could be potentially un-safe for the user’s navigation and do not allow acquisition of the user’s personal identification data.
TRANSFERS OF PERSONAL DATA TO THIRD COUNTRIES
Your personal data may be transferred to non-EU third countries, always for the purposes indicated above. In case of data transfer to countries outside the European Union, these countries will guarantee an adequate level of protection based on a specific decision of the European Commission or alternatively the recipient will be contractually obliged to the data protection with an appropriate level and comparable to the protection provided by the GDPR.
DATA SUBJECTS’ RIGHTS
The Data Controller is DG Platinum Travel S.r.l. with registered office in Via Ennio Flaiano 66, 09134 Cagliari – Italy. The Data Officer is Ms. Alessandra Atzeni.
You may contact them at any time, by sending a written request to the following e-mail address: contact@dgplatinum.club, to exercise your rights as provided for in Chapter III GDPR 679/2016, in particular:
- the right to obtain confirmation as to whether or not personal data concerning you exist and the logic applied to the processing;
- the right to ask for their integration;
- the right to object to their processing on legitimate ground;
- the right to request rectification, updating, erasure (right to be forgotten) or blocking of data that have been processed unlawfully;
- the right to obtain a copy of the personal data being processed;
- the right to data portability.
RIGHT TO LODGE A COMPLAINT
If a data subject considers that the processing of personal data relating to him or her as performed via this website infringes the Regulation, he or she has the right to lodge a complaint with the Garante (Authority for the protection of personal data – www.garanteprivacy.it), pursuant to Article 77 of the Regulation, or else to bring a judicial proceeding against the Garante pursuant to Article 79 of the Regulation.