eng 

Privacy

ABOUT THE NOTIFICATION
This section describes the management methods practised by the site in question regarding the processing of the personal data of its users.
In compliance with EU regulation 2016/679 (GDPR), Personal data Protection Code, this information is made available to those interacting with the web services.

This information only relates to the website of Rose Garden Palace Roma, and not to any other websites that may be visited by the user via its links.

The information is also in accordance with EU regulation 2016/679 (GDPR) that specifies some minimum requirements for online gathering of personal data and, in particular the methods, times and nature of the information that the data controllers must provide to users when they visit websites, regardless of the aims of said visit.

THE DATA CONTROLLER
compliance with EU regulation 2016/679 (GDPR), the data controller is S.I.A.G.A. S.P.A. legally registered via Boncompagni 19 00187 Roma , via their legal representative.

THE DATA PROCESSOR
In compliance with EU regulation 2016/679 (GDPR), the Data Processor is the General Manager of Rose Garden Palace Roma, Via Boncompagni, 19, 00187 Roma RM, Italia, Tel. +39 06 421741 , Fax +39 00 00000000, email info.rgp@omniahotels.com

DATA PROCESSING SITE
Data processing linked to the web services of this site occurs at the premises of the data controller.
No data made obtained from the web service is communicated to third parties unless strictly relevant to the aim of the processing or required by laws or regulations.

DATA PROCESSING AIMS
The personal data supplied voluntarily and optionally by users, who send requests to receive information on the hotel's services (prices, availability of the rooms and convention rooms, etc.), register for the newsletter, make online bookings or simply send employment requests by sending CVs in electronic form, are used only for completing the service requested and are not communicated to third parties unless required by law or where strictly relevant and necessary for fulfilling the requests.
In particular, the personal data provided voluntarily by interested parties will be gathered through telematic means directly and/or through delegated third parties (companies for email services, companies for hosting the websites) for the following purposes:

- to allow the users to make and confirm the booking by providing credit card data as guarantee;
- to carry out specific services requested during booking;
- to use the credit card issued as guarantee for the possible debit of any penalty in the event of cancellation beyond the term allowed for cancelling the reservation as defined during booking, or in the event of non-arrival of guests on the agreed date (no-show procedure);
- to evaluate any CVs sent that are compatible with open internal positions;
- anonymous statistics (to evaluate the number of accesses, etc.);
- to fulfil the current administrative, accounting and tax obligations, as well as to comply with laws and regulations.

The data processed by us may include data of a sensitive nature as defined by EU regulation 2016/679 (GDPR) or rather personal data allowing the disclosure of racial or ethnic origin, religious, philosophical or other beliefs, political opinions, membership of parties, trade unions, associations or organizations of a religious, philosophical, political or trade-unionist character, as well as personal data disclosing health and sex life provided by you voluntarily in the notes field of the booking form, as instrumental to providing our services (food allergies, people with disabilities, information on health, etc.).
In accordance with EU regulation 2016/679 (GDPR), any data of a sensitive nature will be processed by us with the maximum confidentiality and will not be distributed.

CV MANAGEMENT
S.I.A.G.A. S.P.A. reserves the right to evaluate CVs received for vacancies within the hotel that are either current or may become available in the near future.
Any CVs considered of interest will be kept for up to a year and will be treated with complete respect of the minimum security requirements in compliance with EU regulation 2016/679 (GDPR).
Nonetheless, all candidates are asked to respect the following rules in transmitting their CVs in electronic form:
- trasmettendo il curriculum in formato pdf;
- public offices and organisations as a function of legal and/or contractual obligations;
- credit recovery companies and banking institutes for the management of payments resulting from the fulfilment services;
- eventual consultants and external companies commissioned specially to carry out tax and contribution consultation activities on our behalf;
- collaborators or companies providing services when the information is necessary for the use of the hotel's services by the interested party;

DATA SHARING
Inside the Company S.I.A.G.A. S.P.A. personal data acquired from the website may be processed exclusively by personnel officially appointed and instructed in matters of confidentiality and security of personal data.

The personal data of the interested parties, if necessary, can be communicated to:
- public offices and organisations as a function of legal and/or contractual obligations;
- credit recovery companies and banking institutes for the management of payments resulting from the fulfilment services;
- any consultants and external companies commissioned specially to carry out tax and contribution consultation activities on our behalf;
- collaborators or companies providing services when the information is necessary for the use of the hotel's services by the interested party;

TYPE OF DATA GATHERED

Navigation Data
The software applications used in the functioning of this website acquire, during their normal running, some personal data the transmission of which is implied in the framework of the normal IP protocol of Internet communication. This information are not gathered to be directly associated with the identified interested parties, but which by their very nature could, through subsequent elaboration and correlation with data kept by third parties (providers), permit the identification of users.
This category of data includes IP addresses or dominion names of computers used by visitors to the site, the date and time of the request, URI (Uniform Resource Identifier) addresses of the resources requested, the size of the file obtained in answer from the server, the numerical code indicating the state of the reply given by the server (OK, error, etc.), and other parameters regarding the operative system and the computer environment of the user.
This data is used exclusively to gather anonymous statistical information regarding the use of the site and to control its correct functioning, and is cancelled immediately after processing. This data could also be used by judicial authorities to assess responsibility in the event of hypothetical computer crimes against the site; notwithstanding this eventuality, the data regarding web contacts is stored for no longer than seven days.

Data Provided Voluntarily by the User.
The optional, specific and voluntary sending of emails to the addresses indicated on this site includes the subsequent acquirement of the sender's address, which is necessary for replying to questions, as well as of any other personal data included in the email.

CONTENT THE USER - ADDRESS MANAGEMENT AND INVIO OF EMAIL MESSAGES:

Mailing List or Newsletter
This type of services allows you to manage a database of email contacts, phone contacts or any other type of contact used to communicate with you.
as the User's interaction with them, such as information about clicks on the links included in messages.

MailChimp (The Rocket Science Group, LLC.)
MailChimp is an email address management and emailing service provided by The Rocket Science Group, LLC.
Personal Data collected: email.
Place of processing: USA – Privacy Policy

INTERACTION WITH SOCIAL NETWORKS AND EXTERNAL PLATFORMSESTERNE:
This type of services allows you to interact with social networks or other external platforms directly from the pages of this Application.The interactions and information acquired by this Application are in any case subject to the User's privacy settings for each social network.If an interaction service with social networks is installed, it is possible that, even if Users do not use the service, it may collect traffic data related to the pages in which it is installed.

Google+ +1 button and social widgets (Google Inc.)
The +1 button and social widgets of Google+ are Google+ social networking services provided by Google Inc.
Personal Data collected: Cookies and Usage Data.
Place of processing: USA – Privacy Policy

Pulsante +1 e widget sociali di Google+ (Google Inc.)
Il pulsante +1 e i widget sociali di Google+ sono servizi di interazione con il social network Google+, forniti da Google Inc.
Personal Data collected: Cookies and Usage Data.
Place of processing: USA – Privacy Policy

Twitter social tweet and widget button (Twitter)
The Tweet button and social widgets on Twitter are Twitter social networking services provided by Twitter Inc.
Personal Data collected: Cookies and Usage Data.
Place of processing: USA – Privacy Policy

DATA SUBJECTS' RIGHTS
Data subjects are entitled at any time to obtain confirmation of the existence of personal data concerning them and be informed of their contents and origin, verify their accuracy, or else request that such data be supplemented, updated or rectified (EU regulation 2016/679 (GDPR)).

The above Section also provides for the right to request erasure, anonymisation or blocking of any data that is processed in breach of the law as well as to object in all cases, on legitimate grounds, to processing of the data.

Special Offers