PRIVACY POLICY

Club del Sole Group deems the protection of personal data of outmost importance

All data will be processed by Club del Sole S.r.l., the operational holding company of the Club del Sole Group, and by the independent data controllers listed below, on the basis of the principles of adequacy, proportionality and transparency.

In this dedicated section you can find information and notes to find out more details on how your personal data are processed and what your rights are.

HOW WE PROCESS PERSONAL DATA

As of May 25, 2018, the new European Regulation on the Protection of Personal Data No. 679/2016, also known as GDPR (General Data Protection Regulation) has entered into effect together with Legislative Decree No. 101/2018, amending Legislative Decree No. 196/2003 (Privacy Code).

Below you will find our privacy policies on the processing of personal data:

• Processing of personal data Off-line – Here we provide information on the processing of personal data not provided to us via digital systems (e.g. verbally, in writing, etc.).
• Processing of personal data On-line – Here we provide information on the processing of personal data provided to us via digital systems (e.g. websites, apps, software apps, etc.).
• Cookie Policy – Here we provide information on the types and functions of cookies used for managing our website.

HOW USERS CAN EXERCISE THEIR RIGHTS

To exercise the rights associated to the processing of personal data, and specified in the privacy policies, all users may submit a request to the following address: privacy@clubdelsole.com.

To cancel a newsletter subscription and/or unsubscribe from promotional communications, all users shall follow the instructions detailed in the last promotional e-mail received or send an e-mail from the e-mail address associated with the account from which they wish to stop receiving newsletters and/or promotional communications to privacy@clubdelsole.com specifying: First name, last name and including the word “STOP” in the subject line. After receiving the email, we will promptly stop sending newsletters and promotional communications to the sender’s email address.

PERSONAL DATA OFF-LINE

PREMISES

This is our privacy policy concerning the so-called processing of personal data offline, meaning data not acquired via the digital systems offered by the Club del Sole Group.

The national and international regulations on the protection of personal data require that the data subjects are informed about the personal data being processed, the party that will process them and the rights that are granted to them to guarantee that the processing is proper and clear.

The privacy policy is provided taking into account the combined provisions of the following regulations:

• European Regulation for the Protection of Personal Data (GDPR) EU 2016/679 (hereinafter referred to as the “Regulation”)
• Legislative Decree 196/2003 (hereinafter referred to as the “Code”) as amended by Legislative Decree 101/2018.

1. DATA CONTROLLER

The Data Controller is Club Del Sole S.r.l., with registered office in Via Biondini 27, 47121, Forlì (FC), tax code and VAT No. 04205530407, as well as the additional and independent data controllers listed on the list found at the bottom of the off-line privacy policy.

2. DATA PROTECTION OFFICER – DATA SUPERVISOR

The DPO, Data Protection Officer, is the entity defined by the Regulation as having the task to support the data controller(s), data supervisors and persons in charge of the data processing to safeguard the data and manage risks according to the principles and instructions of the European Regulation as well as the Authority for the protection of personal data.
The Data Protection Officer, appointed by the Data Controller, can be contacted by e-mail at the following address: dpo@clubdelsole.com.

3. PURPOSE AND LEGAL BASIS OF THE PROCESSING, STORAGE AND PROCESSING METHODS

In order to apply the regulations listed above, the processing of personal data means any operation or set of operations carried out with or without the help of automated processes and applied to personal data or sets of personal data, such as the collection, recording, organization, structuring, storage, adaptation or modification, extraction, consultation, use, communication by transmission, dissemination or any other way of making available, comparison or interconnection, restriction, deletion or destruction of the data.
The personal data will be processed by the independent data controllers for the following purposes:

a. Answering requests received:

• the legal basis may be, depending on the nature and type of the request, consent, the execution of pre-contractual or contractual measures, or the fulfilment of legal obligations (e.g. confirmation of a request to exercise rights pursuant to ex art. 15-22 of the Regulation;
• the personal data requested are needed to process the request and any refusal to provide the data will make it impossible to provide an answer to the data subject.

b. Purchasing products or services:

• the legal basis for the processing is the need to execute a contract to which the data subject belongs;
• the personal data requested are necessary to carry out the purchase and any refusal to provide the data may cause the inability to process the purchase order.

c. Participation in contests, commercial initiatives, prize shows, and loyalty systems (on the initiative of the data subject):

• the legal basis for the processing is the need to execute a contract to which the data subject belongs; in accordance with the provisions of the relevant participation conditions.
• the personal data requested are needed in order to process the request for participation and any refusal to provide the data may make participation impossible.

d. Sending of informative and promotional material (direct marketing), e.g. mailing lists, special offers, newsletters, etc:

• the legal basis for the processing is the explicit consent of the data subject;
• the storage period of the data processed for this purpose will last until the data subject asks to be unsubscribed from the promotional communication/newsletter service. We remind that consent can be revoked at any time without affecting the lawfulness of the processing before its revocation;
• the personal data requested are needed to process the request and any refusal to provide the data may result in the impossibility to receive the informative and promotional material.

e. Analysing of consumption habits and choices (profiling), carrying out market researches (surveys and analysis on customer satisfaction):

• the legal basis for the processing is the explicit consent of the data subject;
• the storage period of the data processed for this purpose will last until the data subject revokes the consent. We remind that consent can be revoked at any time without affecting the lawfulness of the processing before its revocation;
• the provision of personal data is optional and any refusal to provide the data will make profiling impossible.

f. Administrative, managerial and for the fulfilment of legal obligations, regulations or orders of the Authorities (e.g. bookkeeping, tax requirements, administrative and accounting management, etc.) or by contract.

• the legal basis derives from the need to fulfil a legal or contractual obligation to which the Data Controller is subject;
• the provision of personal data is mandatory in those cases where the Data Controller must fulfil a legal obligation to which it is subject or meet requests of the competent Authorities;
• in the case of contractual obligations, the provision of data enables the fulfil the commitments undertaken with the data subject and, if the data subject fails to provide such data, it may not be possible to fully fulfil the aforementioned contractual obligations.

g. Preventing, ascertaining and pursuing illicit conducts:

• the legal basis for this processing consists in pursuing the legitimate interests of the Data Controller to prevent, ascertain and prosecute unlawful conduct or violations of rights (including those of third parties);
• the storage period of the data processed for this purpose is equal to the time reasonably necessary to enforce the rights of the Data Controller from the moment in which the unlawful conduct or its potential occurrence has become known.

h. Multimedia Products Creating and Using (ex. Photo and video):

• the legal basis for this processing is the residence or entry agreement by the data subject with the data controller (by participating at public events it’s accepted the processing of the own images);
• the storage period of the data processed for this purpose is the time necessary to create the multimedia products and to share them.

Unless otherwise specified, the duration of the processing for each purpose will take place as long as it is necessary for the Data Controller to carry out the activities related to them. In case of revocation of consent or termination for any reason of the mandatory/contractual relationship shown below or termination of the legal obligations concerning the specific processing, the personal data will be stored by the Data Controller to prove fulfilment of its obligations, until the expiry of the rights arising from them occurs.

4. DATA PROCESSED

The personal data processed are as follows:

• Personal data and/or identification documents (e.g. name, surname, date of birth, address, identity card number, etc.);
• Payment data (e.g. credit card number, iban, etc.);
• Contact data (e.g. telephone, e-mail, social media account, etc.);
• Data provided by the data subject (e.g. data provided spontaneously by the data subject to process a request);
• Images and/or videos depicting the data subject produced during public events adequately reported.

5. SPECIAL PERSONAL DATA PROCESSED

If the data subject provides the Data Controller with data that can be qualified, according to art. 9 of the Regulation, as “special categories of personal data”, such as data revealing racial or ethnic origins, political opinions, religious or philosophical beliefs, trade-union membership, data concerning health or sex life or sexual orientation, this category of data will be processed by the Data Controller in order to fulfil the request received. Any additional processing of the special categories of data by the Data Controller will be carried out only with prior and explicit consent or by virtue of a legal obligation, in any case in accordance with the principles of proportionality, adequacy and transparency.

6. PERSONAL DATA RECIPIENTS

The personal data may be shared, for the above purposes, with:

• entities that typically act as “Data Protection Officers”, by virtue of specific appointment, pursuant to art. 28 of the Regulations meaning persons, companies or professionals who provide assistance and consulting activities to the Data Controller in relation to the provision of services/products;
• entities with which the Data Controller must interact in order to provide the services/products, which operate as independent data controllers (e.g. payment system of third parties or payment instalments, access through social networks, etc.);
• the independent data controllers listed at the bottom of the off-line privacy policy;
• Individuals, Entities or Authorities that are required to disclose personal data pursuant to provisions of law or orders of the Authorities;
• personnel expressly authorized by the Data Controller, or also “Persons in charge of the processing”, needed to carry out activities strictly related to the above-mentioned processing, who are obligated to confidentiality or have an adequate legal obligation of confidentiality and received adequate operating instructions pursuant to art. 29 of the Regulation.

For further information on the entities operating as Data Protection Officers, it is possible to send a written request to the Data Controller.

7. TRANSFER OF PERSONAL DATA

Some of the personal data are shared with recipients who may be located outside the European Economic Area (EEA). The Data Controller ensures that the processing of personal data by these recipients takes place in compliance with the Regulation. In fact, transfers may be based on an adequacy decision or Standard Contractual Clauses approved by the European Commission. More information is available at the Data Controller.

8. EXISTENCE OF AN AUTOMATED DECISION MAKING PROCESS, INCLUDING PROFILING

The Data Controller may adopt an automated decision-making process for the processing of personal data, including profiling, referred to in Article 22 of the Regulation. In this case, specific information will be provided to the data subject, given that more information may be requested at the Data Controller.

9. PROCESSING OF DATA CONCERNING MINORS

The purposes of the processing mentioned above are generally addressed to adult data subjects.

The Data Controller will not be in any case liable for any collection of personal data, as well as false statements, provided by persons under 18 years of age, and in any case if the use of such data is detected, the Data Controller will facilitate the right of access and deletion forwarded by the guardian, custodian or those exercising parental authority.

Without prejudice to the fulfilment of the legal obligations, the processing of personal data belonging to minors for fulfilling contractual obligations will take place on the basis of the necessary authorizations of those who exercise parental authority and/or legal guardianship.
By introducing a minor to an adequately reported public event, guardian, custodian or those exercising parental authority is aware that images or videos of the minor may also be collected.

10. RIGHTS OF THE DATA SUBJECTS

According to the applicable legislation, specific rights are granted to the data subjects, such as:

• confirmation on the existence of personal data concerning them at the Data Controller’s locaiton, even if not yet recorded, and their communication in intelligible form;
• the right to obtain information on the origin of the personal data and on the purposes and methods of electronic and/or paper processing;
• the identification details of the Data Controller and of any Data Protection Officers pursuant to art. 28 of the Regulation;
• the updating, rectification or where applicable, the integration of data;
• the deletion of the personal data;
• the right to oppose, in whole or in part, for legitimate reasons, the processing of personal data concerning them, even if pertinent to the purpose of the collection and the processing of their personal data.

In addition to the rights listed above, as a data subject and within the limits of what is established by the Regulation, it will also be possible to exercise the rights of limitation of the processing, opposition to it and the right to portability according to art. 20 of the Regulation.

On the basis of the Privacy Code and Regulation, the data subjects will be able to file actions to protect their rights before the Privacy Authority or any jurisdictional Authority (the so-called complaint, according to art. 77 and 79 of the Regulation). Finally, we inform you that to the extent that it will be considered applicable to the processing of data, the data subjects may exercise the right to withdraw their consent to the processing of data by notifying the Data Controller.

11. UNSUBSCRIBING TO NEWSLETTERS AND/OR PROMOTIONAL COMMUNICATIONS

In order to request to be unsubscribed from newsletters and/or promotional communications, the data subjects can follow the instructions contained in the last promotional e-mail received or send an e-mail from the e-mail address on which they wish to stop receiving newsletters and/or promotional communications to privacy@clubdelsole.com specifying: First name, last name and including the word “STOP” in the subject line. After receiving the email, the Data Controller will promptly stop sending newsletters and promotional communications to the sender’s email address.

12. METHODS FOR EXERCISING RIGHTS

In order to exercise the above rights, the data subjects may contact the entities listed below:

• Data controller: privacy@clubdelsole.com
• Data Protection Officer (DPO): dpo@clubdelsole.com

13. AMENDMENTS

The Data Controller reserves the right to amend and/or supplement this Privacy Policy at any time and undertakes to publish the amendments on its websites and application systems online in the Privacy section and/or to inform Clients according to the methods deemed most appropriate.

LIST OF INDEPENDENT DATA CONTROLLERS

The following list contains the identification data of the additional independent data controllers of Club del Sole S.r.l..

• Adriano Marina Gest S.r.l., with registered office in Ravenna (RA) Hamlet Punta Marina Terme, via dei Campeggi No. 7, with tax code and VAT number 0252480392, which carries out its activity at the camp-sites called “Adriano Family Camping Village” located in Ravenna (RA) Hamlet Punta Marina Terme, via dei Campeggi No. 7 and “Marina Family Camping Village” located in Ravenna (RA) Hamlet Punta Marina Terme, via dei Campeggi No. 8.
• Bologna Gest S.r.l., with registered office in Forlì (FC), via Biondini No. 27, tax code and VAT no. 04052500370, which carries out its activity at the campsite “Centro Turistico Città di Bologna” located in Bologna (BO), via Romita 12/4 A.
• Castiglione Gest S.r.l, with head office in Forlì (FC), via Biondini No. 27, tax code and VAT No. 04421030406, which carries out its activity at the campsite “Stella del Mare Family Camping Village” located in Castiglione delle Pescaia (GR), Strada Provinciale delle Rocchette Snc.
• Club Ristorazione S.r.l., with registered office in Forlì (FC), via Biondini No. 27, tax code and VAT No. 01526260532, which carries out its activities at the accommodation facilities of the Club del Sole Group.
• Desenzano Gest S.r.l., with registered office in Forlì (FC), via Biondini No. 27, tax code and VAT No. 04205800404, which carries out its activity at the campsite “Desenzano Glam Village” located in Desenzano del Garda (BS), via Vo’ 4/9.
• Jesolo Gest S.r.l., Jesolo Gest S.r.l., with registered office in Jesolo (VE), viale Oriente No. 144, tax code and VAT No. 04358500272, which carries out its activity at the campsite “Jesolo Mare Family Camping Village” located in Jesolo (VE), viale Oriente No. 144.
• Marina Julia Gest S.r.l., with registered office in Monfalcone (GO) Hamlet Marina Julia, via delle Giarrette No. 65, with tax code and VAT No. 01174240315, which carries out its activities at the campsite “Marina Julia Family Camping Village” located in Monfalcone (GO) Hamlet Marina Julia, via delle Giarrette No. 65.
• Riccione Gest S.r.l., with registered office in Riccione (RN), via Torino No. 80, tax code and VAT No. 04302200409, which carries out its activity at the campsite “International Riccione Family Camping Village” located in Riccione (RN), via Torino No. 80.
• Rimini Gest S.r.l., with registered office in Forlì (FC), via Biondini No. 27, tax code and VAT No. 04438810402, which carries out its activity at the camp-site named “International Italia Family Camping Village” located in Viserba (RN), viale Paolo Toscanelli No. 112.
• Romagna Gest S.r.l., with registered office in Riccione (RN), via Torino No. 56, with tax code and VAT No. 04302220407, which carries out its activity at the campsite “Romagna Family Camping Village” located in Riccione (RN), via Torino No. 56.
• Società Gestione Campeggi S.r.l., with registered office in Ravenna (RA), Hamlet Marina di Ravenna, viale delle Nazioni No. 301, with tax code and VAT number 00721220390, which carries out its activity at the campsite “Rivaverde Family Camping Village” located in Ravenna (RA) Hamlet Marina di Ravenna, viale delle Nazioni No. 301, “Sole Family Camping Village” located in Ravenna (RA) Hamlet Marina Romea, viale Italia No. 59, “Pineta Family Camping Village” located in Cervia (RA) Hamlet Milano Marittima, viale G. Matteotti No. 186 and “Pini Family Camping Village” located in Ravenna (RA) Hamlet Punta Marina Terme, via della Fontana No. 58.
• Spina Gest S.r.l., with registered office in Comacchio (FE), via del Campeggio No. 99, tax code and VAT No. 01949730384, which carries out its activity at the campsite “Spina Family Camping Village” located in Comacchio (FE), via del Campeggio No. 99.
• Stork Gest S.r.l., with registered office in Forlì (FC), via Biondini No. 27, tax code and VAT No. 04205830401, which carries out its activity at the campsite “Stork Family Camping Village” located in Cologna Spiaggia (TE) Hamlet Roseto degli Abruzzi, via del Mare No. 11.
• Tirreno Gest S.r.l., with registered office in Forlì (FC), via Biondini No. 27, tax code and VAT No. 04205820402, which carries out its activity at the campsite “Orbetello Family Camping Village” located in Orbetello (GR) Strada Provinciale della Giannella No. 166.
• Viareggio Gest S.r.l., with registered office in Forlì (FC), via Biondini No. 27, tax code and VAT No. 04534800406, which carries out its activity at the campsite “Italia Family Camping Village” located in Torre del Lago Puccini (LU) Viareggio, viale dei Tigli No. 52.
• Vigna Gest S.r.l., with registered office in Comacchio (FE), Hamlet Lido di Pomposa, via Capanno Garibaldi No. 20, with tax code and VAT No. 01949760381, which carries out its activities at the campsite called “Vigna Family Camping Village” located in Comacchio (FE) Hamlet Lido di Pomposa, via Capanno Garibaldi No. 20.
• La Risacca S.r.l., with registered office in Porto S. Elpidio (FM), via Europa No. 100, tax code 04669570154 and VAT No. 01494540444, which carries out its activities at the campsite “La Risacca Family Camping Village” located in Porto S. Elpidio (FM), via Europa No. 100.

PERSONAL DATA ON-LINE

PREMISES

This is our privacy policy concerning the so-called processing of personal data online, meaning data acquired via the digital systems offered by the Club del Sole Group (e.g. websites, apps, wi-fi, software applications, etc.).
The national and international regulations on the protection of personal data require that the data subjects are informed about the personal data being processed, the party that will process them and the rights that are granted to them to guarantee that the processing is proper and clear.
The privacy policy is provided taking into account the combined provisions of the following regulations:

• European Regulation for the Protection of Personal Data (GDPR) EU 2016/679 (hereinafter referred to as the “Regulation”)
• Legislative Decree 196/2003 (hereinafter referred to as the “Code”) as amended by Legislative Decree 101/2018.

1. DATA CONTROLLER:

The Data Controller is Club Del Sole S.r.l., with registered office in Via Biondini 27, 47121, Forlì (FC), tax code and VAT No. 04205530407, as well as the additional and independent data controllers listed on the list found at the bottom of the on-line privacy policy.

2. DATA PROTECTION OFFICER – DATA SUPERVISOR

The DPO, Data Protection Officer, is the entity defined by the Regulation as having the task to support the data controller(s), data supervisors and persons in charge of the data processing to safeguard the data and manage risks according to the principles and instructions of the European Regulation as well as the Authority for the protection of personal data.
The Data Protection Officer, appointed by the Data Controller, can be contacted by e-mail at the following address: dpo@clubdelsole.com.

3. PURPOSE AND LEGAL BASIS OF THE PROCESSING, STORAGE AND PROCESSING METHODS

In order to apply the regulations listed above, the processing of personal data means any operation or set of operations carried out with or without the help of automated processes and applied to personal data or sets of personal data, such as the collection, recording, organization, structuring, storage, adaptation or modification, extraction, consultation, use, communication by transmission, dissemination or any other way of making available, comparison or interconnection, restriction, deletion or destruction of the data.
The personal data will be processed by the independent data controllers for the following purposes:
a. Respond to requests received via Club Del Sole Group’s digital systems:

• the legal basis may be, depending on the nature and type of the request, consent, the execution of pre-contractual or contractual measures, or the fulfilment of legal obligations (e.g. confirmation of a request to exercise rights pursuant to ex art. 15-22 of the Regulation;
• the personal data requested are needed to process the request and any refusal to provide the data will make it impossible to provide an answer to the data subject.

b. Purchasing products or services:

• the legal basis for the processing is the need to execute a contract to which the data subject belongs;
• the personal data requested are necessary to carry out the purchase and any refusal to provide the data may cause the inability to process the purchase order.

c. Registration to reserved areas of the digital systems

• the legal basis for the processing is the need to execute a contract to which the data subject belongs;
• the personal data requested are necessary for the registration process and refusal to provide the data may make it impossible to use the reserved area.

d. Participation in contests, commercial initiatives, prize shows, and loyalty systems(on the initiative of the data subject):

• the legal basis for the processing is the need to execute a contract to which the data subject belongs; in accordance with the provisions of the relevant participation conditions.
• the personal data requested are needed in order to process the request for participation and any refusal to provide the data may make participation impossible.

e. Sending of informative and promotional material (direct marketing), e.g. mailing lists, special offers, newsletters, etc:

• the legal basis for the processing is the explicit consent of the data subject;
• the storage period of the data processed for this purpose will last until the data subject asks to be unsubscribed from the promotional communication/newsletter service. We remind that consent can be revoked at any time without affecting the lawfulness of the processing before its revocation;
• the personal data requested are needed to process the request and any refusal to provide the data may result in the impossibility to receive the informative and promotional material.

f. Analysing of consumption habits and choices (profiling), carrying out market researches (surveys and analysis on customer satisfaction):

• the legal basis for the processing is the explicit consent of the data subject;
• the storage period of the data processed for this purpose will last until the data subject revokes the consent. We remind that consent can be revoked at any time without affecting the lawfulness of the processing before its revocation;
• the provision of personal data is optional and any refusal to provide the data will make profiling impossible.

g. Administrative, managerial and for the fulfilment of legal obligations, regulations or orders of the Authorities (e.g. bookkeeping, tax requirements, administrative and accounting management, etc.) or by contract.

• the legal basis derives from the need to fulfil a legal or contractual obligation to which the Data Controller is subject;
• the provision of personal data is mandatory in those cases where the Data Controller must fulfil a legal obligation to which it is subject or meet requests of the competent Authorities;
• in the case of contractual obligations, the provision of data enables the fulfil the commitments undertaken with the data subject and, if the data subject fails to provide such data, it may not be possible to fully fulfil the aforementioned contractual obligations

h. Preventing, ascertaining and pursuing illicit conducts:

• the legal basis for the processing is the pursuit of the legitimate interest of the Data Controller to prevent, ascertain and prosecute unlawful acts or breach of rights (including those of third parties), such as intellectual/industrial property or computer crimes or other crimes committed by means of telematic networks, etc.;
• the storage period of the data processed for this purpose is equal to the time reasonably necessary to enforce the rights of the Data Controller from the moment in which the unlawful conduct or its potential occurrence has become known.

Unless otherwise specified, the duration of the processing for each purpose will take place as long as it is necessary for the Data Controller to carry out the activities related to them. In case of revocation of consent or termination for any reason of the mandatory/contractual relationship shown below or termination of the legal obligations concerning the specific processing, the personal data will be stored by the Data Controller to prove fulfilment of its obligations, until the expiry of the rights arising from them occurs.

4. DATA PROCESSED

The personal data processed are as follows:

• Personal data and/or identification documents (e.g. name, surname, date of birth, address, identity card number, etc.);
• Payment data (e.g. credit card number, iban, etc.);
• Contact data (e.g. telephone, e-mail, social media account, etc.);
• Device(s) data (e.g., mac address, hostname, etc.).

5. SPECIAL PERSONAL DATA PROCESSED

The data subject may also send to the Data Controller data that can may qualified, pursuant to art. 9 of the Regulation, as “special categories of personal data”, meaning data revealing racial or ethnic origins, political opinions, religious or philosophical beliefs, trade union membership, data concerning health or sex life or sexual orientation. This category of data will be processed by the Data Controller in order to process the request received. Any additional processing of the special categories of data by the Data Controller will be carried out only with prior and explicit consent or by virtue of a legal obligation, in any case in accordance with the principles of proportionality, adequacy and transparency.

6. ADDITIONAL TYPES OF DATA PROCESSED

Additional types of data processed are the following:

• Navigation data – The computer systems and software procedures used to operate the digital systems through which the user interacts with the Data Controller may acquire, during their standard operation, personal data whose transmission is implicit in the use of Internet communication protocols.
  This category of data includes IP addresses or domain names of computers and terminals used by the users, URI/URL (Uniform Resource Identifier/Locator) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code specifying the status of the response given by the server (successful, error, etc.) and other parameters relating to the user’s operating system and computer environment. These data, necessary to use the web services, are also processed to obtain statistical information on the use of services (most visited pages, number of visitors per hour or per day, geographical areas of origin, etc.) and to check the proper operation of the services offered.
  Browsing data do not persist for more than 365 days and are collected in aggregate form
• Data provided by the user – The optional, explicit and voluntary submittal of messages to the contact addresses of the Data Controller involves the acquisition of the sender’s contact data, necessary to reply, as well as any personal data included in the communications.
• Cookies and other tracking systems – Please refer to the detailed information available at the following link: www.clubdelsole.com/en/cookie-policy

7. PERSONAL DATA RECIPIENTS

The personal data may be shared, for the above purposes, with:

• entities that typically act as “Data Protection Officers”, by virtue of specific appointment, pursuant to art. 28 of the Regulations meaning persons, companies or professionals who provide assistance and consulting activities to the Data Controller in relation to the provision of services/products;
• entities with which the Data Controller must interact in order to provide the services/products, which operate as independent data controllers (e.g. payment system of third parties or payment instalments, access through social networks, etc.);
• the independent data controllers listed at the bottom of the on-line privacy policy;
• individuals, Entities or Authorities that are required to disclose personal data pursuant to provisions of law or orders of the Authorities;
• personnel expressly authorized by the Data Controller, or also “Persons in charge of the processing”, needed to carry out activities strictly related to the above-mentioned processing, who are obligated to confidentiality or have an adequate legal obligation of confidentiality and received adequate operating instructions pursuant to art. 29 of the Regulation.

For further information on the entities operating as Data Protection Officers, it is possible to send a written request to the Data Controller.

8. TRANSFER OF PERSONAL DATA.

Some of the personal data are shared with recipients who may be located outside the European Economic Area (EEA). The Data Controller ensures that the processing of personal data by these recipients takes place in compliance with the Regulation. In fact, transfers may be based on an adequacy decision or Standard Contractual Clauses approved by the European Commission. More information is available at the Data Controller’s office.

9. EXISTENCE OF AN AUTOMATED DECISION MAKING PROCESS, INCLUDING PROFILING.

The Data Controller may adopt an automated decision-making process for the processing of personal data, including profiling, referred to in Article 22 of the Regulation.
In this case, specific information will be provided to the data subject, given that more information may be requested at the Data Controller.

10. PROCESSING OF DATA CONCERNING MINORS.

The purposes of the processing mentioned above are generally addressed to adult data subjects.
According to the legislation in force, IT services such as newsletter subscription (direct marketing), profiling and online chat can only be used by those who are at least 16 (sixteen) years old.
The Data Controller will not be in any case liable for any collection of personal data, as well as false statements, provided by persons under 18 years of age, and in any case if the use of such data is detected, the Data Controller will facilitate the right of access and deletion forwarded by the guardian, custodian or those exercising parental authority.
Without prejudice to the fulfilment of the legal obligations, the processing of personal data belonging to minors for fulfilling contractual obligations will take place on the basis of the necessary authorizations of those who exercise parental authority and/or legal guardianship.

11. RIGHTS OF THE DATA SUBJECTS.

According to the applicable legislation, specific rights are granted to the data subjects, such as:

• confirmation on the existence of personal data concerning them at the Data Controller’s locaiton, even if not yet recorded, and their communication in intelligible form;
• the right to obtain information on the origin of the personal data and on the purposes and methods of electronic and/or paper processing;
• the identification details of the Data Controller and of any Data Protection Officers pursuant to art. 28 of the Regulation;
• the updating, rectification or where applicable, the integration of data;
• the deletion of the personal data;
• the right to oppose, in whole or in part, for legitimate reasons, the processing of personal data concerning them, even if pertinent to the purpose of the collection and the processing of their personal data.

In addition to the rights listed above, as a data subject and within the limits of what is established by the Regulation, it will also be possible to exercise the rights of limitation of the processing, opposition to it and the right to portability according to art. 20 of the Regulation.
On the basis of the Privacy Code and Regulation, the data subjects will be able to file actions to protect their rights before the Privacy Authority or any jurisdictional Authority (the so-called complaint, according to art. 77 and 79 of the Regulation). Finally, we inform you that to the extent that it will be considered applicable to the processing of data, the data subjects may exercise the right to withdraw their consent to the processing of data by notifying the Data Controller.

12. METHODS FOR EXERCISING RIGHTS

In order to exercise the above rights, the data subjects may contact the entities listed below:

• Data controller: privacy@clubdelsole.com
• Data Protection Officer (DPO): dpo@clubdelsole.com

13. UNSUBSCRIBING TO NEWSLETTERS AND/OR PROMOTIONAL COMMUNICATIONS

In order to request to be unsubscribed from newsletters and/or promotional communications, the data subjects can follow the instructions contained in the last promotional e-mail received or send an e-mail from the e-mail address on which they wish to stop receiving newsletters and/or promotional communications to privacy@clubdelsole.com specifying: First name, last name and including the word “STOP” in the subject line. After receiving the email, the Data Controller will promptly stop sending newsletters and promotional communications to the sender’s email address.

14. AMENDMENTS

The Data Controller reserves the right to amend and/or supplement this Privacy Policy at any time and undertakes to publish the amendments on its websites and application systems online in the Privacy section and/or to inform Clients according to the methods deemed most appropriate.

LIST OF INDEPENDENT DATA CONTROLLERS

The following list contains the identification data of the additional independent data controllers of Club del Sole S.r.l..

• Adriano Marina Gest S.r.l., with registered office in Ravenna (RA) Hamlet Punta Marina Terme, via dei Campeggi No. 7, with tax code and VAT number 0252480392, which carries out its activity at the camp-sites called “Adriano Family Camping Village” located in Ravenna (RA) Hamlet Punta Marina Terme, via dei Campeggi No. 7 and “Marina Family Camping Village” located in Ravenna (RA) Hamlet Punta Marina Terme, via dei Campeggi No. 8.
• Bologna Gest S.r.l., with registered office in Forlì (FC), via Biondini No. 27, tax code and VAT no. 04052500370, which carries out its activity at the campsite “Centro Turistico Città di Bologna” located in Bologna (BO), via Romita 12/4 A.
• Castiglione Gest S.r.l, with head office in Forlì (FC), via Biondini No. 27, tax code and VAT No. 04421030406, which carries out its activity at the campsite “Stella del Mare Family Camping Village” located in Castiglione delle Pescaia (GR), Strada Provinciale delle Rocchette Snc.
• Club Ristorazione S.r.l., with registered office in Forlì (FC), via Biondini No. 27, tax code and VAT No. 01526260532, which carries out its activities at the accommodation facilities of the Club del Sole Group.
• Desenzano Gest S.r.l., with registered office in Forlì (FC), via Biondini No. 27, tax code and VAT No. 04205800404, which carries out its activity at the campsite “Desenzano Glam Village” located in Desenzano del Garda (BS), via Vo’ 4/9.
• Jesolo Gest S.r.l., Jesolo Gest S.r.l., with registered office in Jesolo (VE), viale Oriente No. 144, tax code and VAT No. 04358500272, which carries out its activity at the campsite “Jesolo Mare Family Camping Village” located in Jesolo (VE), viale Oriente No. 144.
• Marina Julia Gest S.r.l., with registered office in Monfalcone (GO) Hamlet Marina Julia, via delle Giarrette No. 65, with tax code and VAT No. 01174240315, which carries out its activities at the campsite “Marina Julia Family Camping Village” located in Monfalcone (GO) Hamlet Marina Julia, via delle Giarrette No. 65.
• Riccione Gest S.r.l., with registered office in Riccione (RN), via Torino No. 80, tax code and VAT No. 04302200409, which carries out its activity at the campsite “International Riccione Family Camping Village” located in Riccione (RN), via Torino No. 80.
• Rimini Gest S.r.l., with registered office in Forlì (FC), via Biondini No. 27, tax code and VAT No. 04438810402, which carries out its activity at the camp-site named “International Italia Family Camping Village” located in Viserba (RN), viale Paolo Toscanelli No. 112.
• Romagna Gest S.r.l., with registered office in Riccione (RN), via Torino No. 56, with tax code and VAT No. 04302220407, which carries out its activity at the campsite “Romagna Family Camping Village” located in Riccione (RN), via Torino No. 56.
• Società Gestione Campeggi S.r.l., with registered office in Ravenna (RA), Hamlet Marina di Ravenna, viale delle Nazioni No. 301, with tax code and VAT number 00721220390, which carries out its activity at the campsite “Rivaverde Family Camping Village” located in Ravenna (RA) Hamlet Marina di Ravenna, viale delle Nazioni No. 301, “Sole Family Camping Village” located in Ravenna (RA) Hamlet Marina Romea, viale Italia No. 59, “Pineta Family Camping Village” located in Cervia (RA) Hamlet Milano Marittima, viale G. Matteotti No. 186 and “Pini Family Camping Village” located in Ravenna (RA) Hamlet Punta Marina Terme, via della Fontana No. 58.
• Spina Gest S.r.l., with registered office in Comacchio (FE), via del Campeggio No. 99, tax code and VAT No. 01949730384, which carries out its activity at the campsite “Spina Family Camping Village” located in Comacchio (FE), via del Campeggio No. 99.
• Stork Gest S.r.l., with registered office in Forlì (FC), via Biondini No. 27, tax code and VAT No. 04205830401, which carries out its activity at the campsite “Stork Family Camping Village” located in Cologna Spiaggia (TE) Hamlet Roseto degli Abruzzi, via del Mare No. 11.
• Tirreno Gest S.r.l., with registered office in Forlì (FC), via Biondini No. 27, tax code and VAT No. 04205820402, which carries out its activity at the campsite “Orbetello Family Camping Village” located in Orbetello (GR) Strada Provinciale della Giannella No. 166.
• Viareggio Gest S.r.l., with registered office in Forlì (FC), via Biondini No. 27, tax code and VAT No. 04534800406, which carries out its activity at the campsite “Italia Family Camping Village” located in Torre del Lago Puccini (LU) Viareggio, viale dei Tigli No. 52.
• Vigna Gest S.r.l., with registered office in Comacchio (FE), Hamlet Lido di Pomposa, via Capanno Garibaldi No. 20, with tax code and VAT No. 01949760381, which carries out its activities at the campsite called “Vigna Family Camping Village” located in Comacchio (FE) Hamlet Lido di Pomposa, via Capanno Garibaldi No. 20.
• La Risacca S.r.l., with registered office in Porto S. Elpidio (FM), via Europa No. 100, tax code 04669570154 and VAT No. 01494540444, which carries out its activities at the campsite “La Risacca Family Camping Village” located in Porto S. Elpidio (FM), via Europa No. 100.