PRIVACY POLICY

Privacy Policy
This Website collects any personal data of its users.

This document can be printed selecting the File Print present in the settings of any browser

Owner of the Data Processing

Onda Verde Viaggi di Valsana Servizi SC – Via Convento 1 Follina – Treviso (Italia)

Email address of the Owner: info@ondaverdeviaggi.it

Types of Data collected

Among the personal data collected by this web site either directly or through third parties, there are: Cookie; Usage Data, Name; Surname; Telephone Number; Company Name; Email; City.
Full details of each type of collected data are provided in the relative sectors of this privacy policy or through specific information texts shown before the collection of such data.
Personal data may be freely supplied by the users or, in the case of Usage data, collected automatically when the data subject uses this website.
Unless otherwise specified, all the data requested from this website are mandatory. If the user declines to communicate them, the website may be unable to supply the service requested.
In the cases in which this website indicate any data as optional, the users have the right to refrain to communicate such data, without jeopardy to the availability of this service or its operability.
Should data subject have any doubts on which data are mandatory, they should contact the data controller.
The eventual use of cookies – or other tracking tools – by this website or by the data controllers of the third party services used by this website, where not explicitly stated, is carried out with the aim of providing the service requested by the user, as well as other purposes described in this document and in the Cookie Policy, if available.
The User accepts full responsibility of the personal data of third parties obtained, published or shared through this website and confirms that he or she is authorized to communicate and disseminate them, releasing the Data Controller of any third party liability.

Method and place of data processing

Processing method

The data controller adopts adequate technical security measures aimed at preventing the access, dissemination, alteration or unauthorized destruction of the Personal Data.
Data processing is carried out using It and/or telematic tools following organizational procedures and methods strictly related to the purposes indicated.
In some cases, other persons charged with data processing may also have access to the data as well as the Controller. These include persons involved in the organization of the website (administrative, commercial, marketing, legal, system administrative personnel) or external third parties (third party technical services suppliers, mail carriers, hosting providers, IT companies, communication agencies) that, where necessary, are also appointed as Data Processors by the Data Controller.
The updated list of such persons my be always be obtained from the Data Controller on Request.

The legal basis for processing

The Data Controller processes the Personal Data of data subjects under the following circumstances:
• the data subject has given his/her consent to one or more specific data processing purposes; Note: in some jurisdictions the Data Controller may be authorized to process Personal Data without the consent of the Data Subject or other juridical base specified below, until when the Data Subject goes against (“opt-out”) such processing. Anyway this is not applicable if the Processing of Personal Data is regulated by the European legislation in reference to the safeguard of Personal Data:

• processing is necessary in order to perform a contract with the data subject and/or comply with pre-contractual obligations;

• processing is necessary to comply with a legal obligation incumbent upon the Data Controller;

• processing is necessary to carry out a public interest duty or to exercise a public power entrusted to the Data Controller;

• processing is necessary for the purposes of the legitimate interests pursued by the Data Controller or third parties.

In any event, the Data Controller may be requested to supply further clarification on the legal basis for any data processing, and in particular, to indicate whether the data processing in question is carried out pursuant to statutory requirements, contractual provisions or in order to enter into an agreement.

Data processing place

Personal Data are processed at the operational headquarters of the Data Controller and in any other location in which the parties involved in the processing are located. For further information, please contact the Data Controller.
The personal data may be transferred our of the country where the data subjects stay. For further information about the data processing place, the data subject may read the section about the details of the personal data processing.
The data subject has the right to obtain information about the juridical basis of the data transfer outside of the European Union or to an international organization based on international public law or composed by two or more countries, i.e. UN, or on the basis of the security measures adopted by the Data Controller to safeguard Data.
The Data Subject may verify if one of the transfer described above, reading the appropriate section of this document about the details of Personal Data Processing or requiring information to the Data Controller through the contacts listed above.

Period of storage

Personal data are processed and stored for the time necessary to fulfil the purposes for which they are collected
• Personal Data collected for purposes related to the performance of a contract between the Data Controller and the data subject shall be stored until said contract has been executed.

• Personal Data collected for purposes connected with the legitimate interest of the Data Controller shall be stored as long as needed to fulfil such purpose. The data subject may obtain further information regarding the legitimate interest of the Data Controller in the appropriate sections of this document, or by contacting the Data Controller.
If data processing is conducted with the consent of the data subject, the Data Controller may store the Personal Data until such consent is withdrawn. In addition, the Data Controller may be obliged to retain Personal Data for a longer period whenever this is necessary in order to perform a legal obligation or on the order of an authority.

On expiry of the storage period, the Personal Data shall be erased. It follows that all data subject rights to access, erasure, rectification and portability of data may no longer be enforced.

Personal data collection purpose

The Data of the User are collected to allow the Data Controller to provide its services, comply with legal obligations, answer to the requests or executive actions, safeguard their rights and interests (or the rights and interests of data subject or third parties), individualize malicious or fraudulent activities, and for the following purposes: statistical data collection, contacting data subjects, content on social networks or external platforms, payment management, registration and authentication, and address and email messages management.
Data subjects can find further detailed information on the purposes of processing and on the specific Personal Data used for each purpose in the appropriate section “Detailed information about Personal data processing”.

Personal data processing details

Personal Data are collected for the following purposes using the following services:

• To contact the data subject

• Address and email message management

• Payment management

• Display of content from social network or external platforms

• Registration and authentication

• Statistics

Further information on Personal Data

• Online sale of goods and services

Data subject rights

The data subjects may exercise any rights with reference to the data processed by the Data Controller.
In particular, the data subject has the right to:

• withdraw consent at any time. ’Data subjects may withdraw consent previously granted to process their Personal Data.

• object to the processing of their Personal Data Data subjects may object to their Personal Data being processed, when processing takes place on a legal basis other than consent. Further details on the right to object are given in the section below.

• obtain access to their Personal Data. Data subjects are entitled to obtain information on certain aspects of the processing of their Personal Data by the Data Controller, and to receive a copy of the processed data.

• verify and request rectification. Data subjects are entitled to verify the correctness of their Personal Data and request they be updated or corrected

• obtain restrict processing. When specific conditions occur, the Data Subject may request restriction of the processing of their Personal Data. In this case, the Data Controller shall process the data subject’s data only for the specific purpose for which they are supplied, and shall not store the data subject’s data.

• obtain the erasure and removal of their Personal Data. When specific conditions occur, the Data Subject may request the erasure of his/her Personal Data by the Data Controller.

• receive Personal Data or have them transferred to another Data Controller. Data subjects are entitled to receive their Personal Data in a commonly used structured format readable by an automatic device and, where technically feasible, obtain their transfer without impediment to another Data Controller. This disposition is applicable when data are processed with automated tools and the processing is base on the approval of the Data Subject, on a contract on which the Data Subject is party or on contractual measures associated to them.

• Lodge a complaint. Data subjects may lodge a complaint with the competent personal data protection supervisory authority or take legal action.

Details of the right to object

When Personal Data is processed in the public interest, in the exercise of public authority to which the Data Controller is invested or to pursue a legitimate interest of the Data Controller, the Data Subjects have the right to oppose the processing for reasons related to their particular situation.
It is pointed out to the Data Subjects that, if their Data is processed for purposes of direct marketing, they can oppose the processing without providing any reasons. To know if the Data Controller processes data with purposes of direct marketing, the Data subject may refer to the appropriate section of this document.

How to exercise data-subject rights

Data Subjects can exercise their rights by addressing a request to the Data Controller, using the contact details present on this document. Requests are deposited free of charge and processed bu the Data Controller as soon as possible, in any case, within one month.

Cookie Policy

This Website uses Cookies and other identifiers. For more information, the Data Subject should consult the Cookie Policy.

Further information on data processing

Legal action

The data subject’s Personal Data may be used in a court of law or in the preparatory phase before eventual legal action as a means of defence against illegal use by the data subject of this website or of the allied services.
The data subject hereby confirms he/she is fully cognizant of the fact that the Data Controller may be obliged to reveal his/her Personal Data at the request of a public authority.

Specific note

At the request of the data subject, this website may, in addition to the information contained in this Privacy Policy, provide the data subject with additional pertinent information on specific services or on the collection and processing of Personal Data.

System logs and maintenance

This website and eventual third party services used by our website may, for operational and maintenance purposes, collect system logs, i.e. files that record interactions and may also contain Personal Data, such as the IP address of the data subject.

Information not contained in this Privacy Policy

Further information concerning the processing of Personal Data may be requested to the Data Controller at any time using the contact addresses.

“Do Not Track” requests

This website does not support “Do Not Track” requests.
To find out whether any of the third-party services support this function, data subjects are invited to consult the Privacy Policy of the services listed above.

Modification to this privacy policy

The Data Controller reserves the right to amend this Privacy Policy at any time, posting notification of any changes on this website, and also, where technically and legally feasible, notifying data subjects through one of the contact indications available to the Data Controller. Data subjects are therefore strongly recommended to check this page frequently, taking note of the date of the last modification listed at the bottom of the page.
Should the amendments impact any processing activities carried out only with data-subject consent, the Data Controller shall proceed to once more obtain, where necessary, the required consent from the data subject.

Definitions and legal references

Personal Data (or Data)

Personal Data are any information that, directly or indirectly, and also in connection with any other kind of information, including a personal identification number, that allows a natural person to be identified, or makes him/her identifiable.

Usage Data

Usage data is information collected automatically through this website (or by third-party services employed by this website) and may include: IP addresses or domain names of the computers utilized by data subjects who use this application, URI addresses (Uniform Resource Identifier), the time of the request, the method used to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the server’s answer (successful outcome, error, etc.), the country of origin, the features of the browser and operating system used by the data subject, visit time details (e.g., the time spent on each page within the application) and the path followed within the website, with special reference to the sequence of pages visited, as well as other parameters of the device operating system and/or the data subject’s IT environment.

User

The individual using this Application that, unless otherwise specified, coincides with the Data Subject.

Interested

The natural person to whom the Personal Data refers.

Data Processor (or Data Handler)

The natural or legal person, public authority, agency or other body processing Personal Data on behalf of the Data Controller, as described in this Privacy Policy.

Data Controller (or Owner)

The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of processing Personal Data, and the tools to be adopted, including the security measures to safeguard the functioning and use of this website. Unless specified herewith otherwise, the Data Controller is the Owner of this website.

This Website (or this application)

The hardware or software by which the data subject’s Personal Data are collected.

Service

The service provided by this website as described in the relative terms and conditions (if available) and on this site/application.

European Union (o EU)

Unless otherwise specified, any reference made in this document to the European Union includes all current members of the European Union and the European Economic Area.

Cookies

Small pieces of data stored in the data subject’s device.

Legal information

This privacy statement has been prepared in compliance with many legislations, included the art. 13 and 14 of the EU Regulation 2016/679.
Unless otherwise specified, this Privacy Policy applies only to this website.

Cookie Policy
Cookies consist of portions of code installed in the browser that assist the Owner in the provision of the Service according to the purposes described. Some of the purposes of installing cookies may also require the consent of the User.
When cookies are installed on the basis of consent, such consent can be freely revoked at any time by following the instructions contained in this document.

Technical aggregate statistical cookies

• Activity strictly necessary for operation

This Application uses Cookies to save the User’s session and to perform other activities strictly necessary for the operation of this Application, for example in relation to the distribution of traffic.

• Activity saving preferences, optimization and statistics

This application uses cookies to save browsing preferences and optimize the experience of User navigation. Among these cookies include, for example, those to set the language and currency or for the management of statistics by the owner of the site.

Other types of cookies or third party tools that could install

Some of the services listed below collect statistics in aggregate and anonymous form and may not request the consent of the User or could be managed directly by the Owner as described without the help of third parties.
If among the instruments indicated below there were services managed by third parties, these could in addition to what is specified and also without the knowledge of the Owner perform activities of tracking of the User.
For detailed information about this, we recommend to consult the privacy policies of the services listed.

Advertising Cookies

How to customize advertising tracking preferences

Some advertising services adhere to the IAB Transparency and Consent Framework and allow the User to set advertising tracking preferences.
These settings can be accessed and customized by clicking on the cookie policy link inside the cookie notice banner and by then clicking on the link that leads to the advertising tracking settings, or by clicking the relevant link, if provided.
The Owner declares that the IAB Transparency and Consent Framework is being used in full compliance with the rules laid out within the IAB Framework Policies..

Other Cookies

• Display content from social network and external platforms

This type of service enables users to interact with social networks or other external platform directly from this website.
The interaction and information obtained from this website are in any case subject to the user’s privacy related to each social network.
In the case in which a service of this type is installed, it is possible that, even in the case the Users do not use the service, it collects traffic data relating to the pages in which it is installed.
It is recommended to disconnect from the services to be sure that the data elaborated from this website will not be connected to the user profile.

“Like” button and Facebook social widget (Facebook, Inc.)

Button Like and Facebook Social Widget are services run by Facebook, Facebook, Inc
Personal Data collected: Cookie and Data Usage.
Processing place: USA – Privacy Policy.

• Statistic

The services of this section give the possibility to the Data Controller to control and analyse the traffic of data and monitor the tracking of the user activities..

Google Analytics (Google Inc.)

Google Analytics is a web analysis service provided by Google Inc. (“Google”). Google utilizes the Data collected to track and examine the use of this website, to prepare reports on its activities and share them with other Google services.
Google may use the Data collected to contextualize and personalize the ads of its own advertising network.
Personal Data Collected: Cookie and Usage Data.
Place of Processing: USA – Privacy Policy – Opt Out.

How can I express my consent to the installation of Cookies?

In addition to what is indicated in this document, the User can manage cookie preferences directly within his browser and prevent for example that third parties may install them. Through the browser preferences it is also possible to delete cookies installed in the past, including the Cookie in which the consent to the installation of Cookies by this site is eventually saved. The User can find information on how to manage Cookies with the following browsers,: Google Chrome, Mozilla Firefox, Apple Safari e Microsoft Internet Explorer.
With reference to cookies installed by third parties, the User can also manage their settings and withdraw consent by visiting the relevant opt out link (if available), using the tools described in the privacy policy of the third party or by contacting the third party directly.
Notwithstanding the foregoing, you may use the information provided by YourOnlineChoices (EU), Network Advertising Initiative (USA) e Digital Advertising Alliance (USA), DAAC (Canada), DDAI (Japan) or other similar services. With these services you can manage the tracking preferences of most advertising tools. The Owner therefore recommends Users to use these resources in addition to the information provided by this document.

Data Controller

ONDA VERDE VIAGGI DI VALSANA SERVIZI SC – Via Convento, 1 – Follina, Treviso

Data Controller Email Address: info@ondaverdeviaggi.it

Since installing Cookies and other tracking systems operated by third parties through the services used within this Website cannot be technically controlled by the Owner, any specific reference to Cookies and tracking systems installed by third parties is to be considered indicative. To obtain complete information, the User is invited to consult the privacy policy of any third party services listed in this document.
Given the objective complexity of identification of technologies based on Cookies, the User is invited to contact the Owner if he wishes to receive any further information regarding the use of the Cookies themselves through this Website.