Privacy Policy

The purpose of this document is to inform the natural person (hereinafter”Interested”) regarding the processing of your personal data (hereinafter”Personal Data”) collected by the data controller, Ciampi & Partners S.r.l. with sole shareholder, with registered office in Viale Rimembranza 28, 12068 Narzole, CN, Italy, CF/VAT number IT02852440045, e-mail address privacy@atriumsapartments.com, (hereinafter”titular”), through and Atriums Apartments (hereinafter”Application”).

Changes and updates will be binding as soon as they are published on the Application. In case of non-acceptance of the changes made to the Privacy Policy, the interested party is required to stop using this Application and may request the Data Controller to delete their Personal Data.

  1. Categories of Personal Data processed

The Data Controller processes the following types of Personal Data provided voluntarily by the interested party:

  • Contact details: name, surname, address, e-mail, telephone, images, authentication credentials, any additional information sent by the interested party, etc.
  • Tax and payment data: tax code, VAT number, credit card details, bank account details, etc.
  1. The Data Controller processes the following types of Personal Data collected in an automated manner: some text
    • Technical data: Personal Data produced by the devices, applications, tools and protocols used, such as, for example, information about the device used, IP addresses, type of browser, type of Internet provider (ISP). Such Personal Data may leave traces that, in particular if combined with unique identifiers and other information received from the servers, can be used to create profiles of individuals
    • Browsing and usage data of the Application: such as, for example, pages visited, number of clicks, actions performed, duration of sessions, etc.
    • Data relating to the exact position of the interested party: for example, geolocation data that precisely identifies the position of the interested party that can be collected through the satellite network (e.g. GPS) and other means, collected with the consent of the interested party. The interested party can revoke the consent at any time.
  2. Failure by the interested party to provide Personal Data for which there is a legal, contractual obligation or if they constitute a necessary requirement for the conclusion of the contract with the Data Controller, will make it impossible for the Data Controller to establish or continue the relationship with the interested party.

The interested party who communicates the Personal Data Controller of third parties is directly and exclusively responsible for their origin, collection, processing, communication or dissemination.

  1. Cookies and similar technologies

The Application uses cookies, web beacons, unique identifiers and other similar technologies to collect Personal Data from the Data Subject on the pages, on the links visited and on the other actions that are performed when the Data Subject uses the Application. They are stored to be then transmitted at the next visit of the interested party. You can view the complete Cookie Policy at the following address: https://www.atriumsapartments.com/cookie-policy

  1. Legal basis and purpose of the processing

The processing of Personal Data is necessary:

  1. for the execution of the contract with the interested party and precisely: some text
    1. fulfillment of any obligation deriving from the pre-contractual or contractual relationship with the interested party
    2. registration and authentication of the interested party: to allow the interested party to register on the Application, access and be identified also through external platforms
    3. support and contact with the interested party: to respond to the requests of the interested party
    4. payment management: to manage payments by credit card, bank transfer or other instruments
  2. by legal obligation and precisely: some text
    1. the fulfillment of any obligation provided for by current regulations, laws and regulations, in particular, on tax and fiscal matters
  3. based on the legitimate interest of the Data Controller, for:some text
    1. email marketing purposes of the owner's products and/or services to sell directly the Data Controller's products or services using the e-mail provided by the interested party in the context of the sale of a product or service similar to the one being sold
    2. management, optimization and monitoring of the technical infrastructure: to identify and solve any technical problems, to improve the performance of the Application, to manage and organize information in a computer system (e.g. server, database, etc.)
    3. security and anti-fraud: to ensure the security of the Data Controller's assets, infrastructures and networks
    4. Statistics with anonymous data: to carry out statistical analysis on aggregated and anonymous data to analyze the behavior of the interested party, to improve the products and/or services provided by the Data Controller and better meet the expectations of the interested party
  4. based on the consent of the interested party, for:some text
    1. profiling of the interested party for marketing purposes: to provide the interested party with information on the products and/or services of the Data Controller through automated processing aimed at collecting personal information with the purpose of predicting or evaluating their preferences or behaviors
    2. marketing purposes of the Data Controller's products and/or services: to send commercial and/or promotional information or materials, to carry out direct sales of the Data Controller's products and/or services or to carry out market research using automated and traditional methods
    3. marketing purposes of third-party products and/or services: to send commercial and/or promotional information or materials from third parties, to carry out direct sales activities or to carry out market research of their products and/or services with automated and traditional methods
    4. recording the exact position of the interested party: to detect the presence of the interested party, to control accesses, schedules and the presence of the interested party in a specific place, etc.
  1. Based on the legitimate interest of the Data Controller, the Application allows interactions with external platforms or social networks whose processing of Personal Data is governed by the respective privacy policies to which please refer. The interactions and information acquired from this Application are in any case subject to the privacy settings that the interested party has chosen on such platforms or social networks. This information - in the absence of specific consent to processing for additional purposes - is used for the sole purpose of allowing the use of the Application and providing the requested information and services.

The Personal Data of the Data Subject may also be used by the Data Controller to protect himself in court before the competent courts.

  1. Methods of processing and recipients of Personal Data

The processing of Personal Data is carried out using paper and computer tools with organizational methods and with logic strictly related to the purposes indicated and through the adoption of appropriate security measures.

Personal Data is processed exclusively by:

  1. persons authorized by the Personal Data Controller who are committed to confidentiality or have an adequate legal obligation of confidentiality;
  2. subjects that operate independently as separate data controllers or by subjects designated as data processors by the Data Controller in order to carry out all the processing activities necessary to pursue the purposes set out in this information (for example, business partners, consultants, IT companies, service providers, hosting providers);
  3. subjects or entities to whom it is mandatory to communicate Personal Data by legal obligation or by order of the authorities.
  1. The subjects listed above are required to use appropriate guarantees to protect Personal Data and can access only those necessary to perform the tasks assigned to them.

Personal Data will not be disclosed indiscriminately in any way.

  1. Place

If necessary, Personal Data may be transferred to subjects located outside the territory of the European Economic Area (EEA). Whenever Personal Data is transferred outside the EEA, the Data Controller will adopt any suitable and necessary contractual measure to ensure an adequate level of protection of Personal Data, including - among others - agreements based on standard contractual clauses for the transfer of data outside the EEA, approved by the European Commission. To request information on the specific guarantees adopted, the interested party may contact the Data Controller at the following e-mail address privacy@atriums.com.

  1. Personal Data Retention Period

Personal Data will be kept for the period of time necessary to fulfill the purposes for which they were collected, in particular:

  1. for purposes related to the execution of the contract between the Data Controller and the Interested Party, they will be kept for the entire duration of the contractual relationship and, after the termination, for the ordinary limitation period of 10 years. In the case of a judicial dispute, for the entire duration of the dispute, until the deadline for the possibility of appeal actions is exhausted
  2. for purposes related to the legitimate interest of the Data Controller, they will be kept until this interest is fulfilled
  3. for the fulfillment of a legal obligation, by order of an authority and for protection in court, they will be kept in compliance with the deadlines set by these obligations, regulations and in any case until the statute of limitations provided for by the regulations in force is fulfilled
  4. for purposes based on the consent of the interested party, they will be kept until the consent is revoked
  1. At the end of the storage period, all Personal Data will be deleted or stored in a form that does not allow the identification of the interested party.
  2. Rights of the interested party

Interested parties may exercise certain rights with reference to the Personal Data processed by the Data Controller. In particular, the interested party has the right to:

  1. be informed about the processing of your Personal Data
  2. revoke consent at any time
  3. limit the processing of your Personal Data
  4. object to the processing of your Personal Data
  5. access your Personal Data
  6. verify and request the correction of your Personal Data
  7. obtain the limitation of the processing of their Personal Data
  8. obtain the cancellation of your Personal Data
  9. transfer your Personal Data to another owner
  10. lodge a complaint with the supervisory authority for the protection of your Personal Data and/or take legal action.
  1. To exercise their rights, Data Subjects can send a request to the following e-mail address privacy@atriumsapartments.com. Requests will be taken care of by the Data Controller immediately and processed as soon as possible, in any case within 30 days.

Last updated: July 18, 2024