Dear Interested, Chateau d’Ax spa has great respect for the privacy of Users. The data that will eventually be communicated
by the User through the Site will be treated with the utmost care and with all the tools to guarantee its security, in full compliance
with the current legislation protecting the confidentiality of data. We wish to inform you that the “European Regulation 2016/679
concerning the protection of individuals with regard to the processing of personal data, as well as the free circulation of such data”
(from now on “GDPR”) provides for the protection of individuals with regard to processing of personal data as a fundamental right.
Pursuant to article 13 of the GDPR, therefore, we inform you that:
A. DATA CATEGORIES: the object of the processing may be your personal data such as:
a. Data collected automatically. The computer systems and applications dedicated to the operation of this website detect,
during their normal operation, some data (the transmission of which is implicit in the use of Internet communication protocols)
potentially associated with identifiable users.
The collected data includes the IP addresses and domain names of the computers used by users who
connect to the site, the addresses in the Uniform Resource Identifier (URI) notation of the requested resources, the method used
to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response
given by the server (successful, error, etc.) and other parameters concerning the operating system, the browser and the
IT environment used by the user, name of the internet service provider (ISP), date and time of visit, web page of origin
of the visitor (referral) and exit.
b. Data provided voluntarily by the user. The voluntary and explicit sending of e-mails to the addresses indicated in the different
access channels of this site does not involve a request for consent and involves the acquisition of the sender’s address and data,
necessary to respond to requests, as well as any other data personal data included in the message. These data are voluntarily
provided by the user at the time of the request to provide the service. By inserting a comment or other information, the user
On the contrary, specific summary information will be reported or displayed on the pages of the site prepared for particular
services on request (form). The user must therefore explicitly consent to the use of the data shown in these forms in order to send
or to make the browsing experience more enjoyable and more efficient in the future, trying to evaluate user behavior and modify
d. Plug-in. The site also incorporates plugins and / or buttons for social networks, in order to allow easy sharing of content on
your favorite social networks. These plug-ins are programmed so as not to set any cookies when accessing the page, to safeguard
user privacy. Eventually cookies are set, if so provided by social networks, only when the user makes effective and voluntary
use of the plug-in. Please note that if the user browses being logged into the social network then he has already consented to the
obtained through the plug-in are governed by the respective privacy policies of the social networks, to which please refer.
B. DATA CONTROLLER: the data controller is
CHATEAU D’AX SPA – Via Nazionale dei Giovi, 159 – 20823 LENTATE SUL SEVESO (MB) – VAT number IT00682600960,
who can be contacted by phone at 0362 5301 or at the email address email@example.com
C. SOURCE OF PERSONAL DATA: The personal data held by the Data Controller are collected directly from the interested party.
D. PURPOSE OF DATA PROCESSING AND LEGAL BASIS: the processing of your data has as its purpose and legal basis:
the web browsing experience.
to be able to send responses to specific requests made by the user; for the forms the purpose is indicated in the specific information.
E. DATA RECIPIENTS: within the limits relevant to the processing purposes indicated, your data may be disclosed to partners,
consultancy companies, private companies, third party technical service providers, hosting providers, IT companies,
communication agencies, …
F. TRANSFER OF DATA TO THIRD COUNTRIES: This site may share some of the data collected with services
located outside the European Union area, in particular through social plug-ins. The transfer is authorized and strictly regulated
by article 45, paragraph 1 of EU Regulation 2016/679, therefore it does not require specific authorizations.
G. PERIOD OF STORAGE: based on the conservation limitation principle (Article 5, GDPR), a check on the obsolescence of
the data stored in relation to the purposes for which they were collected is carried out periodically. In particular:
information on the use of the site and to check its regular functioning, also for security purposes or according to the deadlines
set by law .
for which they are processed or according to the deadlines set by law.
H. RIGHTS OF THE INTERESTED PARTY: the interested party always has the right to request the Data Controller to access
your data, correct or delete them, limit the processing or the possibility of opposing the processing, to request data portability ,
to revoke the consent to the processing by asserting these and the other rights provided by the GDPR by simply communicating
to the Data Controller. The interested party can also lodge a complaint with a supervisory authority.
I. OBLIGATORY OR LESS OF THE PROVISION: the provision of your data is mandatory while browsing
our website with regard to points D.1 and D.2 of the aforementioned purposes, to allow the correct provision of the service.
II. The provision of the consent of your data for point D.3 is optional and will not compromise in any way the provision
of the service.
J. DATA PROCESSING METHOD: the personal data you provide will be the subject of processing operations in compliance
with the aforementioned legislation and the confidentiality obligations which inspire the activity of the Data Controller.
The data will be processed both with IT tools and on paper and on any other type of suitable support (eg cloud systems,
archiving systems and digital replacement storage, …), in compliance with adequate technical and organizational security
measures provided for by GDPR.
K. FINAL NOTES AND UPDATE METHODS: the information is provided only for this website and not for other websites
that may be consulted by the user through links contained in this website. The information may undergo changes due to the
introduction of new regulations in this regard, therefore the user is invited to periodically check this page to be always updated
on the latest legislative news. The withdrawing versions of this information can always be requested from the Data Controller.