Search
Close this search box.

Privacy Policy

The purpose of this document is to inform the individual (hereinafter referred to as “Data Subject”) about the processing of their personal data (hereinafter “Personal Data”) collected by the data controller, Barbirotti Viaggi, with legal headquarters at Piazza Alfano I, nr 6 – 84121 Salerno (Sa), VAT number 04602370654, Tax Code BRBMRZ65D11H703R, email address info@barbirottiviaggi.it (hereinafter referred to as “Controller”), through the website www.barbirottiviaggi.it (hereinafter “Application”).
Changes and updates will be binding as soon as they are published on the Application. In the event of non-acceptance of the changes made to the Privacy Policy, the Data Subject is obliged to cease using this Application and may request the Controller to delete their Personal Data.

Categories of Personal Data Processed

The Controller processes the following types of Personal Data voluntarily provided by the Data Subject: Contact details: name, surname, address, email, phone, images, authentication credentials, any additional information sent by the Data Subject, etc.

  • Fiscal and payment data: tax code, VAT number, credit card details, bank account details, etc.
  • Employment-related data: information entered in the curriculum vitae, data related to the spouse or children, pension data, etc.
  • Special (sensitive) data: Personal Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, as well as genetic data, biometric data intended to uniquely identify a natural person, data concerning health or sexual life or sexual orientation, collected with the consent of the Data Subject. The Data Subject can revoke consent at any time.
  • Judicial data: Personal Data relating to criminal convictions, offenses or related to security measures, collected with the consent of the Data Subject. The Data Subject can revoke consent at any time.

The Controller processes the following types of Personal Data collected automatically: Technical data: Personal Data produced by the devices, applications, tools, and protocols used, such as information about the device used, IP addresses, type of browser, type of Internet service provider (ISP). Such Personal Data can leave traces that, particularly when combined with unique identifiers and other information received from servers, can be used to create profiles of individuals.

  • Data on the navigation and use of the Application: such as, for example, pages visited, number of clicks, actions performed, duration of sessions, etc.
  • Exact location data of the Data Subject: for example, geolocation data that precisely identifies the position of the Data Subject, which can be collected via satellite network (e.g., GPS) and other means, collected with the consent of the Data Subject. The Data Subject can revoke consent at any time.

Failure to provide Personal Data by the Data Subject for which there is a legal, contractual obligation or if they constitute a necessary requirement for the conclusion of the contract with the Controller, will result in the inability of the Controller to establish or continue the relationship with the Data Subject.
The Data Subject who communicates third-party Personal Data to the Controller is directly and exclusively responsible for their origin, collection, processing, communication, or dissemination.

Cookies and similar technologies

The Application uses cookies, web beacons, unique identifiers, and other similar technologies to collect Personal Data of the Data Subject on pages, visited links, and other actions performed when using the Application. They are stored to be then transmitted on the Data Subject’s subsequent visit. The complete Cookie Policy can be viewed at the following address: barbirottiviaggi.it/cookie-policy

Legal basis and purpose of processing

Processing of Personal Data is necessary. For the execution of the contract with the Data Subject, specifically:

Fulfillment of any obligation arising from the pre-contractual or contractual relationship with the Data Subject.

Registration and authentication of the Data Subject: to allow the Data Subject to register on the Application, access and be identified also through external platforms.

Support and contact with the Data Subject: to respond to requests from the Data Subject.

Management of payments: to manage payments via credit card, bank transfer, or other tools.

For legal obligation, specifically:

  • Fulfillment of any obligation provided by current regulations, laws, and rules, particularly in tax and fiscal matters.

Based on the legitimate interest of the Controller, for:

  • Marketing purposes via email for products and/or services of the Controller: to directly sell the products or services of the Controller using the email provided by the Data Subject in the context of selling a product or service similar to that subject to the sale.
  • Management, optimization, and monitoring of technical infrastructure: to identify and solve any technical problems, to improve the performance of the Application, to manage and organize information in an IT system (e.g., servers, databases, etc.).
  • Security and anti-fraud: to ensure the security of the assets, infrastructure, and networks of the Controller.
  • Statistics with anonymous data: to perform statistical analyses on aggregated and anonymous data to analyze the behavior of the Data Subject, to improve the products and/or services provided by the Controller and better meet the expectations of the Data Subject.

Based on the consent of the Data Subject, for:

  • Profiling of the Data Subject for marketing purposes: to provide the Data Subject with information about the products and/or services of the Controller through automated processing aimed at collecting personal information to predict or assess their preferences or behaviors.
  • Retargeting and remarketing: to reach the Data Subject with a personalized advertising announcement who has already visited or shown interest in the products and/or services offered by the Application using their Personal Data. The Data Subject can opt-out by visiting the Network Advertising Initiative page.
  • Marketing purposes for products and/or services of the Controller: to send information or commercial and/or promotional materials, to carry out direct selling activities of products and/or services of the Controller or to conduct market research using automated and traditional methods.
  • Marketing purposes for products and/or services of third parties: to send information or commercial and/or promotional materials of third parties, to carry out direct selling activities or to conduct market research of their products and/or services using automated and traditional methods.
  • Communication of Personal Data for marketing purposes of third parties: to communicate to third parties operating in the ICT & Training consulting sector the Personal Data so that they use them to send their information or commercial and/or promotional materials or to carry out direct selling activities of their products and/or services or to conduct market research using automated and traditional methods.
  • Detection of the exact position of the Data Subject: to detect the presence of the Data Subject, to control accesses, times, and presence of the Data Subject in a certain place, etc.

Based on the legitimate interest of the Controller, the Application allows interactions with external platforms or social networks whose processing of Personal Data is governed by their respective privacy policies, which are referred to. The interactions and information acquired by this Application are in any case subject to the privacy settings chosen by the Data Subject on such platforms or social networks. These pieces of information – in the absence of specific consent to processing for further purposes – are used solely to allow the use of the Application and to provide the information and services requested.

The Personal Data of the Data Subject may also be used by the Controller to defend itself in court before the competent judicial authorities.

Processing Methods and Recipients of Personal Data

The processing of Personal Data is carried out using paper and electronic tools with organizational methods and with logics strictly related to the purposes indicated and by adopting appropriate security measures.

Personal Data is processed exclusively by Individuals authorized by the Controller of Personal Data who have committed to confidentiality or have an adequate legal obligation of confidentiality;

  • Entities operating independently as separate data controllers or as data processors appointed by the Controller for the purpose of carrying out all processing activities necessary to pursue the purposes of this information (for example, business partners, consultants, IT companies, service providers, hosting providers);
  • Subjects or entities to whom it is mandatory to communicate the Personal Data due to legal obligation or by order of the authorities.
    The above-mentioned subjects are required to use appropriate guarantees to protect the Personal Data and can access only the data necessary to perform their assigned tasks.

Personal Data will not be indiscriminately disclosed in any way.

Location

If necessary, Personal Data may be transferred to entities located outside of the European Economic Area (EEA). Whenever Personal Data is to be transferred outside of the EEA, the Controller will adopt all suitable and necessary contractual measures to ensure an adequate level of protection of Personal Data, including – among others – agreements based on standard contractual clauses for the transfer of data outside of the EEA, approved by the European Commission. To request information on the specific guarantees adopted, the Data Subject can contact the Controller at the following email address: info@barbirottiviaggi.it.

Completely Automated Decision-Making Processes

The Controller uses completely automated decision-making processes that can produce legal effects for the Data Subject or significantly affect them, operating according to these criteria: The processing of data for the purpose of simplifying decision-making processes.

Retention Period of Personal Data

Personal Data will be retained for the period of time necessary to fulfill the purposes for which it was collected, specifically: For purposes related to the execution of the contract between the Controller and the Data Subject, they will be retained for the entire duration of the contractual relationship and, after its termination, for the ordinary limitation period of 10 years. In the case of judicial litigation, for the entire duration of the same, until the exhaustion of the terms for challenging actions.

  • For purposes related to the legitimate interest of the Controller, they will be retained until the fulfillment of such interest.
  • For compliance with a legal obligation, by order of an authority, and for legal protection, they will be retained in accordance with the timelines provided by said obligations, regulations, and until the completion of the prescription period provided by the current norms.
  • For purposes based on the consent of the Data Subject, they will be retained until the revocation of consent. For marketing purposes for a period not exceeding 24 months.

At the end of the retention period, all Personal Data will be deleted or stored in a form that does not allow the identification of the Data Subject.

Rights of the Data Subject

Data Subjects can exercise certain rights regarding the Personal Data processed by the Controller. In particular, the Data Subject has the right to:

  • Be informed about the processing of their Personal Data.
  • Revoke consent at any time.
  • Limit the processing of their Personal Data.
  • Object to the processing of their Personal Data.
  • Access their Personal Data.
  • Verify and request the rectification of their Personal Data.
  • Obtain the limitation of the processing of their Personal Data.
  • Obtain the deletion of their Personal Data.
  • Transfer their Personal Data to another controller.
  • Lodge a complaint with the authority responsible for the protection of their Personal Data and/or take legal action.

To exercise their rights, Data Subjects can send a request to the following email address: info@barbirottiviaggi.it. Requests will be handled by the Controller immediately and fulfilled as soon as possible, in any case within 30 days.

Contacts

Download the exclusive travel catalogues

Project co-financed by the European Regional Development Fund
Loghi incoming
Barbirotti Viaggi – Piazza Alfano I nr. 6 – 84121 – Salerno – P.Iva 04602370654Cookie Policy Privacy PolicyContributi