INFORMATION ON THE PRIVACY POLICY OF THE SITE
Happy Holiday Homes Sagl (hereinafter, the “Data Controller” or the “Controller”), in its capacity as Data Controller, informs you, pursuant to Article 13 of EU Regulation No. 2016/679 (hereinafter, the “GDPR”), that your personal data, in connection with your navigation on our website, will be processed in the manner and for the purposes described below:
DATA PROCESSING
Object of processing
The Data Controller processes the personal data, which you (hereinafter referred to as "the Data Subject") provide for the sole purpose of responding to your requests and may only be disclosed to third parties if this is necessary for that purpose.
Purpose of processing
Your personal data is processed without your express consent (Art. 6(1)(b) and (e) GDPR), for the following purposes:
- to manage customer relations and to coordinate accounting, orders, invoicing and any litigation;
- to perform operations connected with and instrumental to the acquisition of information prior to the conclusion of bookings;
- to fulfil obligations under applicable laws or regulations, including EU regulations;
- to process a contact request;
- to process a request for quotation;
- to fulfil obligations required by law, regulation, Community legislation or an order of the Authority;
- to prevent or detect fraudulent activities or abuses harmful to the Site;
- to exercise the rights of the Controller, such as the right to exercise a right in court.
In all the above cases, the legal basis for processing your personal data is the performance of a contract with you, the provision of a service you have specifically requested, and the compliance with a legal obligation or or the protection of our legitimate interest.
We do not intend to collect personal data from individuals under the age of 16. If you are under 16, you should not make an online booking or submit any enquiry. Please ask a parent or legal guardian to do so on your behalf.
Method of processing
The processing of your personal data is carried out through the operations listed in Art. 4 of the Privacy Code and Art. 4(2) GDPR, including: collection, recording, organisation, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, restriction, communication, erasure, and destruction. Your personal data may be processed in both paper-based and electronic and/or automated form.
Storage time of processed data
Data is processed and stored for the time necessary to achieve the purposes for which it was collected.
Personal Data collected for purposes related to the performance of a contract between the Data Controller and the User will be retained until the performance of such contract is completed.
Personal Data collected for purposes related to the legitimate interest of the Data Controller will be retained until such interest is satisfied. The User may obtain further information regarding the legitimate interest pursued by the Controller in the relevant sections of this document or by contacting the Controller.
At the end of the retention period the Personal Data will be deleted. Therefore, at the end of this period, the right of access, cancellation, rectification and the right to Data portability can no longer be exercised.
Processing of navigation data
The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
This information is not collected in order to be associated with identified interested parties, but due to its very nature, it could — through processing and association with data held by third parties — allow users to be identified.
This category of data includes the IP addresses or domain names of the computers used by users connecting to the site, the URI (Uniform Resource Identifier) notation addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the server’s response status (successful, error, etc.) and other parameters relating to the user's operating system and IT environment.
This data is used for the sole purpose of obtaining anonymous statistical information on the use of the site and to verifying its correct functioning. The data may also be used to determine liability in the event of potential cybercrimes committed against the site
Links to other sites
The sites we link to, including (but not limited to) secondary sites and third-party service providers, may have a privacy policy different from the one set out here. We accept no responsibility for the privacy practices of linked sites and therefore encourage you to review them.
Security measures
The Data Controller has adopted a variety of security measures to protect your data against the risk of loss, misuse or alteration. In particular:
- Measures in accordance with Articles 32-34 of the Privacy Code and Article 32 of the GDPR;
- Use of data encryption technology and secure data transmission protocols.
Data access
Your data may be accessible for the purposes described in Articles 2.A) and 2.B) to:
- Collaborators of the Data Controller, in their capacity as data processors;
- Third-party companies or other entities that perform outsourcing activities on behalf of the Controller, in their capacity as data processors.
Communication of data
Without your express consent (ex art. 24 lett. a), b), d) Privacy Code and art. 6 lett. b) and c) GDPR), the Data Controller may communicate your data to Supervisory Bodies, Judicial Authorities as well as to all other subjects to whom communication is compulsory by law for the fulfilment of the aforementioned purposes. Your data will not be disseminated beyond these cases.
Data transfer
The management and storage of personal data will take place in Europe, on servers located in Italy, either belonging to the Data Controller or to third-party companies duly appointed as Data Processors.
Nature of Data Provision and Consequences of Refusal
Providing data for the purposes described in Article 2 is mandatory, as it is necessary to respond to information requests.
Rights of the data subject
In accordance with the provisions of Chapter III, Section I of the GDPR, you may exercise the rights set forth therein and in particular:
Right of access - To obtain confirmation as to whether or not personal data concerning you are being processed and, if so, to receive information relating, in particular, to: the purposes of the processing, the categories of personal data processed and the period of storage, the recipients to whom the data may be disclosed (Article 15, GDPR);
Right to rectification - Obtain, without undue delay, rectification of inaccurate personal data concerning you and supplementation of incomplete personal data (Article 16, GDPR);
Right to erasure - Obtain, without undue delay, the erasure of personal data concerning you, in the cases provided for in the GDPR (Article 17, GDPR);
Right to restriction -Obtain from the Controller the restriction of processing, in the cases provided for by the GDPR (Article 18, GDPR);
Right to portability -To receive, in a structured, commonly used and machine-readable format,the personal data concerning you provided to the Controller, as well as to obtain that it be transmitted to another controller without hindrance, in the cases provided for by the GDPR (Article 20, GDPR);
Right to object - Object to the processing of personal data concerning you, unless there are legitimate grounds for the Data Controllers to continue the processing (Article 21, GDPR);
Right to complain to the supervisory authority - File a complaint with:
Federal Data Protection and Information Commissioner
Feldeggweg 1
CH - 3003 Berne
Modalities for exercising rights
You may exercise your rights at any time by sending
- a registered letter with return receipt to: Happy Holiday Homes Sagl. Via Clemente Maraini 5 6900 Lugano - Switzerland;
- an email to : privacy@happy.rentals
Questions or concerns
If at any time you believe the Data Controller has not followed this Policy, please contact us at privacy@happy.rentals. We will do our best to identify and resolve any concerns.
Changes to this Policy
This Policy may be updated. We therefore recommend that you check this Policy regularly and refer to the most recent version. The latest version of the Privacy Policy is posted on this page, indicating the date it was last updated.
Happy Holiday Homes Sagl (hereinafter, the “Data Controller” or the “Controller”), in its capacity as Data Controller, informs you, pursuant to Article 13 of EU Regulation No. 2016/679 (hereinafter, the “GDPR”), that your personal data, in connection with your navigation on our website, will be processed in the manner and for the purposes described below:
Object of processing
The Data Controller processes the personal data, which you (hereinafter referred to as "the Data Subject") provide for the sole purpose of responding to your requests and may only be disclosed to third parties if this is necessary for that purpose.
Purpose of processing
Your personal data is processed without your express consent (Art. 6(1)(b) and (e) GDPR), for the following purposes:
- to manage customer relations and to coordinate accounting, orders, invoicing and any litigation;
- to perform operations connected with and instrumental to the acquisition of information prior to the conclusion of bookings;
- to fulfil obligations under applicable laws or regulations, including EU regulations;
- to process a contact request;
- to process a request for quotation;
- to fulfil obligations required by law, regulation, Community legislation or an order of the Authority;
- to prevent or detect fraudulent activities or abuses harmful to the Site;
- to exercise the rights of the Controller, such as the right to exercise a right in court.
In all the above cases, the legal basis for processing your personal data is the performance of a contract with you, the provision of a service you have specifically requested, and the compliance with a legal obligation or or the protection of our legitimate interest.
We do not intend to collect personal data from individuals under the age of 16. If you are under 16, you should not make an online booking or submit any enquiry. Please ask a parent or legal guardian to do so on your behalf.
Method of processing
The processing of your personal data is carried out through the operations listed in Art. 4 of the Privacy Code and Art. 4(2) GDPR, including: collection, recording, organisation, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, restriction, communication, erasure, and destruction. Your personal data may be processed in both paper-based and electronic and/or automated form.
Storage time of processed data
Data is processed and stored for the time necessary to achieve the purposes for which it was collected.
Personal Data collected for purposes related to the performance of a contract between the Data Controller and the User will be retained until the performance of such contract is completed.
Personal Data collected for purposes related to the legitimate interest of the Data Controller will be retained until such interest is satisfied. The User may obtain further information regarding the legitimate interest pursued by the Controller in the relevant sections of this document or by contacting the Controller.
At the end of the retention period the Personal Data will be deleted. Therefore, at the end of this period, the right of access, cancellation, rectification and the right to Data portability can no longer be exercised.
Processing of navigation data
The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
This information is not collected in order to be associated with identified interested parties, but due to its very nature, it could — through processing and association with data held by third parties — allow users to be identified.
This category of data includes the IP addresses or domain names of the computers used by users connecting to the site, the URI (Uniform Resource Identifier) notation addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the server’s response status (successful, error, etc.) and other parameters relating to the user's operating system and IT environment.
This data is used for the sole purpose of obtaining anonymous statistical information on the use of the site and to verifying its correct functioning. The data may also be used to determine liability in the event of potential cybercrimes committed against the site
The sites we link to, including (but not limited to) secondary sites and third-party service providers, may have a privacy policy different from the one set out here. We accept no responsibility for the privacy practices of linked sites and therefore encourage you to review them.
Security measures
The Data Controller has adopted a variety of security measures to protect your data against the risk of loss, misuse or alteration. In particular:
- Measures in accordance with Articles 32-34 of the Privacy Code and Article 32 of the GDPR;
- Use of data encryption technology and secure data transmission protocols.
Data access
Your data may be accessible for the purposes described in Articles 2.A) and 2.B) to:
- Collaborators of the Data Controller, in their capacity as data processors;
- Third-party companies or other entities that perform outsourcing activities on behalf of the Controller, in their capacity as data processors.
Communication of data
Without your express consent (ex art. 24 lett. a), b), d) Privacy Code and art. 6 lett. b) and c) GDPR), the Data Controller may communicate your data to Supervisory Bodies, Judicial Authorities as well as to all other subjects to whom communication is compulsory by law for the fulfilment of the aforementioned purposes. Your data will not be disseminated beyond these cases.
Data transfer
The management and storage of personal data will take place in Europe, on servers located in Italy, either belonging to the Data Controller or to third-party companies duly appointed as Data Processors.
Nature of Data Provision and Consequences of Refusal
Providing data for the purposes described in Article 2 is mandatory, as it is necessary to respond to information requests.
Rights of the data subject
In accordance with the provisions of Chapter III, Section I of the GDPR, you may exercise the rights set forth therein and in particular:
Right of access - To obtain confirmation as to whether or not personal data concerning you are being processed and, if so, to receive information relating, in particular, to: the purposes of the processing, the categories of personal data processed and the period of storage, the recipients to whom the data may be disclosed (Article 15, GDPR);
Right to rectification - Obtain, without undue delay, rectification of inaccurate personal data concerning you and supplementation of incomplete personal data (Article 16, GDPR);
Right to erasure - Obtain, without undue delay, the erasure of personal data concerning you, in the cases provided for in the GDPR (Article 17, GDPR);
Right to restriction -Obtain from the Controller the restriction of processing, in the cases provided for by the GDPR (Article 18, GDPR);
Right to portability -To receive, in a structured, commonly used and machine-readable format,the personal data concerning you provided to the Controller, as well as to obtain that it be transmitted to another controller without hindrance, in the cases provided for by the GDPR (Article 20, GDPR);
Right to object - Object to the processing of personal data concerning you, unless there are legitimate grounds for the Data Controllers to continue the processing (Article 21, GDPR);
Right to complain to the supervisory authority - File a complaint with:
Federal Data Protection and Information Commissioner
Feldeggweg 1
CH - 3003 Berne
Modalities for exercising rights
You may exercise your rights at any time by sending
- a registered letter with return receipt to: Happy Holiday Homes Sagl. Via Clemente Maraini 5 6900 Lugano - Switzerland;
- an email to : privacy@happy.rentals
Questions or concerns
If at any time you believe the Data Controller has not followed this Policy, please contact us at privacy@happy.rentals. We will do our best to identify and resolve any concerns.
Changes to this Policy
This Policy may be updated. We therefore recommend that you check this Policy regularly and refer to the most recent version. The latest version of the Privacy Policy is posted on this page, indicating the date it was last updated.
