Privacy policy

Information on the processing of personal data

of the users visiting the websites of Grand Hotel Plaza

Pursuant to Article 13 of EU Regulation 2016/679

This page contains a description of the policies for managing the website in regard to processing the personal data of the users who visit the site and their privacy. This information is provided pursuant to article 13 of GDPR 679/2016 – Laws concerning the Protection of Personal Data and the individuals who interact with the web services of Grand Hotel Plaza, which is accessible by telematics means through the following web address:

http://www.grandhotelplaza.com

which corresponds to the home page of the official website of Grand Hotel Plaza on Via del Corso, 126 - 00186 Roma.

This informative note is provided only for the aforementioned website and not for other websites eventually accessed by the user through links.

THE “CONTROLLER”

Following access to this website, data pertaining to persons that are identified or identifiable may be processed. The “Data Controller” of the personal data collected following a visit to our website or any other data used for providing our services is UN.E.A.L. Srl, Via della Fontanella di Borghese, 69 – 00186 Roma. The Data Processor responsible for data processing is Mr. RESPONSABILE, who can be contacted at privacy@grandhotelplaza.com.

PLACE WHERE DATA IS PROCESSED

Legal Information for the Hosting Company

  • Name of Hosting Company: Automatic Netware Limited, trading as Bookassist
  • Company Number: IE312796
  • Registered Address: 35 Fitzwilliam Place, Dublin 2, Ireland
  • Contact Phone No. / Email Address: +353 1 676 2913 / ireland@bookassist.com
  • Website: www.bookassist.org

The personal data obtained from the users who submit hotel reservation requests or through informative material (informative notes, newsletters, registration, etc) is used only to carry out the services or assistance requested and is not transmitted to third parties, except in the following possible cases:

  • Business partners of UN.E.A.L. Srl, Grand Hotel Plaza to whom Grand Hotel Plaza transmits the data exclusively in order to avoid on-line reservations;
  • Persons, companies or professional offices who lend assistance and consulting services to UN.E.A.L. Srl, Grand Hotel Plaza concerning accounting, administrative, legal, financial and tax matters;
  • Subjects who are authorized to have access to the data by law or through requests by the authorities;

The credit card data used for booking will be automatically unavailable at the end of the stay.

CATEGORIES OF PROCESSED DATA

Navigational data

The information systems and software procedures relied upon to operate this web site acquire personal data as part of their standard functioning; the transmission of such data is an inherent feature of Internet communication protocols.

Such information is not collected in order to relate it to identified data subjects, however it might allow user identification per se after being processed and matched with data held by third parties.

This data category includes IP addresses and/or the domain names of the computers used by any user connecting with this web site, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of such requests, the method used for submitting a given request to the server, returned file size, a numerical code relating to server response status (successfully performed, error, etc.), and other parameters related to the user's operating system and computer environment.

These data are only used to extract anonymous statistical information on website use as well as to check its functioning; they are erased immediately after being processed. The data might be used to establish liability in case computer crimes are committed against the website; except for this circumstance, any data on web contacts is currently retained for no longer than seven days.

Data voluntarily provided by the user

Sending e-mail messages to the addresses mentioned on this website, which is done on the basis of a freely chosen, explicit, and voluntary option, entails acquisition of the sender's address, which is necessary in order to reply to any request, as well as of such additional personal data as is contained in the message(s).

Data will be retained only for registration request to send the newsletters or special offers and will not be disclosed to anyone.

The personal information regarding the individual who visited the website is not collected or used. The visitors remain anonymous. The only exception to this rule concerns the information for personal identification needed to fulfill the contractual obligations of reservations on behalf of the user.

Reservations

In the event of reservations made through the website, the user must provide his name, address, telephone number and information regarding the payment manners and credit card used. UN.E.A.L. Srl will use said information only to process the reservations and to send specific information, which is relevant to the confirmation of said, such as a receipt, the reservation code and the conditions.

The information provided will not be used for marketing purposes and will not be sold, transmitted, given by contract or sent to third parties an any way, with the exception of our provider of on-line reservation services, Bookassist, (www.bookassist.org), to whom elaboration of the reservations is entrusted to, only for online reservations purposes.

In any event, the administrator of the website guarantees the use of scrupulous procedures in order to protect the navigational data and the use of particular precautions to protect the data pertaining to the credit card, which is provided during on-line reservations.

Personal Data Processing Collected from Curriculum Vitae

The UN.E.A.L. Srl accept Personal Curriculum Vitae of possible candidates via e-mail in PDF format. Providing spontaneous and voluntary of the Curriculum Vitae data will be considered as implicitly informed consent by the data subjects for personal data processing contained, only following the purposes related to the selection of potential candidates.

The data processed for the purpose of selection of candidates are personal useful to search for the particular profile. In general, the nature of the data is normal, except in some cases where you may indicate any sensitive data necessary to identify the specific requirements of the regulations, such as specifying a particular protected classes, the suitability for certain jobs and / or start-ups required, within the limits set by the General Authorisation of the Garante no. 1 and 2 of December 15, 2016 (Published in the Official Gazette no. 303 of December 29, 2016);

The provision of data relating to the selection of candidates is required. Any refusal to provide such data makes it impossible to perform an orderly selection and the possible recruitment. The data in question will not be disclosed to anyone.

General Rules for providing the CV

Any CV received spontaneously, replying to a job advertisement, will be stored directly by person in charge of the processing in accordance with the safety guidelines of personal data adopted in compliance with the security measures ex Title V Chapter I and II of the Code and Chapter IV Section 2 of GDPR 679/2016. These will be printed only on the occasion of a meeting and a conversation with the data subject. After the interview, if the candidate is not selected, the CV will be deleted and / or destroyed.

In all other cases, after a short period of time and after the talks and after the trial period CVs will be deleted from the PC and, if printed, they will be destroyed.

The Curriculum Vitae considered interesting will be subject to protection and in any case eliminated within 2 years of collection.

To send Curriculum Vitae use the following addresses: Human Resources Dpt, UN.E.A.L. Srl, Via del Corso, 126 - 00186 Roma

PERIOD FOR DATA RETENTION - CRITERIA USED

According to the provisions set forth in art. 5 par. 1 lett. e) of the Regulation (EU) 2016/679, collected personal data shall be kept in a form which permits identification of data subjects for a period not exceeding the purposes for which the personal data were collected and subsequently processed.

Data retention periods depend on the purposes of the processing:

  • purposes related to technical navigation data for the correct functioning of the website: retention only for the related session, after which the data are deleted;
  • purpose of reply to info request/services supply request (up to 12 months for contact requests ; 10 years for administrative / accounting / financial documentation relating to the provision of a service);
  • data collection for staff recruitment (up to 24 months);
  • newsletter, marketing or promotional communications in general (up to 24 months); until withdrawal of consent
  • purpose of administrative / accounting / financial management: 10 years as as required by law for the conservation of administrative / accounting / financial documentation.

Cookies Technologies

In this website we are applied cookies technologies for different purposes, including computer technology authentication or to monitor sessions, and to store specific technical information regarding the users that access the server of IRIDEOS and Bookassist, the website maintenance and hotel booking service provider.

Description of the cookie mechanisms adopted:

  • Cookie implanted in the user/contracting party's terminal directly (that will not be used for other purposes) such as session cookies used for on-line booking on the website, authentication or customisation cookies (for example, the choice of the browsing language); these cookies remain active only for the duration of the session.
  • Cookie used to statistically analyse accesses/site visits (the so-called "analytic" cookie) that are used for statistical purposes, and to collect aggregate information without the possibility of tracing back to the identification of the individual user personal computer. In these cases, since current legislation requires that, when using analytic cookie, the user is given clear and adequate instructions to easily oppose implementation of such (including any mechanisms to make the cookies anonymous), we give instructions on how to disable installed cookies below. The duration of analytic technical cookie is averagely of 30 minutes.

How to modify settings on the cookies

Most browsers allow to clear cookies from your computer hard drive, block acceptance of cookies or receive a warning before a cookie is stored.

Therefore, to remove cookies we encourage you to follow the instructions on the pages of the most used internet browsers:

Chrome: https://support.google.com/chrome/answer/95647?hl=it

Fire fox: https://support.mozilla.org/it/kb/Gestione%20dei%20cookie

Microsoft Edge: https://privacy.microsoft.com/it-IT/windows-10-microsoft-edge-and-privacy

Safari: http://support.apple.com/kb/HT1677?viewlocale=it_IT

“Third-party” cookies

Third-party cookies are code parts set by a website different than the website you are currently browsing.

This involves the transmission of cookies from third parties. In this website is carried out the google analytics technology for statistical monitoring of the website visits. This technology uses a tracking code that sets third party cookies and JavaScript files lingering on each visitor's computer. In addition to transmitting information to a Google server, these cookies store information such as whether the visitor has been to the site before (new or returning visitor), the timestamp of the current visit, and the referrer site or campaign that directed the visitor to the page.

The privacy policies available on the websites described above. Visitors in any case can turn off the advertising features of Google Analytics on this site by installing the Add-off for your browser downloadable from this LINK.

More google analytics privacy policies available on http://www.google.com/policies/technologies/ads/

List of used cookie

Name Type Purpose Expiry Provider

_gid HTTP Used to distinguish users. is used only to realise statistical analysis (through Google analytic service) 1 Day bookassist.com

_gid HTTP Used to distinguish users. is used only to realise statistical analysis (through Google analytic service) 1 Day grandhotelplaza.com

_gat HTTP This Google Analytics cookie is used by Google Analytics to monitor requests rate toward their servers. This cookie helps us to identify website areas to be improved and the _gat cookie does not allow us to identify user personally as no personal information or data is tracked. 1 Day grandhotelplaza.com

_gat HTTP This Google Analytics cookie is used by Google Analytics to monitor requests rate toward their servers. This cookie helps us to identify website areas to be improved and the _gat cookie does not allow us to identify user personally as no personal information or data is tracked. 1 Day bookassist.com

_ga HTTP This Google Analytics cookie is used to distinguish users when collecting information about page visits. This cookie helps us to identify website areas to be improved and the _ga cookie does not allow us to identify user personally as no personal information or data is tracked 2 Years grandhotelplaza.com

_ga HTTP This Google Analytics cookie is used to distinguish users when collecting information about page visits. This cookie helps us to identify website areas to be improved and the _ga cookie does not allow us to identify user personally as no personal information or data is tracked 2 Years bookassist.com

collect Pixel This Google Analytics cookie is used to send data to Google Analytics about the device and user behavior. It tracks the user on devices and marketing channels. Session Google Analytics

nQ_visitId HTTP Set a unique ID for the session. This allows the website to obtain data on visitor behavior for statistical purposes. 70 Years grandhotelplaza.com

_hjIncludedInSample HTTP Determines if the user's navigation should be registered in a certain statistical place holder. Session grandhotelplaza.com

ads/ga-audiences Pixel Unclassified Session Google.com

nQ_cookieId HTTP Unclassified 70 Years grandhotelplaza.com

_gtld HTTP Unclassified Session grandhotelplaza.com

_otpe HTTP Unclassified 1 Day grandhotelplaza.com

_ots HTTP Unclassified 1 Day grandhotelplaza.com

_otui HTTP Unclassified 5 Years grandhotelplaza.com

bassist-session HTTP Unclassified Session bookassist.com

bassist-session-uuid HTTP Unclassified 68 Years bookassist.com

e.gif Pixel Unclassified Session collect.albacross.com

engineChoosen HTTP Unclassified 29 Days grandhotelplaza.com

https://log01.leadboxer.com/ Pixel Unclassified Session log01.leadboxer.com

ln_already_redir HTTP Unclassified 1 Day grandhotelplaza.com

SSL_JSESSIONID HTTP Unclassified Session bookassist.com

Embedded content (Third party cookies)

Grand Hotel Plaza sometimes uses social content like Twitter, Facebook, Google+ and possibly embeddable content from other platforms. Grand Hotel Plaza cannot control these third-party cookies and for this is it possible to contact any third party to have more control over these cookies. A few links to the privacy policy of third-party cookies:

o Facebook

o Twitter

o Google+

Nevertheless, if you block or erase cookies, it may not be possible to reset previously specified preferences or customised settings, and our capacity to customize the user experience will be limited.

OPTIONAL DATA PROVISION

Subject to the specifications made with regard to navigation data, users are free to provide the personal data listed in the request forms of Grand Hotel Plaza or referred to in contacting the hotel in order to provide CV, to make on-line reservations or to request delivery of information materials and other communications. Failure to provide such data may entail the failure to be provided with the items requested.

PROCESSING ARRANGEMENTS

Personal data is processed with automated means for no longer than is necessary to achieve the purposes for which it has been collected. Specific security measures are implemented to prevent the data from being lost, used unlawfully and/or inappropriately, and accessed without authorisation.

DATA SUBJECTS' RIGHTS

The data Controller is UN.E.A.L. Srl, Grand Hotel Plaza. You may contact them at any time to exercise your rights as provided for in Chapter III GDPR 679/2016, in particular, the right to obtain confirmation as to whether or not personal data concerning you exist and the logic applied to the processing, the right to ask for their integration, the right to object to their processing on legitimate ground, and the right to request rectification, updating, erasure (right to be forgotten) or blocking of data that have been processed unlawfully, the right to obtain a copy of the personal data being processed as well as the right to data portability, also by sending a written request to the following e-mail address: privacy@grandhotelplaza.com. At the same address it is possible to contact the Data Protection Officer.

RIGHT TO LODGE A COMPLAINT

If a data subject considers that the processing of personal data relating to him or her as performed via this website infringes the Regulation, he or she has the right to lodge a complaint with the Garante pursuant to Article 77 of the Regulation, or else to bring a judicial proceeding against the Garante pursuant to Article 79 of the Regulation.


Official website
Book direct

 
Breathtaking Position
In the true heart of Rome

 
Restaurants & Bar
The wonders of our Chefs

 
Family Rooms
Children are welcome!