Who is responsible for processing your personal data?
N.A.J.S srl is responsible for processing your personal data. Naturally, we will protect your privacy and your personal data in accordance with applicable legislation and industry regulations.
How can you contact us?
If you have any questions about how we process your personal data or if you want to exercise any of your rights as described below, you are welcome to contact us. Our contact details are:
strada Bricco, 46, 14049 Nizza Monferrato AT, Italien
How and why do we process your personal data?
We gather and process your personal data when you make or carry out a booking, enquiry, registration or purchase with us.
Would you like to find out in more detail how we process your personal data? Below, you can find out more about:
When you book a stay and visit us at Villa Bricco 46
In order for you to be able to book a stay at the Villa, you are required to provide us with certain personal data. When making a booking, the registration form states which data is mandatory. If you do not provide this data, you will not be able to make the booking.
When you book a stay and visit us as a guest, we process your personal data primarily for the following purposes:
- In order to administer your booking and your payment
- In order to communicate with you before and during your stay
- In order to send Villa Bricco 46 newsletters and targeted marketing
Would you like to find out more about how we process your personal data? Read the detailed description about why we process your personal data, which categories of personal data we process, the legal basis for processing this data and how long we save your personal data.
Who has access to your personal data?
As a starting point, your personal data is only processed by us. However, we cooperate with other companies and organisations that can view your personal data if necessary in order to fulfil our undertakings with you as a visitor.
Below, we describe the other parties with whom we share your personal data. You can contact us if you would like more information about which parties have access to your personal data.
- We share your personal data with IT suppliers who only process personal data on our behalf in order to provide us with technical support.
- Your personal data will be shared with suppliers who only process personal data on our behalf in order for us to be able to use systems to administer your booking, e.g. with the suppliers who provide our booking.
- If you use a discount code when booking that you have received from a third party, we will share your name and your e-mail address with the party that provided the discount code.
What are your rights to influence how we process your personal data?
When we process your personal data, you have certain rights e.g. to access the data we process or to have data deleted. These rights are described in detail below. If you wish to exercise your rights, please do not hesitate to contact us.
Revoking your consent
If processing is based on your consent, for example if you have consented to receive marketing from us for a longer period than stated in the tables above, you have the right to revoke this consent in full or in part at any time. However, revoking your consent will have no effect on our processing of your personal data for the period before revocation occurred.
Right to access
You have the right to receive confirmation of whether personal data that relates to you is processed by us and access to information about how this personal information is processed, e.g. the purpose of processing and which categories of personal data this processing relates to. You also have the right to receive a copy of the personal data that is processed. A request can be made by contacting us.
Right to correction
You also have the right to have incorrect personal data corrected and supplemented without unnecessary delay.
Right to deletion (the right to be forgotten)
Under certain circumstances, you have the right to request that your personal data is deleted. Such circumstances exist if:
- The personal data is no longer necessary for the purposes for which it was gathered or processed,
- If you revoke your consent on which the processing is based and there are no other legal grounds for processing,
- If you object to processing and there is no legitimate reason to continue processing that carries greater weight,
- When personal data has been processed illegally, or
- If personal data must be deleted to fulfil a legal obligation by which N.A.J.S srl is covered.
Right to restriction of processing
Under certain circumstances, you have the right to request that the processing of your personal data is restricted. This right exists if:
- You refute the accuracy of the data (although only during a period that gives us the opportunity to check this),
- Processing is illegal and you oppose the deletion of the personal data, requesting instead that the use of the data should be restricted,
- You need the personal data to assert or defend legal claims despite the fact that we no longer need the personal data for our processing purposes, or
- You have objected to processing and we have not carried out a check of whether our legitimate interest in processing your personal data outweighs your legitimate reason for processing your personal data being restricted.
Right to object to processing
You have the right to object at any time to the processing of your personal data that is based on a balancing of interests. However, this does not apply if we can demonstrate a binding legitimate reason for processing that outweighs this, or if it is processed for establishing, exercising or defending legal claims.
You also have the right to object to your personal data being processed for marketing purposes (e.g. sending out invitations and offers). If you object to marketing, your personal data will no longer be processed for such purposes.
Right to register complaints
You have the right to submit complaints to a competent supervisory authority (without this affecting any other administrative review procedure or legal remedy). Such complaints can ideally be submitted to the authority in the EU/EEA member state where you normally reside, where you work or where it is claimed that applicable data protection legislation and regulations have been breached. The competent supervisory authority in Sweden is the Swedish Data Inspection Board.