Privacy Policy

INFORMATION ON THE PROCESSING OF PERSONAL DATA OF USERS WHO VISIT THE WEBSITE OF SPAO Borgo San Pietro Aquaeortus, PURSUANT TO ARTICLE 13 OF LEGISLATIVE DECREE 196/2003 AND REGULATION (EU) 2016/679.

This notice describes how the website of SPAO Borgo San Pietro Aquaeortus is managed with regard to the processing of personal data of users who visit it and the protection of their privacy. This privacy notice is provided pursuant to Article 13 of Legislative Decree No. 196/2003 and Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR) to all users who interact with the web services of SPAO Borgo San Pietro Aquaeortus, accessible electronically at www.spao.it
, which corresponds to the homepage of the SPAO Borgo San Pietro Aquaeortus website, located at Strada Provinciale No. 50 km 10+300, 05011 Allerona (TR), Italy. This notice applies solely to this website and does not apply to other websites that may be accessed via external links.

Following the consultation of this website, personal data relating to identified or identifiable individuals may be processed. The data controller of any personal data processed through this website and for the provision of related services is SPAO Gestioni Srl, with registered office at Via Adda 111, 00198 Rome, Italy, in relation to the activities of SPAO Borgo San Pietro Aquaeortus, located at Strada Provinciale No. 50 km 10+300, 05011 Allerona (TR), Italy.

Processing related to the web services of this website, which is physically hosted by D-EDGE (www.d-edge.com
) on servers located in Ireland, takes place at the aforementioned location and is carried out exclusively by authorized technical personnel or by persons in charge of occasional maintenance operations.

Personal data provided by users who submit booking requests or requests for information are used solely for the purpose of providing the requested service and are not disclosed to third parties, except in the following cases: commercial partners of SPAO Borgo San Pietro Aquaeortus to whom data are communicated exclusively for the purpose of managing online bookings, including Italy Holiday Srl, Strada Pievaiola 207b-2bis, 06132 Perugia (PG), Italy; persons, companies or professional firms providing accounting, administrative, legal, tax or financial assistance and consultancy services; and public or private entities where disclosure is required by law or by orders of competent authorities.

During normal operation, the information systems and software procedures used to operate this website automatically collect certain personal data, the transmission of which is inherent in the use of Internet communication protocols. This information includes IP addresses, domain names of the devices used by users, URI addresses of requested resources, the date and time of the request, the method used to submit the request to the server, the size of the file returned, the numerical status code of the server’s response, and other parameters related to the user’s operating system and IT environment. These data are used solely to obtain anonymous statistical information on website usage and to ensure the proper functioning of the site, and are deleted immediately after processing. Such data may be used to establish liability in the event of computer-related offences against the website; however, unless such circumstances arise, web log data are retained for no longer than seven days.

The optional, explicit and voluntary sending of emails to the addresses indicated on this website results in the acquisition of the sender’s email address and any other personal data included in the message, which are necessary in order to respond to user requests. Such data are stored only for the purpose of fulfilling the request, including subscription to newsletters or special offers, and are not disclosed to third parties.

As a general rule, no personal data relating to website visitors are collected or processed, and visitors remain anonymous. The only exception concerns personal identification data that are strictly necessary to fulfil contractual obligations related to bookings made by the user.

When making a booking through the website, users are required to provide their full name, billing address, email address, and payment and credit card details. Such information is processed exclusively for the purpose of completing the booking and sending relevant confirmation details, including the receipt, booking reference and applicable terms and conditions. The data provided are not used for marketing purposes and are not sold, transferred, licensed or otherwise disclosed to third parties, except to the booking service provider ItalyHoliday, strictly for booking management purposes. In all cases, appropriate technical and organizational security measures are adopted to protect browsing data and, in particular, credit card information provided during online bookings.

SPAO Borgo San Pietro Aquaeortus accepts personal curricula vitae submitted voluntarily by candidates via email in electronic format. The voluntary submission of a curriculum vitae constitutes implicit consent by the data subject to the processing of the personal data contained therein, exclusively for purposes related to the evaluation and selection of potential candidates. The personal data processed for recruitment purposes are limited to information relevant to assessing the candidate’s professional profile. As a general rule, such data are ordinary personal data; however, in certain cases, special categories of personal data may be included where required by applicable laws, such as information relating to protected categories or fitness for specific roles, in compliance with the limits established by the applicable authorizations of the Italian Data Protection Authority. The provision of data for recruitment purposes is mandatory; failure to provide such data makes it impossible to properly carry out the selection process and any potential hiring. Such data are not disclosed to third parties.

Curricula vitae received spontaneously, in response to job advertisements or upon request, are stored by authorized personnel in compliance with applicable data protection and security measures. CVs are printed only in the event of an interview. Following the interview, if the candidate is not selected, the CV is deleted and/or destroyed. In all other cases, after a short period of time and following the completion of interviews and the probationary period of 60 days, CVs are deleted from electronic systems and destroyed if printed. Curricula vitae must be sent exclusively to the following email address: [email protected]
, attention: Human Resources Manager.

In accordance with Article 5(1)(e) of Regulation (EU) 2016/679, personal data are retained in a form that allows identification of data subjects for no longer than is necessary to achieve the purposes for which the data are processed. Retention periods vary depending on the purpose of processing. In particular, technical navigation data are retained only for the duration of the browsing session; data relating to information requests or service provision are retained for a maximum of 12 months, while administrative, accounting and financial documentation related to services provided is retained for 10 years as required by law; personal data collected for recruitment purposes are retained for a maximum of 24 months; data processed for newsletters, marketing or promotional communications are retained until consent is withdrawn; and data processed for administrative and accounting purposes are retained for 10 years in accordance with statutory obligations.

The website does not use cookies to collect personal data. No cookies are used to transmit personal information, nor are persistent cookies or user-tracking systems employed. Only session cookies are used, which are strictly necessary to enable safe and efficient navigation of the website and do not allow the identification of users.

Except for navigation data, users are free to provide personal data through request forms or communications with the company for the purpose of making online bookings or requesting information. Failure to provide such data may result in the inability to provide the requested services.

Personal data are processed using automated and, where necessary, manual tools, for the time strictly necessary to achieve the purposes for which they were collected. Appropriate security measures are implemented to prevent data loss, unlawful or unauthorized processing, and unauthorized access.

Pursuant to Legislative Decree 196/2003 and Chapter III of Regulation (EU) 2016/679, data subjects have the right to obtain confirmation as to whether or not personal data concerning them are being processed, to access such data, to request rectification, updating or erasure of their data, to object to processing on legitimate grounds, to obtain a copy of the personal data being processed, and to exercise the right to data portability, by submitting a specific request. Requests should be addressed to SPAO Gestioni Srl, Via Adda 111, 00198 Rome, Italy.

Data subjects who believe that the processing of their personal data through this website infringes the provisions of the Regulation have the right to lodge a complaint with the competent supervisory authority, in accordance with Article 77 of Regulation (EU) 2016/679, or to bring judicial proceedings pursuant to Article 79 of the Regulation.