Last updated: August 8, 2022.
Your privacy is of the utmost importance to Monteverdi Residence Club LLC and MONTEVERDI S.R.L. In order to protect it to the best of our ability, we hereby provide the following policy regarding our use of the personal data you provide. Below, you will find details on the type of information collected during browsing on this website, and your options for intervening in the collection and use of this information are listed.
This policy is disclosed pursuant to articles 13 and 14 of Regulation (EU) 679/2016, known for short as the GDPR, and subsequent updates. This policy is also based on Recommendation No. 2/2001, which the European personal data protection authorities — in the working party established pursuant to Article 29 of Directive No. 95/46/EC — adopted on 17 May 2001 with the aim of identifying some minimum requirements for the online collection of personal data, in particular the methods, times, and nature of the information that data controllers must provide to users who connect to websites, regardless of the purposes of such connections.
This policy refers to the website www.monteverdituscany.com, owned by Monteverdi Residence Club LLC, and does not concern any other websites visited by the user via links.
As part of their normal operation, the IT systems and software procedures which ensure the functioning of this website acquire certain personal data, whose transmission is implicit in the use of Internet communication protocols.
This information is not collected in order to be associated with identified data subjects. However, by its very nature, it could permit users to be identified through processing and association with data in the possession of third parties.
This category of data includes the IP addresses or domain names of computers used by users who connect to the website, addresses of the resources requested in URI (Uniform Resource Identifier) notation, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numeric code indicating the response given by the server (successful, error, etc.) and other parameters relating to the user's operating system and computer environment.
These data are used for the exclusive purpose of deriving anonymous statistical information about the use of the website and to check that it is operating correctly.
The data could be used to determine responsibility in the event that the website were damaged by a hypothetical computer crime, solely at the request of the relevant supervisory bodies.
Specific, brief notices shall be shown or displayed on a case-by-case basis on the pages of the website which are set up for special on-request services, such as subscription to the newsletter or the submission of job applications, for example.
- When you visit or stay at our facility as a guest, or through other offline interactions with us if you are seeking information on a visit or stay at our facility.
Information voluntarily provided by the user
When you interact with us through the Services, we may collect personal information from you as described below.
a. Information collected
We collect the personal information which you knowingly choose to send in order to take advantage of certain functions of the online Services, or to participate in certain activities, such as the information which you knowingly provide when you contact us by using the "Contact Us" page of the Website. For example, if you are seeking information about a reservation on the Website, you may provide us with such information as your name, address, telephone number and email address. We collect the information which you knowingly provide if you respond to a survey, a competition, or a promotional offer. If you make a reservation by telephone, or communicate with us via email, fax or online chat services, we shall collect the personal information which you knowingly provide.
b. If you stay at our facility
If you are a guest at our facility, we shall collect information when you purchase goods and services there, for example if you eat in a restaurant or take advantage of childcare or Spa services. We may collect images and video and audio data through security cameras located in public areas, such as the halls. If you take part in an event, we may collect information regarding your participation in the event.
The Data Controller for the personal data is Monteverdi Residence Club LLC and the affiliated company Monteverdi s.r.l. Any other companies which may view the data have been nominated as Data Processors, as described in the Privacy document. The video-surveillance system has been installed for reasons of workplace safety and the protection of company assets. The images are stored for a maximum period of 24 hours, unless requested by the Judicial Authority. Data Subjects can request their data or the cancellation of the same at any time by writing to our Data Protection Officer (DPO) at the email address firstname.lastname@example.org
c. Information and choices collected passively
Moreover, while you are browsing the Website or using the social media pages, some personal information may be collected passively, i.e. it is collected without your having actively provided it. The types of information which are collected passively, as well as the techniques used to collect them and how we may use these types of information, are set out below.
- IP addresses: an IP address is a unique identifier which some electronic devices use for identification and communication on the Internet. When you visit our Website, we can see the IP address of the device you are using to connect to the Internet. We use this information to determine the general physical location of the device and to learn which geographic regions visitors to our website are coming from. We may also use this information to improve our website.
- Through your browser: some information is collected by most browsers, such as your Media Access Control (MAC) address, the type of computer and type of operating system, the screen resolution of that version, and the type and version of your Internet browser. Just like IP addresses, we can use this information to improve our website and the user experience.
- Use of monitoring tools: the Website may use pixel tags, web beacons, clear GIFs, Flash shared objects, HTML5 local storage, HTML5 mini databases and other similar technologies, both in certain aspects of the Website and in emails in HTML format sent to you. These monitoring tools are used, among other purposes, to generate statistics on the use of the Website and track the activities of Website users and of email recipients.
- Interaction with social media pages: if you interact with our social media pages, we may collect your social media ID, your profile photo and other publicly available data.
Processing methods and duration
Pursuant to article 12 et seq. of the GDPR, we wish to inform you that the personal data provided by you shall be recorded, processed and stored in our electronic archives, as well as by the third parties with whom we collaborate, using tools and procedures which are suitable to guarantee the security and confidentiality of the data.
Purposes of processing the personal information collected through this website
Monteverdi Residence Club LLC and the affiliated company Monteverdi s.r.l., as the controllers of the personal data related to this website, respect the principles of lawfulness, fairness and transparency, as well as the protection of confidentiality.
In general, we use the information that you provide to us for the purpose for which it was provided. For example, if you subscribe to receive email notifications regarding our resort, we will contact you via email. If you provide us with information to seek details about a reservation, we will use that information in order to process your reservation. Moreover, we may use the personal information from or concerning you:
- To facilitate reservations and payments; to send administrative information, confirmations or messages prior to your arrival; to assist you with events and to provide you with information regarding the property;
- To complete the reservation and the stay, including taking payment, facilitating your preferences, providing you with the services and conveniences requested, and supporting you with customer service;
- To manage our contractual relationship with you, including by sending you a receipt via email when you make a reservation and after your stay;
- To send you offers tailored to your preferences, send you marketing communications and periodic customer satisfaction, market research or quality assurance surveys, and to personalise your experience on the Website by sending commercial communications and/or advertising material regarding products or services offered by the Controller via email, mail and/or SMS and/or telephone calls and newsletters. Exclusively in the case that you grant your specific consent by electronic means — either by filling out the Newsletter form on this website, or by agreeing to receive occasional marketing communications when booking your stay at our facility. If you are already a client of ours, we may send you marketing communications regarding products and services offered by the Controller similar to those you have already purchased, unless you expressly inform the Controller of your objection to this type of processing.
- To send you important information on our relationship with you or on the Services, any changes to our terms, conditions and policies, and other administrative information; and
- For our corporate purposes, such as data analysis, audits, record-keeping, the development of new products or services, strengthening and improving our Services, identifying trends in the use of our Website, and exercising and defending our legal rights, as well as other purposes required by applicable legislation.
We may use any information which does not personally identify you, your computer or your device for any purpose.
Communication and disclosure of data
The Data Controller shall not widely disseminate your data, i.e. it shall not allow unknown parties to have knowledge of them by consultation or otherwise making them available.
In the event that it may become necessary to communicate your personal data to third parties (to offer you an additional service, or to fulfil tax obligations or comply with a legal obligation), the company shall ensure that the third parties in question also act in accordance with the GDPR Regulation in handling the processing of your data.
You can receive the up-to-date list of external Data Processors by contacting us through the channels listed at the bottom of this policy.
- Personal information may be shared by Monteverdi Residence Club LLC with its affiliate company which manages the resort in Italy, Monteverdi s.r.l., for the purposes described in this policy;
- With the companies or people that we employ to provide us with services, such as the processing of reservations for us and website hosting services;
- With a third party in the event of the reorganisation, merger, sale, joint venture, divestiture, transfer, or any other disposal of our business, our assets or our shares, in whole or in part (including in relation to a state of bankruptcy or similar proceedings).
Moreover, we use and disclose the Personal Information collected through the Website as we deem it necessary or appropriate: (i) based on applicable law, including laws outside of your country of residence; (ii) to comply with legal proceedings; (iii) to respond to requests from public and government authorities, including public and government authorities outside of your country of residence; (iv) to enforce our terms and conditions; (v) to protect our operations or those of any of our affiliate companies; (vi) to protect our rights, privacy, security or property and/or those of our affiliates, of users or of other parties; and (vii) to allow us to pursue the available remedies or limit the damages that we may incur.
Obligatory or optional provision of consent
It is only obligatory to provide those data which are necessary for the proper functioning of this website. In relation to the other purposes, the user has the power to deny consent. However, we must inform you that failure to grant consent may impair your browsing experience, making it impossible for us to provide certain services.
If you encounter any problems of a technical nature related to the provision of consent, we invite you to contact us through the special channels set out on this website in order to allow us to assist you.
- Track how you use the Website, how you arrived at the Website, and what you do after leaving the Website; and
- Show you advertisements pertinent to your interests, taking into account your use of the Website and of the other websites and online services that you use. Remember that these advertisements may be displayed to the user on the Website and on third-party applications and websites. This is called "interest-based advertising" or "online behavioral advertising". To learn more about interest-based advertising, you can visit:
If you wish to opt out of interest-based advertising, you can use some or all of the following methods:
- Visit http://www.aboutads.info/choices (for advertising on the web) and http://www.aboutads.info/appchoices (for mobile advertising); and
- For advertising on mobile devices, disable using the settings in your telephone’s operating system (for instructions on how to "Limit Ad Tracking" on iOS, visit this Apple support document; for instructions on how to disable interest-based ads on Android, please check these instructions).
The simplest way to interrupt the collection of your personal data is to stop using the website.
Connecting to third-party websites
Where the information is processed
Monteverdi Residence Club LLC has its offices in the United States, and our affiliate, Monteverdi s.r.l., has its offices in Italy. Regardless of where you are located, you consent to the processing and transfer of your personal data in the United States and in Italy. The laws which govern the protection of data in the United States may not be as complete or offer as much protection as the laws in the country where you live. The data are processed mainly at the offices of the Data Controller, and occasionally at the premises of the third parties with which it collaborates.
Monteverdi Residence Club LLC shall ensure that, in the cases where the need to provide certain services means that processing must be shared with third parties, the processing is carried out in accordance with European Regulation 679/2016 (GDPR). You can receive the up-to-date list of our external collaborators by contacting us through the channels listed at the bottom of this policy.
Monteverdi shall adopt reasonable measures to protect the information collected and provided through the Services from loss, improper use, and unauthorised access, disclosure, alteration or destruction. However, you should bear in mind that no transmission over the Internet is ever completely secure. Moreover, Monteverdi makes all reasonable efforts to ensure that the Services are generally available. Nonetheless, there may be times when access to the Services is interrupted or unavailable. Monteverdi shall make every reasonable effort to reduce such interruptions to a minimum, where this is within its reasonable control. You hereby accept that Monteverdi shall have no responsibility towards you for any change, suspension or interruption to the Services.
Legal basis for the processing of personal information and the rights of data subjects
The laws of certain countries require us to give you information on the legal reasons on the basis of which we collect, use, disclose and otherwise process your personal information. To the extent that these laws apply, our legal bases for the processing of personal information are:
- To enter into and carry out a contract with you: we may process personal information in order to comply with our contractual obligations towards you, or to take steps in anticipation of entering into a contract. For example, we process your personal information in order to handle any reservations made using the Services.
- To fulfill a legal obligation: we need to use and disclose the personal information in certain ways in order to fulfill our legal obligations.
- For our legitimate interests, provided that your fundamental rights and freedoms do not override these interests: in many cases, we manage the personal information in order to advance our legitimate business. This includes:
- Providing a safe user experience on our online Services;
- Providing the requested Services;
- Customer service;
- Personalising the Services based on your preferences;
- Sending you communications with the information that you have told us is important to you;
- Protecting the users, our workers, and our property;
- Analyzing and improving our operations (e.g. optimizing the design and functioning of our online Services); and
- Managing legal issues.
- With your consent: where permitted by law, we process personal information on the basis of your implicit or express consent.
You, as the user browsing on this website, have the power to exercise the rights granted to you by articles 15 et seq. of the GDPR at any time. These rights may be exercised subject to the ascertainment of the identity of the Data Subject by displaying a copy of an identity document, which will not be retained by the Data Controller but merely checked in order to verify the legitimacy of the request.
- The Data Subject has the right to access his/her personal data (art. 15);
- The Data Subject has the right to the erasure of the data, even partially (art.17);
- The Data Subject has the right to the restriction of processing, to the rectification of data, and to object to processing (art.18);
- The Data Subject has the right to data portability, i.e. the right to transmit his/her data to another controller without hindrance (art. 20);
- The Data Subject has the right to have the erasure, restriction or rectification of his/her personal data communicated to all recipients to whom they have been disclosed, unless this proves impossible or involves disproportionate effort (art.19);
- The Data Subject has the right to lodge a complaint with the competent “Data Protection Authority”.
To exercise the rights listed above, you can contact our Data Protection Officer (DPO) at email@example.com , you will receive a response within 30 days of receiving a formal request.
Special statement on minors
No person below the age of 18 years may send information to this Website without the prior consent of his/her parents or guardians; nor may they make any purchases or enter into legal deeds on this website without the aforementioned consent, unless this is permitted by the legislation in force.
Data Controller and Privacy Contact Person
Any updates shall always be published on this page.
Address: 201 East Fifth Street, 1730 PNC Center, Cincinnati, OH 45202
Address: Via di Mezzo, Castiglioncello del Trinoro, 53047 Sarteano (SI)
Telephone: +39 0578268146
Email address: firstname.lastname@example.org