Privacy Policy on User’s personal data processing

Data Controller and the data processed

Pursuant to Article 13 of Legislative Decree No. 196 of 30 June 2003 and Article 13 of Regulation (EU) 2016/679, we hereby inform you that the establishment (house, company, hotel, B&B, etc.) in which you are currently staying and/or shall be staying in the future has installed a door access system that employs the use of Smart Locks, which are intelligent locks that, through a software platform, allows a client to open door doors using Keys created through this application. The above-mentioned establishment shall process personal data consisting, in particular, of the Key provided, as well each door entry, these latter cases with reference to the door for which the Key was provided, as well as the date and time on which the doors were accessed. The establishment is the controller of the data obtained and used, and therefore, the controller changes from time to time depending on which establishment you are staying in at the time the Key is provided for access to the door. In consideration of the foregoing, the identity and the contact details of the data controller shall be provided to you when you receive the Key.

Processing procedures and logic

The above-mentioned personal data shall be processed, following the installation and use of this application, in automated form, exclusively for the purposes strictly connected to the performance of the contract and, therefore, for the creation of a Key for access to the door and the subsequent management. The processing of such data shall be based on principles of lawfulness, purpose, transparency, fairness, quality, relevance and non- excessiveness, in compliance with your fundamental rights and liberties as well your dignity, with particular reference to the protection of confidentiality and personal identity, as well as the right to data protection.

Legal basis and nature of grant

The data shall be processed, without requiring your consent, to perform the contract you have concluded, and therefore, for the creation and management of Keys for the doors of the establishment. Providing the requested data through the installation and use of this application, such as those obtained when the Keys are created and used, is not in any way mandatory, however, if you refuse to provide the data, you prevent the establishment from entering into a contract for your stay, as you would not be able to access the doors through a more traditional method (e.g., tangible keys). In any case, please note that you may stop the collecting of data by refusing to install the application, or, in any case, by subsequently uninstalling the application through the specific features on your smartphone. However, in such case, the data controller shall not be held liable if you are not able to access your door.

Disclosure and dissemination of data

Your data shall neither be disclosed nor disseminated, however, they shall be made available to the data processor, appointed as ISEO Serrature S.p.A, with registered office in Pisogne (BS), at Via S. Girolamo no. 13, E-mail: iseo@iseo.com, certified email: iseoserrature@raccomandata-ar.com. Your data shall also be made available to employees and contractors of the data controller and the data processors specifically appointed as persons in charge of processing. Such persons are instructed and trained on compliance and obligations pursuant to laws on personal data protection.

Data Subject’s rights

You benefit from the rights provided under Article 7 of Legislative Decree No. 196/03 and Chapter III of Regulation (EU) 2016/679 and, more specifically, the right to obtain confirmation as to whether or not personal data concerning you exist, regardless of their being already recorded, and communication of such data in intelligible form. You also have the right to be informed of the source of the personal data, of the purposes and methods of the processing, of the logic applied, of the identification data concerning data controller, data processors and the designated representative, of the entities or categories of entity to whom or which the personal data may be communicated and who or which may get to know said data in their capacity as designated representative(s) in the State’s territory, data processor(s) or person(s) in charge of the processing. You may also obtain updating, rectification or integration of the data, and erasure, anonymisation or blocking of data that have been processed unlawfully, as well as obtain certification to the effect that the above operations have been notified to the entities to whom or which the data were communicated or disseminated. You may also request for the portability of the processed data to another controller as well as object to the processing of data for promotional purposes or, in any case, legitimate reasons, by providing a simple request to the controller and/or processor using the contact details above.

Complaint to the Italian Data Protection Authority

We hereby inform you that the law in force allows you to report or complain to the Italian Data Protection Authority if you believe there has been breach of the rules governing data processing. For more information on filing a report or complaint please refer to the information on the website www.garanteprivacy.it.