Privacy Policy

The following notice explains the methods and purposes of the processing of personal data carried out by the Data Controller. It also provides contact details to request access to, correction of, or deletion of personal data at any time.

This Privacy Policy applies whenever a User browses the pages of the website https://www.romasorrentoshuttle.com/ and to all activities carried out online through it.

The processing of the Site users’ Personal Data will be carried out in Italy and in compliance with:

  • EU General Data Protection Regulation 2016/679 (GDPR)
  • Legislative Decree no. 196 of June 30, 2003, containing the Code regarding the Protection of Personal Data
  • Recommendation no. 2/2001 adopted by European data protection authorities to identify minimum requirements for the online collection of personal data.

The Italian supervisory authority is the “Garante per la protezione dei dati personali”, located at Piazza di Monte Citorio no. 121, 00186 – Rome (https://www.garanteprivacy.it/).

Data Controller and Data Processor

As a result of consulting this Site, data relating to identified or identifiable persons may be processed. The Data Controller of such data is:

ENJOY TRAVELLING S.A.S. DI ESPOSITO AUGUSTO & C.

Phone: +39 081 807 24 99 Mob: +39 339 25 54 335

Policy

Every person has the right to the protection of their personal data and, in respect of this right, this Privacy Policy provides all useful information to understand how information identifying Site users is collected and used.The Controller undertakes to respect the principle of strict necessity in processing data that can identify the User, even indirectly. The Controller does not collect or process in any way “sensitive data” as defined by Reg. EU 679/2016. Users’ Personal Data will be processed by the Controller adopting appropriate security measures aimed at preventing unauthorized access, disclosure, alteration, or destruction of Personal Data.

The Site has been configured so that the use of personal data is reduced to the minimum necessary and uses anonymous data whenever it is possible to pursue the same purposes.

Purposes

The Data Controller and the owners of the third-party services used by it, unless otherwise specified, collect the User’s Data for purposes strictly related to the provision of their Services.The purposes are: to contact and respond to requests sent by the User, collect statistical data on Site usage, fulfill contracts entered into with the User regarding the purchase or booking of products and services, display content related to the business to and through other platforms.

Additionally, purposes aimed at providing a better User experience include: commenting on content, interaction with social networks and integration with external platforms.

With the User’s explicit consent, the following purposes are carried out: sending commercial information via email, customer satisfaction surveys, market research, promotional activities in general, profiling and analysis of browsing experience for marketing and promotional purposes.

Data Collected by this Site

The types of Personal Data collected and used for each purpose are indicated in the specific sections of this document.Personal Data collected by this Site may be freely provided by the User or, in the case of Navigation Data, automatically collected during browsing of this Site’s pages.

Other Personal Data that may be collected are indicated in other sections of this privacy policy or by means of information texts shown at the time of collection.

Navigation Data

While browsing this website some personal data are acquired whose transmission is implicit in the use of Internet communication protocols and for which the User cannot express consent.Some examples of device information we collect:

  • Attributes such as operating system, hardware version, device settings.
  • Connection information such as your mobile operator or ISP name, browser type, language and time zone, IP address.

These data are used solely to obtain anonymous statistical information about Site usage and to check its correct functioning.Such data may be used to ascertain liability in the event of hypothetical computer crimes against the Site.

Personal Data Voluntarily Provided by the User

The optional, explicit and voluntary sending of e-mails to the addresses indicated on this Site or through pages/areas set up for this purpose involves the subsequent acquisition of the sender’s address/contact details, necessary to reply to requests, as well as any other personal or non-personal data included in the message.The User is responsible for the Personal Data of third parties published or shared via this Website and guarantees that they have the right to communicate or disclose them, releasing the Controller from any liability towards third parties.

Examples of such data are: Navigation Data, First Name, Last Name, Email, Phone Number, Address, Postal Code, Province, Country, State, Requests and additional data.

Data Collected from Third-Party Services

This Site does not use third-party services for the purposes indicated in the relevant sections of this Site. The information acquired is in any case subject to the privacy settings of the User of those services.It is possible that, even if Users do not use the service, it collects traffic data relating to the pages in which it is installed.

Google Analytics (Google LLC)

Google Analytics is a web analytics service provided by Google LLC (“Google”). Google uses the Personal Data collected to track and examine the use of this Site, compile reports and share them with other services developed by Google. Google may use Personal Data to contextualize and customize ads in its advertising network. Google Analytics 4 does not record or store individual IP addresses. Analytics provides approximate geographic data by deriving the following metadata from IP addresses: city (plus derived latitude and longitude of the city), continent, country, region, subcontinent (and equivalents based on ID). For EU traffic, IP address data are used only to derive location data before being deleted. They are not recorded, made accessible, or used for any other purpose. When Analytics collects measurement data, all IP lookups are performed on servers located in the EU before forwarding traffic to Analytics servers for processing. Personal Data collected: Cookies and Usage Data. Location of processing: USAFor more information: Privacy Policy

Google Tag Manager (Google LLC)

Google Tag Manager is a tag management service provided by Google LLC, which allows this Site to integrate other scripts. Personal Data collected: Cookies and Usage Data. Location of processing: USAFor more information: Privacy Policy

Google Maps (Google LLC)

Google Maps is a map visualization service managed by Google LLC that allows this Site to integrate such content within its pages. It is also used for geolocation services that allow calculating a route based on the User’s position. Personal Data collected: Cookies and Usage Data Location of processing: USAFor more information: Privacy Policy

Cookies

Cookies are installed in the browser during the browsing of a website and can contain various information, some of which may allow the identification of User preferences.This Website and its domain https://www.romasorrentoshuttle.com/ do not store Personal Data in cookies. The data saved have the sole purpose of storing preferences requested by the User, or information necessary to enable the functionalities of this Site and its safe and efficient browsing.

The cookies used on this site are:

  • session cookies (which disappear when the browser is closed)
  • persistent cookies (which expire at a predetermined date)

The use of Cookies — or other tracking tools — by this Site or by third-party services used by it, unless otherwise specified, aims to identify the User and record their preferences for the requested purposes or statistical purposes.For instructions on disabling or for other information regarding cookies and privacy please consult the Cookie Policy.

Data Processing, Sharing and Methods

The Controller, in compliance with regulations, processes Users’ Personal Data by adopting appropriate security measures aimed at preventing unauthorized access, disclosure, alteration or destruction of Personal Data.Processing is carried out using IT and/or telematic tools, automated instruments and with organizational and logical methods strictly related to the indicated purposes.

It is guaranteed by law that the processing of personal data takes place in respect of fundamental rights and the dignity of the data subject, particularly with regard to confidentiality, personal identity and the right to data protection.

Personal Data will be processed exclusively by persons in charge of processing specifically authorized and controlled by the Controller:

  • internal staff: administrative, commercial, marketing, legal personnel, system administrators.
  • external parties: such as third-party technical service providers, postal couriers, hosting providers, IT companies, communication agencies.
  • competent authorities: – law enforcement or other government authorities in cases provided by law or if strictly necessary to prevent, detect or prosecute criminal acts and fraud; – Public entities and, in general, any public or private subject, affiliated, subsidiary or parent companies to which we are obliged to communicate data, also for the correct fulfillment of any respective obligation (also of an instrumental nature) connected or related to present and future relationships that will be established with you, imposed by laws and/or regulations or for pursuing the purposes indicated above.

External parties may also be appointed, if necessary, as Data Processors by the Controller.In addition to companies acting as processors, Personal Data are made available to third parties, independent data controllers, for ancillary purposes related to the provision of the requested services.

The updated list of Data Processors can always be requested at any time via the Controller’s email address.

Location and Transfer of Data

Data are processed at the Controller’s operational offices and at any other location where the parties involved in the processing are located. For further information, contact the Controller.The User’s Personal Data may be transferred to a country different from the one in which the User is located; in any case they will never be transferred outside the countries belonging to the European Union unless safeguard clauses or equivalent levels of protection of Personal Data are guaranteed.

Transfers will only be carried out to pursue Commercial Purposes agreed upon with the explicit request of the User.

Retention Period

Data are processed and stored for the time required by the purposes for which they were collected.Specifically:

  • Personal Data collected for purposes related to the execution of a contract between the Controller and the User will be retained until the execution of that contract is completed.
  • Personal Data collected for purposes attributable to the Controller’s legitimate interest will be retained until such interest is satisfied.

When processing is based on the User’s consent, the Controller may retain Personal Data longer until such consent is revoked. Additionally, the Controller may be required to retain Personal Data for a longer period to comply with a legal obligation or an order from an authority. At the end of the retention period Personal Data will be deleted.

Rights

The User may learn about their rights, request further information and stay updated on the legislation regarding the protection of persons with respect to the processing of Personal Data by consulting the Data Protection Authority’s website at www.garanteprivacy.it.The User has the right to:

  • Revoke consent previously given for the processing of their Personal Data.
  • Object to the processing of their Data, where processing is based on a legal ground other than consent.
  • Access their Data and obtain all information about the Data processed by the Controller. Data will be provided as a copy in a commonly used format, readable by an automatic device.
  • Verify and request correction of their Data
  • Obtain restriction of processing where certain conditions apply. In such case the Controller will not process the Data for any purpose other than storage.
  • Request deletion or removal (right to be forgotten) of their Personal Data
  • Transfer their data to another Controller, where technically feasible, by obtaining or requesting the transmission of their Data in a structured, commonly used and machine-readable format. This applies when Data are processed by automated means and processing is based on the User’s consent, on a contract to which the User is a party or on contractual measures related thereto.
  • Lodge a complaint with the competent supervisory authority or take judicial action.

The User may exercise their rights at any time by sending a request to the Controller’s contact details.

Legal Defense

The User’s Personal Data may be used for the Controller’s defense in court or in the preparatory stages of possible legal action, against abuses in the use of the Site or related services by the User.The User is aware that the Controller may be required to disclose Data upon request by public authorities.

Legal Obligations

The Controller reserves the right to access, retain and share information with regulatory bodies, law enforcement or other entities in the following cases:

  • In response to a legal request, in good faith and within the deadlines imposed by law.
  • For cases where it is necessary to detect, prevent and resolve unauthorized uses of Services or Products provided or sold through this Site, to detect violations of our contractual or regulatory conditions.
  • To detect harmful or illegal activities, to protect the business, the Controller, the User and/or third parties.

Collected Data may be consulted and retained for an extended period when they are the subject of legal proceedings or obligations, a government investigation or investigations concerning possible violations of our terms or regulations, or to prevent harm.We may also retain Data for at least one year to prevent repeated misuse or other breaches of terms.

Applicable Law

This Privacy Policy is governed by the GDPR cited above and by applicable Italian law, which regulate the processing of personal data — including data held abroad — carried out by anyone residing or established in a Member State of the European Community.The GDPR ensures that personal data processing is carried out respecting fundamental rights and freedoms, as well as the dignity of the data subject, with particular reference to confidentiality, personal identity and the right to data protection.

Changes and Updates

The Controller reserves the right to modify, in whole or in part, this Privacy Policy also in consideration of regulatory updates that protect Users’ rights.Changes and updates to the Privacy Policy will be binding as soon as they are published in this same section. Please check this section regularly to verify publication of the most recent and updated version of the Privacy Policy.

Legal Notices

All documentation downloadable from this Site has been prepared and reviewed with the utmost care, but the user is always required to verify its accuracy and is responsible for its use. No liability can be attributed for direct or indirect damages suffered by the User or third parties arising from the use or failure to use the information retrieved. Although the content of these pages is subject to continuous updates and checks, errors and/or omissions may still occur.By accessing this Site the User implicitly declares to have read, understood and accepted the information provided in the Legal Notices and Privacy sections and declares to comply with all applicable laws and regulations.

If the User does not accept these conditions they may not use this Site.