Privacy Policy

Welcome!
This document (hereinafter referred to as the “Privacy Policy”) serves as an informative statement, particularly with reference to the transparency principle as per ex Article 13 of the EU Regulation 679/2016 (hereinafter, for convenience, referred to as “GDPR”). It outlines what data is processed by the Data Controller and how it is managed.
Pursuant to Article 5 of the GDPR, the processing of personal data is guided by the general principles of lawfulness, fairness, purpose limitation and detention, data minimization, accuracy, integrity, confidentiality, and accountability, in accordance with privacy by default and by design. In particular, the regulations for this matter are contained in, among other laws, Legislative Decree 196/2003 and subsequent amendments, Legislative Decree 101/2018, and the aforementioned GDPR.
For the purposes of this text, the “website” refers to https://geminidestinations.com/, including all its pages, sections, and subsections. The term “User” refers to the individual who interacts with the website, uses its services, communicates, or simply accesses and/or views one or more pages on the said website. For further definitions, such as personal data or others, please refer to the text of the aforementioned GDPR.
We kindly request a careful and considered reading of this Privacy Policy, which applies whenever you access this website, navigate within it, or use its services, regardless of the data being processed. By accessing the website, you are giving your consent to the Privacy Policy described here. For any further information regarding data processing, you can contact the Data Controller at the email address indicated in point 1 of this Privacy Policy.

DATA CONTROLLER

The Data Controller, according to Articles 4 and 24 of the GDPR, is Francesca Innocente,

For the personal details of the Data Controller, you can send a written request to the aforementioned email address.

TYPES OF DATA COLLECTED

a. Browsing data: This includes data that is transmitted automatically during the use of Internet communication protocols. These are acquired without any human intervention by the computer systems and software procedures responsible for the website’s operation. This category includes, for example, IP addresses or domain names of the devices used during navigation, URI addresses of the requested resources, the day, date, and time of the request, the method used in submitting the request to the server, the size and type of the file obtained in response, the numerical code indicating the status of the response given by the server, and other parameters related to the user’s operating system and computer environment. This data, which is necessary for the use of web services, is also processed to obtain statistical information about the use of the services and to check their proper functioning.

b. Data provided by the user: This includes data collected when the User sends a message to the email address mentioned in Article 1 or makes contact by phone or any other means to request information or commercial proposals, seek clarification, or for other purposes. This category also includes the activity of commenting on articles on the website by providing one’s name and email address. In this case, the voluntary sending of messages to the contact addresses, as well as the completion and submission of the forms on the site, results in the acquisition of the sender’s contact data as well as all the personal data provided by the user in the communications and/or requested by the reference form. All data provided will be processed to fulfill the User’s requests.

c. Data collected via cookies: This pertains to information contained in cookies that are transmitted to the servers when the user revisits the site. Cookies are text files that the servers of visited sites can place in the memory of the devices used by the user. Please refer to the Cookie policy on the website for more information.

d. Newsletter subscription data: This refers to the data entered by the user for newsletter subscriptions, including name, surname, and email address through a specific form. In this case, the data is necessary for receiving updates and commercial communications. This marketing activity may, in some cases, be carried out through third-party service providers, such as Mailchimp – , regarding which the Data Controller has committed to collecting and maintaining all the necessary permissions and valid consents required to legally transfer data and allow Mailchimp to legally collect, process, and share the data for service provision purposes. A

ll this information is provided for the purposes related to this website and not for other sites that may be accessed via links. Therefore, the Data Controller is not responsible for the personal data processed independently by the platform provider connected through links.

3) MANDATORY OR OPTIONAL NATURE OF DATA PROVISION

In cases where the nature of the provision is to be considered obligatory, the text field on the website form will be expressly indicated as such, also by the use of symbols or graphical signs. If the User does not enter the requested information in these fields, the Data Controller will be objectively unable to manage the pre-contractual/contractual relationship, communication/purchase/sale. In summary, the failure to provide this data will prevent the establishment of the relationship.

PURPOSE OF PROCESSING AND LEGAL BASIS

Data is processed, subject to explicit consent per Article 6, letter a, GDPR, for the following purposes:
a) Marketing, profiling, and commercial promotion by sending information, updates, and news about products, services, and promotions through all digital and paper communication tools.
At any time, the User has the right to revoke their consent to receive promotional information by communicating their desire in writing to the email address specified in Article 1 or by following the procedure available at the link provided in the footer of email communications, allowing them to unsubscribe.
Data is processed without explicit consent per Article 6, letters b, c, f, GDPR, for the following purposes:
a) Allowing the User to become part of the community and receive paper and/or digital communications on the legal basis of fulfilling the contract.
b) Complying with all legal, tax, accounting, and administrative obligations.
c) Providing information on products or services related to those already purchased and assessing the level of satisfaction with the purchased products or services. At any time, the User has the right to revoke the consent given by communicating it in writing to the email address mentioned in Article 1 or by following the procedure available in the email communications to unsubscribe.
d) Handling User requests and inquiries and responding to questions and issues using the available contact tools. The legal basis is the Data Controller’s legitimate interest in providing customer support, information about products and services, developing new products, implementing existing ones, and generally achieving a higher level of efficiency.
e) Establishing an adequate defense in the appropriate judicial and extrajudicial venues in the event of a dispute with the User.
At any time, the User has the right to revoke the consent given by communicating it in writing to the email address mentioned in Article 1. All data collected is processed only for purposes related to this website and not for other sites that may be accessible via the links or social buttons on the site. The Data Controller is not responsible for the processing of data carried out independently by the platform provider connected through links and/or social buttons. It is hereby clarified that the website is autonomous and independent of the sites and/or platforms referenced by the aforementioned links and/or social buttons.

PROCESSING METHODS

The Data is processed by the Data Controller using electronic and IT tools, without this affecting the possibility of paper processing. The processing of personal data may include any type of operation, including collection, recording, organization, storage, consultation, processing, selection, extraction, comparison, use, interconnection, blocking, communication, erasure, and destruction. In any case, data is collected and processed for specific, explicit, and legitimate purposes and used in ways that are compatible with the purposes stated in point 4. All of this is carried out by adopting security measures as appropriate as possible to minimize the risks associated with these activities and, in particular, to prevent deletion or destruction when not subject to processing, to prevent unauthorized access or processing not allowed and/or not in compliance with the purposes.

LOCATION OF PROCESSING

Data is processed at the Data Controller’s headquarters and on hosting servers that are third parties separate from the Data Controller’s direct control.

STORAGE PERIOD

Data is processed for the time necessary to fulfill the service requested by the User, coinciding with the achievement of the purposes for which it was collected and, in any case, no later than 10 years from that date. At the end of the storage period, the data will be deleted. For marketing purposes only, this period is reduced and is 24 months from the last interaction and in any case no more than 10 years.

DISCLOSURE OF PERSONAL DATA

Data processing is carried out by the Data Controller and by personnel authorized by them to perform tasks related to the proper management of contractual and marketing relationships with customers, potential customers, and suppliers. The Data Controller commits not to disclose personal data, except with the prior authorization of the User, to individuals other than the employees of the Data Controller and/or professionals, collaborators, and third parties (natural or legal persons) who perform activities on behalf of the Data Controller and need to know such data solely for the purpose of carrying out the requested activities. In particular, data may be communicated to:

  • Individuals who need to access data to the extent strictly necessary to achieve auxiliary purposes to the contractual relationship.
  • Individuals and companies that collaborate with the Data Controller, to the extent necessary to carry out their professional duties, including, in particular, keeping accounts or performing legal practices. In this regard, these subjects will be designated as Data Processors, as per Article 28 of the GDPR, and will process data in full compliance with this Privacy Policy and current legislation. The list of these subjects is available on written request from the data subject, also via email to the address indicated in Article 1, to be sent to the Data Controller. In accordance with national and European legal provisions, and/or the competent authorities, data may also be communicated or made available to individuals, whether public or private, as indicated by them, within the limits and for the purposes provided for therein. These individuals will only be provided with the information strictly necessary.

RIGHTS OF THE DATA SUBJECT

The data subject has the right to receive correct information regarding the processing of their data, as stipulated in Articles 12 and subsequent of the GDPR. At any time, under Articles 15 and following of the GDPR, the data subject has the right to exercise the rights of access to data, rectification, erasure, or restriction of processing, and to request and obtain information and clarification about the purposes and objectives of the processing, the categories of personal data, the recipients to whom the data has been communicated, and the respective storage period. For the consultation of the rights of the data subject, reference is also made to what is further specified in Articles 15-22 of the GDPR. It is always possible to revoke the consent previously given by sending a communication via email, addressed to the email address specified in Article 1 and intended for the Data Controller. It is also noted that, under Article 23 of the GDPR and only under certain circumstances, the Member States of the European Union may have the right to limit certain rights of data subjects. We reserve the right to avail ourselves of this right, always in compliance with the relevant community and national law, in exceptional cases where it is provided for.

LINK AND SOCIAL BUTTONS

All that is provided in this policy is intended solely for the website in which it is inserted. It is not valid in any way for other sites and/or platforms connected to the current site and accessible by the user through a linking link and social buttons.

Social buttons refer to the link buttons on the web page depicting the icons of social networks to facilitate sharing and interaction in a specific social network with what the user has chosen. Data processing by these external subjects is independent of the processing carried out on the present website, and therefore, we ask you to refer to their respective privacy policies, which are freely accessible at the following links:

• Facebook: https://facebook.com/about/privacy
• Instagram: https://help.instagram.com/519522125107875
• Linkedin: https://it.linkedin.com/legal/privacy-policy?
• TikTok: https://www.tiktok.com/legal/page/eea/privacy-policy/it-IT

TRANSFER OF PERSONAL DATA

Personal data will not be transferred outside the European territory. Any transfer to non-European Union countries, where necessary and previously authorized by the User, will be made in accordance with Articles 44 and subsequent of the GDPR, or by ensuring the best data protection measures.

MINORS

Minors under the age of 16 are not required to provide any information or personal data in the absence of the consent of those exercising parental responsibility over them.

UPDATES AND AMENDMENTS

In the future, the Data Controller reserves the right to change and/or update this document in whole or in part, also in consideration of possible regulatory interventions on the matter. Users are advised to consult the page regularly to check for updates. This document was last updated on October 22, 2023.

COOKIE POLICY

This document (hereinafter referred to as the “Cookie Policy”) explains the types and purposes of cookies used by the website indicated above, in order to enable independent management of preferences regarding the use of cookies.
For the purposes of this text, the term “website” shall be understood as https://geminidestinations.com/, including every page, section, and subsection of the website. The term “User” refers to the individual who interacts with the website, uses its services, communicates, or simply accesses and/or views one or more pages of the website.
For further definitions, such as “personal data” and others, please refer to the text of the EU Regulation 679/2016 (hereinafter referred to as “GDPR”) for convenience.
We kindly request a careful and prudent reading of this Cookie Policy, which applies whenever you access this website,
navigate within it, or use its related services. For any further information regarding data processing, you can contact the Data Controller at the email address provided in point 1 of this Cookie Policy.

DATA CONTROLLER

The Data Controller, pursuant to Articles 4 and 24 of the GDPR, is Francesca Innocente, 
For the personal details of the Data Controller, you can send a written request to the email address provided above. 

WHAT ARE COOKIES AND WHAT ARE THEY USED FOR?

Cookies are a tool available to the Data Controller to provide the requested service based on the purposes pursued.
For clarity, cookies are small files containing packets of information sent from a web server to the user’s internet browser and automatically stored on the user’s browsing device, then sent back to the server with each subsequent access to the site (so-called first-party cookies). It is also possible that the User, while browsing this site, may receive cookies from different websites (so-called third-party cookies). This happens because the website visited may contain references to other web pages or elements that are hosted on servers different from the one on which the requested page is located. The responsibility and management of first-party cookies are assumed directly by the Data Controller, while the responsibility for third-party cookies falls on their respective owners and operators.
Cookies are used to store the user’s browsing preferences and subsequently customize the sites to meet their needs, thereby improving the browsing experience. For example, cookies prevent the need to manually re-enter information already provided on a website and allow for ad targeting.

TYPES OF COOKIES AND THEIR SUBDIVISION

a) Based on the entity that manages them:

– First-party cookies: installed and managed directly by the Data Controller;

– Third-party cookies: installed and generated by websites other than the Data Controller’s and managed by third parties with whom personal data may be shared.

 

b) Based on duration:

– Session cookies: last for a single browsing session and are deleted with the closure of the browser or at the end of the same session;

– Persistent cookies: have a predetermined expiration date, after which they cease to function. They are stored on the user’s browsing device’s hard disk and are read by the site on each subsequent visit, accumulating information during each session.

c) Based on the purposes:

– Technical cookies: necessary to allow the user to navigate the website and use the offered services. Without these, the provision of certain services or functions of the site may become impossible and may hinder navigation;

– Analytical cookies: used to obtain statistical information, in aggregated or non-aggregated form, about the number of users accessing the site and how it is used;

– Profiling cookies: used to track the user’s profile and allow them to subsequently view tailored advertisements that align as closely as possible with their consumption interests.

WHICH COOKIES ARE USED AND FOR WHAT PURPOSES

The following cookies are used on this site:

Technical and functional cookies:

These are necessary to allow the user to navigate the website and use the services offered. They are used to save the session and perform other activities strictly necessary for the site’s operation, as well as to save preferences and optimize the user’s browsing experience. According to Art. 122 co.2 D.Lgs. 169/2003 and as published in the Gazzetta Ufficiale n.126 of 03/06/2014 and in the register of measures n.229, 08/05/2014, the Site is not required to request explicit consent for technical cookies, as they are considered indispensable for the purposes mentioned above. Technical and functional cookies are automatically installed and do not require the User’s consent, as this information is sufficient;

First and third-party analytical cookies:

These are used to collect information about user navigation solely for statistical purposes. This statistical information is collected, in an aggregated or non-aggregated form, on the number of users accessing the website and how it is used. The website uses this information to generate anonymous statistical analyses to enhance user usage and improve content.

Regarding this category, it’s important to note that first-party cookies are fully assimilated as technical cookies. This is in accordance with the clarifications provided by the Data Protection Authority on 05/06/15 and the most recent guidelines. Therefore, this notification is sufficient. However, concerning third-party analytical cookies, they are considered equivalent to technical cookies only if their use is contingent upon processing aggregated statistics related to a single website, and if at least the fourth component of the IP address is masked. In other cases, it is necessary to request the User’s consent for their installation, and the User will be free to grant or revoke their consent at any time, without affecting their ability to visit the website and access its content. The Data Controller will keep a record of this consent through a specific cookie, ensuring that the cookie banner is not presented during the User’s subsequent visits to the website. In particular, the following third-party analytical cookies are present:

Third-party profiling cookies:

These are used to track and monitor the user’s navigation in order to create a profile and allow the user to view personalized advertisements. In particular, the following third-party profiling cookies are present:

    • Google Search Console, https://policies.google.com/privacy?hl=en : A service offered by Google that allows monitoring and managing the site’s presence in Google search results..
    • Hotjar, https://www.hotjar.com/privacy : A tool for analyzing user behavior and collecting feedback and surveys. It allows understanding the actions users take on web pages and obtaining their feedback on the user experience.
    • Facebook Pixel, https://www.facebook.com/policy.php : A tool for tracking conversions of Facebook Ads, connecting data from Facebook to actions taken on this site. This results in behavioral marketing that allows the site to promote itself to users who have visited it through advertisements.

The user is free to give or withdraw consent for the installation of both first and third-party profiling cookies at any time without affecting their ability to visit the site and enjoy its content.

 

While not strictly cookies, the website also uses

 

trackers:

    • Google Font, https://developers.google.com/fonts/faq/privacy?hl=it : that offers an interactive web directory and APIs to include fonts on websites. Google may track user behavior on the website by collecting, storing, and using some end-user data for statistical purposes (e.g., IP address).

HOW TO DISABLE COOKIES

During the first visit to the site, the user can make a choice regarding the acceptance of all cookies, continued navigation with only those that do not require consent, or specific preferences. Technical and functional cookies, as well as first-party analytical cookies, are automatically installed and do not require user consent. However, the use of third-party analytical and profiling cookies does require explicit consent. It is important to note that consent can be revoked by the User at any time without affecting their ability to visit the site and access its content. Closing the banner will result in continued browsing with the default settings, excluding the operation of third-party analytical and profiling cookies. Users can also determine their preferences for cookies by adjusting browser settings. By changing these settings, users can accept or reject cookies or choose to receive a notification before accepting a cookie while browsing websites. Cookies can also be deleted upon the user’s request by clearing the browser’s “cookie” folder.

 

By default, most web browsers are set to accept cookies automatically. However, because each browser is different, it is helpful to check the procedures for modifying cookie preferences on a case-by-case basis. You can set your browser to reject all cookies or only some cookies according to your preferences. The following links provide useful information for setting these preferences:

  • Google Chrome,
  • Mozilla Firefox,
  • Apple Safari,
  • Microsoft Windows Explorer, 

For more in-depth information about cookies, you can visit the website www.youronlinechoices.com .

SOCIAL BUTTONS

Social buttons are the linked buttons present on the web page that display icons of social networks to facilitate sharing and interaction on a specific social network with content chosen by the user. It is noted that each social network acquires data related to the visit according to independent regulations, which are referred to for reference by consulting their respective Policies.

For information on how cookies are managed by the social networks to which the social buttons refer, please follow the links below:

• Facebook: https://facebook.com/about/privacy
• Instagram: https://help.instagram.com/519522125107875
• Linkedin: https://it.linkedin.com/legal/privacy-policy?
• TikTok: https://www.tiktok.com/legal/page/eea/privacy-policy/it-IT

This website also uses social network sharing plugin cookies, which allow users to share their information with social networks and offer other related functions, such as, for example, posting comments. On the other hand, this allows social networks to identify the user and store information regarding the user’s usage of the website in their profiles. As specified, these cookies can be disabled through the user’s browser. If they are not accepted or are disabled, it will not be possible to use or access these tools.

RIGHTS

At any time, in accordance with Articles 15 and following of the GDPR, the data subject may exercise all rights, including access to data, rectification, erasure, or restriction of processing, request and receipt of information and explanations regarding the purposes and objectives of the processing, the categories of personal data, recipients to whom data have been or will be disclosed, and the retention period. The right to withdraw consent previously given is also recognized. It is also noted that it is a legal right to file a complaint with the Data Protection Authority, as provided for in Article 77 of the GDPR, or to take appropriate legal action under Article 79. The exercise of all the aforementioned rights, with the exception of the complaint to the Data Protection Authority, is possible by sending a specific request to the email address provided in Article 1. Regarding erasure in particular, the right to request the erasure of personal data is recognized, which will be deleted upon request unless there are circumstances preventing such erasure, as provided by law, such as the existence of a contract or debt/credit relationships. Similarly, data cannot be deleted in cases where retention obligations exist.

This document was last updated on 22.10.2023.