Privacy Policy for Website Visitors

🆕 Version: 1.1

📅 Date: 25.11.2024

👋Welcome to our website!  

In this section, we explain how we collect and process your personal data when you visit our website. Protecting your privacy is important to us. 💙

📍 Who are we?  

**Data Controller**  

🛡️ Company Name: QARLBO ASSOCIATES AB (Data controller)

🌟 Brand: Miramis

✉️ Contact Address: Monte Argentario (GR), Via Privata Cirio snc, 58018 (Frazione: Porto Ercole) – registered office

📧 PEC: erqole@pec.it

🔗 Joint Controllers: ERQOLE S.R.L. erqole@pec.it, ERQOLEPROPERTIES S.r.L., erqoleproperties@pec.it - ERQOLE HOSPITALITY S.r.L.,erqolehospitality@pec.it - ERQOLE COMMUNITY S.r.L., hoteltris@cgn.legalmail.it- ERQOLE CALA PICCOLA S.r.L., erqolecalapiccola@pec.it, - Società Agricola LACAPITANA S.r.L., lacapitanaagricola@pec.it; PSS Villa S.r.L.

Erqole Hospitality S.r.L. manages the following hospitality facilities: la RoqqaHotel; Isolotto Beach Club; Hotel Torre Cala Piccola.

These companies may act as joint controllers concerning data processing, having jointly determined the purposes and means of processing through a specific agreement pursuant art. 26 of the GDPR available upon your written request.

Your data, therefore, may be shared among the Joint Controllers Companies for internal administrative purposes (e.g., HR functions, IT support, financial administration) and for direct marketing purposes, including promotional communications about products and services offered by various entities within the group.

All of this is aimed at optimizing efficiency, facilitating corporate decision-making, centralizing key functions within the group, and enabling targeted direct marketing to customers and potential customers based on their preferences and interactions.

In the list of the Joint Controllers above, you will find the references for the Company that, in relation to the purposes for which we collect your data, will assume the role of autonomous Data Controller.

⚖️ Why This Information?

In compliance with Regulation (EU) 2016/679 (GDPR), we are obliged to inform you on how we collect and manage your personal data when you visit our websites. The information provided here applies solely to the website www.miramis.com and does not cover external websites of links that may appear on our pages.

🔑 Types and Purpose of Data Processed

1. Browsing Data  

💻 What Do We Collect?

During your visit to our site, certain technical data is automatically collected, including:

- IP addresses

- URL of requested resources

- Time of request

- Device type and operating system

📊 Why dowe collect this data?  

These data are used for:

- Analysing website usage statistics (most visited pages, number of visitors, geographic location, etc.)

- Monitoring the correct functioning of the website

⏳ How long do wekeep the data?  

Browsing data are retained for a maximum of 7 days, unless there is a need to retain them for longer to aid in investigations by competent authorities.

📧 What do we collect?

When you send messages through our contact forms or fill out online forms, we collect your contact information (email, name, etc.).

📩 Why dowe collect this data?  

We use it to respond to your inquiries, provide requested services, or communicate relevant business information.

3. Cookies and Tracking  

🍪 Whatare cookies?  

Cookies are small text files that websites can use to make a user's experience more efficient.

This website uses cookies to personalize content and ads, provide social mediafeatures, and analyse our traffic. We also share information about how you useour site with our analytics, advertising, and social media partners, who may combine it with other information you've provided to them or that they have collected from your use of their services.

The law allows us to store cookies on your device if they are strictly necessary for the functioning of this site. For all other types of cookies, we need your consent.

This site uses different types of cookies. Some cookies are placed by third-partyservices that appear on our pages.
You can modify or withdraw your consent at any time from the Cookie Declarationon our website.

🔒 How can you control cookies?  

You can manage cookies directly from your browser settings. Learn more about the cookies we use by clicking on our COOKIEPOLICY

⚖️ Legal Basis for Processing

- Browsing and Technical Cookies: Processing is necessary for the technical functioning of the website.

-  Profiling Cookies - Marketing - Profiling: Processing takes place only with your consent.

- Direct Marketing and Legitimate Interest: in this regard, we inform you that we have conducted a specific risk analysis to ensure an appropriate balance between our legitimate interest and the protection of the rights andfundamental freedoms of the data subjects.

Our legitimate interest consists in ensuring efficient and secure internal operations, reducing administrative costs, optimizing resources within the group, and providing direct marketing communications to customers and potential customers. The centralization of data sharing allows us to offer tailored marketing campaigns, increase customer engagement, and improve the group’s overall business strategy.

Necessity: The processing and sharing of personal data are necessary to achieve the purposes of internal administration and direct marketing. Alternative methods, such as isolating data within individual entities, would result in greater operational complexity, higher costs, and missed opportunities for targeted marketing and customer loyalty.

Impact on Data Subjects: The processing and sharing of personal data are limited to what is strictly necessary for the stated purposes. Only authorized personnel within the group will have access to the data, and marketing communications will be sent only to individuals who have not opted out of such communications. All direct marketing communications provide clear mechanisms to opt out, and any objection to marketing will bepromptly respected. Therefore, the impact on data subjects is minimal.

Security Measures: We have implemented technical and organizational measures to protect personal data, along with clear privacy policies. Data subjects also retain the rights provided under the GDPR, including the right to access, rectify, delete, or object to the processingof their data, particularly in the context of direct marketing.

Proportionality: The anticipated impact on data subjects is limited, and our legitimate interest in maintaining effective business operations and offering relevant marketing content outweighs any minimal risk to data subjects. Furthermore, all marketing activities are conducted transparently, and data subjects can easily manage their marketing preferences, further reducingany potential negative impact.

Marketing Relevance: Personal data is processed to provide targeted and relevant marketing based on our customers' interests and preferences. This enhances the overall user experience and ensures that communications are not excessive or irrelevant to the recipient.

👥 Data Recipients

Your data is processed by our authorized staff and any external processors, with an updated list available a tour main office.

🌍 Data Transfer Abroad

Data is processed on servers located in Ireland. We do not transfer data outside the European Economic Area (EEA).

⏳ Retention Period

Data is retained only for the time necessary to achieve the purposes for which it was collected or for longer periods if required by law. If the legal basis is consent, processing will continue until such consent is withdrawn.

📝 Optional Nature of Consent

Providing your data is optional. However, if you choose not to provide the requested data, we may be unable to respond to your inquires or provide our services.

⚖️ Data Subject Rights  

You have the right to request:

- Access to your data

- Correction of inaccurate data

- Deletion of data

- Restriction of processing

- Data portability

To exercise your rights, you can contact us at:  

📧 Email: [privacy@erqole.it]  

🚨 Right to Lodge a Complaint

If you believe that your rights have been violated, you may lodge a complaint with the Data Protection Authority (Art. 77GDPR) at the following link: https://www.garanteprivacy.it/i-miei-diritti ortake legal action (Art. 79 GDPR).

🔒 Profiling and Automated Decision-Making  

We do not use automated profiling ordecision-making processes on the collected data.

📅 Privacy Policy Changes

We reserve the right to update this policy at any time, particularly to comply with new regulations or to improve ourservices. We encourage you to check this page periodically.

🔐 Privacy means Security

Protecting your data is our priority!