The company ISOLA Srl (hereinafter “Data Controller”), with registered office at Via Fieno 3, 20123 – Milan and operational office at Via Fabio Filzi 33, Milan, is committed to respecting and protecting your privacy and wants you to feel safe while browsing the website. With this privacy policy, the Data Controller intends to provide some information on the processing of personal data relating to users who visit or consult the company’s website, accessible online at https://retreatmilan.com/ .
This policy applies exclusively to the Data Controller’s website and does not extend to any other websites that the user may access via links (for which reference is made to their respective privacy policies).
The reproduction or use of the pages, materials and information contained in the Website, by any means and on any medium, is not permitted without the prior written consent of ISOLA Srl. Copying and/or printing is permitted for personal, non-commercial use only; no other use of the content, services and information on this website is permitted. With regard to the content offered and the information provided, the Data Controller will ensure that the Website’s content is reasonably up to date and reviewed, without offering any guarantee as to the adequacy, accuracy or completeness of the information provided, and explicitly disclaiming any liability for errors of omission in the information provided on the Website.
The Data Controller informs you that the personal data you provide and acquired in connection with requests for information and/or contact via smartphone or any other device used to access the Internet, as well as the data necessary for the provision of such services, including browsing data and data used for the possible purchase of products and services offered by the Data Controller, will be processed in compliance with applicable regulations. The computer systems and software procedures used to operate this website collect, in the course of their normal operation, certain personal data whose transmission is inherent in the use of the Internet. This information is not collected for the purpose of being associated with identified individuals, but by its very nature could, through processing and cross-referencing with data held by third parties, allow website users to be identified. This category of data includes:
These data are used solely for the purpose of obtaining anonymous statistical information on the use of the website and to monitor the correct functioning of the Data Controller’s website. It should be noted that the aforementioned data may be used to establish liability in the event of cybercrimes against the Data Controller’s website or other websites connected or linked to it: except in this eventuality, web contact data does not currently persist for more than a few days.
The Data Controller collects, stores and processes the user’s personal data for the purpose of providing the products and services offered on the Website, or to comply with legal obligations. In relation to certain specific Services, Products, Promotions, etc., the Data Controller may also process your data for commercial purposes. In such cases, a specific, separate, optional and always revocable consent will be requested, in the manner and at the contact details indicated below. The optional, explicit and voluntary sending of emails to the addresses indicated in the relevant section of the Website, as well as the completion of questionnaires (e.g. forms), communication via chat, push notifications via App, social networks, call centres, etc., entail the subsequent collection of certain personal data, including that gathered through the use of Apps and related services, necessary to respond to requests. We also inform you that when you use a mobile connection to access digital content and services offered directly by the Data Controller or our Partners, it may be necessary to transfer your personal data to such third parties.
The provision of data for the purposes referred to in points a), b) and c), connected to a pre-contractual and/or contractual phase or functional to a user request or required by a specific regulatory provision, is mandatory and, in its absence, it will not be possible to receive the requested information and access the requested services. For this reason, consent to the processing of data pursuant to art. 6 of European Regulation 2016/679 is not required, as the processing of personal data takes place on the basis of the provisions of art. 6 para. 1 b) of European Regulation 2016/679, and in particular is necessary for the successful completion of a pre-contractual phase of which the data subject is a party.
With regard to point d) of this Privacy Policy, the user’s/customer’s consent to the processing of data is free and optional and may be revoked at any time without any consequences on the usability of the products and services, except for the Data Controller’s inability to keep users/customers informed about new initiatives or any particular promotions or benefits that may be available.
The Data Controller may send commercial communications relating to products and/or services similar to those already provided, pursuant to Directive 2002/58/EU, using the email address or postal address you have provided on such occasions, to which you may object in the manner and at the contact details indicated below.
Processing is also carried out with the aid of electronic or automated means and is performed by the Data Controller and/or by third parties who may be used to store, manage and transmit data. Processing will be carried out using organisational and processing logic applied to your personal data, including data relating to logs generated by access to and use of services made available via the web, products and services used, in relation to the purposes indicated above and, in any case, in a manner that ensures the security and confidentiality of the data itself. The personal data processed will be retained for the periods established by applicable regulations, and in particular for a period not exceeding 24 months from collection. Still on the subject of data security, in the sections of the website set up for specific services where personal data is requested from the user, data is encrypted using a security technology known as Secure Sockets Layer, abbreviated as SSL. SSL technology encrypts information before it is exchanged over the Internet between the user’s computer and the Data Controller’s central systems, making it unintelligible to unauthorised persons and thus ensuring the confidentiality of the information transmitted. With regard to personal data protection matters, the user is invited, pursuant to art. 33 of European Regulation 2016/679, to report to the Data Controller any circumstances or events that could give rise to a potential “personal data breach”, in order to allow an immediate assessment and the adoption of any actions aimed at countering such an event.
Such notification may be made by sending a communication to ISOLA Srl at the email address info@retreatmilan.com. The measures adopted by the Data Controller do not exempt the Customer from exercising the necessary care in the use, where required, of passwords/PINs of adequate complexity, which must be updated periodically, especially if there is reason to believe they have been compromised or become known to third parties, and which must be carefully safeguarded and kept inaccessible to third parties, in order to prevent improper and unauthorised use.
A cookie is a short string of text that is sent to your browser and, if necessary, saved on your computer (or alternatively on your smartphone/tablet or any other device used to access the Internet); this sending generally occurs each time you visit a website.
The Data Controller uses cookies for various purposes, in order to offer a fast and secure digital experience, allowing for example the connection to the protected area to remain active while browsing between the pages of the website.
Cookies stored on your device cannot be used to retrieve data from your hard drive, transmit computer viruses, or identify and use your email address. Each cookie is unique in relation to the browser and device used to access the website. https://retreatmilan.com
The Data Controller’s website uses session cookies, whose use is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to enable safe and efficient browsing of the website. These cookies do not allow the acquisition of personally identifiable user data and are processed by electronic means.
Browser configuration support1.
The user can also manage cookies through their browser settings. However, deleting cookies from the browser may remove the preferences set for the website.2. For further information and assistance, you can visit the specific help page of the web browser you are using:
For the purposes indicated above, the Data Controller may communicate and have processed, in Italy (the transfer will not take place outside the European Economic Area), the personal data of users/customers to third parties with whom the Data Controller maintains relationships, where such third parties provide services upon request.
The Data Controller undertakes to provide such third parties only with the information necessary for the performance of the requested services, adopting all measures for the protection of your personal data.
Personal data may be communicated to competent public bodies and authorities to fulfil regulatory obligations or to establish liability in the event of cybercrimes against the website, as well as communicated or assigned to third parties (acting as data processors or, in the case of electronic communication service providers, as independent data controllers), who provide IT support services.
and telematic services (e.g. hosting, website management and development services) which the Data Controller uses for the performance of tasks and activities of a technical and organisational nature instrumental to the operation of the website. The parties belonging to the categories listed above act as external Data Processors, formally appointed by the Data Controller. Your personal data may also be accessed by the Data Controller’s employees/consultants who have been specifically trained and appointed as “Persons authorised to process data under the direct responsibility of the Data Controller”. The categories of recipients to whom data may be communicated are available by contacting the data controlling company at the contact details indicated below.
Pursuant to, within the limits and under the conditions set out in the legislation on the protection of personal data regarding the exercise of the rights of Data Subjects (Chapter III of European Regulation 2016/679) in relation to the processing covered by this Privacy Policy, as a Data Subject you have the right:
For the processing referred to in point d) of the processing purposes, the Customer may at any time withdraw consent and exercise the right to object to direct marketing (in both “traditional” and “automated” form). The objection, in the absence of contrary indications, shall apply to both traditional and automated communications. The Data Subject may exercise their privacy and personal data protection rights by downloading and completing the appropriate form from the company website https://retreatmilan.com/ – privacy section, and sending the form by email to info@retreatmilan.com
The use of the Website, including those designed for tablets and/or smartphones, by the Customer and/or the User implies full awareness and acceptance of the content and any instructions contained in the current version of the privacy policy published by the Data Controller at the time of access to the website. The Data Controller informs that this privacy policy may be modified without notice and therefore recommends reading it periodically.
