Web site privacy policy www.locandastellalpina.it

Privacy policy website https://www.locandastellalpina.it/: Information on the processing of personal data according to EU Regulation no. 2016/679 (GDPR).

The policy does not apply to other websites that may be accessed through links on the owner’s domain websites, and the owner is not responsible in any way for the websites of third parties.
Locanda Stella Alpina di Panozzo Tullia (hereinafter, “Owner”), whose data are as follows:

  • Registered office: Via Campiello, 86, 36010 Treschè Conca VI
  • Vat: 00456720242
  • Tel: 0424 694031
  • Mail: info@locandastellalpina.it

as the data controller, informs you in accordance with Art. 13 Legislative Decree. 30.06.2003 n. 196 (hereinafter, “Privacy Code”) and Art. 13 EU Regulation no. 2016/679 (hereinafter, “GDPR”) that your data will be processed in the following manner and for the following purposes:

  1. Subject of treatment

The Data Controller processes personal, identifying, and non-sensitive data (including but not limited to: first name, last name, company name, address, telephone, e-mail – hereinafter, “personal data” or also “data”) communicated by you when registering on this website (hereinafter, “Site”), participating in opinion and popularity surveys, filling out registration forms through the Site, and from online requests.

  1. Purpose of processing

Your personal data are processed for the following Service Purposes:

  • Operate and maintain the Site or allow you access to dedicated areas;
  • To enable you to take advantage of any Services you may have requested;
  • Responding to online contact chats;
  • Guarantee you access to programs and services;
  • Offer assistance and advice even remotely;
  • Process a contact request;
  • For administrative-accounting activities in general;
  • Fulfill obligations required by Law, regulation, EU legislation or an order from the Authority or upon requests from the Italian or foreign government or the Italian Chamber of Commerce;
  • Prevent or detect fraudulent activity or abuse detrimental to the Site;
  • Exercise the rights of the Owner, such as the right to exercise a right in court.
  1. Method of processing and data retention period

The processing of your personal data is carried out by means of the operations specified in Art. 4 Privacy Code and Art. 4 n. 2) GDPR and namely: collection, recording, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, deletion and destruction of data. Your personal information is subject to both paper and electronic and/or automated processing, through the use of website hosted on the data controller’s server or on sites of external companies that allow the data controller to offer its services (such as to offer online chat support or deposit files for the customer by providing their email and name for downloading). The Data Controller will process personal data for as long as necessary to fulfill the above purposes and in any case for no longer than 10 years after termination of the relationship for service purposes and for no longer than 2 years after data collection for other purposes. In compliance with the provisions of Art. 5 paragraph 1(e) of Reg. EU 2016/679 the personal data collected will still be stored in a form that allows the identification of the data subjects for a period of time not exceeding the achievement of the purposes for which the personal data are processed.

  1. Security

The Owner has taken a wide variety of security measures to protect your data against the risk of loss, misuse or alteration. In particular: it has taken the measures set forth in Articles 32-34 Privacy Code and Art. 32 GDPR. It uses, when necessary for more secure communications, data encryption technology established by the AES Standards (BCrypt) and secure data transmission protocols known as HL7 and HTTPS.

  1. Data access

Your data may be made accessible for the purposes set forth in Art. 2.A) and 2.B):

  • to employees and collaborators of the Data Controller, in their capacity as appointees and/or internal data processors and/or system administrators;
  • to third-party companies or other entities (website providers, cloud providers, e-payment service providers, suppliers, hardware and software support technicians, shippers and carriers, credit institutions, professional firms, etc.) that perform outsourcing activities on behalf of the Data Controller, in their capacity as data processors.
  1. Disclosure of data

Without your express consent (ex art. 24 lett. a), (b), (d) Privacy Code and Art. 6 lett. (b) and (c) GDPR), the Controller may disclose your data for the purposes set forth in Art. 2.A) to Supervisory Bodies and Judicial Authorities, as well as to all other parties to whom disclosure is mandatory by Law. However, it is assured that your personal information will never be made public on the owner’s site.

  1. Data Transfer

The management and storage of personal data will take place in Europe, on servers located in Italy of the Data Controller and/or third party companies also abroad, appointed and duly appointed as Data Processors for the use of the requested services. Data of a personal nature provided may be transferred abroad within and outside the European Union, within the limits and under the conditions set forth in Articles 44 et seq. of EU Regulation 2016/679, in order to comply with purposes related to such transfer.

Place of processing

Data collected from the site are processed at the Data Controller’s office, and at the Web Hosting datacenter. The web hosting Aruba S.p.A. Via San Clemente, 53 – 24036 Ponte San Pietro (BG) P.IVA 01573850516 – C.F. 04552920482 C.S. € 4,000,000.00 i.v. , which is responsible for data processing, processing data on behalf of the owner, is located in the European Economic Area and acts in accordance with European standards.

  1. Nature of data provision and consequences of refusal to respond

The provision of data for the purposes of Art. 2.A) is mandatory. In their absence, we will not be able to guarantee you either registration on the Site or the Services of Art. 2.A).
You can then decide not to provide any data or later deny the possibility of processing data already provided. In any case, you will continue to be entitled to the Services set forth in Art. 2.A).

  1. Rights of the data subject

In your capacity as a data subject, you have the rights set forth in Art. 7 Privacy Code and Art. 15 GDPR and specifically the rights to:

  • I) obtain confirmation of the existence or non-existence of personal data concerning you, even if not yet registered, and their communication in an intelligible form;
  • II) Getting the indication: (a) of the origin of personal data; (b) of the purposes and methods of processing; (c) of the logic applied in case of processing carried out with the aid of electronic instruments; (d) of the identification details of the owner, managers and designated representative under Art. 5, paragraph 2 Privacy Code and Art. 3, paragraph 1, GDPR; e) of the subjects or categories of subjects to whom the personal data may be communicated or who may become aware of them in their capacity as designated representative in the territory of the State, managers or appointees;
  • III) obtain: (a) the updating, rectification or, when you have an interest, the integration of data; (b) the cancellation, transformation into anonymous form or blocking of data processed in violation of the law, including data whose retention is not necessary in relation to the purposes for which the data were collected or subsequently processed; (c) certification that the transactions referred to in subparagraphs. (a) and (b) have been brought to the attention, also as regards their content, of those to whom the data have been communicated or disseminated, except where this proves impossible or involves the use of means manifestly disproportionate to the right protected;
  • IV) oppose you, in whole or in part: (a) for legitimate reasons to process personal data about you, even if relevant to the purpose of collection; b) to the processing of personal data concerning you for the purpose of sending advertising or direct sales material or for carrying out market research or commercial communication, through the use of automated calling systems without the intervention of an operator by means of e-mail and/or through traditional marketing methods by means of telephone and/or paper mail. It should be noted that the data subject’s right to object, set forth in the preceding paragraph (b), for the purpose of direct marketing by automated means is extended to traditional methods and that, in any case, the possibility for the data subject to exercise the right to object even in part remains unaffected. Therefore, the data subject may choose to receive only communications by traditional means or only automated communications, or neither type of communication.

Where applicable, you also have the rights under Articles 16-21 GDPR (Right to rectification, right to be forgotten, right to restrict processing, right to data portability, right to object), as well as the right to complain to the Data Protection Authority.

  1. Ways of exercising rights

You may at any time exercise your rights by sending:

  • a registered letter with return receipt to the place of business, with address stated in the incipit;
  • an e-mail to info@locandastellalpina.it

. Pec at locandastellalpina@artigiani.vi.legalmail.it

  1. Minors

This Site and the Owner’s Services are not intended for minors under the age of 18, and the Owner does not intentionally collect personal information referring to minors. In the event that information about minors is unintentionally recorded, the Owner will delete it in a timely manner upon the users’ request.

  1. Owner, manager and appointees

The Data Controller / Data Processor (pursuant to Articles 4, 24, 28 of EU Reg. 2016/679) is Locanda Stella Alpina di Panozzo Tullia in the person of Panozzo Tullia, with registered office in Via Campiello, 86, 36010 Treschè Conca VI.
The updated list of data processors and processors is kept at the Data Controller’s office.

  1. Amendments to this Notice

This Notice is subject to change. We recommend, therefore, that you check this Policy regularly and refer to the most up-to-date version.


Confidentiality agreement for all information provided by our customers and site users

The data controller hereby declares that he/she is aware that as a result of the working relationship with clients and/or consultancy also free of charge with users of the site who contact the controller by email or chat or other communication channels, he/she may become aware of data, information and news in general, having a confidential nature and undertakes to maintain the strictest confidentiality on what he/she receives, as well as on any other news, confidence and/or information, in the broadest meaning of the term, learned about and/or from the client or user of the site.


Graphics, layout, text, video, and code on this site may not be replicated, even partially, on other websites, mailing lists, newsletters, print magazines, and CD-ROMs, without the prior permission of the data controller, regardless of profit motive.


Authorization, even to make links to our site, must be requested in writing via e-mail and is considered accepted only with a specific consent of the data controller, also in writing. Silence does not give rise to any authorization. Trademarks mentioned and programs on the site are exclusive to their respective owners in accordance with stated licenses.

Live webcam

Webcam images are transmitted live and do not constitute historical archives.

Each tourist webcam is installed in compliance with the regulations, regarding privacy, in force in the country where it is located. Streaming Engine server is located and managed by company Terasweb Di Ivan Baù via Mori, 7 – 36012 – Asiago (VI) P.iva 03841850245 – C.F. BAUVNI71A10A465K , phone +39 0424 64180 , email: hd.terasweb@gmail.com.

In compliance with current regulations, it is reported that the footage taken through our webcams is taken from such a distance that the somatic features of the subjects cannot be recognized; they are devoid of the ability to use the zoom function and do not allow for panning.

If you believe that a webcam has been moved from its original installation location, due to natural or man-made phenomena, thus causing a privacy risk, i.e. harming your privacy according to GDPR, please promptly notify Ivan Baù’s TeraSweb team through the address: hd.terasweb@gmail.com


What are cookies

Cookies are small text files that sites visited by users send to their terminals, where they are stored to be retransmitted to the same sites on subsequent visits. Cookies are used for different purposes, have different characteristics, and can be used either by the owner of the site you are visiting or by third parties. Below you will find all the information about the cookies installed through this site, and the necessary guidance on how to manage your preferences regarding them.

The Cookies used by this site are of three types: technical ones that do not require consent, non-technical ones that require the surfer’s consent, and those managed by third parties.

Technical cookies that do not require consent

This website uses technical cookies that are strictly necessary for the operation of the site and the delivery of the service as well as technical cookies related to preference saving and site optimization activities. Specifically, technical cookies are used that are necessary for the functioning of javascript, technical session cookies that allow the site to link user actions during a browser session (e.g., switching from one page to another) allowing faster navigation as well as technical cookies that store user preference (cookie consent) and prevent the banner from being repeated on subsequent visits. All technical cookies do not require consent, so they are automatically installed following access to the site.

Cookies for which consent is required

All cookies other than the technical ones indicated above are installed or activated only following the consent given by the user the first time he or she visits the site. Consent can be expressed in a general way, by interacting with the short information banner on the landing page of the site, in the manner indicated in that banner (by clicking on the OK button or the X button; or by continuing navigation, including by scrolling or through a link); or it can be provided or denied selectively, in the manner indicated below. A record of this consent is kept at subsequent visits. However, the user always has the option of revoking all or part of the consent already given. If the automated system fails, the user is required to notify the data controller.

Third-party managed cookies

Cookies operated by third parties are also installed through this site. You will find some directions below, and a link to the privacy policy and consent form for each. For all you can also express your consent by continuing browsing or closing this window. You will find below the name of the third parties that handle them, and for each of them the link to the page where you can receive information about the processing and express your consent.

– Social network cookies are used for sharing content on social networks

YOU TUBE: http://www.google.it/intl/it/policies/privacy/

FACEBOOK: http://developers.facebook.com/

TWITTER: https://twitter.com/it/privacy

– Statistical cookies: Third-party statistical cookies (Google Analytics) are used, for the management of statistics in an anonymous form, without tracking the User’s IP (non-IP profiled user data), with data sharing with the Third Party.

Access to Third Party Information:

Privacy Policy: http://www.google.com/policies/privacy/

Cookie Policy: https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage


For deactivation: https://tools.google.com/dlpage/gaoptout?hl=it

Other technologies (e.g., plugins, widgets, local storage, etc.)

Interaction with social networks and external platforms

Widget: is a graphical user interface component of a program, which is intended to make it easier for the user to interact with the program. The most commonly used widgets are social network widgets, which allow users to easily open social networks in a separate window of the browser.

These services allow for interactions with social networks or other external platforms, directly from the pages of a site. Any interactions and information captured by the site are subject to the privacy settings of the third party that created the aforementioned technologies. To receive detailed information regarding the use of personal data processed when you use these technologies, please visit the websites of the third party operators of these technologies. You will find below the references of these third parties, and next to each of them you will find the link to the page where you can receive information about the processing and, where required by the regulations, express or deny your consent:

-Facebook social widget https://www.facebook.com/privacy/explanation

-Twitter social widget https://twitter.com/privacy?lang=it

-Youtube social widget (Google) http://www.google.com/intl/it/policies/privacy/

-Widget social Linkedin (Linkedin) https://www.linkedin.com/legal/privacy-policy

– Wubook widget for reservations (Wubook) https://wubook.net/dload/privacy_it.pdf

Remember that you can also manage your cookie preferences through your browser

If you do not know the type and version of browser you are using, click on “Help” in the browser window at the top to access all the information you need.

If you know your browser instead, click on the one you are using to access the cookie management page.

Internet Explorer http://windows.microsoft.com/en-us/windows-vista/block-or-allow-cookies

Google Chrome https://support.google.com/accounts/answer/61416?hl=it

Mozilla Firefox %20and%

Safari http://www.apple.com/legal/privacy/