Discover our summer discounts and book your next trip!

Privacy Policy

BROWSERS: END USERS

Pursuant to Regulation (EU) 2016/679 (hereinafter "Regulation"), this page describes the methods of processing the personal data of users who consult the website www.tramundi.it.
The information provided does not concern other websites, pages, or online services that can be reached through hyperlinks, possibly published on the site, but related to resources external to the domain of the Owner.
Please note that the privacy policy may be changed from time to time in response to the activation of new services or due to legal updates, therefore it is advisable to periodically check for any changes by consulting this policy.

DATA CONTROLLER

The Data Controller of personal data is Tramundi S.r.l., with its legal headquarters in Milan (MI), Via Borromei 6.
E-mail address: dpo@colombo.it

DATA PROTECTION OFFICER (DPO)

The Data Protection Officer (DPO) is Attorney Francesco Angelo Lorusso, with an office at Viale Monte Nero, No. 66, Milan, 20135.
Email address: lorusso@legalelorusso.it
The legal bases that will be applicable, depending on the data processing carried out on the site, are the consent of the data subject, the performance of a contract to which the data subject is party / the execution of pre-contractual measures taken at the data subject's request, as well as the pursuit of a legitimate interest.

DATA PROCESSING LOCATION

The treatments related to the web services of this site are based in Italy, and are managed at the Data Controller's office and by other external managers, during update and maintenance operations. No data from the web service is disseminated. The personal data voluntarily provided by users who submit contact requests are used solely for the purpose of performing the requested service or provision, possibly also through external service providers, always within the Italian territory.

TYPES OF DATA PROCESSED AND PURPOSES OF PROCESSING

Browsing data
The computer systems and software procedures responsible for the operation of this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This category of data includes:
  • the IP addresses or domain names of the computers and terminals used by users, the addresses in URI/URL (Uniform Resource Identifier/Locator) notation of the requested resources,
  • the time of the request;
  • the method used to submit the request to the server;
  • the size of the file obtained in response;
  • the numerical code indicating the status of the response given by the server;
  • and other parameters related to the operating system and the user's computing environment.
Such data, necessary for the use of web services, are also processed for the purpose of:
  • obtain statistical information on the use of services (most visited pages, number of visitors per hour or day, geographical areas of origin, etc.);
  • for the determination of responsibility in the event of alleged cybercrimes against the site, for statistical purposes,
  • to improve the site's navigation and content.
Data voluntarily provided by the user
  • The optional, explicit, and voluntary sending of messages to the contact addresses of the Data Controller, as well as,
  • the compilation and submission of the forms present on the website,
involve the acquisition of contact information, as well as all personal data included in communications/fillings necessary for:
  • respond to any requests
  • manage and execute the requested service;
  • conduct direct marketing when allowed;
Cookies and other tracking systems
Any data that may be collected through cookies, and the methods for their management, are fully described in the “cookie policy” document, which we recommend reviewing.

DATA RETENTION PERIOD

In compliance with the principles of lawfulness, purpose limitation, and data minimization, in accordance with Article 5 of the GDPR, the retention period for personal data is set for a timeframe not exceeding the achievement of the purposes for which they are collected and processed and in respect of the time necessary for the proper provision of required services.

OPTIONAL NATURE OF DATA PROVISION

Apart from what is specified for navigation data, the user is free to provide personal data included in the request forms. Should the data be acquired through consent, the user has the right to revoke it at any time without affecting the lawfulness of the processing based on the consent given prior to the revocation.

PROCESSING METHODS

Personal data is processed with automated tools for the time strictly necessary to achieve the purposes for which it was collected. Specific security measures are observed to prevent data loss, illicit or incorrect use, and unauthorized access.

DATA RECIPIENTS

The recipients of the data collected by the site are:
  • third-party technical subjects, whose knowledge of the data is necessary for the performance of their duties in the development and maintenance of the web platform, appointed by the Data Controller as data processors in accordance with Article 28 of the Regulation;
  • personnel of the Data Controller specifically authorized;
  • any external service providers as independent data controllers or duly appointed as processors pursuant to Article 28 of the GDPR in order to perform the service or provision requested by the user.

DATA TRANSFER ABROAD

Some personal data may be transferred to recipients who may be located outside the European Economic Area. In such cases, the data controller ensures that the electronic and paper processing of Personal Data by the recipients is in compliance with applicable legislation. The transfers are alternatively based on an adequacy decision, on the Standard Model Clauses approved by the European Commission, or according to the guarantees offered by the Privacy Shield.

DATA SUBJECTS' RIGHTS

The data subjects to whom the personal data refers have the right, according to articles 15-22 of the GDPR, to:
  • request confirmation of whether or not their personal data exists;
  • to obtain information about the purposes of the processing, the categories of personal data, the recipients or categories of recipients to whom the personal data have been or will be disclosed, and, where possible, the period of retention;
  • to obtain rectification and erasure of data;
  • obtain the restriction of processing;
  • to obtain data portability, that is, to receive them from a data controller in a structured, commonly used and machine-readable format, and to transmit them to another data controller without hindrance;
  • to object to processing at any time and also in the case of processing for direct marketing purposes;
  • to object to automated decision-making processes concerning individuals, including profiling.
The data subject also has the right to lodge a complaint with a supervisory authority in accordance with Article 77 of the GDPR.
To exercise their rights, individuals may submit a request to the contact details of the Data Controller provided in this policy. Requests are made free of charge and will be processed by the Data Controller as quickly as possible, and in any case within 30 days.

Would you like to receive special content from the world of travel?

Subscribe to our newsletter to receive special offers, fun facts, and advice from the world of travel. You'll feel like you're always on the road!
About usFAQHow to book