Privacy Policy – Tripcovich

Tripcovich hereby informs visitors to its Website of the policy adopted regarding the Protection of Personal Data.
Navigation within this Website is free and does not require any registration, except for some areas where the User can freely and expressly provide a series of data to access specifically identified services (e.g. through the appropriate form to request a rental vehicle, etc.). To access such additional services, the User will be specifically informed with indications of the additional specific purposes and methods of data use.

DEFINITIONS
Personal Data (or Data)
Personal data is any information that, directly or indirectly, even in connection with any other information, including a personal identification number, makes a natural person identified or identifiable.
Usage Data
These are the information collected automatically through a Website (including third-party applications integrated into this Website), including: IP addresses or domain names of the computers used by the User connecting to the Website, URI (Uniform Resource Identifier) addresses, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response from the server (successful, error, etc.), the country of origin, the characteristics of the browser and operating system used by the visitor, the various temporal connotations of the visit (e.g. the time spent on each page).
User
The individual using this Website who, unless otherwise specified, coincides with the Data Subject.
Data Subject
The natural person to whom the Personal Data refers.
Data Controller (or Controller)
The natural or legal person who determines the purposes and means of the processing of personal data and the tools adopted, including the security measures related to the operation and use of this Website. The Data Controller, unless otherwise specified, is the owner of this Website.
External Data Processor (or Processor)
The natural person, legal entity, public administration, and any other entity processing personal data on behalf of the Controller.

WHO WE ARE AND HOW TO CONTACT US: THE “DATA CONTROLLER”
The “controller” of the processing is: TRIPCOVICH S.R.L. with registered office at Via San Lazzaro, 5 – 34122 Trieste VAT / C.F. 00798560322 | REA number: TS – 101527
The Controller’s contact details are as follows: Ph. +39 040 3728207; Fx. +39 040 761338 – Email info@tripcovich.com

PERSONAL DATA PROCESSED AND PURPOSES OF PROCESSING
Navigation Data
The computer systems and software procedures used to operate this site acquire some personal data, the transmission of which is implicit in the use of Internet communication protocols.
This category of data includes IP addresses or domain names of the computers and terminals used by users, URI/URL (Uniform Resource Identifier/Locator) addresses of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.), and other parameters relating to the user’s operating system and computer environment.
These data, necessary for the use of web services, are also processed for the purpose of:
-obtaining anonymous statistical information on the use of services (most visited pages, number of visitors per time or daily range, geographical areas of origin, etc.);
-verify the correct functioning of the services offered.
Navigation data do not persist for more than seven days and are deleted immediately after their aggregation (except for any need for investigation of crimes by the judicial authorities).

Data communicated by the User
The optional, explicit, and voluntary sending of messages to the contact addresses published on the website, as well as the completion and submission of forms on the website to enjoy the services offered, involve the acquisition of the sender’s contact data, necessary to respond, as well as all personal data included in the communications.
Specific information is published on the website pages prepared for the provision of certain services, with a request for possible consent to the processing.

Data of minors under 18 years of age
Minors under 18 years of age are not authorized to provide any personal data or register on the site. If it is found that the statements made are not true, all data received will be deleted.

COOKIE
The cookie information is available at the following link https://www.tripcovich.com/cookie-policy/

PURPOSES AND LEGAL BASIS OF PROCESSING
The Controller processes the above-mentioned personal data for: managing and maintaining the site; allowing access to any dedicated areas; enjoying any services offered; providing assistance and advice and processing a contact request; carrying out administrative-accounting activities in general; complying with an order of the Authority; preventing fraudulent activities or harmful abuses for the site; exercising a right in court.
The Controller may process the above-mentioned personal data even without specific consent, except as required for the completion of specific forms where the possible acquisition of consent is provided, as the legal basis for the lawfulness of the processing derives from the execution of pre-contractual measures taken at the request of the data subject (e.g. request for information via email), as well as for the pursuit of the legitimate interest of the Controller to promote and achieve its statutory purposes.
The provision of data for the above purposes is voluntary; however, any refusal may result in the inability of the Controller to pursue the aforementioned purpose.

PROCESSING METHODS
The data is entered into an electronic database and/or stored in paper archives.
The data is not subject to automated decision-making, nor is any profiling of any kind carried out.

RECIPIENTS OF USER DATA
The personal data of users may be processed and known by Tripcovich’s collaborators and employees, as subjects authorized to process and specifically instructed for the protection of data. The data may be communicated to external subjects (e.g. companies managing the site and web platforms for booking services, affiliated companies, external consultants, subcontractors, etc.) for the purposes outlined above, if their involvement is necessary. The same subjects will operate as independent Controllers, or will be designated as external Processors, whose complete list can be requested by sending an email to info@tripcovich.it.
The data may be communicated to supervisory bodies and judicial authorities, as well as to all other subjects to whom communication is mandatory by law.
The management and storage of personal data will take place in the EU, on servers located in Italy of the Controller and/or third-party companies within the EU, appointed and duly designated as Data Processors.

DATA RETENTION PERIOD
The Data Controller will retain the data for the time strictly necessary to achieve the purposes outlined above and also to respond to any access and data retrieval needs. After 24 months from acquisition (7 days for navigation data), or if there are no further contact needs or storage obligations (10 years for contractual purposes), the data will be deleted.

DATA SUBJECT RIGHTS
The Data Subject, under certain conditions, has the right to ask the Data Controller for:
• access to the data;
• a copy of the data provided (so-called portability);
• rectification of the data;
• deletion of data for which the Controller no longer has any legal basis for processing;
• withdrawal of consent, if the processing is based on consent;
• limitation of how the Controller processes the data, within the limits provided by the law.

Right to object: in addition to the rights listed above, the Data Subject has the right to object at any time, for reasons related to their particular situation, to the processing of data carried out by the Controller for the pursuit of their legitimate interest. They can also object at any time if the data is processed for marketing and profiling purposes.

The exercise of rights is free and not subject to formal constraints, but is subject to some exceptions aimed at safeguarding public interest (e.g. prevention or identification of crimes) and the interests of the Controller. It is the responsibility of the Controller to verify the legitimacy of the Data Subject and provide a response, usually within one month. With reference to the purposes mentioned above, the Data Subject has the right to request the cessation of processing and the sending of email communications by the Controller at any time, with a request to be sent to the contacts indicated above.

RIGHT TO LODGE A COMPLAINT
If the Data Subject believes that there has been a violation in the processing of their personal data, they can lodge a complaint with the Supervisory Authority of the place where they usually reside, work, or where the alleged violation occurred. In Italy, a complaint can be lodged with the Guarantor Authority for the Protection of Personal Data.

CHANGES TO THIS PRIVACY POLICY
The Controller reserves the right to make changes to this privacy policy at any time by notifying users on this page and, if technically and legally feasible, by sending a communication to users through one of the contact details they possess. If the changes affect processing based on consent, the Controller will collect the user’s consent again, if necessary.