INFORMATION ON THE PROCESSING OF PERSONAL DATA
According to the art. 13 of the EU Regulation 2016/679 of 27 April 2016 (GDPR), we provide interested parties with information on the treatments performed by us.
I – Data controller
Bar Code S.r.l. is a company that has been operating for years in the world of catering and hospitality, constantly researching the highest quality. In the exercise of its activities, it collects some information about customers and visitors that come into contact with its structure.
The data controller is Bar Code Srl, with registered office in Rome, Largo della Sapienza n. 1, 00186 (RM).
II – Data collected
La Bar Code S.r.l. collects your personal data to provide its services, and such collection takes place through the voluntary communication of the same upon your arrival at the restaurant, or through prior telephone / email communication, or by browsing our website www.lionroma.it.
III – Recipients of personal data
Your personal data may be disclosed, subject to your consent, to companies belonging to the Brand Tridente Collection, for commercial purposes.
Furthermore, they may be accessible to persons other than the Controller or its authorized employees, only if this is is necessary to provide the requested service by the interested party.
IV – Purposes of the processing
The data collected will be used for different purposes, firstly to provide you with catering services, to answer any questions or special requests you will make to us. To ensure the security and monitoring of our structure, video cameras have been installed so you may be filmed.
Only with your explicit consent, we will use the data collected to carry out promotional activities in line with the preferences you have expressed.
Sometimes, to provide the requested services, we will ask you your personal data. In case of your refusal, or if you forbid us to collect this information, we may not able to provide the requested services.
V – Legal basis of the processing
The treatments we carry out are justified by the implementation of pre-contractual or contractual measures assumed towards customers, as well as to fulfill the legal obligations imposed on us in the field of public security, judicial and tax.
If it doesn’t fall under such bases, the treatment is carried out on your voluntary contribution of data, or previous your explicit consent. In some limited situations, the treatment is carried out on the legitimate interest of the owner (for example video surveillance shooting or the acquisition of credit card data).
VI – Processing methods
Your personal data will be processed with paper and electronic tools and in totally or partially automated ways. Specific security measures are observed to prevent the loss of data, illicit or incorrect use and unauthorized access. These will be technical measures, including for example backup system, antivirus and firewall, and organizational, consisting in identifying subjects within Bar Code S.r.l. authorized to treat and disciplinary policies / job descriptions to which they must comply.
VII – Processing of sensitive data
If you are spontaneously provided with special data (art. 9 GDPR), such data will be treat in such a way as to ensure the confidentiality, entirity, accuracy and security of information contained therein.
VIII – Data retention period
We will keep your data only for the time necessary to provide the products and services requested, unless we have to keep them for longer periods as a result of laws, regulations, or for the resolution of disputes or judicial checks. If your data are no longer necessary due to legal or regulatory requirements and the legal basis of the processing is not based on a consent, Bar Code S.r.l. will take reasonable steps to destroy such data or to make it permanently unidentifiable.
If the legal basis for the processing is the consent or voluntary provision of data by you, these will be kept until the consent is revoked and in any case no later than 12 months from their provision.
The storage of the video surveillance images is limited, at most, to the twenty-four hours following the detection, subject to special requirements for further storage in relation to holidays or the closure of offices or establishments, as well as in the case in which a specific request must be adhered to. investigation by the judicial or judicial police.
The emails used for commercial purposes, subject to explicit consent, will be sent until the interested party has exercised the right to cancel the newsletter that can be exercised directly from the email received.
IX – Rights of the interested parties
At any time you can ask us, by any means avalaible,confirmation of existance or not of data concerning you, and if so, their details; you can ask us the origin of these data, modalities and purposes of the treatment; you can ask modification and cancellation of data, which will be extended to cover any third parties to whom they have been transmitted as well as receive notifications in the cases referred to the article 19 GDPR. You can also exercise the right to limit the processing, the right of opposition and request data portability.For all treatments based on your consent, you can cancel it at any time and without any formalities. In the event of “data breach”, will be our care to contact you to advise without unjustified delay. As interested, you have the right to lodge a complaint to the control Authority.
For more information, comments or to exercise your rights, please contact the email address email@example.com.