The Institution is hereinafter referred to as the “Data Controller.” The terms “we,” “us,” and “our” in this Privacy Policy refer to the Data Controller.
As the entity responsible for processing your Personal Data, we do everything within our power to protect your privacy when you visit the Website.
This Policy allows you to learn more about the origin and use of your Personal Data and browsing information processed when you visit our Website.
For the purposes of this Policy, the term “Personal Data” refers to any data relating solely to you and allowing you to be identified directly or indirectly, regardless of the Device you are using.
The term “Device” refers to the physical equipment (computer, tablet, smartphone, telephone, etc.) that you use to access and browse the Website.
The term “Regulation” refers to the legislation relating to personal data, and in particular Regulation No. 2016/679, known as the General Data Protection Regulation (GDPR), Legislative Decree No. 101 of August 10, 2018, and Legislative Decree No. 196 of June 30, 2003, containing the Italian Personal Data Protection Code.
By using our Website, you declare that you accept the terms of this Policy in their entirety.
If you do not agree with any of these terms, you are free to stop using our Website.
This Privacy Policy is updated regularly. We will notify you in advance of any significant changes through notifications on the relevant services or via email, where appropriate.
The Website will always display the most recent version of this Privacy Policy.
In accordance with the Regulation, we record all processing activities in a processing register that is made available to the competent authorities.
All information you provide during your visits to the Website is confidential. This information is necessary for processing purposes.
The information that may be collected and processed includes:
When we ask you to enter personal data to access a feature, some data fields are mandatory because they are necessary to allow you to use that feature (for example, to register your booking we need your first and last name).
It is important that the personal information you share about yourself is accurate and up to date.
We do not process any personal data that may be classified as “sensitive” (information concerning racial or ethnic origin, political, philosophical or religious opinions, trade union membership, health or sex life) within the meaning of the Personal Data Regulation.
We undertake not to transfer your personal data to third parties except as otherwise specified below in Article 3.3.
Booking Management
Processing your data is necessary to keep you informed about the status of your booking, provide booking summaries, accept payments, etc.
Customer Service Access
We process your Personal Data as part of our customer service activities in order to respond to your requests, particularly through contact forms.
Fraud Detection and Prevention
We process your personal data to detect, prevent, and investigate fraudulent activities in order to protect both you and our business from financial crimes, unauthorized transactions, and security threats.
Improvement of our Services
We process your browsing and booking data for analytics and statistical purposes, only with your consent. This data allows us to analyze how you use our Website and improve its usability and quality.
Marketing
As part of your subscription to our newsletter, we process your data to manage your subscription and send targeted information by email or SMS based on your preferences. We may also contact you through push notifications if you subscribe to this service.
Processing for marketing purposes requires your consent. You may unsubscribe from our communications at any time.
If you have given us your consent to receive our communications, we may use the information to:
Contract
For booking management and access to customer service. When you purchase products from our Website, we collect and process your personal data to perform the contract between us. For example, we need your postal details for delivery or banking details to process payment.
Legitimate Interest
Consent
For improving our services and marketing. When we process Personal Data for service improvement and marketing purposes, the legal basis is your consent.
Legal Obligation
To comply with applicable legal obligations. When we are required to comply with legal obligations such as providing guest personal data to competent authorities or for tax purposes.
During the use of our Website, you may receive information from third parties with whom we cooperate to provide certain services:
The Personal Data collected through the Website is primarily processed by the internal departments of the Data Controller.
We may share your information with the third parties listed above for reasons including:
We require third parties receiving your personal data to comply with Personal Data Regulations. These third parties may only use your personal information according to our instructions and not for their own purposes.
Your access and browsing data may be transferred to Google Analytics.
We may also disclose your Personal Data in response to lawful requests from legal authorities.
We will retain your data for a period determined by applicable local law following your last booking in order to respond to questions, complaints, or maintain data necessary to comply with legal, accounting, or analytical requirements.
Country-specific retention periods:
Italy: Pursuant to Article 2946 of the Italian Civil Code, the general limitation period is 10 years from termination of the contract. For tax-related data, documents must be retained for 10 years in accordance with Italian tax legislation. Longer periods may apply in limited circumstances.
We may also retain your data for research or statistical analysis after anonymization.
For newsletter subscriptions, we will no longer contact you if you have not opened our newsletters for more than twelve (12) months or if you withdraw your consent earlier, since you have the right to object to commercial communications.
Any changes to this Policy will be made on this page and notified via email for substantial changes.
The Data Controller may also retain your data for research or statistical analysis purposes. Since these data are anonymized, no retention period is imposed by the Regulation because it is no longer possible to “re-identify” you afterward.
Your Personal Data is hosted by Heroku Inc., The Landmark @ 1 Market St., Suite 300, San Francisco, CA 94105, United States.
The servers on which your Personal Data are stored are located in Frankfurt, Germany.
The Data Controller has implemented appropriate technical measures to maintain the security of your Personal Data.
Your consent must be given clearly and unambiguously. When you agree to fill out the Website contact form:
Country-specific age thresholds
In accordance with the Regulation, you have the following rights regarding your Personal Data:
A similar right also exists under Article 2-terdecies of Legislative Decree No. 196/2003, although each social platform has its own rules.
Regardless of the purpose or legal basis on which we process your data, you may send us an email to exercise your rights at:
jungleboutique2023@gmail.com
Or send us a letter to:
80127, Vico Acitillo, 170, Naples, Italy
Please note that we may not always be able to respond positively to your request for legal reasons, which will be brought to your attention after receiving your request.
You also have the right to lodge a complaint with the competent supervisory authority.
The Website has appropriate security measures in place to prevent the loss, misuse, unauthorized access, alteration, or disclosure of your Personal Data.
All collected personal data are stored on secure servers. The Data Controller has implemented procedures to manage any personal data breach.
We recommend connecting only to secure networks, preferably private networks. Be aware of the risks associated with public Wi-Fi networks.
Regardless of the Data Controller to whom you voluntarily transmit your Personal Data and considering the nature of the Internet network, other operators unrelated to the Data Controller may collect them without your consent, particularly during Internet browsing. We recommend installing antivirus and anti-spyware software on your computer and updating it regularly.
The Data Controller will never ask you via email to provide personal information.
If you receive an email on behalf of the Data Controller requesting sensitive personal information (bank details, private life data, etc.), please do not reply and forward the email to us so that we can take the necessary measures.
You should provide your account information only after logging into the Website directly through your browser.