Name: Hotel Andreotti
Address: Via Castelfidardo, 55, Rome, Italy
Telephone: +39064441006
Price range: $ - $
Rating: 4.4

Last update on the 23rd of October 2019

LIRIKOS Invest, s.r.o., Id. No. 03583678, with its registered office at Koulova 1501/15, Dejvice, 160 00 Praha 6, registered at the Municipal Court in Prague, Section C, File No. 234092 (hereinafter: “Company”) respects the personal rights of its Guests, hence it prepared this Privacy Policy, which is available in electronic format at the Company's website as well as in print format on reception in hotel Andreotti.

This Privacy Policy describes how the Company, which is providing hotel services under the MOZART HOTEL GROUP trademark, and its Affiliates and Subsidiaries (“we” or “us”) collects, uses, consults or otherwise processes your Personal Data.

The Company operates in accordance with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter as “GDPR”) as well as the current national Data Privacy Acts. When using the Internet, we are committed to the protection of your Personal Data by the Act No. 101/2000 Coll., on Personal Data Protection or any legal regulation that would replace this law in the future and by GDPR.

This Policy is developed to explain our practices regarding the Personal Data we collect from you or about you at https://andreottihotel.it (collectively, the “website”), through written or verbal communications with us, when you visit one of our hotels from the MOZART HOTEL GROUP, or from other sources. We use Personal Data primarily to administer, provide, develop and maintain the hotel services, process your reservations, optimize your experience with respect to the services and individualize the communication with you. Please read this Policy carefully to understand how and for what purposes we process your Personal Data.

By using this website or using any of our services and by agreeing to this Policy, you agree to the collection and use of Personal Data as described in this Policy

Table of contents:

1. Definitions

Controller: A legal person, LIRIKOS Invest, s.r.o., Id. No. 03583678, with its registered office at Koulova 1501/15, Dejvice, 160 00 Prague 6, registered at the Municipal Court in Prague, Section C, File No. 234092 who determines the purposes and means of the processing of Personal Data.

Consent of the data subject: means any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of Personal Data relating to him or her;

Processor: A natural or legal person, public authority, agency or other body which processes Personal Data on behalf of the controller.

Recipient: A natural or legal person, public authority, agency or another body, to which the Personal Data are disclosed, whether a Third Party or not.

Third Party: A natural or legal person, public authority, agency or body other than the data subject, controller, Processor and persons who, under the direct authority of the controller or processor, are authorized to process Personal Data.

Supervisory Authority: An independent public authority which is established by a Member State pursuant to Article 51 of the GDPR. Specifically, the Office for Personal Data Protection Pplk. Sochora 27, 170 00 Prague 7, Czech Republic, [email protected], +420 234 665 800 (GDPR infoline).

Personal Data: Any information relating to an identified or identifiable natural person (“Data Subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Processing: Any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Mozart Hotel Group: Companies from the MOZART HOTEL GROUP hotel chain which can be based worldwide.

Hotel Andreotti (furthermore also as hotel) is a hotel operated by the Controller and located at Italy, Rome, Via Castelfidardo, 55.

Standard Contractual Clauses: Sets of standard contractual clauses for transfers as adopted by the European Commission for the international transfer of Personal Data.

Personal Data Breach: A breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Personal Data transmitted, stored or otherwise processed.

2. Personal Data that we collect and process. Data retention policy

The Company collects and processes your Personal Data only where permitted by law. We only collect Personal Data relevant for the purpose described in the Privacy Policy. This personal information may include:

In the case of online, personal (paper-based) or phone reservations, the Company requests/can request that the Guest makes the following data available:

- Contact details for purpose of price offer request or reservation: (title, first name, last name, address, phone number, e-mail address), based on point b) and c) section 1 Article 6 of EU GDPR;

- Contact details for purpose of marketing and on-line advertisements: first name, last name, e-mail address based on point a) section 1 Article 6 of EU GDPR (consent of the Guests);

- Personal information for purpose of reservation (ID card, passport details, place and date of birth, citizenship) based on point b) and c) section 1 Article 6 of EU GDPR;

- Information relating to your children for purpose of reservation (for example, first name, date of birth, age) based on point b) and c) section 1 Article 6 of EU GDPR;

- Details of bank card for transaction and reservation purposes for the settlement of the consideration of the service, fulfillment of the invoicing obligation (type, number, expiry date, name of card holder; CVC/CVV) based on point c) section 1 Article 6 of EU GDPR;

- Membership details in the Loyalty Program based on point a) section 1 Article 6 of EU GDPR (consent of the Guests);

- Arrival and departure dates based on point b) section 1 Article 6 of EU GDPR;

- Visa number and certificate of registration (for non-EU or non-EEA residents) for purpose of reservation based on point b) section 1 Article 6 of EU GDPR;

- Technical and location data you generate as a result of using our websites (the start and end time of usage of the website, IP address and other recorded browsing data (cookie) of the user of the website) and applications based on point a) section 1 Article 6 of EU GDPR (consent of the Guests).

Upon using hotel services, Guests shall fill in a hotel registration card, in which they agree with processing of their Personal Data. The Company shall manage such data in order to fulfil its obligations prescribed in the relevant legal regulations (particularly regarding the laws related to immigration control and tourism tax).

Providing the required data by the Guests is a precondition for using hotel services. By signing the registration card, Guests consent to the Company processing the personal data provided by filling in the registration card in order to verify that the contract was concluded and/or performed, as well as to possibly enforce claims.

Also we may ask for information about your joint travelers, including their names and additional information.

The table below sets out in what ways the Company processes Personal Data of the Guests, the legal basis for the processing and the associated retention period. The following retention periods are applicable to personal data which is stored both in electronic and paper forms.

	Activity	Legitimate purpose for processing and storage of Personal Data	Retention period
1.	Managing the reservation of rooms, submitting notifications to migration authorities, storage of legal documents in compliance with accounting standards.	Performance of a contract with the customer. Necessary to comply with a legal obligation.	10 years unless otherwise provided by country’s special legislation.
2.	Managing your stay at the hotel: Managing access to rooms; Monitoring use of hotel services by the guest (telephone, bar, pay TV, Wi-Fi etc.); Operating surveillance cameras in the premises of hotel in order to ensure the security of Guests and their property, as well as the security of hotel’s property and personnel (camera surveillance is indicated by a pictogram and a warning sign with text).	Performance of a contract with the customer. Necessary for Company’s legitimate interest in running its business and providing our guests with high quality services.	For the duration of your stay at the hotel.
3.	Managing Company’s relationship with customers before, during and after stay at the hotel: Managing the Loyalty Program; Inputting details into the customer database; Developing statistics, commercial scores and carrying out reporting of the same; Providing context data for our marketing tools. This happens when a customer visits any of the group’s website or makes a reservation; Understanding and managing the preferences of new or returned customers; Sending customers newsletters, special offers and service quality requests, hotel or service offers, offers from MOZART HOTEL GROUP.	Performance of a contract with the customer and for the management of customer’s membership in the loyalty program. Necessary for Company’s legitimate interests in promoting its services, performing direct marketing activities (taking into account your commercial relationship with one of MOZART HOTEL GROUP’s legal entities) and improving its services.	3 years from the last date on which you have interacted with us in any way, if you are not a member of the loyalty program. 6 years from the last date on which you have interacted with us in any way, if you are a member of the loyalty program.
4.	Improving Company’s hotel services by: Personalising your check-in, improving the quality of service and customer experience; Adapting our services to better meet your requirements; Customising the commercial offers and promotional messages MOZART HOTEL GROUP sends you; Informing you of special offers and any new services created by MOZART HOTEL GROUP.	Performance of contract with the customer in relation to the management of your membership in the loyalty program. Necessary for Company’s legitimate interests in promoting its services, performing direct marketing activities (taking into account your commercial relationship with one of MOZART HOTEL GROUP’s legal entities) and improving our services.	3 years from the last date on which you have interacted with us in any way, if you are not a member of the loyalty program. 6 years from the last date on which you have interacted with us in any way, if you are a member of the loyalty program.
5.	Improving MOZART HOTEL GROUP services, in particular: Carrying out surveys and analyses of questionnaires and customer comments; Managing claims/complaints; Offering you the benefits of our loyalty program.	Performance of contract with the customer (for the management of customer membership in the loyalty program) Necessary for Company’s legitimate interests in promoting hotel services, performing direct marketing activities (taking into account your commercial relationship with one of MOZART HOTEL GROUP’s legal entities) and improving its services.	3 years from the last date on which you have interacted with us in any way, if you are not a member of the loyalty program. 6 years from the last date on which you have interacted with us in any way, if you are a member of the loyalty program. 6 years from the date of closure of your file in case of a claim or a complaint.
6.	Securing and enhancing your use of MOZART HOTEL GROUP websites and services by: Improving navigation; Maintenance and support; and Implementing security and fraud prevention.	Necessary for Company’s legitimate interests in running its business, provision of administration and IT services and network security to prevent fraud	3 years from the last date on which you have interacted with us in any way.
7.	Using services to search for persons staying in MOZART HOTEL GROUP hotels in the event of serious events affecting the hotel in question (natural disasters, terrorist attacks, etc.).	Protection of the vital interests of the customers.	For the duration of the event.
8.	Conforming to any applicable legislation (for example, storing of accounting documents), including: Managing requests to unsubscribe from newsletters, promotions, tourist offers and satisfaction surveys Managing Data Subject’s requests regarding their Personal Data.	Necessary to comply with a legal obligation.	10 years unless otherwise provided by country’s special legislation.

3. Personal Data collected from third parties

It is important for us to keep your Personal Data up to date and accurate at all times, that’s why we may import Personal Data about you from external sources such as public registers. When required by law, the consent for the processing of certain types of Personal Data or for certain forms of processing will be obtained from you before processing takes place.

We may also collect information about you from third parties, including information from airlines, payment systems and other partners; from online social services consistent with your settings on such services; and from other third-party sources that are lawfully entitled to share your data with us. The Company uses and shares this information only for the purposes described in the relevant contracts with the third parties which are contractually obligated to protect your Personal Data.

4. Personal Data we share

In order to offer you the high level of hotel services, we may share your Personal Data among the companies of MOZART HOTEL GROUP, our service providers, and other third parties as set forth in detail below:

We share your data with a number of authorised employees and departments in the MOZART HOTEL GROUP in order to offer you the best experience in our hotels. The following teams may have access to your data:

Hotel staff;
Reservation staff using reservation tools;
IT departments;
Commercial partners and marketing services;
Medical services if applicable;
Legal services if applicable.

In particular, the data related to your stays, preferences, satisfaction and, if the case may be, your loyalty program membership are shared between the hotels operating under the MOZART HOTEL GROUP brand. This data is used to improve the quality of service and your experience in each of these hotels.

We may share your Personal Data with third-party providers of hotel services such as reception services, spa treatments or food delivery services. We rely on third parties to provide services and products on our behalf and may share your Personal Data with them as appropriate. All our service providers are contractually obligated to protect your personal information and may not otherwise use or share your Personal Data, except as required by law or stated in the contract.

Your Personal Data will also be shared with government authorities and/or law enforcement officials if required for the purposes above, if mandated by law or if required for the legal protection of the Controller(s) legitimate interests in compliance with applicable laws.

5. International data transfers

For the purposes described in this Privacy Policy, we may transfer your Personal Data to internal or external recipients who may be in countries offering different levels of Personal Data protection.

By making a reservation, visiting or staying at the hotel of MOZART HOTEL GROUP, you understand that the Company may transfer your Personal Data outside EU and EEA. Consequently, in addition to implementation of this Policy, the Company employs appropriate measures to ensure secure transfer of your Personal Data to other MOZART HOTEL GROUP hotels or to an external recipient located in a country offering a different level of privacy from that in the country where the Personal Data was collected.

Your data may be sent, in particular as part of the reservation process, to MOZART HOTEL GROUP hotels or divisions located outside of the European Union, in particular in the following countries: Russia, Ukraine.

Other than those that are required to carry out your reservation, data transfers to countries having different levels of Personal Data protection, are regulated by standard contractual clauses defined by the European Commission.

In case you wish to obtain more details about our data transfer safeguards and the mechanisms in place, you may contact us at [email protected].

6. Loyalty Program

The loyalty program of the MOZART HOTEL GROUP is available to the guests throughout the hotels of the MOZART HOTEL GROUP. The loyalty program is operated by Hotel Management Company s.r.o. (limited liability company registered under the legislation of Czech Republic) in cooperation with other companies working under the MOZART HOTEL GROUP trademark.

The loyalty program is designed to enable its participants to enjoy various privileges during their stay at hotels of MOZART HOTEL GROUP.

A Guest may join the Loyalty Program in any of the following ways:

- During his/her stay at a hotel by filling a special registration form at the reception-desk;

- By registering online at any of the website of MHG hotels.

Any person who joins the Program further agrees to receive commercial information by email from the Administrator of the Program. If the participant no longer wishes to receive commercial communications by email, he/she may unsubscribe at any time from these commercial offers by clicking on the unsubscribe link at the end of the email or via his/her personal account. This action has no effect on his/her membership in the Loyalty Program.

7. Other information

When you visit and interact with the website and other mobile applications, the Company collects information that does not directly identify you about your use of the website, such as a catalog of the website pages you visit, and the number of visits to our website (“Other Information”). We use Other Information to deliver you email, online (on our sites and other sites) and mobile advertisements. The Company may also use Other Information to allow third-party partners to recognize you as a MOZART HOTEL GROUP’s client when you visit the partner’s website or app, or to recognize you as one of their customers when you visit MOZART HOTEL GROUP websites or apps so that they may provide more relevant offers to you.

Our website uses cookies and other technologies (such as “pixel tags,” “web beacons,” “clear GIFs”, links in emails, JavaScript, device IDs assigned by Google or Apple, or similar technologies) to relation to its digital services.

Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. Cookies in no way give us access to your computer or any information about you, other than the data you chose to share with us.

You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website. If you want to remove or block cookies from your device at any time, you can update your browser settings (consult your browser's “help” menu to learn how to remove or block Cookies).

The Company may use collected information, or anonymized Personal Data received from third parties, to understand more about our users. This includes demographic data, such as date of birth, gender and marital status, inferred commercial interests, such as favorite products or hobbies, and other information we may collect from you or from third parties.

Because Other Information does not personally identify you, such information may be disclosed for any purpose where permitted by law. In some instances, we may combine Other Information with Personal Data. If we do combine any Other Information with Personal Data, the combined information will be treated by us as Personal Data in accordance with this Statement.

8. Sensitive information

The term “sensitive information” refers to information related to your racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health, sex life, or sexual orientation, genetic information, criminal background, and any biometric data used for the purpose of unique identification. We do not generally collect sensitive information unless it is volunteered by you. We may use health data provided by you to serve you better and meet your particular needs (for example, information that you state in the “Notes” section during the reservation procedure).

9. Personal Data from minors

We do not knowingly collect personal information from individuals under 18 years of age. As a parent or legal guardian, please do not allow your children to submit Personal Data without your permission.

In the event we learn that we have collected Personal Data from a child under the age of 18 without verification of parental consent, steps will be taken promptly to remove that information. If you believe that we have or may have information from or about a child under 18 years of age, please contact us at [email protected].

10. Protection of Personal Data

The Company takes reasonable measures to: (i) protect Personal Data from unauthorized access, disclosure, alteration or destruction, and (ii) keep Personal Data accurate and up-to-date as appropriate. We also seek to require our partners and service providers with whom we share Personal Data to exercise reasonable efforts to maintain the confidentiality of Personal Data about you. The Company shall make every effort to ensure an adequate level of data protection during data transfers.

The Company uses SSL cryptography on its websites for online reservations. Any information shared by the data subject with the Company shall be encrypted automatically and be protected when transferred through the network. When the information is received by our server, it is decoded by using an individual private key. SSL enables the browser to connect to the website and establish a secure communication channel in a transparent manner. SSL is the most widely used and most successful cryptographic system. In order to use the system, the Data Subjects simply need to verify their browsers' compatibility.

Other security-related activities the Company shall ensure transparency to control and establish how and what Personal Data are transferred by applying data transferring devices, who and when entered which data into the system, and shall also make sure that the system can be restored in the case of a failure. Reports are generated with regard to errors occurring in the course of automated processing. The Company shall manage Personal Data confidentially, and shall not disclose them to unauthorized persons. The Company shall particularly protect Personal Data from unauthorized access, modification, transfer, publication, deletion or destruction as well as from accidental destruction, harm and inaccessibility due to modification of the applied technology. The Company shall take all security measures in order to ensure the technical protection of Personal Data.

For online transactions, we use reasonable technological measures to protect the Personal Data that you transmit to us via our website. Unfortunately, however, no security system or system of transmitting data over the Internet can be guaranteed to be entirely secure.

For your own privacy protection, please do not send payment card numbers or any other confidential personal information to us via email.

We will not contact you by mobile/text messaging or email to ask for your confidential personal information or payment card details. In case of receiving a request about your payment card information by e-mail or SMS, please, do not reply, most probably you are communicating with swindlers.

We have an Internal regulation regarding GDPR for our personnel which is available for our guests at the reception of the hotel.

For the processing of payment card numbers and another financial data we use services of TravelClick service. For more details, you may apply to TravelClick Privacy Policy; http://marketing.travelclick.com/GDPR-Privacy-Policy-Communication-May-23-2018.pdf?_ga=2.127999876.985689543.1576050407-267831388.1548749326

For the collecting of information about your usage of the website we use Google analytics services. For more details, you may apply to Google Privacy Policy; https://policies.google.com/privacy

For the purpose of processing emails we use services of MailChimp. For more details, you may apply to MailChimp Privacy Policy; https://mailchimp.com/legal/privacy/

For the processing of your reviews and comments about hotels of MOZART HOTEL GROUP we use services of ReviewPro. For more details, you may apply to ReviewPro Privacy Policy. https://www.reviewpro.com/privacy-policy/

11. Changing, accessing and portability of your Personal Data

GDPR grants specific rights, summarized below, which you can in principle exercise free of charge, subject to statutory exceptions. These rights may be limited, for example if fulfilling your request would reveal Personal Data about another person, or if you ask us to delete information which we are required by law to keep or have compelling legitimate interests in keeping.

11.1. Right to withdraw consent

Wherever we rely on your consent, you will be able to withdraw that consent at any time you choose and at your own initiative on our website or by contacting us at [email protected]. The withdrawal of your consent will not affect the lawfulness of the collection and processing of your data based on your consent up until the moment where you withdraw your consent. Please note that we may have other legal grounds for processing your data for other purposes, such as those set out in this Privacy Policy.

11.2. Right to access and rectify your data

You have the right to access, review, and rectify your Personal Data. You may be entitled to ask us for a copy of your information, to review or correct it if you wish to rectify any information like your name, email address, passwords and/or any other preferences, you can easily do so by logging in to your account on our website or by contacting us at [email protected]. You may also request a copy of the Personal Data processed as described in this Privacy Policy.

11.3. Right to erasure

In accordance with GDPR, you have the right to erasure of your Personal Data processed by us as described in this Privacy Policy in case it is no longer needed for the purposes for which the Personal Data was initially collected or processed or in the event you have withdrawn your consent or objected to processing as described in this Privacy Policy and no other legal ground for processing applies. Should you wish to have your Personal Data erased, please file a request via email at [email protected].

11.4. Right to restriction of processing

Under certain circumstances described in GDPR, you may ask us to restrict the processing of your Personal Data. This is for example the case when you contest the accuracy of your Personal Data. In such event, we will restrict the processing until we can verify the accuracy of your data.

11.5. Right to object to processing

Under certain circumstances described in GDPR, you may object to the processing of your Personal Data, including where your Personal Data is processed for direct marketing purposes. If you object the processing form marketing purposes, the Company will not process your Personal Data anymore for this purpose.

11.6. Right to data portability

Where you have provided your Personal Data directly to us and where the processing is based on your consent or the performance of a contract between you and us, you have the right to receive the Personal Data processed about you in a structured, commonly used and machine-readable format, and to transmit this data to another service provider.

Should you have unresolved concerns, you have the right to lodge a complaint with a Supervisory Authority where you live or where you believe a breach may have occurred. We encourage you to come to us in the first instance but, to the extent that this right applies to you, you are entitled to complain directly to the relevant Supervisory Authority.

We will make all required updates and changes within the time specified by applicable law and, where permitted by law, may charge an appropriate fee to cover the costs of responding to the request. Such requests must be submitted by email at [email protected] or in writing to the following postal address: Italy, Rome, Via Castelfidardo, 55. To protect your confidentiality, we can only respond to such requests to the email address that you have registered or otherwise provided to us. Please remember that if you make such a request, we may not be able to provide you with the same quality and variety of services to which you are accustomed.

In addition, in some circumstances based on applicable law, you may request that we cease sharing personal information about you with our business partners or that the Company ceases using personal information about you by contacting via email. We will seek to honor those requests consistently with applicable law.

12. Choices of marketing communications

If you have given us your contact information (postal address, email address or phone number), we may want to inform you in accordance with any preferences you have expressed, and with your consent where required, about our products and services or invite you to our events via email, online advertising, social media, telephone, text message, push notifications, in-app alerts, our customer service call center, and other means.

If you have explicitly consented to receive our newsletters or marketing communications, including in relation to MOZART HOTEL GROUP, we may, from time to time, contact you with information about our services and latest offers and process your Personal Data for this purpose.

If you no longer want to receive our newsletters or marketing communications, please let us know by sending us an email at [email protected]. You can also unsubscribe from our marketing emails by clicking on the unsubscribe link in the emails sent to you.

13. Modifications of present Privacy Policy

The Company may modify this Privacy Policy from time to time. When we make material changes to this Privacy Policy we will post a link to the revised Privacy Policy on the homepage of our website, and if you have registered for any of our products or services, will may also inform you through communication channels that you have provided. You can tell when this Privacy Policy was last updated by looking at the link and at the date at the top of the Privacy Policy. Any changes to our Privacy Policy will become effective upon posting of the revised Privacy Policy on the website. Use of the website, any of our products and services, and/or providing consent to the updated Privacy Policy following such changes constitutes your acceptance of the revised Privacy Policy then in effect.

14. Contact information

If you have any questions about this Privacy Policy or how the Company or MOZART HOTEL GROUP processes your Personal Data, please contact us by email at [email protected] or by mail to LIRIKOS Invest s.r.o., Koulova 1501/15, Dejvice, Praha 6, 160 00, Czech Republic

/ 5

Privacy policy