INFORMATION ON THE PROCESSING OF PERSONAL DATA PURSUANT TO ART. 13 D. LGS 196/03 AND ART 13 OF EU REGULATION”GDPR” 2016/679 AND NATIONAL LEGISLATION RELATED TO THE PROTECTION OF PHYSICAL PERSONS WITH REGARD TO THE PROCESSING OF PERSONAL DATA.
Some services process personal data in the USA. With your consent to use these services, you also consent to the processing of your data in the USA pursuant to Art. 49 (1) lit. a GDPR. The ECJ classifies the USA as a country with insufficient data protection according to EU standards. For example, there is a risk that U.S. authorities will process personal data in surveillance programs without any existing possibility of legal action for Europeans.
Holder and Responsible of the process
The data controller is Agentur Marin Droumev, a company based in Endach 1, 6330 Kufstein, Austria. The responsible for the privacy processing is the legal temporary representative. The privacy rights specified below may also be reviewed by sending communications to the following e-mail address: email@example.com
Type of data processed
Following data can be collected
Personal data include every information related to an individual, identified or identifiable by
reference to any other information, including a personal identification number. Identification data are personal data that allow direct identification of a person (such as name, surname, date of birth, address, e-mail address, telephone number, etc.)
Upon registration, the User provides the Administration with personal data e-mail address, Facebook or Google account. Upon sending request the User provides Full Name, Telephone, Email. When registering and /or using the Service the website Tyrol Travel may automatically or with the participation of a User collect additional personal information, including IP-address, browser version, country, language, UTM parameters, partner's tags, address of a page's referrer, and other technical data, which can be used for identification of the User without taking additional measures.
IT systems and software procedures used to operate this website acquire, during their normal
operation, some personal data whose transmission is implicit in the use of Internet
communication protocols. This information is not associated with identified interested parties,
but could, due to their nature, through processing and association with data held by third parties,
allow identification of users. This category of data includes IP addresses or computers’ domain
names used by users connecting to the site, the addresses in the Uniform Resource Identifier
(URI) of the requested resources, the time of the request, the method used to submit the request
to the server, the size of the response file, the numerical code indicating the status of the
response given by the server (success, error, etc.) and other parameters relating to the operating
system and the user’s IT environment.
Data provided voluntarily by the user
The optional, explicit, and voluntary sending of e-mails to the addresses indicated on this site or
the compilation of data collection form, involves the subsequent acquisition of the sender’s
address, necessary to respond to requests, as well as any other personal data inserted. If the
sender sends his / her curriculum to submit his / her professional application, he / she remains
solely responsible for the relevance and accuracy of the data sent. It should be noted that any
curriculum without the authorization to process data will be immediately deleted.
See the cookies policy on the site.
Legal basis of the process
This site processes data based on consent. With the use or consultation of this site visitors and
users explicitly approve this privacy statement and consent to the processing of their personal
data in relation to the methods and purposes described below, including any disclosure to third
parties if necessary for the provision of a service. The provision of data and therefore the consent
to the collection and processing of data is optional, the User can deny consent, and may revoke
at any time a consent already provided (via email contact at the bottom of the page). However,
denying consent may result in the inability to provide certain services and the browsing
experience on the site may be compromised.
Purpose and method of the process
• Establishment and execution of business relationships and consequent obligations,
including the communication related to services (for example, to execute purchase
orders). The Company can process data in order to allow access to products, services and
content, the possible establishment and execution of business relationships, the provision of
requested services and the feedback to reports and complaints, as well as to provide information
related to the service. Prerequisite for processing: fulfillment of contractual obligations. The
provision of data is mandatory to manage the contractual relationship, in default we will not be
able to give course.
• Marketing to respond to requirements and to provide offers in line with the shown
• The Company may process contact data for marketing and advertising purposes, aimed to
inform about sales initiatives, carried out through automated contact methods (e-mail / other) or to
send commercial ommunications in line with the preferences expressed by filling out the form
available on the site, where further specific consent is given.
Prerequisite for processing: consent Failure to provide the same does not affect the contractual
The consent can be revoked at any time.
• Compliance with legally binding requests to fulfil a legal obligation, regulations or
provisions of judicial authority, as well as to defend a right in court.
The Company collects contact details to fulfil a legal obligation and / or to defend its right in court.
Prerequisite for processing: legal obligations, to which the Company is obliged to comply.
Personal data are processed with manual and electronic tools and are stored in our secure
servers or those of our suppliers or business partners and are accessible and usable according to
our standards and our security policies in accordance with current legislation and with GDPR
regarding security measures, in order to minimize the risks of destruction, loss, modification,
unauthorized disclosure or access, in an accidental or illegal manner, or of treatment not in
accordance with the purposes of the collection.
Data storage times
Personal data are kept for the time necessary to achieve the purposes for which they were
collected, as well as to fulfil the legal obligations imposed for the same purposes. Your personal
data that are no longer needed, or for which there is no longer a legal requirement for its
conservation, are irreversibly anonymized or destroyed safely Below we report the storage times
in relation to the different purposes listed above:
• Fulfilment of contractual obligations: the data processed to fulfil any contractual obligation may
be retained for the entire duration of the contract and in any case not later than 10 years, in order
to verify any outstanding issue, including accounting documents (for example invoices).
• Operational management and purposes strictly related to the access to the website: the data
processed for this purpose may be kept for the duration of the contract and in any case not later
than 10 years.
• Marketing purposes: personal data processed for marketing purposes may be kept for 24
months from the date on which we obtained your last consent for that purpose.
• In case of disputes: either we defend or act or even make claims against you or third parties, we
may retain the personal data that we reasonably believe will be processed for such purposes, for
the time when such claim can be pursued.
The Data are processed at the Data Controller’s operating office and in any other place where the
parties involved in the processing are located. Personal data may be accessed by duly authorized
employees, as well as external suppliers, appointed, if necessary, as data controllers, who
provide support for the provision of processing services, or related, instrumental, administrative-
accounting or support activities.
Without prejudice to communications made in compliance with legal and contractual obligations,
all collected and processed data may be communicated in Italy and transferred abroad
exclusively for the purposes specified above.
Transfer of data abroad
For requirements strictly related to the performance of contractual obligations, some personal
data may be disclosed to other companies, with offices in non-European third countries or other
companies with which Agentur Marin Droumev si has contractual relationships.
Rights of the interested parties
Pursuant to articles 15 and ss. of the GDPR and the current legislation, the User has the right,
besides sending a complaint to the Italian Data Protection Authority and to revoke at any time the
consent given, of:
a) obtain confirmation of the existence or not of his personal data and their communication in
intelligible form, receiving them in a structured format, commonly used and legible with the
possibility of transmitting them to another holder (“Right to portability”);
b) obtain indications: (i) on the origin of personal data, on the purposes and methods of
processing, on the logic applied in case of treatment carried out with the aid of electronic tools; (ii)
on the identification data of the Data Controller, of the Data Processor (s) and of the Data
Protection Manager; (iii) on the subjects or the categories of subjects to whom the data may be
communicated or who may become aware of them as representative appointed in the territory of
the State, as managers or designated person.
c) obtain (i) the updating, rectification, or integration of his data or, in case of dispute regarding the
correctness of the data, the limitation of the processing of the same for the time necessary for the
appropriate checks, (ii) the transformation into anonymous form or the blocking of data processed
in violation of the law, including those whose retention is necessary in relation to the purposes for
which the data were collected or subsequently processed, (iii) the attestation of the fact that
operations referred to in the preceding points including their contents have also been brought to
the attention of those to whom the data have been communicated or disclosed, except in the
case in which such fulfilment is impossible or involves the use of clearly disproportionate means
compared to the protected right.
d) object, in whole or in part (i) to the processing of his data, even if pertinent to the purpose of
collection, (ii) to the processing of personal data concerning him, provided for the purposes of
commercial information or sending of advertising material or direct sales, or to carry out market
research or commercial communication.
e) obtain the cancellation without unjustified delay (“Right to be forgotten”) in case the data are no
longer necessary in relation to the purposes for which they were collected or otherwise
processed, they have been unlawfully processed or in case the party concerned (s) requests it or
(ii) objects in whole or in part to the their processing.
f) obtain the limitation of processing in case the data (i) are unlawfully processed but the party
concerned opposes to their cancellation, (ii) they are necessary for the party concerned to
ascertain, exercise or defend a right, (iii) an assessment is pending on the legitimate reasons by
the Data Controller. The above rights may be exercised by requesting the Data Controller at the
e-mail address firstname.lastname@example.org .
The Data Controller has the right to change, update, add or remove portions of this privacy
statement at its discretion and at any time. The concerned party is required to periodically check
for any changes. To facilitate this verification, the information will contain the update date of the
information. The use of the site, after the publication of the changes, will constitute acceptance of