This disclosure describes the methods of managing the site www.travelbaby.it with reference to the processing of personal data of users who use it, in accordance with the provisions of the new GDPR (General Data Protection Regulation). The data controller of the aforementioned personal data is the company Romana Servizi based in viale Alessandrino 510, 00172 Roma, while the same are stored on the servers of company 1 & 1 Internet SE based in Datenschutz, Elgendorfer Str. 57, 56410 Montabaur (Germany), which houses on own servers the pages of the site and the relative database.
During their normal operation, the software procedures that govern the operation of the site collect some personal data whose transmission is implicit in the use of Internet communication protocols. This is information that is not collected to be associated with identified interested parties, but which by their very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes the IP addresses or domain names of the computers used by users connecting to the site, the navigation language, the URI notation addresses of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numeric code indicating the status of the response given by the server and other parameters relating to the operating system and the user's IT environment. These data are used only to obtain anonymous statistical information on the use of the site and to check its correct functioning and are deleted immediately after processing, however they could be used to ascertain responsibility in case of hypothetical computer crimes against the site.
If the user decides to use the search function to filter the products available on the site according to his needs, he will be asked to enter the city in which he wishes to use the requested service, the delivery date and the delivery date. Proceeding with the completion of an order, it will also be compulsory to specify your name, surname, e-mail address, telephone number, delivery address, chosen payment instrument and, optionally, further information that will facilitate the optimal performance of the service in addition to any other useful information for the shipment. This information will be used exclusively for the performance of the activities connected to the chosen service.
It is also specified that for each browsing session the so-called technical cookie (PHPSESSID) is generated, strictly necessary to allow an easy use of the site and that for this reason is automatically destroyed at the end of the session.
In the event that the booking procedure is not perfected by the will of the user rather than due to malfunctions attributable for example to the unavailability of the Internet connection, the information entered in the appropriate order management screen may remain accessible for the next 20 minutes, until that the aforementioned technical session cookie is automatically destroyed.
The two electronic payment systems used, namely Stripe and PayPal, create additional cookies both to manage and to improve their service, as well as to acquire information useful for detecting possible fraud attempts. For more information on their cookie management policies, you can consult the pages https://stripe.com/privacy and https://www.paypal.com/it/webapps/mpp/ua/privacy-full respectively.
Personal data is processed by automated tools for the time strictly necessary to achieve the purposes for which it was collected. Specific security measures are observed to prevent the loss of data, illicit or incorrect use and unauthorized access. The subjects to whom the personal data refer have the right at any time to obtain confirmation of the existence of the same data and to know its content and origin, verify its accuracy or request its integration or updating, or the rectification pursuant to Article 7 of the Code regarding the protection of personal data. The user has the right to request cancellation, transformation into anonymous form or blocking of the processed data by sending a request to the Romana Servizi using the e-mail address published in the contact section of the site.
Last update date: 3 May 2019