Search in our products
0 / 30

Privacy

Information document pursuant to and in accordance with Articles 13 and 14 of Regulation (EU) 2016/679 (hereinafter GDPR).

In compliance with the provisions of EU Reg. 2016/679 (European Regulation for the Protection of Personal Data) we provide you with due information regarding the processing of personal data that you may provide us by navigating on the website. The information is not to be considered valid for other websites that may be consulted through links on the domain websites of the owner, who is not to be considered in any way responsible for the websites of third parties.

Personal data that can be processed: "personal data" means any information concerning an identified or identifiable natural person (hereinafter "data subject"); an identifiable person is one who can be identified, directly or indirectly, with particular reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more characteristic elements of his or her physical, physiological, genetic, mental, economic, cultural or social identity.
Browsing Data
The computer systems and software procedures used to operate this site acquire, in the course of their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This category of data includes IP addresses or domain names of the computers and terminals used by users, the addresses in URI/URL (Uniform Resource Identifier/Locator) notation of the resources requested, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user's operating system and computer environment ( hereinafter "navigation data").
Data communicated by the interested party
The optional, explicit and voluntary sending of messages to the contact addresses, as well as the completion and submission of forms on the Owner's website, involves the acquisition of the sender's contact data, necessary to respond, as well as all personal data included in the communications.
Cookies
For more information about the cookies used by this website see the cookie policy at the following link (create link to cookie policy) 

1. Who is the Data Controller- Contact information
The Data Controller is QC Terme S.r.l. (hereinafter "Data Controller") under co-ownership, in accordance with the GDPR, individually with each of the centers of the QC Terme Group and listed below, if you intend to make, at one of them, a reservation and / or service:
TERME DI PRÉ SAINT DIDIER S.R.L,. QC TERME CHAMONIX S.A.R.L.
To contact the Owner: e-mail: [email protected]
Contact headquarters Piazza A. Olivetti, 3- 20139 Milan (MI)


2. The Protection Officer - Contact Information
The da6 protection officer (DPO - DATA PROTECTION OFFICER) pursuant to.
arN. 37 - 39 of the GDPR for the companies QC TERME S.R.L., TERME DI PRÉ SAINT DIDIER S.R.L. and QC
TERME CHAMONIX S.A.R.L., is contaNtable at the e-mail address [email protected]

 


3. Purposes of processing, type of data, legal basis, period of data retention and nature of conferment

Purposes A)
Website navigation: activities strictly necessary for the operation of the site and the provision of the navigation service on the platform.
- TYPE OF DATA: navigation data, cookies
- LEGAL BASIS: processing is necessary for the pursuit of the legitimate interest of the Owner or third parties.
- PERIOD OF DATA STORAGE: see the retention periods indicated in the cookie policy (create link to cookie policy).
- NATURE OF SUBMISSION: except as specified for navigation data (which are necessary in order to allow navigation of the website), the user is free to provide personal data.

Purposes B)
Newsletter and Marketing- sending of advertising and promotional material, statistics, market surveys.
- TYPE OF DATA: first name, last name, date of birth, country and province, e-mail, gender, cookies.
- LEGAL BASIS: consent of the data subject.
- PERIOD OF DATA STORAGE: until the data subject objects (opt-out/revocation of consent).
- NATURE OF CONSENT: for these purposes consent is voluntary, but failure to provide it will not allow us to subscribe to our newsletter, send our exclusive promotions and benefits as well as provide information on new services and products.

Purpose C)
Profiling: sending personalized business proposals based on the data subject's preferences. 

- TYPE OF DATA: personal data of the user with reference to preferences, personal interests, purchasing habits, geographical location, etc.
- LEGAL BASIS: consent of the data subject.
- DATA STORAGE PERIOD: 1 year from the granting of consent, or even earlier if the data subject exercises his/her right to object.
- NATURE OF CONSENT: For these purposes, consent is voluntary, but failure to provide it will not allow us to send personalized promotions and business proposals.

Purpose D)
Booking services offered: to confirm and manage the booking of services chosen by the user, including using vouchers; accounting, tax and administrative activities; customer management; management of booking-related activities; fulfillment of legal obligations.
- TYPE OF DATA: first name, last name, zip code, residence, ID references, email, phone number, gender, referring to the individuals making the reservation and other guests of the reservation; payment data. 
- LEGAL BASIS: Execution of pre-contractual and contractual measures to confirm and manage the reservation of the services chosen by the data subject, to manage customer activities, legal obligation for tax, accounting and administrative activities related to the reservation of services and to fulfill the obligation under the T.U. of Public Security Laws.
- DATA STORAGE PERIOD: 2.5 years from service booking for purposes of managing activities related to booking and customer management; 10 years from service booking for tax, accounting and administrative activities.
- NATURE OF PROVISION: The provision of data is mandatory for contractual purposes and those arising from legal obligations and therefore any refusal to provide them in whole or in part may result in the inability to execute the contract or booking request and to properly carry out all related obligations.

Purposes E)
SHOP: purchase of our products, after-sales service, customer management, accounting, tax and administrative activities.
- TYPE OF DATA: first name, last name, e-mail, telephone, shipping address, billing address, payment data, browsing data.
- LEGAL BASIS: Execution of pre-contractual and contractual measures for the purposes mentioned in E), excluding tax, accounting and administrative activities for which there is a legal obligation.
- DATA STORAGE PERIOD: for the entire duration of the contract and 10 years from the time of acquisition for administrative, accounting and tax purposes.
- NATURE OF PROVISION: the provision of data is mandatory for contractual purposes and those arising from legal obligations and therefore any refusal to provide them in whole or in part may result in the inability to execute the contract or requests received and to properly carry out all related obligations.

Purpose F)
Quotation request B2B/B2C relations -Company quotation data management: data entry for meeting and event quotation request 
- TYPE OF DATA: first name, last name, e-mail, phone number, company name.
- LEGAL BASIS: Execution of pre-contractual and contractual measures for the purposes mentioned in F).
- PERIOD OF DATA STORAGE: until the execution of the requested service and in any case no later than 1 year from the request for quotation.
- NATURE OF DATA CONTRIBUTION: The provision of data is necessary for contractual purposes, therefore, any refusal to provide them in whole or in part may result in the inability to execute the request received and the related obligations.

Purpose G)
MY QC registration: create an account, access to exclusive services and benefits (create personalized wishlists, extend the validity of vouchers...), management of orders placed (return status, billing history), manage requests received via email to contacts in the various sections of the site, manage convention requests received.
- TYPE OF DATA: first name, last name, date of birth, e-mail, phone number, shipping address, browsing data, data provided when purchasing/booking services and/or products.
- LEGAL BASIS: execution of pre-contractual and contractual measures for MY QC registration activities. 
- PERIOD OF DATA STORAGE: for the duration of registration, i.e. until the data subject requests deletion, or until 5 years of data subject inactivity.
- NATURE OF PROVISION: the provision of data is mandatory for contractual purposes and those arising from legal obligations and therefore any refusal to provide them in whole or in part may give rise

Purpose H)
SHOP registration: access to exclusive services and benefits, extend the validity of vouchers, management of orders placed (status, returns, billing history), after-sales support, accounting, tax and administrative activities.
- TYPE OF DATA: first name, last name, date of birth, e-mail, phone number, shipping address, billing address, browsing data, payment data.
- LEGAL BASIS: Execution of pre-contractual and contractual measures for all purposes under H) and legal obligation for tax, accounting and administrative activities only.
- DATA STORAGE PERIOD: for the duration of registration, i.e., until the data subject objects, or until 5 years of data subject inactivity; 10 years from the time of acquisition for administrative, tax and accounting purposes.
- NATURE OF THE PROVISION: the provision of data is mandatory for contractual purposes and those arising from legal obligations and therefore any refusal to provide them in whole or in part may result in the inability to execute the contract or the request received and to properly carry out all related obligations.

Purposes I)
Claims and litigation management: the data provided for the purposes of A), B), C), D), E), F) G), H) will also be used for the management of any claims and/or litigation potentially arising from the activities related to each purpose
- TYPE OF DATA and NATURE OF SUBMISSION: All personal data previously collected for all the purposes listed above and optionally or compulsorily conferred depending on the services requested. 
- LEGAL BASIS: legitimate interest of the Data Controller. 
- PERIOD OF DATA STORAGE: for at least 5 years from their acquisition and in any case for as long as necessary for the purpose of handling any claims and until the conclusion of any litigation.
4- Recipients: to whom the personal data collected will be disclosed.
The data of a personal nature provided will be shared with parties, who will process the data as data controllers (Art. 28 of the GDPR) and/or as individuals acting under the authority of the Data Controller and Data Processor (Art. 29 of the GDPR), for the purposes listed above.
Precisely, the data will be shared with:
- individuals who provide services for the management of the computer system used by Data Controller and telecommunications networks, including e-mail, newsletters and website management; freelancers, firms or companies as part of assistance and consulting relationships;
- competent authorities for fulfillment of obligations of laws and/or provisions of public bodies, upon request (e.g. communicating to the Police Headquarters the mandatory data for public safety purposes in case of hotel reservations).
The list of Data Processors is constantly updated and available by writing to [email protected] or at the Owner's contact office.

5. Does QC Terme transfer data outside the EEA?
Data of a personal nature provided will not be transferred extra-EEA.
It is possible, however, that some entities acting on behalf of the Controller have databases in countries outside the European Economic Area (EEA); in this case, it is ensured that they take appropriate security measures so that the data is adequately protected, including through agreements based on the Standard Contractual Clauses (SCC) adopted by the European Commission.
6. Method of processing: how does QC Terme process the data?
The processing of data for the purposes set out takes place using both automated methods, on electronic or magnetic media through the use of booking and management software shared by the companies of the QC Terme Group; and non-automated, on paper, in compliance with the rules of confidentiality and security required by law, consequent regulations and internal provisions.
7. Rights of the interested party: what they are, how they can be exercised
Data subjects may assert their rights as expressed in Articles 15 et seq. of EU Regulation 2016/679, by addressing a request to the contact details of the Data Controller or DPO indicated in this document. Requests are filed free of charge and processed by the Data Controller as soon as possible, in any case within one month.
The data subject has the right, at any time, to ask the Data Controller for access to, rectification, erasure and portability of his or her personal data, and restriction of processing. 
In addition, the data subject has the right to object, at any time, to the processing of his or her personal data, for reasons related to his or her particular situation, in accordance with Article 6(1)(e) or (f) of the GDPR and for processing that has direct marketing purposes.

In order to stop receiving marketing communications (e.g., e-mails), it will be sufficient to use our cancellation systems described in the communication itself. 
Without prejudice to any other administrative and jurisdictional recourse, for any processing deemed to be in violation of the provisions of the GDPR, you may lodge a complaint with the Data Protection Authority by visiting the website at http://www.garanteprivacy.it/. 

8. Further information
The Controller reserves the right to change, update, add or remove parts of this privacy policy at its own discretion and at any time.