WE CARE ABOUT YOUR PRIVACY…
1. WHO PROCESSES YOUR DATA?
Parco della Standiana S.r.l. having its registered office in Savio 48125 (RA) – I – Strada Statale 16 Adriatica Km 162 and Parques Reunidos Servicios Centrales S.A., having its registered office in Madrid, Paseo de la Castellana, 216, as Joint Data Controllers
Other subjects to which your data may be communicated
Your data can be shared with:
1. people authorized by Joint Data Controllers who have committed themselves to confidentiality or are under a statutory obligation of confidentiality;
2. Other companies of Parques Reunidos group, subjects that are delegated and/or appointed by Joint Data Controllers to carry out activities that are strictly related to the achievement of the above-mentioned purposes (including technical maintenance actions on the systems), duly appointed as Data Processors;
3. individuals, companies or professional firms that provide support and advice services to the Data Controller, duly appointed as Data Processors;
4. subjects, bodies or authorities to which your personal data must be communicated owing to legal provisions or orders issued by the relevant authorities;
Your personal data shall not be transferred outside the European Economic Area.
2. WHAT TYPES OF DATA DO WE COLLECT?
We process two types of data:
data provided by the user
data collected automatically
Data provided by the user
These are, for example, the data we request from you:
Name and surname
Date of birth
If you decide to provide third-party data, make sure that those subjects have been previously and suitably informed about the processing methods and purposes stated herein. In this event, you will act as an autonomous Data Controller, assuming all obligations and responsibilities under the law.
Data of minors under 16
In this respect, we inform you that if you are under 16 you cannot provide any personal data to us, and in any case, we shall not accept any responsibility for false information provided by you. If we become aware of the existence of false statements, we will immediately delete all personal data acquired.
Data collected automatically
We collect the following data through the services you are using:
technical data: This data category includes the IP addresses or domain names of the computers used by users that connect to the site, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file received in response, the numerical code stating the status of the server’s response (successful outcome, error, etc.), and other parameters about the operating system and the user’s IT environment. These data are used for statistical information only (therefore they are anonymous) and to control the correct operation of the site and they are deleted immediately after processing. The data may be used for the purposes of ascertaining responsibility in the event of hypothetical IT crimes jeopardising the site security: with the exception of this case, data on website contacts are not maintained for more than 7 days.
data collected through cookies and similar technologies: for any further information, we invite you to visit the “Cookie” section.
3. FOR WHICH PURPOSES DO WE PROCESS YOUR DATA?
For purposes related to the provision of requested services:
We use your data to make sure that you can access our services and their provision, such as:
Assistance by phone and/or email for the purchase of services offered through the site and Apps;
Purchase of services offered through the site and the App;
Communications related to the provision of the service;
Activities of administrative, financial or accounting nature;
Fulfilment of legal obligations, regulations and Community rules.
Data processing for the purposes above is necessary for the performance of any contract or pre-contract measures adopted upon your request. The provision of your personal data for this purpose is optional but please note that your refusal will not allow us to provide you with the service.
To keep you updated about our latest novelties
If you gave us your consent, we will use your data to carry out direct marketing activities.
In particular, we will use them to:
communicate promotional, commercial and advertising activities on events, initiatives or partnerships of Mirabilandia and Mirabeach and of other parks owned by the Parques Reunidos group by means of paper-based mail, telephone contacts through an operator (“traditional methods”), email, texting, push notifications (“automated methods”).
carry out analysis and reporting activities related to promotional communication systems, such as detecting the number of opened emails, of clicks made on the links included in the communication, the type of device used to read the communication and the related operating system or the list of users who decided to stop receiving the newsletter.
The provision of your personal data for this purpose is entirely optional.
4. HOW LONG DO WE STORE YOUR DATA?
Personal data will be stored in paper and/or electronic format and for the time strictly necessary to achieve the purposes stated in Point 3.
If the purchase of services offered is completed through the site and/or the App, the invoices, accounting documents and data related to transactions will be stored for 11 years as provided by the law (including tax requirements).
If the purchase of services offered is not completed through the site, your personal data will be stored for a maximum period of 12 months.
For direct marketing purposes, pursuant to what is provided for in applicable rules, we store your data for a maximum period of 24 months.
Finally, we inform you that, in compliance with counter-terrorism requirements introduced by Art. 24 of Law 167/2017, transposing the EU Directive 2017/541, we will store data related to electronic traffic, excluded the contents of communications, for a maximum period of 72 months since the communication date
la Direttiva UE 2017/541, conserveremo i dati relativi al traffico telematico, esclusi comunque i contenuti delle comunicazioni, per un periodo non superiore ai 72 mesi dalla data di comunicazione.
5. HOW CAN YOU WITHDRAW CONSENT OR EXERT YOUR RIGHTS?
Withdrawal of consent
In order to withdraw the consent given for direct marketing purposes you only have to press the Unsubscribe button at the bottom of all our communications or, if you find it more convenient, write to firstname.lastname@example.org.
Exercise of your rights
In line with what is provided under GDPR, you have the right to request to the Joint Data Controllers, at any time, access to your personal data, their rectification or erasure or to object data processing. Moreover, the law allows you to exert the right to request the restriction of processing in the cases envisaged by Art. 18 of GDPR, as well as to obtain your data in a structured, commonly used and machine-readable format, in the cases envisaged by Art. 20 of GDPR.
Requests can be sent to this email address: email@example.com.
Finally, we inform you that you always have the right to lodge a complaint to the relevant supervisory authority (Privacy Guarantor), within the meaning of Art. 77 of GDPR, if you believe that processing of your data infringes the rules in force.
6. HOW DO WE GUARANTEE PERSONAL DATA PROTECTION?
Your personal data are processed by the subjects stated in point 1, in compliance with what is provided in the applicable rules. In particular, in order to guarantee the security of your data taking into account the state-of-the-art and implementation costs, as well as the nature, subject, context and the purposes of processing, and risks with a varying likelihood and severity degree for the rights and freedom of our users, we adopted suitable technical and organizational measures to guarantee a security level that is appropriate to the risk.
If you decide to use the Mirabilandia App by enabling the detection of your location, please note that we could process information about your current (approximate) location. Those data are processed anonymously, in a format that does not allow us to detect the personal identity of the user and they are only used to optimize some location-based functionalities of the service.
At any rate, please note that you can enable/disable the location-based services accessing the settings of your browser and/or of your device as follows:
Go to Chrome settings: chrome://settings/content/location and remove Mirabilandia from the list
Run Firefox and go to the address about:preferences#privacy, search “Permission” > “Location” > “Settings” and remove Mirabilandia from the list
open Internet Explorer, click on the settings icon and select “Internet options” in the privacy tab, go to “Location” and press the “Clear Sites” button
“Preferences” > “Web sites” > “Location” and remove Mirabilandia from the list
“Settings”> “Privacy” > “Location services” > “Mirabilandia” > “Never”
“Settings”> “Advanced settings” > “Location-based services”> “Disable”