GDPR

De Vince Suites IS COMPLIANT TO THE EUROPEAN PRIVACY AND DATA PROTECTION CHANGES.

You can read all the related information below. De Vince Suites is committed to data protection and welcomes the General Data Protection Regulation (GDPR), which was adopted by the European Union (EU) and goes into effect May 25, 2018.

The GDPR was created to harmonize data privacy laws across Europe. It protects and empowers all EU citizens data privacy and changes the way businesses handle data privacy. The GDPR applies to any organization inside or outside the EU who is marketing goods or services to, and/or tracking the behaviors of customers within the EU. ‍

De Vince Suites AND GDPR

Your customer data protection is a top priority for De Vince Suites. With customers making appointments every month through our software, we care deeply about their privacy and data security. De Vince Suites, Inc. collects data to operate effectively and provide better quality experiences. Below, you (the merchant/retailer) will find a list of our products, services, and processes that gather personal data, our purpose and legal basis for processing that information, who we share that information with, and how long we hold that information.

DESCRIPTION OF PRODUCT, SERVICE, OR PROCESS

De Vince Suites is a guesthouse in a convenient location in the heart of Rome, perfect for those looking for a relaxing getaway. For more information visit www.DeVinceSuites.com.

CATEGORIES OF PERSONAL DATA

De Vince Suites handles the following categories of personal data:
– Identifying information (e.g. gender and name).
– Personal history data (e.g. bookings, appointments/classes, memberships, packages, gift certificates, promotions, and products).
– Social and contact information (e.g. address, email address, phone numbers, address, and birthday).
– Financial data via Stripe and Octorate (e.g. sales data and credit card information). Tracking data (e.g. customer’s IP location when booking online or via the app).

CATEGORY OF DATA SUBJECTS

De Vince Suites manages information for users of the website. This includes employees of businesses as well as customers.

PURPOSE OF PROCESSING

Data is used for authenticating user accounts, tracking sales data, booking appointments, sending communications related to services, and email marketing.

LEGAL BASIS FOR PROCESSING

De Vince Suites has a legitimate business interest in handling the information on behalf of our customers and their end-users.

AUTOMATED PROCESSING OR PROFILING

Automated processing does not occur.

CATEGORIES OF RECIPIENTS WHO RECEIVE THIS PERSONAL DATA

Cloud service providers are used to store user data and payment card processors are used to process credit card payments.

WHERE IS DATA STORED

Data is stored on servers located in EU Flywheel.com servers.

RETENTION PERIOD

Forever, unless Right to be Forgotten (right for individuals to have personal data erased) is requested by business or end user.

WHAT DO WE DO TO ENSURE DATA PROTECTION

All transmissions from your computer or mobile app are encrypted via HTTPS (SSL).
All credit card transactions are secured through Stripe and banking networks.
Our application data is hosted at data centers where rigorous security includes on-site 24/7 staff, alarm systems, card key access, CCTV archived video, fully redundant power supplies, multiple backup generators, hosts of Tier 1 Internet providers, and laser-based early smoke detection. Flywheel.com data centers maintain all the compliant security certifications. For security reasons, we do not disclose any further information regarding our system and technology we use, but rest assured that we use enterprise-class hosting and security partners that are GDPR complaint.

WHAT ABOUT EMAIL MESSAGES?

There are two types of emails in De Vince Suites and are defined as follows:
Transactional emails – these are sent in response to a customer’s interaction with a website or an app and are defined in strictly functional terms. Examples include password resets, shipping notifications, receipts, legal notices, appointment reminders & confirmations, etc. Opt-In is Not required for these types of emails.
Marketing emails – these are sent to a list of customers who have opted in for promotional content. Examples include Daily Deals, promotions, sales offers, newsletters, new product updates, and emails designed to increase user engagement, etc.

EXISTING AND NEW CUSTOMERS PROMOTIONAL MESSAGES

From May 25th 2018, all existing and new customer records will automatically have the Promotional Emails preference turned OFF.
In addition, all your customers will receive an email from your business asking them if they would like to turn ON Promotional Emails so they can begin receiving them.

Customers will continue to have the ability Opt-Out of marketing emails anytime by either updating email marketing preferences in their account or simply by clicking on Unsubscribe at the bottom of any email marketing they receive from you (the merchant/ retailer).
Remember, the GDPR only applies to your customers who are citizens or residents of the EU.

RIGHT TO ACCESS

The GDPR stipulates that a person has the right to a copy of their personal data. With De Vince Suites, a customer on request has full access to their personal profile and can update, change or delete information at any time.

RIGHT TO BE FORGOTTEN

The GDPR stipulates that a person has a right to the erasure of personal data. We will process your customers’ requests to “be forgotten” for you. These are the steps we follow:
A customer can simply send an email with subject “be forgotten” request.
De Vince Suites will send the requester a confirmation email from DeVinceSuites@gmail.com.
Once the requester confirms the “be forgotten” request it will be processed.

WE HAVE ALSO UPDATED OUR PRIVACY AND COOKIE POLICY

To give you more clear and detailed information about your collective rights and responsibilities with respect to your privacy and personal information.
Make it easier for you to control the information you provide us. You’ll see that our policy explains your choices about this.
Provide more detail about the measures we have in place to keep your personal information secure.

ADDITIONAL CHANGES

In order to ensure complete implementation, we have integrated privacy and security by design. We have also updated our Data Protection Policy, Data Retention Policy, IT Security Policy and Website Terms and Conditions. All the policies and other updates can be found at www.DeVinceSuites.com/privacy.

COMPLIANCE CONTACT

We now have a Data Protection Officer (DPO) to handle all your privacy requests. Please reach out to DeVinceSuites@gmail.com for any specific compliance-related requests.

QUESTIONS?

If you have any questions regarding GDPR, you can simply email DeVinceSuites@gmail.com.
‍