Information on the processing of personal data and cookies of the website

1. Introduction

In compliance with the obligations deriving from Regulation (EU) No. 2016/679 of the European Parliament and of the Council of 27 April 2016 (hereinafter, the “Regulation” or “GDPR”) and current national legislation, including Legislative Decree 196/2003 (Privacy Code, as amended by Legislative Decree 101/2018), RO. GEE. SRL respects and protects the personal data of visitors and users (hereinafter, the “Data Subjects”) of the www.genoaluxapartments.com website (hereinafter, the “Website”).

This document provides information on the processing of personal data collected by RO. GEE. SRL through the Website and, therefore, constitutes information to the Data Subjects pursuant to the aforementioned regulations and does not apply to the personal data collected by RO. GEE. SRL through channels other than the Website.

In accordance with the provisions of the Regulation, the processing of the personal data of the Data Subjects is carried out in compliance with the principles of correctness, lawfulness, transparency and protection of confidentiality. The Website contains links to other websites: this information does not apply to these other websites, which may be consulted by the Data Subjects through specific links.

These websites may contain information on the processing of personal data that differs, in whole or in part, from this policy.

RO. GEE. SRL therefore invites interested parties to carefully read the privacy policies of each other site to which they connect, especially before entering any personal information.

2. Identity and contact details of the controller

The data controller is RO. GEE. SRL (hereinafter, ” RO. GEE. SRL ” or the “Data Controller“), VAT number 02417640998, with registered office in VIA P. PASTORINO 1/1 16162 – Genoa (GE) (tel: +39 3351437167; email RO.GI.SRL@ARUBAPEC.IT).

3. Types of data processed through the Website

The Data Controller, through the Website, may process the following data:

Data collected in an automated manner – traffic and navigation data The computer systems and software procedures used to operate the Website acquire, during their normal operation, some personal data whose transmission is implicit in the use of internet communication protocols.

This category of data includes the IP addresses or domain names of the computers and terminals used by users, the type of browser, the name of the Internet Service Provider, the URI/URL (Uniform Resource Identifier/Locator) addresses of the resources requested, the date and time of visit to the Website, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.), the web page of origin of the user and the exit page and other parameters related to the operating system and the user’s computer environment.

The Website does not intentionally collect data belonging to special categories (e.g. health data, religious, political, trade union beliefs), unless specifically informed.

4. Data communicated by Data Subjects

The optional, explicit and voluntary sending of messages to the contact addresses of the Data Controller, as well as the compilation and forwarding of the contact forms on the Website, involve the acquisition of the sender’s contact data, necessary to respond, as well as all the personal data included in the communications (such as, by way of example, name, surname, email address). In any case, the Data Subjects are required to provide truthful and accurate data and to promptly inform the Data Controller of any subsequent changes.

5. Cookies and other tracking systems

The Website uses cookies and similar technologies. For information on the use of cookies, please refer to our Cookie Policy.

6. Purpose and legal basis of the processing

The Data Controller processes traffic and navigation data for the following purposes:

(a) operate, administer and improve the Website; check the correct functioning of the services offered;
(b) to comply with the obligations provided for by law and/or regulations and/or orders of the Judicial Authority;
(c) prevent and/or detect fraudulent and/or harmful activities for the Website;
(d) carry out analyses for technical and/or commercial purposes; obtain statistical information on the use of the services (most visited pages, number of visitors per time slot or day, geographical areas of origin, etc.).

The processing of this data is necessary in order to be able to browse the Website.

The Data Controller processes the data communicated by the Data Subjects for the following purposes:

(e) respond to support requests and, in general, to any questions and/or requests made by users;
(f) send users administrative and/or technical support emails (by way of example, technical notes, reminders, updates, etc.);
(g) to send newsletters, commercial communications and/or advertising material on products and/or services offered by the Data Controller by post and/or email.

The processing of data communicated by Data Subjects for the purposes indicated above requires the consent of the Data Subjects.

This consent is always optional but, failing that, RO. GEE. SRL will not be able to process the data collected for the aforementioned purposes.

7. Communication of data

The personal data collected may be communicated to supervisory bodies, judicial authorities as well as to all subjects to whom communication is mandatory by law and/or necessary for the fulfilment of the purposes described above.

8. How we process the personal data we collect and how long we will keep it

The data collected can be subjected to both paper and electronic and/or automated processing. In any case, the Data Controller will process the personal data collected for the time necessary to fulfil the purposes set out in this policy and, in any case, for a period not exceeding that required by current legislation (including tax legislation).

The data will be stored for the time strictly necessary for the purposes for which they were collected, in compliance with the following terms:

9. Possible transfer of personal data

The management and storage of data will take place on servers located within the European Union of the Data Controller and/or third-party companies appointed and duly appointed as Data Processors.

Currently the servers are located in Italy.

In any case, it is understood that the Data Controller, if necessary, will have the right to move the location of the servers to Italy and/or the European Union and/or non-EU countries. In this case, the Data Controller hereby ensures that the transfer of data outside the EU will take place in accordance with the applicable legal provisions by stipulating, if necessary, agreements that guarantee an adequate level of protection and/or adopting the standard contractual clauses provided for by the European Commission.

10. Security Measures

The Data Controller processes the data of the Data Subjects in a lawful and correct manner, adopting the appropriate security measures aimed at preventing unauthorized access, disclosure, modification or unauthorized destruction of the data, as well as unlawful use of the data. The processing is carried out using IT and/or telematic tools, with organisational methods and logics strictly related to the purposes indicated, and the data are stored and stored in secure facilities with limitations on access and verification of personnel.

Access to information is strictly limited to authorized personnel. The Website is constantly monitored for any security breaches.

In addition to the Data Controller, in some cases, categories of persons in charge involved in the organization of the Website (administrative, commercial, marketing, legal staff, system administrators) or external parties (such as third-party technical service providers, postal couriers, hosting providers, IT companies, communication agencies) may have access to the data, who will act on the basis of the specific instructions provided by the Data Controller.

In any case, the Data Controller invites the Data Subjects to adopt appropriate protections and/or precautions against unauthorized access to their reserved area and/or computer.

11. Rights of the data subjects

In accordance with the provisions of Chapter III of the GDPR, Data Subjects may exercise the rights provided for therein at any time and in particular:

Right of access: obtain confirmation from the Data Controller as to whether or not Personal Data concerning them is being processed and, if so, receive information about the purposes of the processing, the categories of Data involved, the recipients or categories of recipients to whom the Personal Data are or will be disclosed, the period for which the Personal Data will be stored or the criteria for determining such period (Article 15, GDPR);

Right to rectification: obtain from the Data Controller, without undue delay, the rectification of inaccurate Personal Data and the integration of incomplete Personal Data, also providing a supplementary statement (art. 16, GDPR);

Right to erasure: obtain from the Data Controller, without undue delay, the erasure of Personal Data, in the cases provided for by the GDPR (so-called “right to be forgotten” – art. 17, GDPR);

Right to restriction: obtain from the Data Controller the limitation of processing, in the cases provided for by the GDPR (art. 18, GDPR);

Right to portability: receive from the Data Controller in a structured, commonly used and machine-readable format, the Personal Data concerning them provided to the data controller and request to transmit them directly, or through the data controller if technically feasible, to another data controller (so-called “right to data portability” – art. 20 GDPR);

Right to object: to object, in the event of particular situations concerning them, to the processing of Data and as well as to the processing of Personal Data for direct marketing purposes (art. 21 GDPR); Right not to be subject to decisions based solely on automated processing (art.22 GPDR).

The appropriate application can be submitted by contacting RO. GEE. SRL by mail to the address: RO. GEE. SRL VIA P. PASTORINO 1/1 16162 – Genoa (GE)); by e-mail to the address RO. GEE. SRL@ARUBAPEC.IT.

In the same way, the consents expressed with reference to this policy may be revoked at any time without prejudice to the lawfulness of the processing based on the consent given before the revocation. Any communications and actions taken by RO. GEE. SRL against the exercise of the rights listed below, will be carried out free of charge, except for the cases provided for by art. 12, paragraph 5, of the GDPR.

Interested parties can also contact RO. GEE. SRL at the telephone number +39 3351437167 in case they need information and/or clarifications regarding the processing of personal data carried out through the Website.

12. Right to lodge a complaint

Data subjects who believe that the processing of personal data relating to them carried out through the Website is in violation of the provisions of the Regulation have the right to lodge a complaint with the Guarantor, as provided for by art. 77 of the Regulation itself, or to bring the appropriate proceedings before the courts (Article 79 of the Regulation).

13. Protection of minors

The Data Controller does not allow minors under the age of 16 to use its services and, therefore, does not intentionally collect information relating to them. If it realizes that it has collected data relating to persons under the age of 16, in the absence of demonstrable parental consent, it will delete such data as soon as possible.

14. Periodic updates to this privacy policy

This privacy policy is valid and effective as of 25 May 2018 and may be subject to change over time, also as a result of amendments or additions to current legislation. Should the Data Controller make any significant changes to this document, the Data Controller will inform the Data Subjects through the means it deems most suitable for the purpose (such as, by way of example but not limited to, publication on the home page of the Website and/or sending a newsletter to the email address provided by the Data Subjects).

This policy was updated on 25 May 2018.

15. AI-generated content

Some content on the Website (including texts, images, graphic or multimedia elements) may be created, even partially, with the help of generative artificial intelligence tools. The use of these technologies takes place in compliance with the principles of correctness, transparency and reliability, with the aim of offering up-to-date, consistent content that is of interest to users. Content created with artificial intelligence does not use personal information (such as name, email, preferences or browsing behavior) of people who visit the site. AI does not analyze or study user behavior to create profiles, personalized advertisements, or targeted content.

This policy was updated on 6 May 2025.