Privacy Policy

Last Update: 11/28/2024 - v. 1.0

1. Data Controller and Contact Information

SIT TRAVEL GROUP S.r.l., with legal office at Via Osanna 41 - 89125 Reggio Calabria, Tax Code and VAT number: 03028930802, for the purposes of Art. 4(7) GDPR, acts as a Data Controller (“Controller” or “SIT-Italy”). For any information concerning the processing of personal data by the Controller, User can write to the following e-mail address: info@sit-tg.com.

2. Types of Data Processed

For the purposes outlined in Section 3, the Controller processes the following personal data provided by the User:

• Personal details (e.g., name and surname);
• Contact details (e.g., email);
• Browsing data (e.g. IP address, domain name of computers, Uniform Resource Identifier, browser type, browser version, etc.);
• Geographic data (e.g., IATA number);
• Content of messages and communications sent by the User.

If third-party personal data is shared via the Website, the User acts as an independent data controller, assuming all legal responsibilities. The User agrees to indemnify the Controller from any claims or disputes arising from improper data processing.

The User guarantees that any third-party data shared complies with Article 6 of GDPR, providing a legal basis for the processing.

3. Purpose, Legal Basis, and Retention Period

The Controller processes personal data for the purposes listed below, as per Article 6 GDPR. Data retention is limited to the period necessary to achieve these purposes, in line with the minimization principle under Article 5.1(c) GDPR.

Providing data for purposes a) and b) is optional. However, any refusal to provide your personal data, in whole or in part, may make it impossible for the Controller to allow the requested service to be provided.If the User does not provide the data, neither the service nor the information could be provided by the Controller.

Providing data for purpose c) is optional. Failure to provide consent for this purpose will not affect the use of any other services by the Controller.

The provision of personal data for the purpose d) and the processing is mandatory.

Providing data for purpose e) is mandatory in order to enable the Controller to fulfill its legal obligations.

4. Recipients

To pursue the purposes outlined above, the User's personal data may be shared with the following parties:

1. Internet service providers and platforms used by the Controller for internal organization, communication, and/or promotion;

2. Consultants and other service providers performing tasks on behalf of the Controller and requiring access to such data for their assignments;

3. Entities, organizations, or authorities to which the disclosure of the User's personal data is mandatory under legal provisions or orders from authorities.

These entities act either as independent data controllers or as processors. In the latter case, the Controller has signed a specific agreement under Article 28 of the GDPR (Data Processing Agreement). The list of processors is available upon request to the Controller at the following address: info@sit-tg.com.

Personal data will be also processed by internal personnel specifically authorized under Article 29 of the GDPR.

5. Processing Methods

Data is processed using automated and manual telecommunication tools that implement security measures to prevent unauthorized access, disclosure, loss, misuse, unlawful or unauthorized use of data.

6. Data Processing Location

Some of the Users’ personal data is shared with recipients who may be located outside the European Economic Area. In these cases, SIT-Italy ensures that the processing of Users' personal data by these recipients complies with applicable regulations. Transfers are made with appropriate safeguards, such as adequacy decisions, standard contractual clauses approved by the European Commission, or other guarantees provided by the GDPR.

7. User Rights

The User may exercise all rights granted by Articles 15–21 of the GDPR at any time and without undue restrictions by contacting the Controller at info@sit-tg.com. In particular, the User may:

• Obtain confirmation of whether their data is being processed;

• Access their personal data held by the Controller under Article 15 of the GDPR;

• Request rectification of inaccurate or incomplete data under Article 16 of the GDPR;

• Request the deletion of data if the conditions of Article 17.1 of the GDPR are met;

• Request the restriction of processing in cases outlined in Article 18 of the GDPR;

• Transfer their data to another controller under Article 20 of the GDPR;

• Object to data processing under Article 21 of the GDPR;

• Withdraw consent for data processing at any time under Article 7 of the GDPR.

The User can always lodge a complaint with the relevant Supervisory Authority (Garante per la Protezione dei Dati Personali) under Article 77 of the GDPR if they believe their personal data is being processed unlawfully.

8. Modifications

The Controller reserves the right to make changes and/or additions to this Privacy Policy, including to regulatory updates. The Controller will inform Users of such changes, which will become binding once made available to them via the Website. SIT-Italy therefore encourages Users to pay attention to the latest version of the notice displayed through the Website to stay informed about the data collected and how the Controller uses it.