COMO Castello Del Nero, Tuscany
This Privacy Statement was last updated in August 2022.
At the COMO Group, we take your privacy very seriously and are committed to protecting your personal data.
This Privacy Statement explains how members of the COMO Group process and manage your personal data and rights in this respect.
Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
About the COMO Group
The websites and applications of the COMO Group include:
each a COMO Group Website and together the COMO Group Websites.
There will typically be one member of the COMO Group to whom you have given your personal data. (From a UK/EU perspective, this entity would be a “data controller” in relation to your personal data. The term “data controller” broadly means the person who determines the purpose and means for which your data is processed. It is possible that you have given your data directly to more than one member of the COMO Group in which case each such member could be a data controller of your data in that context.)
If you are a member of the COMO Club Recognition Programme, which is the loyalty scheme administered on behalf of the COMO Group, the relevant data controller is COMO Club Pte Ltd.
Disclaimer – no overarching liability of COMO group members
Data we collect from you or about you and our sources of that data
Your personal data, or personal information, means any information about you that may be used to identify you. It includes information that you provide to us, that we collect or that we are provided with by third parties and that identifies you, or from which you are identifiable, whether directly or indirectly. It does not include data where the identity has been removed so that it can no longer be associated with you (anonymous data).
We may collect, use, store and transfer different kinds of personal data about you which we have categorised as follows:
This includes data that we may collect from you:
when you provide us with comments, opinions and/or feedback about the COMO Group.
We may collect “Technical Data” when you visit or use any COMO Group websites:
Data other COMO Group members collect about you. Information you provide to a member of the COMO Group may be shared between us (for example, when you stay at one of our COMO Hotels & Resorts this information could be shared with the other COMO Hotels & Resorts). We will also share your personal data for the purposes of the COMO Club Recognition Programme, and any other of our loyalty schemes you may have signed up to (though will only do so with your consent, where consent is legally required).
We will require you to share certain personal data with us (such as Identity, Contact, Financial Data and such other information as may be indicated by the COMO Group) in order for the COMO Group to perform the relevant services you have requested. The COMO Group may not be able to perform the relevant services if you fail to supply the relevant personal data.
Where Children’s Data is submitted by you, you confirm that you have authority to provide such data to us on behalf of that minor to enable us to process their personal data as described in this privacy statement and cookies policy.
Certain categories of personal data receive particular protection under the laws of certain countries. For example, in the UK/EU, special categories of personal data (this includes details about race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data) as well as data relating to criminal convictions and offences receive enhanced protection. We will comply with applicable laws when processing such personal data.
How we use your personal data and the lawful basis for processing your personal data
The COMO Group uses the personal data for relevant purposes where we have a lawful basis to use your personal data without consent, this privacy statement and cookies policy fulfils our duty to process personal data fairly and lawfully and in a manner that you would expect given the nature of our relationship with you, by giving you appropriate notice and explanation of the way in which your personal data will be used.
We may use the following lawful basis when we process your personal data:
We also collect, use, and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data could be derived from your personal data but is not considered personal data in law as this data will not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy statement and cookies policy.
Marketing and your choices
We will, if you have given us your consent and in line with your choices, provide you with information by post, telephone, email, app notifications and SMS or other direct messaging services, which may be of interest to you in respect of the COMO Group. Where you have consented to receiving our direct marketing online this means that you could be presented with our advertisements while using the COMO Group Websites or the services of our online partners. For example, if you have given us this consent we may run a Facebook advertisement campaign, which could include our advertisements being presented to you while you are on Facebook. We may also personalize the content that you see using analytical or profiling tools. We will only provide you with marketing communications if you would like us to. You will have the opportunity to clearly set out whether you wish to receive marketing messages from us by ticking the relevant boxes.
Where we rely on your consent to process your personal data, you may withdraw that consent at any time by contacting us using the details set out below.
How we share and disclose your personal data
We may share or disclose your personal data in connection with the purposes described in this privacy statement and cookies policy. This may include sharing your personal data with the following:
Where we store your personal data
We share the personal data that we collect from you within the COMO Group. This will involve transferring, processing and storing your data outside of the country in which you are located depending on the circumstances. This includes any country where the COMO Group companies are located or operate in including in Singapore, Bhutan, Malaysia, Fiji, France, Hong Kong, Indonesia, Italy, Philippines, Thailand, Taiwan, Vietnam, United Kingdom, the United States and Australia, but also countries where our external service providers are based or hosting your personal data on our behalf.
If you are located in the UK or European Economic Area (“EEA”), when we transfer your personal data outside of the EEA or UK in this way, we take steps to ensure that appropriate safeguards, required by law, are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this Privacy Statement and Cookies Policy. You can obtain further details about the transfer safeguards we use by contacting us at the contact details set out below.
If we transfer your personal data, we will always do so under strict conditions of confidentiality and similar levels of security safeguards.
As mentioned above, please note that the rights of governmental and law enforcement authorities to access your personal data may also differ depending on where your personal data is held. Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the UK or EEA, using the details set out below.
Links to third party website
The COMO Group Websites may contain links to other third party websites and microsites, whose privacy practices may differ from those of the COMO Group. If you submit personal data to any of those sites, your personal data is not subject to this privacy statement and cookies policy.
We encourage you to review the privacy statement of any site you visit. By clicking on or activating such links and leaving the COMO Group Website, the COMO Group does not exercise control over any data or any information which you give to any other entity after leaving the COMO Group Websites. Any access to such other sites or pages is entirely at your risk.
Retention of personal data
Your personal data will only be retained for as long as it is necessary to fulfil the purposes for which it was collected as outlined in this privacy statement and cookies policy and for the purpose of satisfying our business (accounting and reporting) or legal requirements, but also to properly resolve disputes or to troubleshoot problems.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements. In addition, certain information may be stored indefinitely due to technical constraints, and will be blocked from further processing for purposes which are not mandatory by law.
Details of retention periods for different aspects of your personal data are available in the COMO Group Data Retention Policy, which you can request from us by contacting us using the contact details set out below.
If you choose to unsubscribe from our mailing list or should your access to any of your COMO Group memberships expire, your personal data will still be retained on our database to the extent permitted by law and in accordance with the COMO Group Data Retention Policy.
How we store and secure your personal data
We are committed to taking appropriate measures designed to keep your personal data secure. Our technical and organizational procedures are designed to protect your personal data from accidental, unlawful or unauthorized loss, access, disclosure, use, alteration, or destruction. While we make efforts to protect our information systems, no website, mobile application, computer system, or transmission of information over the Internet or any other public network can be guaranteed to be 100% secure. Once we have received your personal data, we will use strict procedures and security features to try to prevent unauthorized access or inadvertent disclosure.
The personal data that we hold about you will be stored either on our physical or cloud servers or using third party data storage providers in the countries where the relevant data controller operates or if elsewhere, in compliance with applicable data protection laws.
Your legal rights
If you are located in the UK or EEA, you have the following rights with regard to your personal data:
If you are located in other countries, you may have other rights under applicable data protection laws.
We will comply with your request to exercise the above mentioned rights, to the extent required by applicable law. However, if you ask us to stop processing your personal data in certain ways or erase your personal data, and this type of processing or data is needed to facilitate your use of the COMO Group Website or is required for us to provide you with a service (such as to manage your account), you may not be able to use the COMO Group Website or the service as you did before.
This does not include your right to object to the processing of your personal data for the purposes of direct marketing. You can exercise this right at any time without restrictions. Please allow at least 3 working days for your request to be actioned.
To protect your confidentiality and to comply with applicable data protection laws, we may need to confirm your identity before we can action your request (for example, we will respond to a request as long as the email address is identical to that you have registered with us or otherwise provided to us, we may ask for a scanned copy of your photo ID or for you to confirm details of your transaction history with us). When contacting the Data Privacy Office (details of which you can find below), please state your name and provide valid contact details. As mentioned above, protecting your confidentiality and complying with applicable data protection laws is important to us, the COMO Group may therefore refuse to comply with any request unless it is supplied with such information as it may reasonably require to verify your identity. We will respond to your requests within a reasonable time and in accordance with the applicable data protection laws.
A “cookie” is a small text file that is placed onto an Internet user’s web browser or device and is used to remember and/or obtain information about the user and a “web beacon” is a small object or image that is embedded into a web page, application, or email and is used to track activity, which are also sometimes referred to as pixels and tags.
We use the following cookies:
Please note that there may also be third party cookies used on our websites, over which we have no control. These named third parties may include, for example, advertising networks and providers of external services like web traffic analysis services. These third party cookies are likely to be analytical cookies or performance cookies or targeting cookies.
We also use Google analytic tools to measure and understand how you use the COMO Group websites. More information on the types of cookies used may be found at https://www.google.com/intl/en/policies/privacy/ and opt out by downloading the Google Analytics opt out browser add-on, available at https://tools.google.com/dlpage/gaoptout.
You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of the COMO Group Website.
You can easily accept or reject the cookies on our website and/or mobile application by accessing the link here.
Changes to the privacy statement and cookies policy
This Privacy Statement and Cookies Policy is in effect as of the date noted at the top of the statement. We may change our privacy statement and cookies policy from time to time. Any changes we may make to our privacy statement and cookies policy in the future will be posted on this page and, where appropriate, notified to you by e-mail.
Please check back frequently to see any updates or changes to our privacy statement and cookies policy. By continuing to use a COMO Group Website or continuing to allow us to retain or process your personal data following any such changes to our privacy statement and cookies policy, you are deemed to have accepted such changes unless you expressly notify us otherwise in writing (except to the extent we are required to make such changes in accordance with applicable law).
Where we need to seek updated, additional or different consents from you, we will, of course, do so.
Queries, comments, requests and complaints
If you have any questions, comments, requests or complaints about our collection, use or disclosure of personal data, or regarding this privacy statement, please contact us using the details below. Please also contact us if you would like to update or amend any of your personal data which you have provided to us or if you believe our records relating to your personal data are incorrect. When contacting us please provide as much detail as possible in relation to your question, comment, request or complaint. We would like to reassure you that we will take any privacy complaint seriously and such complaint will be assessed by an appropriate person with the aim of resolving any issue in a timely and efficient manner. We request that you cooperate with us during this process and provide us with any relevant information that we may need (for example, your name and valid contact details, as well as proof of identity such as a scanned copy of your photo ID or details about your transactions with us). If we cannot reasonably satisfy ourselves of your identity, we may not be able to deal with your query, comment, request or complaint.
Data Privacy Office
COMO House 6B Orange Grove Road Singapore 258332
Contact us through our online request form here
This Privacy Statement and Cookies Policy is published in the English Language (English Version) and in such other languages as used on the individual websites. In the event of any inconsistency in the terms of the privacy statement and cookies policy between the English Version and the other relevant versions, the terms of the privacy statement and cookies policy in the English Version shall prevail to the extent of such inconsistency.