palazzocapparucci.com palazzocapparucci.com

PRIVACY POLICY

Last updated: February 15, 2025

Umberto Reale (“we,” “us,” or “our”) operates the website www.palazzocapparucci.com (the “Service”).

This Privacy Policy explains how we collect, use, disclose, and protect your personal data in compliance with the General Data Protection Regulation (GDPR) (EU) 2016/679 and Italian data protection laws.

By using our Service, you agree to the collection and use of information in accordance with this Privacy Policy.

1. Data Controller

The data controller for personal data processing under this Privacy Policy is:

Umberto Reale
Address: Via Paccarone 12, Fermo (FM), 63900, Italy
Phone Number: (+39) 329 383 3005
Email: palazzocapparucci@gmail.com

2. Personal Data We Collect

We collect and process the following categories of personal data:

  • Identity Data: Name, surname
  • Contact Data: Email, phone number, address
  • Booking Information: Dates of stay, payment details (processed via third-party payment providers)
  • Fiscal Data: Necessary for invoicing and tax obligations
  • Usage Data: IP address, browser type, pages visited, duration of visit (collected via cookies)
  • Marketing Preferences: Subscription to newsletters or special offers

Legal Basis for Processing:

  • Performance of a contract (Article 6(1)(b) GDPR) – for managing reservations and providing services
  • Legal obligations (Article 6(1)(c) GDPR) – for tax and accounting compliance
  • Legitimate interests (Article 6(1)(f) GDPR) – for service improvement, fraud prevention, and security
  • Consent (Article 6(1)(a) GDPR) – for marketing communications (with an opt-out option)

3. Purpose of Data Processing

We process your personal data for the following purposes:

  • To manage bookings and provide services
  • To send booking confirmations and updates
  • To comply with legal and regulatory obligations (such as tax records and required communications to authorities)
  • To respond to customer inquiries and provide support
  • To send marketing communications (only with explicit consent)
  • To improve website performance and enhance user experience

4. Data Retention

We retain personal data only for as long as necessary for the specified purposes:

  • Booking and Fiscal Data: Retained for ten years (for legal and tax compliance)
  • Marketing Data: Retained until consent is revoked
  • Usage Data (cookies, analytics): Retained for a maximum of 24 months

5. Data Sharing and Third-Party Services

We do not sell or rent your personal data. However, we may share data with:

  • Legal Authorities: If required by law
  • Payment Processors: Secure third-party services (such as PayPal or Stripe)
  • IT and Hosting Providers: Secure website hosting and email services

All third parties are contractually bound to protect your data and comply with GDPR.

6. International Data Transfers

We do not transfer your personal data outside the European Economic Area (EEA). If data is transferred outside the EEA (for example, for cloud hosting services), we ensure adequate safeguards, such as:

  • European Commission adequacy decisions
  • Standard Contractual Clauses (SCCs)

7. Your GDPR Rights

You have the following rights under GDPR:

  • Right of Access – Request a copy of your personal data
  • Right to Rectification – Correct inaccurate or incomplete data
  • Right to Erasure (“Right to be Forgotten”) – Request deletion of data when no longer necessary
  • Right to Restriction of Processing – Limit data processing under certain conditions
  • Right to Data Portability – Receive your data in a structured format
  • Right to Object – Object to processing, such as marketing emails
  • Right to Withdraw Consent – Opt out of marketing communications at any time

To exercise your rights, contact us at palazzocapparucci@gmail.com.

If you believe your data has been misused, you can file a complaint with the Italian Data Protection Authority (Garante per la Protezione dei Dati Personali): www.garanteprivacy.it.

8. Minors’ Privacy

Our Service is not intended for individuals under the age of 18.

We do not knowingly collect personal data from minors. If you are a parent or guardian and believe that your child has provided us with personal data, please contact us immediately. If we become aware that we have collected data from a minor without parental consent, we will take steps to remove such information from our systems.

9. Cookies and Tracking Technologies

We use cookies and tracking technologies to improve user experience. You can manage your cookie preferences through your browser settings.

Types of Cookies We Use:

  • Essential Cookies – Necessary for website functionality
  • Analytics Cookies – Google Analytics for tracking visits (IP anonymized)
  • Marketing Cookies – Only with your consent

You can opt out of tracking by adjusting your browser settings or visiting: Google Opt-Out.

10. Security Measures

We implement strict security measures to protect your data, including:

  • Encrypted data storage
  • Secure HTTPS connections
  • Access controls and authentication

However, no system is completely secure; we recommend using strong passwords and secure networks.

11. Changes to This Privacy Policy

We may update this Privacy Policy periodically. We will notify users of any changes via email or website updates.

  • Effective Date: February 15, 2025
  • Last Updated: February 15, 2025

12. Contact Information

For any questions or privacy-related requests, please contact us at: