This document ("Privacy Notice") is intended to provide you with information regarding the processing of the data specified below, which will be expressly provided by you or by those who interact with the web services of this website, accessible electronically at www.turismogestioni.it (hereinafter, the "Website") and also from the other websites of the operating offices. This Privacy Notice is provided, in particular, pursuant to EU Regulation No. 679/2016 ("GDPR") and subsequent national implementation legislation (together with the GDPR, hereinafter "Applicable Legislation"). Specific notices may be presented on the Website pages in relation to particular services or data processing provided by the data subject, with specific consents collected where necessary.
The data controller, pursuant to Articles 4 and 24 of EU Reg. 2016/679, is TURISMO GESTIONI SRL with registered office at Via Paolo Tosti, 1, 64025 Pineto (TE) and secondary offices at the unit located in Via Garibaldi 242, Silvi (TE) and other tourist accommodation facilities, VAT No. 01747930673, turismogestione@pec.it, email privacy@turismogestioni.it, in the person of the pro-tempore legal representative (hereinafter the "Controller").
The Data Controller does not carry out activities that require the appointment of a Data Protection Officer.
The Personal Data collected will be processed for the purposes and on the basis of the legal grounds set out below:
| Purpose | Legal basis for processing |
|---|---|
| point 3, letter a): to acquire and confirm your booking for accommodation services and ancillary services, and to provide the requested services or to implement pre-contractual measures (such as, for example, requests for information or quotations). In this case, you are free to provide your Personal Data and that of the room's occupants, including data of minors over whom you exercise parental authority and/or guardianship; however, failure to provide such data will prevent us from establishing the aforementioned relationship and fulfilling your request. | processing is necessary for the performance of a contract to which you are a party |
| point 3, letter b): to comply with the obligation set out in the "Consolidated Law on Public Safety" (Article 109 R.D. 18.6.1931 No. 773), which requires us to communicate to the Police Headquarters, for public safety purposes, the personal details of accommodated guests in accordance with the procedures established by the Ministry of the Interior (Decree of 7 January 2013). Providing this data is mandatory and does not require your consent; refusal to provide it means we will be unable to accommodate you in our facility. Data collected for this purpose is not retained by us, unless you provide consent for retention as set out in point 3, letter d. | Legal obligation |
| point 3, letter c): to use the booking of ancillary services requested by you, health-related data may be processed, subject to your express consent. | your consent |
| point 3, letter d): to retain registration data, including identity document details, within our servers and portals, and to expedite future registration procedures during subsequent stays at our facility. | your consent |
| point 3, letter e): subject to your specific consent, to send you by email (newsletter) or postal mail (i) promotional communications, such as the sending of advertising materials and communications, including through automated systems, with informational and/or promotional content relating to products or services provided and/or promoted by the Controller, via fax, email, SMS and MMS and other messaging systems, and (ii) communications relating to events organised by the Controller (hereinafter "marketing purposes"). | your consent |
| point 3, letter f): for the external communication of data relating to your stay and/or the room's occupants, subject to your consent, for the sole purpose of enabling the receipt of messages and/or telephone calls addressed to you or them. | your consent |
| point 3, letter g): subject to your specific consent, to develop a profile of you that allows us to personalise the offering of products, services and specific services you have requested, providing information more aligned with your interests, while always ensuring the security and confidentiality of your information (hereinafter "Profiling"*). | your consent |
* Article 4 of the GDPR defines profiling as "any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person's professional performance, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements". It should therefore be understood as the set of activities for the collection and processing of data relating to the users of a service, with the aim of dividing them into groups according to their behaviour (an operation not to be confused with "segmentation" or "clustering").
Within the limits of the purposes and methods described in this Privacy Notice, information that may be considered "Personal Data" may be processed, including your personal details, your contact information (such as, for example, mobile number, email address, IP address, cookies, etc.). Data relating to your health may also be processed — subject to your express consent — (e.g. physical disability, for which a particular type of room is requested at the time of booking). In these cases, we guarantee that the processing will be limited to the data and operations strictly necessary to fulfil the obligations, including pre-contractual ones, relating to the provision of Hotel Services, within the limits of the services and amenities you have requested at the time of booking or during your stay at our hotel.
Full details on each type of data collected are provided in the dedicated sections of this privacy policy or through specific informational texts displayed prior to data collection. The use of Cookies (or other tracking tools) by this website or by the owners of third-party services used by this website, unless otherwise specified, is aimed at providing the service requested by the User, in addition to the further purposes described in this document and in the Cookie Policy.
The computer systems and software procedures used to operate this website automatically acquire, during their normal operation, certain personal data whose transmission is implicit in the use of internet communication protocols. This information is not collected in order to be associated with identified data subjects, but could, through processing and association with data held by third parties, allow users to be identified. This category includes IP addresses or domain names of computers used by users connecting to the site, URI (Uniform Resource Identifier) addresses of the requested resources, the date and time of the request, the method used to submit the request, the size of the response file, the numerical code indicating the status of the server's response, and other parameters relating to the user's operating system and computing environment. These data are used solely to obtain anonymous statistical information about the use of the site and to monitor its correct functioning, and are deleted immediately after processing. The data may be used exclusively by the Judicial Authority to ascertain liability in the event of hypothetical computer crimes against the site.
The optional, explicit and voluntary sending of emails to the addresses indicated on this website, or the completion of forms, results in the subsequent acquisition of the sender's address, necessary to respond to requests, as well as any other personal data voluntarily entered by the User. The User assumes responsibility for any Personal Data of third parties obtained, published or shared through this website and warrants having the right to communicate or disseminate such data, thereby releasing the Controller from any liability towards third parties.
So-called social plug-ins may be used during browsing on the site. Social plug-ins are special tools that allow the functionality of social networks to be embedded directly within the Site (e.g. the Facebook "Like" feature). All social plug-ins present on the Site are marked with the respective logo owned by the social network platform.
When you visit a page of the Site and interact with the plug-in (e.g. clicking the "Like" button) or decide to leave a comment, the corresponding information is transmitted by your browser directly to the social network platform (in this case Facebook) and stored by it. For information on the purposes, type and methods of collection, processing, use and retention of personal data by the social network platform, as well as the ways in which you can exercise your rights, please consult the privacy policy of the relevant social network.
Personal data will not be subject to dissemination, meaning it will not be made known to unspecified parties. It may, however, be communicated to well-defined parties, in full compliance with legal requirements, for purposes strictly related to those previously indicated. Any access to your personal data is limited to parties authorised by the Controller. Communication to identified recipients, only where involved and relevant, is linked to the achievement of the purposes referred to in point 3 above; therefore, the personal data collected and processed may be:
The information may also be communicated whenever such communication may be necessary to comply with requests from the Judicial Authority or Public Security. The data collected will in no case be disseminated.
The list of Data Processors is available at the Controller's registered office.
Data will not be transferred outside the European Union.
The following table contains details of the retention periods (or the criteria for their determination) for Personal Data:
| Purpose | Retention period |
|---|---|
| point 3, letter a): contract management | For the entire duration of the relationship and subsequently for 10 years (ordinary statute of limitations). |
| point 3, letter b): public safety purposes | For 5 years. |
| point 3, letter c): ancillary services purposes | For the entire duration of the relationship, without prejudice to the possibility for the data subject to modify and/or withdraw their consent at any time. |
| point 3, letter d): expediting registration procedures | For the entire duration of the relationship and subsequently for 5 years, without prejudice to the possibility for the data subject to modify and/or withdraw their consent at any time. |
| point 3, letter e): marketing purposes | 2 years from collection, without prejudice to the possibility for the data subject to modify and/or withdraw their consent at any time. |
| point 3, letter f): receipt of messages and/or telephone calls | For the entire duration of the relationship, without prejudice to the possibility for the data subject to modify and/or withdraw their consent at any time. |
| point 3, letter g): profiling purposes | 1 year from collection, without prejudice to the possibility for the data subject to modify and/or withdraw their consent at any time. |
Furthermore, the Controller may be required to retain Personal Data for a longer period in compliance with a legal obligation or by order of an authority.
Personal Data will be processed lawfully and fairly, adopting appropriate security measures to guarantee the security and confidentiality of your personal data. Personal Data will be processed using manual, electronic or telematic means and will be handled by personnel duly trained in compliance with the Applicable Legislation. There is no automated decision-making process.
In addition to the Controller, in some cases, other parties involved in the organisation of this website (administrative, commercial, marketing, legal staff, system administrators) or external parties (such as third-party technical service providers, postal couriers, hosting providers, IT companies, communication agencies) may have access to the Data, also appointed, where necessary, as Data Processors by the Controller.
In addition to cases where it is necessary to contact you for needs connected to the management of your position, where you consent to the processing of your data for the purposes referred to in point 3, letter e), you may be contacted by email, newsletter, SMS, or through any equivalent electronic means, or by postal mail or telephone call via an operator, at all the contact details you have provided. If you prefer to be contacted only at one or some of these contact details, you may make an express written request to the Controller without any formality.
The User's Personal Data may be used by the Controller in legal proceedings or in the preparatory stages of any potential proceedings, in defence against abusive use of this website or connected services by the User. The User acknowledges that the Controller may be required to disclose Data by order of public authorities.
At the User's request, in addition to the information contained in this privacy policy, this website may provide the User with additional contextual notices regarding specific services, or the collection and processing of Personal Data.
For operational and maintenance purposes, this website and any third-party services it uses may collect system logs, i.e. files that record interactions and which may also contain Personal Data, such as the User's IP address.
Further information regarding the processing of Personal Data may be requested at any time from the Data Controller using the contact details provided.
This website does not support "Do Not Track" requests. To find out whether any third-party services used by this website support them, the User is invited to consult the respective privacy policies.
The Controller reserves the right to make changes to this privacy policy at any time, notifying Users on this page and, where possible, by sending a notification to Users through one of the contact details held by the Controller. Please therefore consult this page regularly, referring to the date of last modification indicated at the bottom. Should the changes affect processing whose legal basis is consent, the Controller will collect the User's consent again where necessary.
We inform you that you may exercise the rights recognised by the Applicable Legislation, including, by way of example, the right to:
The aforementioned rights may be exercised by means of a written request addressed informally to the Controller at the contact details indicated in point 1. The Controller must do so without delay and, in any event, no later than one month from receipt of the request. The deadline may be extended by two months where necessary, taking into account the complexity and number of requests received by the Controller. In such cases, the Controller will inform you within one month of receiving your request and will explain the reasons for the extension.
We remind you that, should you consider the response to your requests to be unsatisfactory, you may lodge a complaint with the Italian Data Protection Authority (http://www.garanteprivacy.it/) in the manner provided for by the Applicable Legislation.
Revised February 2026