Pursuant to Regulation (EU) 2016/679 ("GDPR"), this policy describes how we process the personal data of users who visit the Porto Ottiolu Apartment website.

1. DATA CONTROLLER

The data controller is:

Emanuel Roberti

Via delle Vigne di Morena 25

00118 Rome (RM)

Email: [email protected]

Phone: +39 340 941 2562

2. PERSONAL DATA COLLECTED

During browsing or using the services offered by the site, the following data may be collected:

• First and last name

• Email address

• Telephone number

• Data relating to accommodation requests

• Information entered in the contact and booking forms

• Data required for payment processing

• Technical navigation data collected automatically by IT systems

3. PURPOSE OF DATA PROCESSING

Personal data is processed for the following purposes:

• Respond to requests for information sent via the site

• Manage booking and accommodation requests

• Fulfill contractual and pre-contractual obligations

• Manage payments and Transactions

• Comply with obligations under applicable law

• Ensure the security and proper functioning of the site

4. LEGAL BASIS FOR PROCESSING

Data processing is based on:

• Execution of pre-contractual measures requested by the user

• Execution of a stay contract

• Compliance with legal obligations

• Consent of the data subject when required

5. PROCESSING METHODS

The data is processed using IT and electronic means, adopting appropriate security measures to protect it from unauthorized access, disclosure, modification, or destruction.

6. THIRD-PARTY SERVICES

To provide its services, the site uses third-party platforms and tools, including:

• Lodgify (booking management)

• Stripe (online payments)

• PayPal (online payments)

• Google Maps (map display)

• WhatsApp (direct contact)

These parties may process personal data exclusively for the purposes necessary to provide their respective services and in accordance with their own privacy policies.

7. PAYMENTS

Payments can be made via Stripe, PayPal, bank transfer, or other methods available during the booking process.

Financial information is not stored directly by the Data Controller but is processed by payment service providers in accordance with their respective privacy policies.

8. DATA RETENTION

Personal data will be retained for the time strictly necessary to achieve the purposes for which it was collected and in compliance with applicable legal obligations.

9. DATA DISCLOSURE

Personal data will not be disclosed. It may be disclosed exclusively to authorized parties or service providers involved in managing bookings and payments, to the extent necessary to provide the service.

10. RIGHTS OF THE DATA SUBJECT

The data subject may exercise the rights provided for in Articles 15-22 of the GDPR at any time, including:

• Access to personal data

• Rectification of inaccurate data

• Erasure of data

• Restriction of processing

• Objection to processing

• Data portability

To exercise these rights, you may contact the Data Controller at the following email address:

[email protected]

11. COMPLAINTS WITH THE SUPERVISORY AUTHORITY

The data subject has the right to lodge a complaint with the Italian Data Protection Authority if he or she believes that the processing of his or her data violates applicable law.

12. CHANGES TO THIS POLICY

This Privacy Policy may be updated at any time. Any changes will be posted on this page.