Request a quote Best price guaranteed

Privacy policy

Privacy Notice

This privacy notice is provided in accordance with Regulation (EU) 2016/679 (“GDPR”) and applicable national data protection legislation. Its purpose is to inform users of the website https://www.calanostraresort.com/ (hereinafter referred to as the “Site”) about how and why personal data are processed during their browsing and interaction with the services offered.

1. Data Controller
The Data Controller is MATI S.R.L. CON UNICO SOCIO (VAT No. 04480590407), with registered office at Via Ugo Foscolo, 28 - Marotta (PU), Italy, email: info@calanostraresort.com.

2. Types of Data Collected

  • Browsing Data: While using the Site, the IT systems and software procedures that enable its operation collect certain personal data whose transmission is implicit in the use of Internet communication protocols (e.g., IP addresses, domain names of the computers used by the users, times of requests, size of files obtained in response, etc.).
  • Data Voluntarily Provided by the User: The optional, explicit, and voluntary sending of messages to the contact addresses provided on the Site, as well as the completion of contact or booking request forms, results in the acquisition of personal data (such as name, surname, email address, telephone number, and data necessary for bookings).

3. Purposes and Legal Bases of Data Processing
Personal data may be processed for the following purposes:

  • Service Provision: Managing requests for information, bookings, quotations, and providing tourism and/or hospitality services. Legal basis: the performance of pre-contractual and contractual measures requested by the user.
  • Informational and Promotional Communications (Marketing): Sending newsletters and commercial or promotional communications relating to the Resort’s services, subject to the user’s explicit consent. Legal basis: consent.
  • Legal and Administrative Requirements: Complying with legal, regulatory, tax, or accounting obligations, as well as with requests from the competent authorities. Legal basis: compliance with a legal obligation.
  • Site Security and Functionality: Ensuring the Site’s security, preventing unauthorized or unlawful use, and optimizing its performance. Legal basis: the Controller’s legitimate interest.

4. Methods of Data Processing
Processing is carried out using manual and/or automated tools, in compliance with appropriate security measures to ensure data confidentiality, integrity, and availability. Technical and organizational security measures are adopted to prevent data loss, illegal or improper use, and unauthorized access.

5. Data Communication and Disclosure
Personal data may be disclosed to:

  • Third parties involved in activities necessary to provide the services (e.g., payment service providers, IT suppliers, commercial partners for complementary tourist services);
  • Competent authorities for the fulfillment of legal obligations;
  • The Data Controller’s internal staff, duly authorized and trained.

Personal data will not be disclosed to the public and will not be transferred outside the European Union unless necessary for the requested services or where adequate data protection guarantees are in place.

6. Data Retention
Personal data will be retained for the time strictly necessary to achieve the purposes for which they have been collected and subsequently processed. Specifically:

  • Data collected for contractual and pre-contractual purposes will be retained for the duration of the service provision and subsequently for the period required by tax or accounting regulations;
  • Data processed for marketing purposes will be retained until consent is withdrawn or the right to object is exercised.

7. Data Subject’s Rights
Data subjects have the right to:

  • Access their personal data;
  • Request the rectification or updating of their data;
  • Obtain the erasure or restriction of their data;
  • Object, for legitimate reasons, to the processing of their data;
  • Exercise the right to data portability;
  • Withdraw consent at any time (without affecting the lawfulness of the processing carried out before the withdrawal);
  • Lodge a complaint with a Data Protection Authority.

Requests to exercise these rights can be sent to info@calanostraresort.com.

8. Changes to this Privacy Notice
This privacy notice may be amended or updated (e.g., in the event of regulatory changes or variations in data processing methods). Updated versions will be published on the Site and will be effective from the date of publication.

By accessing and using the Site, users acknowledge that they have read and accepted this privacy notice. For any questions, please contact the Data Controller at the above address.