Privacy Policy

Data Controller

Albergo “Della Posta”
Via Agostino Fausti, 29
00062 Bracciano (RM)
Email: info@albergodellapostabracciano.it

Legal basis for processing

We process your personal data based on:

• Contract performance: To provide accommodation services
• Legitimate interest: For business operations and customer service
• Legal obligation: To comply with tax, safety, and hospitality regulations
• Your consent: For marketing communications and optional services

What information we collect

Guest information

• Personal details: Name, surname, date of birth, nationality
• Contact information: Email, phone number, postal address
• Identity documents: Passport or ID card details (legal requirement)
• Payment information: Credit card details (processed securely)
• Stay preferences: Room type, special requests, dietary requirements

Website visitors

• Technical data: IP address, browser type, device information
• Usage data: Pages visited, time spent, interaction patterns
• Communication records: Emails, chat messages, phone calls

How we use your information

Accommodation services

• Process reservations and check-in/check-out procedures
• Provide room services and guest assistance
• Handle payments and billing
• Comply with Italian hospitality regulations and tax requirements

Customer service

• Respond to inquiries and requests
• Provide tourist information and concierge services
• Handle complaints and feedback
• Improve our services and facilities

Marketing (with consent)

• Send newsletters about special offers and events
• Share information about local attractions and dining
• Promote our heritage and cultural activities
• Social media engagement

Who we share information with

Legal requirements

• Italian authorities: Police questura for guest registration (legal obligation)
• Tax authorities: For fiscal compliance
• Health authorities: If required for public health measures

Service providers

• Payment processors: For secure transaction processing
• Booking platforms: Booking.com, Expedia (with your consent)
• Email services: For newsletter and communication delivery
• IT support: For website maintenance and security

Business partners

• Tour operators: For excursion bookings (with your consent)
• Restaurant partners: For dining reservations
• Transportation services: For transfer arrangements

International transfers

Some of our service providers may be located outside the EU. We ensure adequate protection through:

• Adequacy decisions: Countries approved by the European Commission
• Standard contractual clauses: EU-approved data transfer agreements
• Binding corporate rules: For multinational service providers

Data retention

We retain your personal data for:

• Guest records: 5 years (Italian hospitality law requirement)
• Payment data: 10 years (tax law requirement)
• Marketing data: Until you withdraw consent
• Website analytics: 26 months
• Security footage: 30 days (if applicable)

Your rights under GDPR

You have the right to:

Access and portability

• Request a copy of all personal data we hold about you
• Receive data in a structured, machine-readable format
• Transfer data to another service provider

Correction and deletion

• Correct inaccurate or incomplete information
• Request deletion of your data (right to be forgotten)
• Object to processing for marketing purposes

Restriction and objection

• Limit how we use your data in certain circumstances
• Object to automated decision-making or profiling
• Withdraw consent at any time for optional processing

How to exercise your rights

• Email us: info@maisondegas.it
• Call us: +39.081.0608252
• Write to us: Maison Degas, Calata Trinità Maggiore, 53, 80134 Naples, Italy
• Response time: We will respond within 30 days

Data security

We protect your information through:

• Encryption: SSL certificates for website security
• Access controls: Limited staff access on need-to-know basis
• Secure storage: Protected servers and backup systems
• Regular audits: Security assessments and updates
• Staff training: Privacy and security awareness programs

Minors

• We do not knowingly collect data from children under 16
• Parents/guardians must provide consent for minors
• Special care is taken with family bookings
• Educational group bookings require institutional consent

Changes to this policy

We may update this privacy policy to reflect:

• Changes in our services or business practices
• New legal requirements or regulations
• Improvements in data protection measures

We will notify you of significant changes through:

• Email notification to registered users
• Website banner announcement
• Updated “last modified” date

Complaints and supervisory authority

If you’re not satisfied with our response, you can contact:

Italian Data Protection Authority (Garante)
Piazza di Monte Citorio, 121
00186 Rome, Italy
Phone: +39.06.69677.1
Email: garante@gpdp.it
Website: www.garanteprivacy.it

Contact our Data Protection Officer

For privacy-related questions:
Albergo “Della Posta”
Via Agostino Fausti, 29
00062 Bracciano (RM)
Email: info@albergodellapostabracciano.it

Special categories of data

We may process special categories of data only when:

• Health information: For dietary requirements or accessibility needs (with consent)
• Religious preferences: For appropriate accommodation arrangements (with consent)
• Emergency contacts: For guest safety and welfare purposes

Automated decision-making

We may use automated systems for:

• Pricing optimization: Based on demand and seasonality
• Fraud prevention: To protect against unauthorized transactions
• Marketing personalization: To show relevant offers (with consent)

You have the right to:

• Request human intervention in these decisions
• Express your point of view
• Contest the decision

---

This policy complies with EU General Data Protection Regulation (GDPR) and Italian privacy laws. It is available in Italian, English, and other languages upon request.