Privacy Policy

PRIVACY POLICY
(pursuant to Article 13 of EU Regulation 2016/679 – GDPR)

  1. Data controller

    2. The data controller is G&D S.r.l., with registered office in Via Roma, 14/A – 09070 Riola Sardo (OR), Tax Code/VAT No. 01065550954, e-mail: info@hotellucrezia.it, telephone: +39 0783 412078, the company that manages Hotel Lucrezia (hereinafter, the ‘Data Controller’).

  2. Type of data processed

    3. Through the website, the Data Controller processes exclusively:

  • Browsing data (IP address, technical access data, system logs)
  • Data collected through cookies, as indicated in the Cookie Policy
  • Any personal data voluntarily transmitted by the user via e-mail or telephone contact will be processed exclusively to respond to the request.

  • Purpose and legal basis of the processing

    • Personal data is processed for the following purposes:

    1. Technical functioning of the website
      To ensure the proper functioning and security of the website.
      Legal basis: legitimate interest of the Data Controller.
    2. Response to requests sent by email or telephone
      Management of communications sent spontaneously by the user.
      Legal basis: execution of pre-contractual measures at the request of the data subject.
    3. Fulfilment of legal obligations. Where applicable.
      Legal basis: legal obligation.

  • Methods of processing

    • Data processing is carried out using IT tools, in accordance with the principles of lawfulness, fairness and transparency, adopting appropriate technical and organisational security measures.

  • Data retention

    • Browsing data is stored for the time strictly necessary to ensure the functioning and security of the site.
    Any data sent by e-mail will be stored for the time necessary to manage the request and subsequently in accordance with legal obligations, if applicable.

  • Communication of data

    • The data may be communicated to:

    • IT and hosting service providers
    • Technical consultants
    • Competent authorities in cases provided for by law

    The data will not be disclosed.

  • Transfer of data to countries outside the EU

    • If the technology service providers are based outside the European Union, the transfer will take place in compliance with the guarantees provided for by EU Regulation 2016/679.

  • Rights of the data subject

    • The data subject may exercise the rights provided for in Articles 15-22 of the GDPR (access, rectification, erasure, restriction, objection, portability, complaint to the Supervisory Authority).

    Requests can be sent to:
    info@hotellucrezia.it

  • Changes to the policy

    • The Data Controller reserves the right to update this policy. Changes will be published on this page.