🔐 PRIVACY POLICY

Information notice pursuant to Regulation (EU) 2016/679 (GDPR)

This Privacy Policy describes how the website www.lapieja.it is managed with regard to the processing of personal data of users who browse it and interact with the services offered.

This notice is provided pursuant to Article 13 of Regulation (EU) 2016/679 (hereinafter “GDPR”) to all users accessing the website and using its related services.

1. Data Controller and Data Protection Officer (DPO)

The Data Controller is:
Gaia 1993 s.r.l., the company responsible for managing Hotel La Pieja di Opi
Registered office: Via Salita la Croce, 1 – 67030 Opi (AQ), Italy
VAT No.: 02209190665
Email: info@lapieja.it

The Data Protection Officer (DPO) can be contacted at:
📧 info@lapieja.it

2. Types of Data Processed

a) Browsing Data

The IT systems and software procedures used to operate this website acquire, during their normal functioning, certain personal data whose transmission is implicit in the use of Internet communication protocols.

This category includes, by way of example:

  • IP addresses or domain names of the devices used by users;
  • URI addresses of the requested resources;
  • the time of the request;
  • the method used to submit the request to the server;
  • the size of the file obtained in response;
  • the numerical code indicating the status of the server response;
  • parameters relating to the user’s operating system and IT environment.

These data are used exclusively to:

  • obtain anonymous statistical information on the use of the website;
  • check the proper functioning of the website;
  • enable technical administration of the website;
  • ascertain responsibility in the event of cybercrime.

Browsing data are deleted immediately after processing.

b) Data Voluntarily Provided by the User

Users may voluntarily provide personal data through:

  • contact forms;
  • information requests;
  • booking requests;
  • communications via email or WhatsApp;
  • newsletter subscription (if active).

The data provided may include first name, last name, email address, phone number and any other information voluntarily entered by the user.

3. Purposes of Processing and Legal Bases

Personal data are processed for the following purposes:

  • responding to information requests;
  • managing bookings and stay requests;
  • organising experiences and tailor-made activities;
  • fulfilling contractual and pre-contractual obligations;
  • complying with legal obligations;
  • sending informational or promotional communications (subject to consent where required).

The legal basis for processing is:

  • performance of a contract or pre-contractual measures;
  • compliance with legal obligations;
  • the data subject’s consent, where applicable;
  • the legitimate interest of the Data Controller, within the limits permitted by the GDPR.

4. Provision of Data

Providing personal data is optional, except for data necessary to provide the requested services.
Failure to provide such data may make it impossible to respond to requests or provide services.

5. Processing Methods

Personal data are processed using IT and electronic tools, in compliance with the principles of:

  • lawfulness;
  • fairness;
  • transparency;
  • data minimisation.
  •  

Specific security measures are adopted to prevent data loss, unlawful use or unauthorised access.

6. Cookies

Information regarding the use of cookies is available in the Cookie Policy, accessible at: Cookie Policy, accessible at:

👉 https://www.lapieja.it/cookie-policy/

7. Recipients of Personal Data

Personal data may be processed by:

  • external parties appointed as Data Processors pursuant to Article 28 GDPR (e.g. IT service providers, technical maintenance providers, statistical analysis services);
  • professionals and consultants (accountants, legal advisors, technicians);
  • public authorities, where required by law.

Personal data are never disclosed publicly..

8. Persons Authorised to Process Data

Data are processed by employees and collaborators of the Data Controller who are properly instructed and authorised to process such data.

9. Transfer of Data Outside the European Union

Personal data may be transferred to countries outside the EU.
In particular, any transfers to Switzerland take place as it is recognised by the European Commission as providing an adequate level of data protection pursuant to Article 45 GDPR.

10. Rights of the Data Subject

The data subject has the right to:

  • access their personal data;
  • obtain the rectification or deletion of data;
  • request restriction of processing;
  • object to processing where applicable;
  • receive data in a structured and readable format (data portability);
  • withdraw consent at any time (where given).

The data subject also has the right to lodge a complaint with the competent Data Protection Authority.

11. How to Exercise Your Rights

To exercise their rights, the data subject may contact the Data Controller:

📧 info@lapieja.it
📍 Gaia 1993 s.r.l. – Via Salita la Croce, 1 – 67030 Opi (AQ), Italy

12. Updates

This Privacy Policy may be subject to updates.
Users are invited to review it periodically.