Privacy Policy

On 25 May 2018 a new regulation entered into force in the European Union, called the EU Data Protection General Regulation 2016/679 (“GDPR”). Provides rigorous and specific guidelines on how personal data are collected and managed. This also applies to companies and people residing outside the EU but collecting data from EU citizens.

Who we are

Company information

Registered office address [VIA SAN MATTEO 87 SAN GIMIGNANO]
Fiscal code / VAT number [01141490522]
personal data treatment holder [HOTEL L’ANTICO POZZO SRL]
Website address []
Email address []
Telephone number +39 [0577942014]

What personal data do we collect?

When you use our services, you accept that our company collects some of your personal data. We treat two types of data, personal data provided by the user for the use of our services and technical data that we automatically collect to improve the service.

Data provided by the user

Contact form

With this application we collect the following data

first name
email (mandatory data)

We keep this data only for the purpose of providing you with the requested service

If you provide personal data of third parties, such as those of your family or friends, you must be sure that these subjects have been adequately informed and have consented to the related processing in the manner described by this statement.

We do not disclose this information to third parties.

Dati raccolti automaticamente

  • dati raccolti utilizzando i cookie o tecnologie similari: per ulteriori informazioni, ti invitiamo a visitare la sezione “Cookie”.

How do we use your data?

We use the collected data, if you have expressly provided your consent, for:

->   reply directly to your contact request by e-mail
-> to guarantee you access to our services and improve their provision, in particular for:

We process the data collected, in case you have expressly provided your consent, to analyze your habits or consumption choices in order to propose a service that is more and more personalized and in accordance with your interests.


Is the provision of data mandatory?

The provision of personal data is mandatory only for the processing necessary for the provision of services offered (any refusal for the purpose of providing the service makes it impossible to use the service); it is optional for promotional and profiling purposes and any refusal to give consent does not have negative consequences on the provision of the service offered on the website and related applications.

Who are the subjects of data processing?

The data controller is [HOTEL L’ANTICO POZZO SRL] in the person of its legal representative pro-tempore, with registered office located in [VIA SAN MATTEO 87 SAN GIMIGNANO VAT No. 01141490522

We remind you that you can contact the data controller at any time and send any question or request regarding your personal data and respect your privacy by writing to []


We  remind you that you can contact the data controller at any time and send any question or request regarding your personal data and respect your privacy by writing to []

The data collected as part of the provision of the service may be communicated to:

  •  companies that perform functions strictly connected and instrumental to the use of our services, such as suppliers that provide services for the review and verification of announcements, suppliers of direct marketing services and customer care
  •  bodies and administrative and judicial authorities by virtue of legal obligations

Your personal data may be transferred outside the European Union to be processed by some of our service providers. In this case, we make sure that this transfer takes place in compliance with current legislation and that an adequate level of personal data protection is guaranteed based on an adequacy decision, on standard clauses defined by the European Commission or on Binding Corporate Rules.

Under no circumstances do we transfer or sell personal data to third parties.

The owner takes appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of personal data. Processing is carried out using IT and / or telematic tools, with organizational methods and with logic strictly related to the purposes indicated. In addition to the owner, in some cases, other subjects involved in the organization of this application (administrative, commercial, marketing, legal, system administrators) or external subjects (as suppliers of third party technical services, postal couriers, may have access to the data) hosting providers, IT companies, communication agencies) also appointed, if necessary, responsible for the processing by the owner. The updated list

What rights do you have on your data?

Users can exercise rights with reference to the data processed by the owner. In particular, the user has the right to:

  • withdraw consent at any time. The user can withdraw consent to the processing of their personal data previously expressed.
  • oppose the processing of your data. You may object to the processing of your data when it occurs on a legal basis other than consent. Further details on the right of opposition are indicated in the section below.
  • access your data. The user has the right to obtain information on the data processed by the owner, on certain aspects of the treatment and to receive a copy of the data processed.
  •  verify and request correction. The user can verify the correctness of his data and request the update or correction.
  •  obtain the cancellation or removal of personal data. When certain conditions are met, the user can request the cancellation of their data by the owner.
  • receive their data or have them transferred to another holder. The user has the right to receive his / her data in a structured format, commonly used and readable by an automatic device and, where technically feasible, to obtain the transfer without hindrance to another holder. This provision is applicable when the data are processed with automated tools and the processing is based on the user’s consent, on a contract of which the user is a party or on contractual measures connected to it.
  • propose a complaint. The user can lodge a complaint with the competent personal data protection authority or act in court.
  • obtain treatment limitation. When certain conditions occur, the user can request the limitation of the processing of their data. In this case the holder will not process the data for any other purpose other than their conservation.

We have created this form to facilitate you in case you want to exercise the following rights on your personal data:

  •  View your personal information
  • Correct your personal data (specify the fields to edit in the notes)
  • Revoke your consent to the use of your personal data
  • Delete your personal data from your site / list
  • Portability of your data to others (specify in the notes)

Portability of your data to others (specify in the notes)

I dati sono trattati e conservati per il tempo richiesto dalle finalitĂ  dei servizi utilizzati e per le quali sono stati raccolti.

  • The data are processed and stored for the time required by the purposes of the services used and for which they were collected.
  • Personal data collected for purposes related to the execution of a contract between the owner and the user will be retained until the execution of the contract is completed.
    Personal data collected for purposes related to the legitimate interest of the owner will be retained until the satisfaction of this interest. The user can obtain further information on the legitimate interest pursued by the owner in the relevant sections of this document or by contacting the owner at this email: []

When the processing is based on the user’s consent, the holder may retain the personal data for a longer time until such consent is revoked. In addition, the owner may be obliged to keep personal data for a longer period in compliance with a legal obligation or by order of an authority. At the end of the retention period, personal data will be deleted. Therefore, at the end of this term the right of access, cancellation, rectification and the right to data portability can no longer be exercised.

Changes to this privacy policy

The data controller reserves the right to make changes to this privacy policy at any time by informing users on this page and, if possible, on this application and, if technically and legally feasible, by sending a notification to users through one of the extremes contact person in possession of the holder. Therefore, please consult this page regularly, referring to the last modification date indicated at the bottom. If the modifications concern treatments whose legal basis is consent, the holder will collect again the user’s consent, if necessary.


#Ultimo aggiornamento al: 28-12-2018 13:29:29