(Pursuant to Articles 13 and 14 Reg. (EU) 2016/679 - GDPR; Legislative Decree 196/2003 and subsequent amendments and supplements; Guidelines on cookies and other tracking tools)

Dear User,

this policy explains in a simple and transparent way how we process personal data when you browse our website, when you contact us or when you book a stay at our establishment. We process data in compliance with Regulation (EU) 2016/679 ("GDPR") and the Privacy Code (Legislative Decree 196/2003, as amended by Legislative Decree 101/2018), adopting appropriate technical and organisational measures to guarantee its security, confidentiality and integrity.

Data controller and contacts

The data controller is IL RESIDENCE PIZZO SCALINO, in the person of its legal representative pro tempore, with registered office in Via Bernina 107, 23023 Chiesa in Valmalenco (SO)

Addresses: telephone 3282774380 email - info@residencepizzoscalino.com PEC cabellopietrosrl@pec.it

Adriano Cabello, the Data Protection Officer (DPO) can be contacted at: info@residencepizzoscalino.com 

Types of data processed through the site

• Browsing data: IP address, time/time zone, URI/URL, pages visited, referrer, browser and device type/version, system logs and malfunction information. This data is necessary for site operation and security.
• Data provided voluntarily: information entered in forms (e.g. contact details, quotes, newsletter subscription), messages and attachments, accommodation preferences.
• Reservation/stay data: pre-contractual and contractual information needed to manage the reservation (e.g. personal details, contact details, payment data such as guarantee card), invoicing data (if any).
• Special data (only if communicated): information on allergies, intolerances or health-related needs communicated in order to personalise the service. This data is only processed with your explicit consent and limited to the requested purpose.
• Data collected through cookies and similar tools: technical, analytical and profiling/marketing cookies, also from third parties. See section 'Cookie Policy'.

Aims and legal bases

We process data for:

1. a) Handling requests, quotations, bookings and the hospitality relationship (legal basis: execution of pre-contractual measures/contract
2. b) Fulfilment of legal obligations (e.g. art. 109 T.U.L.P.S. for lodgers, tax/accounting obligations) 
3. c) Ensuring security of persons, facilities and IT systems; preventing fraud and abuse; protecting rights in court - legitimate interest 
4. d) Send newsletters and promotional communications, only with your consent. For existing customers, we may send you communications about similar services (so-called 'soft-spam'), subject to your right to object at any time.
5. e) Personalising the experience on the site and measuring the effectiveness of content/advertising through analytical and profiling cookies, only with prior consent 
6. (f) Process any health-related data exclusively for the purpose of providing the personalised services requested - explicit consent).

Nature of conferment

The provision of the data necessary for the purposes sub a) and b) is mandatory: without it we cannot provide the requested services. The provision of data for the purposes sub d), e) and for special data is optional: failure to give consent does not affect the provision of the main services; you can always revoke it or change your preferences.

Processing methods and security measures

Data is processed by electronic and, where necessary, paper-based means. We apply access controls, encryption where appropriate, retention policies and incident management procedures. Staff are authorised and properly trained; suppliers are bound by GDPR-compliant agreements.

Data Retention

• Administrative, fiscal and contractual data: 10 years (subject to longer terms for legal obligations and litigation).
• Contact data/request management: for the time needed to give feedback, up to 24 months in the case of business leads.
• Newsletter/marketing data: until consent is revoked or you object.
• IT security data and technical logs: typically 6-24 months, unless required for the investigation of crimes and defence in court.
• Video surveillance data (if any): automatic deletion within a few days (no more than 7).
• Cookies: according to the durations listed in the 'Cookie List' section and in the 'Cookie Preferences' panel.

Recipients and categories of data processors

Data may be processed by:

• specifically authorised hotel staff;
• IT/hosting service providers, maintenance, CRM, email marketing/newsletters, booking engine and payment gateway;
• consultants (accounting/fiscal/legal), insurance companies (in case of claims), public authorities/security when required.

The data are not disseminated. The updated list of external data processors is available on request.

Extra-EU transfers

Some providers may have offices or servers in countries outside the EU (e.g. cloud services, newsletters, analytics). In such cases, the transfer takes place in compliance with Art. 44 ff. GDPR (adequacy decisions, standard contractual clauses, additional measures). Detailed information is available in the "Cookie preferences" panel or on request.

Rights of the data subject

You may, at any time, exercise your rights under Articles 15-22 GDPR: access, rectification, erasure, restriction, portability, objection to processing (including for marketing/soft-spam), as well as withdrawal of consent without prejudice to the lawfulness of the processing based on your consent prior to withdrawal. To exercise your rights: Cabellopietrosrl@pec.it.

You also have the right to lodge a complaint with the Garante per la protezione dei dati personali (www.garanteprivacy.it).

Minors

The services on this site are not intended for children under the age of 14. In the event that we become aware that we have collected data from minors without the consent of the holders of parental responsibility, we will delete it without delay.

Updates

We may update this policy to adapt it to regulatory or technical changes.

Video surveillance 

Video surveillance systems may be active in the hotel's common areas, signposted with appropriate signs. Images are used exclusively for security and heritage protection purposes on a legitimate interest basis; data are automatically deleted within a few days (in any case no more than 7), unless further storage is required in the event of unlawful/authoritarian events.

Consents and 'soft-spam

For newsletters and marketing we use forms with separate consent boxes. If you are already our customer, we may send you communications about services similar to those you have purchased (Art. 130, para. 4, Privacy Code): you may object at any time, simply and free of charge, via the link in the email or by writing to us.

Final Statements

Owner: Residence Pizzo Scalino, Via Bernina 107, 23023 Chiesa in Valmalenco (SO) 

Last updated: 23/09/2025