Privacy Policy

Notice pursuant to the GDPR (General Data Protection Regulation) 2016/679

Pursuant to the GDPR, our website wants and is required to manage its members' data in accordance with current regulations. For this purpose, in this privacy policy you will find all the information you need to understand what data we collect, why we collect it, and how we use it.
The privacy of our users is important to us, which is why we want you to be fully aware of our practices.
If you have any questions, you can contact us at the following email address: info@casa-massima.it. We will respond as soon as possible.

1. Data Controller
The data controller of the personal data collected through the website is:

Casa Massima Suites
Corso Umberto I, No. 8
70010 Casamassima (BA)
VAT No. 05676070724

info@casa-massima.it

Hereinafter referred to as “the Company”

DPO – Data Protection Officer
You can contact our Data Protection Officer at: info@casa-massima.it

2. Data Processed
The Company collects only the data voluntarily provided by the user and browsing data.
Access to the public part of the Website (freely accessible by all users) does not require the submission of any personal data.
If the user contacts the Company, for example via email or regular mail, the user's data will be acquired and processed in full compliance with applicable regulations.
Personal data voluntarily provided by the user may include:
• first name;
• last name;
• address;
• date of birth;
• tax code;
• email address;
• telephone number

Browsing data may include:
• IP addresses;
• URI (Uniform Resource Identifier) of requested resources;
• time and method used to send requests to the server;
• numeric code indicating the status of the server's response (success, error, etc.); etc.

Browsing data refers to the user's operating system and IT environment, and is implicitly transmitted when using internet communication protocols. Although this information is not collected to be associated with identified individuals, it could potentially be used to identify users through processing and association with third-party data.

3. Purpose of Data Processing
The Company processes the personal data provided by the user in connection with the use of the website. In particular, your personal data may be used for the following purposes:

a) to provide website services and features (e.g., name, surname, email, phone, password for login—if applicable);
The Company collects and processes the user's data to provide all website functionalities, such as communication tools.

b) processing payment and billing data;
The Company will only process the user's personal data to facilitate purchases and process payments made through the site. The Company does not acquire banking details as all payments are handled via PayPal or Stripe.

c) responding to any information requests from users;

d) sending information about our services/website updates via email or mail (note: this will only happen with explicit user consent);

e) storing and protecting data uploaded by the user in the “data processing register” section;

f) storing and protecting email or phone contact lists uploaded by the user to use our notification systems;

The above purposes are subject to user consent (which in some cases must be explicit).

Please note that the Company uses third-party tools (Google Analytics, Facebook Ads, Google AdWords) for statistical and marketing purposes only. Data is handled in a fully anonymized form. These data are used solely to gather statistical information not linked to any identifiable user, and to ensure proper functioning of the site. Data may also be used to investigate potential cybercrimes against the site.
The Company will not use the data for purposes other than those listed above and agreed to by the user, and only within the limits specified in any additional specific notices for the requested services.

The user remains the sole owner of their data and may request modification or deletion at any time; see the “User Rights” section below.

4. Retention of Personal Data
The Company will retain user information as required by law and, in any case, for as long as necessary to provide the requested services.

5. Security and Transfer of Personal Data
The transfer, storage, and processing of data collected through the website are safeguarded by appropriate technical measures. All user information is protected using AES 256-bit encryption. Additionally, the website uses a secure HTTPS connection.
User data is collected, stored, and retained on a secure server protected by firewalls and physically located in a controlled-access web farm in Arezzo. All superuser access is encrypted using military-grade encryption.

6. Data Transfer to Third Parties
The Company does not transfer personal data to third parties.
However, the Company may provide user data to other companies and/or third parties (Mailchimp, Google, Facebook) for processes required for the development of our IT systems and for statistical and marketing purposes.

These third parties will process user data in full compliance with applicable regulations.
User data will not be transferred outside the European Union.
Only if required by law will the Company provide personal data to the competent authorities.

7. User Rights (Data Subject)
The user may, at any time, exercise the rights provided under current regulations, including the following:
• request confirmation of the existence of their personal data and access to its contents;
• update, modify, and/or correct their personal data;
• request deletion, anonymization, or blocking of data processed unlawfully;
• request restriction of processing;
• object to processing for legitimate reasons;
• receive a copy of the provided data and request its transfer to another data controller.

To exercise one or more of the above rights, send a specific request via email to: info@casa-massima.it

8. Cookies
For information about the use of cookies on this website, please read our Cookie Policy.

9. Contact
For any questions or requests for clarification regarding the content of this page, please email: info@casa-massima.it