Posta Marcucci Logo Privacy Posta Marcucci
Posta Marcucci


This Website collects some Personal Data from its Users.

Privacy Policy pursuant to art. 13 and 14 of the GDPR

(EU Reg. 679/2016 on the Treatment of Personal Data)


Pursuant to the law and in relation to Personal Data of which Hotel La Perla srl, its collaborators and employees will come into possession, we advise you about the following information.

The "Data Controller" is Hotel La Perla srl, represented by its legal representative pro-tempore, hereinafter also more briefly identified with the term "Company", VAT no. 01231580216, based in Corvara in Badia (BZ), Str. Col Alt n. 105, tel. +39 0471 831000, fax +39 0471 836568, e-mail, which will use your data.

The "Data Processor" is any natural, legal person, Public Administration and any Entity that, where necessary and within the limits pertinent to the purposes of the Processing, uses Personal Data on behalf of the Owner.

  1. Type of data collected. All the data necessary for: the correct carrying out of the tourist-receptive and catering activity, spa, promotional activity, advertising, evaluation of the service and relating to human resources.


  1. Use of Data. The Data will be processed in accordance with the principles in accordance with art. 5 of the GDPR, including: lawfulness, correctness, transparency, limitation, confidentiality, etc.


  1. Purpose of the Processing. The Treatment is finalized solely for the purposes indicated in the preceding paragraph 1.


  1. Legal basis of the Treatment. The acquisition of the data takes place in relation to the contract between the owner and the interested party or eventually through consent.


  1. Refusal to provide Data. Any refusal by the Interested party to provide Data necessary for the performance of the activity may make it impossible to provide the services, carry out the activities and / or manage the reports indicated in Chapter 1 above.


  1. Data source. The personal data in which Hotel La Perla srl is in possession is collected in compliance with the provisions of Article 13 of the GDPR directly with the interested party or pursuant to art. 14 of the GDPR.


  1. Data processing methods. The Treatment in the respect of the art. 5, paragraph 1, lett. "F" of the GDPR is carried out by means of the operations or set of operations summarized as follows: collection, recording, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data. The operations can be carried out with or without the aid of electronic or digital or automated means.


  1. Data communication. Personal Data, for the purposes of the current contract, may be communicated for the purposes referred to in point 1 to internal and external Collaborators, Data Processors, subjects operating in the sector including the Albergo Posta Marcucci based in Bagno Vignoni (Tuscany), subjects aimed at assessing the quality of the services provided and managing loyalty programs.


  1. Dissemination of Data. Your Data will not be disseminated in any way, except for the cases indicated in the preceding paragraph.


  1. Data transfer abroad. Personal data may be transferred to countries of the European Union and to countries outside the European Union for the purposes of the processing reported in point 3. Any transfer of data to a country outside the European Union will occur in compliance with articles 45 and following of EU Reg. n° 679/2016. In the absence of a decision on the adequacy of the protection level, the transfer can take place only in the cases provided by art. 49 of the mentioned Regulation.


  1. Data retention. The Data is kept for the period necessary for the performance of the activity and in any case for a period not exceeding ten years.


  1. Rights of the interested party. The law gives the interested party the exercise of specific rights, including:

    - obtain from the Data Controller access to your Personal Data and information in an intelligible manner;
    - have knowledge of the origin of the Data, the purposes and methods of the Processing;
    - rectify and cancel (right to oblivion) ​​the Data;
    - limit the Treatment or have the possibility to oppose it
    - request data portability;
    - withdraw consent to the Processing without prejudice to the lawfulness of the Treatment based on the previous consent;
    - lodge a complaint pursuant to art. 77 GDPR to the Guarantor for the Protection of Personal Data.


  1. Changes to this privacy policy. The Owner reserves the right to make changes to this privacy policy at any time by giving notice to its Users on this page and possibly within this Website and/or - as far as technically and legally feasible - sending a notice to Users via any contact information available to the Owner. It is strongly recommended to check this page often, referring to the date of the last modification listed at the bottom. Should the changes affect processing activities performed on the basis of the User’s consent, the Owner shall collect new consent from the User, where required.


  1. System logs and maintenance. For operation and maintenance purposes, this Website and any third-party services may collect files that record interaction with this Website (System logs) use other Personal Data (such as the IP Address) for this purpose.


  1. Information not contained in this policy. More details concerning the collection or processing of Personal Data may be requested from the Owner at any time. Please see the contact information at the beginning of this document.


  1. Cookie Policy. Questo sito web fa utilizzo di Cookie. Per saperne di più e per prendere visione dell'informativa dettagliata, l'utente può consultare la Cookie Policy.


  1. Third-party subjects. Google Analytics (Google Inc., USA). This website uses Google Analytics, a web analytics service provided by Google Inc. (following: Google). Google Analytics uses so-called "cookies", ie text files that are stored on your computer and that allow an analysis of the use of the website by you. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. However, due to the activation of IP anonymization on these websites, your IP address will be shortened beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases the full IP address will be sent to a Google server in the US and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage to the website operator. The IP address provided by Google Analytics will not be merged with other Google data. You can prevent the storage of cookies by a corresponding setting of your browser software; however, we point out that in this case you may not be able to use all functions of this website in full. In addition, you may prevent the collection by Google of the data generated by the cookie and related to your use of the website (including your IP address) as well as the processing of this data by Google by downloading the browser plug-in available under the following link and install: browser add-on to deactivate Google Analytics[U-H&R01] [U-H&R02] .


  1. Non-continuous geolocation (this Website). This Website may collect, use, and share User location Data in order to provide location-based services. Most browsers and devices provide tools to opt out from this feature by default. If explicit authorization has been provided, the User’s location data may be tracked by this Website. The geographic location of the User is determined in a manner that isn't continuous, either at the specific request of the User or when the User doesn't point out its current location in the appropriate field and allows the application to detect the position automatically. Personal Data collected: geographic position.

Registration and authentication


By registering or authenticating, Users allow this Website to identify them and give them access to dedicated services. Depending on what is described below, third parties may provide registration and authentication services. In this case, this Website will be able to access some Data, stored by these third-party services, for registration or identification purposes.

Facebook Authentication (Facebook, Inc.). Facebook Authentication is a registration and authentication service provided by Facebook, Inc. and is connected to the Facebook social network. Personal Data collected: various types of Data as specified in the privacy policy of the service. Place of processing: Stati Uniti - Privacy Policy. Privacy Shield participant.

Google OAuth (Google Inc.). Google OAuth is a registration and authentication service provided by Google Inc. and is connected to the Google network. Personal Data collected: various types of Data as specified in the privacy policy of the service.Place of processing: Stati Uniti - Privacy Policy. Privacy Shield participant.

Analytics. The services contained in this section enable the Owner to monitor and analyze web traffic and can be used to keep track of User behavior.

Google Analytics (Google Inc.). Google Analytics is a web analysis service provided by Google Inc. ("Google"). Google utilizes the Data collected to track and examine the use of this Website, to prepare reports on its activities and share them with other Google services.
Google may use the Data collected to contextualize and personalize the ads of its own advertising network. Personal Data collected: Cookies and Usage Data. Place of processing: Stati Uniti - Privacy Policy - Opt Out. Privacy Shield participant.

Definitions and legal references


Personal Data. Any information that directly, indirectly, or in connection with other information - including a personal identification number - allows for the identification or identifiability of a natural person.

Usage Data. Information collected automatically through this Website (or third-party services employed in this Website), which can include: the IP addresses or domain names of the computers utilized by the Users who use this Website, the URI addresses (Uniform Resource Identifier), the time of the request, the method utilized to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the server's answer (successful outcome, error, etc.), the country of origin, the features of the browser and the operating system utilized by the User, the various time details per visit (e.g., the time spent on each page within the Application) and the details about the path followed within the Application with special reference to the sequence of pages visited, and other parameters about the device operating system and/or the User's IT environment.

User. The individual using this Website who, unless otherwise specified, coincides with the Data Subject.

Data Subject. The natural person to whom the Personal Data refers.

Data Processor. The natural or legal person, public authority, agency or other body which processes Personal Data on behalf of the Controller, as described in this privacy policy.

Data Controller. The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data, including the security measures concerning the operation and use of this Website. The Data Controller, unless otherwise specified, is the Owner of this Website.

This Website. The means by which the Personal Data of the User is collected and processed.

Service. The service provided by this Website as described in the relative terms (if available) and on this site/application.

European Union (or EU). Unless otherwise specified, all references made within this document to the European Union include all current member states to the European Union and the European Economic Area.

Cookies. Small sets of data stored in the User's device.

Legal information. This privacy statement has been prepared based on provisions of multiple legislations, including Art. 13/14 of Regulation (EU) 2016/679 (General Data Protection Regulation). This privacy policy relates solely to this Website, if not stated otherwise within this document.