Privacy Policy

Villa Raffaelli, storica casa vacanze in Garfagnana, Toscana, offre relax nel soleggiato giardino con lettini e vista mozzafiato sui panorami montuosi.

1. Subject and Data Controller
This Privacy Policy governs the processing of personal data of users accessing the Vida Raffaelli website (hereafter “Website”). The Data Controller is the Website operator, who determines the purposes and means of data processing (hereafter “Controller”). The Website promotes the villa, displays photos, potentially manages bookings, and provides contact details for an international audience.

2. Legal Basis for Processing
All personal data collected through use of the Website are processed in compliance with Regulation (EU) 2016/679 (GDPR) and any other applicable data protection laws. The main legal basis is the legitimate interest of the Controller to ensure proper Website operation and to enhance user experience.

3. Types of Data Collected
3.1 Browsing Data
The Website uses Google Analytics to collect aggregated and anonymous information about traffic, usage, visit statistics, partially or fully anonymized IP addresses, browser type, and device used. Generally, these data do not allow direct user identification.
3.2 Third-Party Services
The Website includes a Google Maps iframe for map display. No additional personal data are collected; however, any personal data may be processed by Google according to its own policy.
3.3 Cookies
Functional cookies from WordPress and the Enfold theme are used to ensure the Website’s technical operation. The management and correct operation of Enfold’s cookie system fall under the theme provider’s responsibility; therefore, the Controller declines any liability for malfunctions or noncompliance with current regulations.

4. Purpose of Processing
The collected data are processed exclusively for the following purposes:
– Ensuring the proper operation and security of the Website
– Performing anonymous statistical analyses to improve the structure, content, and performance of the Website
– Providing information about the villa and enabling contact should the user decide to send communications (e.g., via e-mail), given there is no contact form

5. Processing Methods and Security Measures
Data processing, including information collected through Google Analytics and system logs, is carried out with IT and telematic tools, in accordance with principles of fairness, lawfulness, and transparency. Appropriate technical and organizational security measures are adopted to prevent unauthorized access, disclosure, alteration, or destruction of data. Data are retained only for as long as strictly necessary for the purposes listed or in accordance with legal obligations.

6. Data Communication and Disclosure
The Controller does not communicate or disclose personal data to third parties unless required by law or to protect its legitimate interest in judicial or administrative proceedings. Third-party services integrated into the Website (such as Google Analytics and Google Maps) process data as independent Controllers or external Processors, in accordance with their respective Privacy Policies, available on their own websites.

7. Data Subject Rights
Data subjects have the right to:
– Access their personal data and obtain a copy (Art. 15 GDPR)
– Request the rectification of inaccurate data or the completion of incomplete data (Art. 16 GDPR)
– Obtain the erasure of personal data when no longer necessary for processing (Art. 17 GDPR)
– Obtain the restriction of processing (Art. 18 GDPR)
– Object to processing for reasons related to their particular situation (Art. 21 GDPR)
– Lodge a complaint with the competent supervisory authority (in Italy, the Data Protection Authority)

8. Transfer of Data Outside the EEA
Data collected via Google Analytics may be transferred and processed in countries outside the European Economic Area. In such cases, appropriate safeguards (such as standard contractual clauses) are put in place to ensure a level of protection in line with European regulations.

9. Updates and Changes
The Controller reserves the right to modify or update this Privacy Policy at any time, especially in the event of legal changes or the introduction of new services. It is recommended to check this section periodically to view any updates. Any substantial changes will be communicated to users via a notice on the Website.

10. Contacts
For more information or to exercise the above rights, data subjects may contact the Controller using the contact details published on the Website. This Privacy Policy remains valid until replaced or updated.