Information on the processing of personal data. Effective from 28/01/2026
This policy takes into account the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (GDPR) and the Privacy Code (Legislative Decree 30 June 2003 no. 196). The document has also been drafted based on the Guidelines of the Privacy Guarantor (especially the Guidelines against spam issued by the Privacy Guarantor on July 4, 2013).
Data Controller: Giacomo Galassi
Website referred to in this privacy policy: www.cadellavalletta.it (Site).
The Data Controller has not appointed a DPO (Data Protection Officer). Therefore, you may send any request for information directly to the Data Controller.
This document describes how the Data Controller processes your personal data provided on the Site.
The main processing of your personal data is described below. In particular, the legal basis for processing, whether provision is mandatory, and the consequences of failing to provide personal data are explained. To better describe your rights, where necessary, we have specified if and when a specific processing of personal data is not carried out.
The Site does not offer the possibility of registration. Therefore, the Data Controller does not process your personal data for this purpose.
It is not possible to make direct purchases (e-commerce checkout) on the Site. Therefore, your personal data will not be processed for this specific purpose of automated online sales. The Data Controller does not process user data to send product and/or service purchase 'reminder' emails. The Controller does not offer products or services prohibited to minors under 18.
Your data will be processed to respond to your requests for information (e.g., contact form or booking via email/WhatsApp). Provision is optional, but refusal will make it impossible for the Data Controller to answer your questions. The legal basis for processing is the legitimate interest of the Data Controller to follow up on user requests.
The Data Controller will not send you advertising material and/or newsletters relating to its own or third-party products without explicit consent. We use Google services, such as Google Ads and Google Analytics, to personalize ads and improve the user experience. This includes the collection of personal data and cookies, used to show you ads in line with your preferences. Upon consent, you will be asked to authorize the use of this data.
The Data Controller does not carry out 'profiling' with your personal data. Therefore, it will not send you advertising material and/or newsletters relating to its own or third-party products of specific interest to you.
The Data Controller does not transfer your personal data to third parties.
In case of access to the Site, you may receive a notification on your device giving you the option to allow or deny the location of the device itself. You can freely allow or refuse this setting. The legal basis for processing consists of the legitimate interest of the Data Controller to provide services relevant to the user's location.
It is not possible to send CVs via the Site. Therefore, your data will not be processed for these purposes.
No third-party automated appointment booking systems are active on the Site. Therefore, your data will not be processed for this specific purpose.
The Data Controller does not ask for the publication of photographs and/or videos depicting you. Therefore, your data will not be processed for these purposes.
The use of any automated process or system to access, acquire, copy, or monitor any part of our website (web scraping) is expressly prohibited.
Within the scope of its ordinary activity, the Data Controller may communicate your personal data to certain categories of subjects (e.g., tax consultants, authorities for legal obligations such as Alloggiati Web, etc.).
1.1 The processing of your personal data will be mainly carried out with the aid of electronic or automated means, according to methods and with tools suitable to guarantee security and confidentiality.
1.2 The information acquired and the methods of processing will be relevant and not excessive with respect to the type of services rendered.
1.3 'Special data' (sensitive data) are not processed via the Site.
1.4 Judicial data are not processed via the Site.
The Data Controller may communicate your personal data to specific categories of subjects:
The Data Controller does not use CRM platforms for mass sending, nor does it transfer data to couriers or banking institutions for direct payments on the site (as they are not present).
Your personal data will be retained only for the time necessary to guarantee the correct provision of services offered through the Site and for the time required by specific regulations (e.g., tax obligations).
The Data Controller is based in a country that presents an adequate level of security from a regulatory point of view. Should the transfer of your personal data take place in a non-EU country, this will occur in compliance with the adequacy decisions of the European Commission.
The Data Controller informs you that you have the right to:
The above rights may be exercised with a request addressed without formalities to the Controller's contacts.
The Data Controller reserves the right to make changes to this policy at any time, giving appropriate publicity to users of the Site.