Privacy policy
PRIVACY NOTICE
(pursuant to Articles 13 and 14 of EU Regulation 2016/679 – GDPR)
Data Controller
The Data Controller is Coeffin Srl Semplificata – Alberobello (BA), Italy, VAT number 08216970726, email [email protected]
, phone +39 389 6026364.
This notice applies to personal data collected through the website and the integrated booking engine provided by Kross Booking, as well as through tools connected with booking and guest stay management.
Categories of personal data processed
Personal identification data, contact details, booking and stay information, data required by law, payment-related data processed via external providers, and browsing or usage data may be processed.
Purposes and legal basis
Personal data are processed for:
managing bookings, stays and operational communications with guests;
complying with legal, administrative, tax and public security obligations;
managing payments, guarantees and fraud or dispute prevention;
improving services and analysing website use, where permitted by applicable law;
sending marketing communications and newsletters, only with the data subject’s explicit consent.
Depending on the case, the legal basis is the performance of a contract or pre-contractual measures, compliance with legal obligations, the legitimate interest of the Data Controller where applicable, and consent where required.
Nature of data provision
Providing data necessary for booking and legal compliance is mandatory. Failure to provide such data may make it impossible to complete the booking or provide the service.
Processing methods
Data are processed by manual and electronic means in accordance with principles of lawfulness, fairness, transparency, data minimisation and security, adopting appropriate technical and organisational measures.
Recipients of data
Data may be shared with third parties strictly related to service provision, such as technology providers including Kross Booking, payment providers, administrative, tax and legal consultants, hosting providers and competent public authorities, where required by law.
Transfers outside the EU
Where some services involve transfers of personal data outside the EU, such transfers will take place in accordance with the safeguards required by applicable law.
Retention period
Data are retained for as long as necessary for the purposes stated above and, subsequently, for the periods required by applicable civil, tax and administrative laws. Marketing data are retained until consent is withdrawn or within legal limits.
Data subject rights
The data subject may exercise the rights set out in Articles 15 and following of the GDPR, including access, rectification, erasure, restriction, objection and portability, by writing to [email protected]
. A complaint may also be lodged with the competent Data Protection Authority.
(pursuant to Articles 13 and 14 of EU Regulation 2016/679 – GDPR)
Data Controller
The Data Controller is Coeffin Srl Semplificata – Alberobello (BA), Italy, VAT number 08216970726, email [email protected]
, phone +39 389 6026364.
This notice applies to personal data collected through the website and the integrated booking engine provided by Kross Booking, as well as through tools connected with booking and guest stay management.
Categories of personal data processed
Personal identification data, contact details, booking and stay information, data required by law, payment-related data processed via external providers, and browsing or usage data may be processed.
Purposes and legal basis
Personal data are processed for:
managing bookings, stays and operational communications with guests;
complying with legal, administrative, tax and public security obligations;
managing payments, guarantees and fraud or dispute prevention;
improving services and analysing website use, where permitted by applicable law;
sending marketing communications and newsletters, only with the data subject’s explicit consent.
Depending on the case, the legal basis is the performance of a contract or pre-contractual measures, compliance with legal obligations, the legitimate interest of the Data Controller where applicable, and consent where required.
Nature of data provision
Providing data necessary for booking and legal compliance is mandatory. Failure to provide such data may make it impossible to complete the booking or provide the service.
Processing methods
Data are processed by manual and electronic means in accordance with principles of lawfulness, fairness, transparency, data minimisation and security, adopting appropriate technical and organisational measures.
Recipients of data
Data may be shared with third parties strictly related to service provision, such as technology providers including Kross Booking, payment providers, administrative, tax and legal consultants, hosting providers and competent public authorities, where required by law.
Transfers outside the EU
Where some services involve transfers of personal data outside the EU, such transfers will take place in accordance with the safeguards required by applicable law.
Retention period
Data are retained for as long as necessary for the purposes stated above and, subsequently, for the periods required by applicable civil, tax and administrative laws. Marketing data are retained until consent is withdrawn or within legal limits.
Data subject rights
The data subject may exercise the rights set out in Articles 15 and following of the GDPR, including access, rectification, erasure, restriction, objection and portability, by writing to [email protected]
. A complaint may also be lodged with the competent Data Protection Authority.