ita eng deu rus fra esp chi


with breakfast



under 12 years of age


or apartments

Home > Privacy Policy

Privacy Policy

Information pursuant to article 13 of EU Regulation 2016/679, so-called GDPR.

This page describes the way to manage the website in relation to the processing of personal data of the users who consult it. This information (or “privacy policy”) is provided pursuant to article 13 of EU Regulation 2016/679, European Regulation on the Protection of Personal Data (hereinafter, “Regulation” or “GDPR”) to those who interact with the web services of the website

The information is only provided for the website and not for other websites that may be consulted by the user via links.

1. DATA CONTROLLER. The Data Controller, pursuant to articles 4 and 24 of EU Reg. 2016/679 is San Vigilio R. E. SPA, in the person of its pro tempore legal representative, Loc. Abbazia San Vigilio, 25010 Pozzolengo (BS), tel. 030 91801 email:

2. PERSONAL DATA SUBJECT TO PROCESSING. «personal data»: any information concerning an identified or identifiable natural person («interested party»); the natural person considered identifiable is one that can be identified, directly or indirectly, with particular reference to an identifier such as name, an identification number, location data, an online identifier or one or more distinctive elements of his or her physical, physiological, genetic, psychological, economic, cultural or social identity. a) Browsing data. The computer systems and software procedures used for the correct functioning of the Website acquire, during their normal operation, some personal data, the transmission of which is implicit while browsing the websites.

This information is not collected to be associated to identified parties; however, because of their very nature, they might allow users to be identified through processing and association with data held by third parties. This category of data includes IP addresses or domain names of computers and terminals used by users, the URI/URL (Uniform Resource Identifier/Locator) addresses of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numeric code indicating the status of the response provided by the server (success, error, etc.) and other parameters related to the operating system and to the user’s IT environment. b) Data provided voluntarily by the interested party. The optional, explicit and voluntary sending of electronic mail to the addresses indicated on this website entails the acquisition of the sender’s address, necessary in order to respond to requests, as well as any other personal data included in the message (request for contact or information). Apart from what is specified for browsing data, the user is free to provide personal data to request the sending of informative material or other communications. Failure to provide such data may make it impossible to obtain what is requested. Specific summary information will be published on the pages of the website set up for the provision of certain services. c) Cookies. For further information on the cookies used by this website, see the cookies policy at the following link

3. PURPOSES AND LEGAL BASIS OF THE DATA PROCESSING. DATA RETENTION PERIOD. The data collected will be processed for the following purposes: Website browsing: to allow you to browse our website and other digital platforms. The legal basis for the data processing is article 6, paragraph 1, letter f): Legitimate interest. Data retention period: the duration of the browsing session. For browsing, see the cookie policy. Data collection via contact form: to allow you to obtain information on our services, in our “Contacts” section for example. The legal basis for the data processing is article 6, paragraph 1, letter b): implementation of pre-contractual measures also adopted at the request of the interested party. Data retention period: 1 year for direct marketing contacts: subject to prior consent and until its opposition for direct marketing activities by the Owner, direct sales, sending of newsletters and promotional or commercial material or material related to events and initiatives, by the Owner by automated means of electronic mail, fax, SMS, MMS or other types of messages, as well as by telephone calls through an operator, including automated and paper mail and other informative material. The legal basis for the data processing is article 6, paragraph 1, letter a): consent. Period of data retention: until its opposition (opt-out).

4. METHODS OF DATA PROCESSING. The processing of data will be performed in an automated and manual way, with logics strictly related to the purposes indicated and, in any case, to guarantee the security and confidentiality of the data itself, by persons specifically authorized to do so. This data will be stored, as specified in the above paragraph, for the time strictly necessary to provide you with the requested services and will, in any case, be eliminated following a request from you, subject to further retention obligations required by law.

5. POSSIBLE RECIPIENTS AND POSSIBLE CATEGORIES OF PERSONAL DATA ADDRESSEES. Personal data may be communicated to third parties performing activities necessary for the provision of services offered by the Website, who will process the data acting as data controllers (Article 28 of EU Reg. 2016/679) and/or as natural persons acting under the authority of the Data Controller and the Data Supervisor (Article 29 of the EU Reg. 2016/679), acting under the authority of the Owner and the Person in charge. Specifically, the data will be processed by: parties that provide services for the management of the information system and telecommunications networks; including e-mail, newsletters and website management, among which, for example, MailUp S.p.A.; freelancers, studios or companies in the context of assistance and consulting relationships; competent authorities for the fulfilment of legal obligations and/or provisions issued by public bodies, upon request. The list of Data Controllers is available at the company’s headquarters.

6. TRANSFER OF PERSONAL DATA TO A THIRD COUNTRY AND/OR AN INTERNATIONAL ORGANIZATION. None of the User’s personal data will be transferred to a third country outside of the European Union or to International Organizations.

7. RIGHTS OF THE INTERESTED PARTY. Pursuant to articles 15 et seq. of the GDPR, the interested party has the right to ask the Data Controller: access to his personal data; the amendment or cancellation of the data or the limitation of the data processing concerning him/her; opposition to data processing; data portability in compliance with article 20 mentioned above; if the data processing is based on Article 6, paragraph 1, letter a) or Article 9, paragraph 2, letter a), above-mentioned revocation of consent at any time without prejudice to the lawfulness of the data processing based on the consent provided before the revocation. Without prejudice to any other administrative or judicial remedy, the interested party who considers that the data processing concerning him/herself violates the GDPR, has the right to lodge a complaint with the Guarantor for the protection of the personal data according to the methods described on the website (art. 77 cit.). To exercise the above rights, the interested party may contact the Owner at the addresses indicated in point 1 of this information notice.

8. UPDATES. This privacy policy may be modified and/or supplemented as a result of any subsequent regulatory changes and/or additions, the updating or provision of new services or technological innovations.

February 2019-02-12

Chervò Golf San Vigilio Hotel SPA & Resort | Privacy Policy