Information on the processing of personal data for users of the website

Articles 13 and 14 of Regulation 2016/679 / EU (hereafter also “GDPR”)

The reason for this leaflet

ITALIAN EXCLUSIVE VILLAS (hereinafter also referred to as “Company” or “Owner”) is committed to respecting and protecting your privacy and wants you to feel safe both when you are browsing the site and also if you decide to register with us by giving us your personal data in order to take advantage of the services made available to our Users and/or Customers. In this leaflet, the Company intends to provide some information on the processing of personal data for users who visit or consult the website accessible online from the address (the “Site”). The information is provided only for the Company website and not for other websites that may be consulted by the user through its links (for which reference must be made to the respective privacy policies). The reproduction or use of pages, material and information contained within the Site, by any means and through any medium, is not permitted without the prior written consent of the Company. Copying and/or printing is allowed for personal and non-commercial use only (for inquiries and clarifications please contact the Company at the addresses below). Other uses of the content, services and information on this site are not permitted.

With regard to the content offered and the information provided, the Company will ensure that the contents of the Website are kept up-to-date and revised, without offering any guarantee as to the adequacy, accuracy or completeness of the information provided and explicitly declining any responsibility for any errors in the information provided on the Website.

Origin – Navigation data

The Company informs that the personal data you provide and acquired on the request for information and/or contact, registration to the site and to request the use of services via Smart-phone or any other instrument used to access the Internet, as well as the data necessary for the provision of such services, including navigation data and data used for the eventual purchase of products and services offered by the Company, also including the so-called Users’ “navigation” data of the site, will be treated in compliance with the current applicable law. The computer systems and software procedures used for the operation of this website acquire, during their normal operation, some personal data the transmission of which is implicit in the use of the Internet. This information is not collected to be used with specific interested parties, but can, by their very nature, through processing and association with data held by third parties, allow users to be identified as navigators. This category of data includes the “IP addresses” or domain names of the computers used by anyone who connects to the site, the addresses in the URI (Uniform Resource Identifier), the ​​notation of the requested resources, the time of the request, the method used in submitting the request to the web server, the size of the files obtained in response, the numerical code indicating the status of the response given by the web server (success, error, etc.) and other parameters related to the operating system and the user’s computer environment. This data is used for the sole purpose of obtaining anonymous statistical information on the usage of the site and to check the correct functioning of the Company website. It should be noted that the aforementioned data could be used to ascertain responsibility in the case of computer crimes against the Company site or other connected sites: except for this eventuality, the data on web contacts is not kept for more than a few days.

Origin – Data provided by the user

The Company collects, retains and processes your personal data in order to provide the products and services offered on the Site, or for legal obligations. With regard to some specific Services, Products, Promotions, etc. the Company can process your data for commercial purposes. In such cases, a specific, separate, optional and always revocable consent will be required using the following methods and the contact details indicated below.

The optional, explicit and voluntary sending of emails to the addresses indicated in the appropriate section of the Website, as well as the compilation of questionnaires (e.g. forms), communication via chat, push notification via APP, social networks, call centres, etc ., involves the subsequent acquisition of some of your personal data, including data collected through the use of Apps and related services, necessary for a response to your requests. We also point out that when using the mobile connection to access digital content and services offered directly by the Company or by our Partners, it may be necessary to transfer your personal data to third parties. We point out that you may access the Site or connect to areas where you can publish information using blogs or bulletin boards and communicate with others: for example, by using the Company pages on Facebook®, LinkedIn®, Youtube®, and other social networking sites; reviewing products and offers; posting comments or content. Before interacting with these areas, please read carefully the General Conditions of Use taking into account that, under certain circumstances, the information published can be viewed by anyone with access to the Internet and all the information you include in your publications can be read, acquired and used by third parties.

The Purposes of Processing and its Legal Foundations

Data is processed for the following purposes:

1) in strict connection with and necessary for registration on the website, for the use of the services and/or Apps developed or made available by the Company, for the use of the related information services, for the management of requests for contact or information, for the purchase of products and services offered through the Company website;

2) for ancillary activities related to the management of User/Customer requests and for sending feedback that may include the transmission of promotional material, for the completion of purchase orders of the products and services offered, including the aspects related to payment by credit card, the management of shipments, the possible exercise of the right of reconsideration envisaged for long distance purchases; for updates on the availability or temporary unavailability of products and services;

3) in relation to the fulfilment of obligations under EU and national regulations, the protection of public order, the detection and repression of crimes;

4) direct marketing, namely sending advertising material, direct sales, carrying out market research or commercial communication of products and/or services offered by the Company; this activity may also include the products and services of companies belonging to the Company Group and be carried out by sending advertising/informative/ promotional material and/or invitations to participate in initiatives, events and offers aimed at rewarding users/customers, using the “traditional” methods (for example, paper mail and/or calls from an operator), or through “automated” contact systems (for example SMS and/or MMS, telephone calls without operator intervention, emails, fax, interactive applications), pursuant to art. 130 c. 1 and 2 of Legislative Decree. 196/03 and its subsequent amendments.

The provision of data for the purposes referred to in points 1), 2) and 3), following a pre-contractual and/or contractual or functional phase of a user request or required by a specific regulatory provision, is mandatory and if not provided the information and access to the services requested will be denied; with regard to point 4) of this Information leaflet, consent to the processing of data by the user/customer is instead free and optional and always revocable without consequences on the usability of products and services unless it becomes impossible for the company to update its users/customers on new initiatives or on specific promotions or advantages available to them.

The Company may send commercial communications relating to products and/or services similar to those already provided, in accordance with the Directive 2002/58/EU, using the electronic or house addresses indicated by you on these occasions and which you can revoke by using the methods and the contact details as given below.

Methods, processing logic, data retention times and security measures

Processing is also carried out using electronic or automated instruments and is performed by the Company and/or by third parties that the Company uses to store, manage and transmit the data. The processing of data will be carried out according to the logics of organizing and processing your personal data, including the logs originating from the access and usage of services made available via the web and products and services used in relation to the above indicated purposes which, in all cases, will be processed in a way to guarantee the security and confidentiality of the data. The processed personal data will be retained for the time limit prescribed by current and applicable legislation.

As regards the security of data, in the sections of the website set up for particular services, where personal data is requested from the user, the data is encrypted using a security technology called Secure Sockets Layer, abbreviated to SSL. The SSL technology encodes the information before it is exchanged via the Internet between the user’s computer and the company’s central systems, making them incomprehensible to unauthorized parties and thus guaranteeing the confidentiality of the information transmitted; moreover, the transactions carried out using electronic payment instruments are made directly on the payment service provider (PSP) platform and the company only keeps the minimum amount of information necessary for the management of any eventual disputes. In precise reference to the aspects of personal data protection, the user/customer is invited, pursuant to art. 33 of the GDPR, to report to the Company any circumstances or events giving rise to a potential “breach of personal data (data breach)” in order to allow an immediate evaluation of the occurrence and the adoption of actions aimed at avoiding such an event. You can write to or contact Customer Service. The measures adopted by the Company do not, however, exempt the Customer from paying the necessary attention to the use, where required, of a password/PIN of adequate complexity, which will have to be updated periodically, especially in the case where the subject’s privacy has been violated by or made known to third parties, and being careful to make the data inaccessible to third parties, in order to avoid any improper and unauthorized usage.


A cookie is a short string of text that is sent to your browser and possibly saved on your computer (alternatively on your Smart-phone/tablet or any other tool used to access the Internet); this is generally sent every time you visit a website. Companies use cookies for various purposes, for example in order to offer you a fast and secure digital experience, allowing you to keep the connection to the protected area open while browsing through the pages of the site.

Cookies stored on your terminal cannot be used to retrieve data from your hard disk, transmit computer viruses or identify and use your email address. Each cookie is unique in relation to the browser and device you use to access the Website or use the Company App. In general, the purpose of cookies is to improve the functioning of the website and the user experience, though cookies can also be used for sending advertising messages (as specified below). For more information on what cookies are and how they work, you can consult the website “All about cookies”

Areas of Communication and Data Transfer

For the pursuit of the aforementioned purposes, the Company will be able to transmit and process the personal data of the users/customers to third parties with whom we have relationships both in Italy and abroad, where these third parties provide services at our request. We will provide these third parties with only the information necessary to perform the services required while taking every necessary measure to protect your personal data. The data may be transferred outside the European Economic Area if this proves necessary for the management of your contractual relationship. In this case, the recipients of the data will be under the same security obligations as those guaranteed by the Data Controller. In the case of use of services offered directly by Partners we will provide only the data strictly necessary for their execution. In all cases, only the data necessary for the achievement of the intended purposes will be communicated and, where required, the guarantees applicable to transfers of data to third countries will be applied. We may also disclose personal data to our suppliers of commercial services for marketing reasons, and nominated for this purpose as external processing managers. In addition, personal data may be disclosed to the competent public bodies and authorities for compliance with regulatory requirements or for ascertaining responsibility in the case of computer crimes to the detriment of the site, as well as being communicated to, or allocated to, third parties (as managers or, in the case of providers of electronic communication services, as self-employed owners), for the supply of computerized and telematic services (e.g.: hosting, management and development of websites) and whose company undertakes tasks and activities of a technical and organizational nature that are instrumental to the functioning of the website. The subjects belonging to the above categories operate as separate Data Controllers or as Managers appointed by the Company for this purpose.

Personal data may also be made known to Company employees/consultants who are specifically trained and appointed as Data Processors.

The categories of recipients in possession of the data is available on request by contacting the Company at the addresses indicated below.

The Rights of the Interested Parties

You can exercise your rights recognized by law at any time, including the following:

a) to access your personal data, obtaining evidence of the purposes pursued by the Owner, the categories of data involved, the recipients to whom they may be communicated, the applicable retention period, the existence of automated decision-making processes;

b) to obtain without delay the correction of inaccurate personal data concerning you;

c) to obtain, when possible, the deletion of your data;

d) to obtain the limitation of the data processing or to oppose it, when possible;

e) to request the portability of the data that you have provided to the Company, i.e. to receive it in a structured format, commonly used and readable by automatic devices, and also to be able to transmit this data to another owner, within the limits and constraints foreseen by art. 20 of the GDPR.

You can also submit a complaint to the Authority for the Protection of Personal Data pursuant to art. 77 of the GDPR.

For the processing referred to in point 4) of the purposes, the Customer can always revoke their consent and exercise their right to oppose direct marketing (in “traditional” and “automated” form). The revocation, in the absence of indication to the contrary, will refer to both traditional and automated communications.

The Data Controller

The Data Controller, pursuant to art. 4 of the Code and the GDPR, is ITALIAN EXCLUSIVE VILLAS, Via Marmorata, 21 – 84010 Ravello (SA) VAT: 03424000127 – CF: 03424000127

The rights indicated above may be exercised at the request of the interested party in the manner explained by Customer Services or on the Company’s website or through the following referent: Francesca Andresini (089858013).

The use of the Website, including as intended for tablets and/or Smart-phones, by the Customer and/or the User, implies full knowledge and acceptance of the contents and indications included in this version of the information leaflet published by the Company at the moment the site is accessed. The Company informs that this information leaflet may be modified without prior notice and therefore recommends a periodic reading.

The Data Controller


This privacy statement was updated on 01/07/2018 22:11