This Privacy Policy is intended to clearly and concisely explain how the personal data you have provided to our company is processed when you interact with our offices through any channel (electronic, telephone, postal, e-commerce, physical point of sale, web contact forms for reservations, information, and job applications).
Da Vittorio S.r.l., as Data Controller, constantly ensures that your personal data is always processed in compliance with the provisions of Regulation (EU) 2016/679 (“GDPR”) regarding data protection.
This privacy notice therefore aims to explain how our company collects, uses, discloses, stores, and, where applicable, transfers your personal data, pursuant to Article 13 of the GDPR.
A. Identity and contact details of the Data Controller
The Data Controller of your data is Da Vittorio S.r.l., represented by its legal representative pro tempore, with registered office in Brusaporto (BG), Via Cantalupa 17, Tax Code and VAT No. 03237670165 (hereinafter the “Company” or “Data Controller”), with the following contact details:
-telephone: +39-035.681024
-email: This email address is being protected from spambots. You need JavaScript enabled to view it.
B. Purposes of processing, legal basis and legitimate interest
The processing of your personal data by Da Vittorio S.r.l. may be based on:
a) your consent (for example, when contacting our offices or points of sale for information, orders, reservations, etc.);
b) a contract (for example, if you are a supplier or customer of our Company);
c) a legal obligation (when our Company is required to comply with specific legal provisions);
d) legitimate interest (for example, when sending communications based on your reasonable expectation to receive information about our activities).
C. Protection of your data and possible recipients
Your personal data will be processed exclusively by our staff, specifically authorized and trained for such processing and, in any case, under the responsibility of the Data Controller and exclusively for the purposes for which your data was collected.
Da Vittorio S.r.l. adopts appropriate technical and organizational measures, in accordance with the GDPR, to ensure the security of your personal data, protecting it against loss, theft and/or misuse, as well as unauthorized access, disclosure, alteration and/or destruction, whether intentional or accidental.
Your personal data is stored within our Company and will not be disclosed or transferred to third parties, except:
a) for data related to tax obligations, for which our Company relies on an external firm or professional;
b) for copies of contact data stored with an external provider/server (backup, mailing and CRM services) to ensure their integrity or better management;
c) for the management of specific services requested by you that require the involvement of specialized personnel (event planner, etc.);
d) for mandatory communications required by law to Public Security Authorities responsible for receiving accommodation-related data at our hotel.
Da Vittorio S.r.l. ensures that the aforementioned providers offer the same guarantees of security and reliability in data processing as those ensured by our Company.
Da Vittorio S.r.l. may also be required, in certain cases, to disclose your personal data, in whole or in part, to third parties due to legal obligations, judicial proceedings of any kind, and/or requests from public authorities.
D. Transfer of data to third countries
Da Vittorio S.r.l. does not transfer your data outside the European Union, to third countries or to International Organizations.
E. Data retention period
Your personal data is retained only for the time strictly necessary to achieve the purposes for which it was collected.
In some cases, Da Vittorio S.r.l. may retain your data even beyond this period, to the extent strictly necessary to issue certifications and/or documents that may be requested by private individuals or public bodies, to achieve other purposes for which the data was collected, or to allow our Company to exercise and/or defend its rights in legal proceedings. In any case, your data will not be retained for longer than the period established by law.
F. Profiling
Da Vittorio S.r.l. does not use automated processes aimed at profiling.
G. Newsletter
By subscribing to our mailing list, you may receive the periodic newsletter of Da Vittorio S.r.l.
Our Company will send to the email address you provided during registration (either directly at our premises in Brusaporto, or via online, telephone, or electronic request, or during events) informational or commercial communications (such as company activities, invitations to events or promotions, etc.).
Our newsletter is managed through a cloud service provided by an external supplier that ensures compliance with GDPR regulations.
The newsletter service can be cancelled at any time by requesting the removal of your name and address by writing to This email address is being protected from spambots. You need JavaScript enabled to view it..
I. Dimora (Brusaporto) and Locanda Cavour (Bergamo)
If you are guests at our Dimora in Brusaporto or at our Locanda Cavour in Bergamo, Da Vittorio S.r.l. may process the following categories of personal data for the administrative management of your stay:
- identification data (first name, last name, age, date of birth, identity card, passport);
- contact data (physical address, email address, phone number);
- financial data (credit card number or other identifiers related to electronic payments)
For your best and most comfortable stay experience, Da Vittorio S.r.l. also makes use of the following services and providers, which may process all or part of your personal data:
- properly secured Wi-Fi service for each room;
- GDPR-compliant providers for the storage of your stay data;
- cloud-based platforms for managing your reservations at Locanda Cavour, as well as for managing room access codes;
- a cloud service provider (PassportScan) for the digital collection of your identification data at the Dimora.
J. Data subject rights
With reference to your personal data, you may exercise, using the contact details indicated above (“Section A” of this notice), the following rights:
1. right of access to personal data; right to obtain rectification or erasure of the same or restriction of processing concerning them (Articles 15 - 18 GDPR);
2. right to object to processing pursuant to Article 21 GDPR;
3. right to data portability, limited to data in electronic format, within the limits established by Article 20 GDPR.
With regard to data for which the legal basis of processing is your consent, you have the right to withdraw such consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
H. Complaint
You are also informed that, where the conditions are met, you have the right to lodge a complaint with the competent supervisory authority, as identified by Articles 3, 55 and 56 GDPR.
For further information, please visit the official website of the Italian Data Protection Authority at the following web address: www.garanteprivacy.it or www.gdpd.it.
K. Communication and provision of data
Finally, please note that the provision of your personal data may constitute a legal and/or contractual obligation and, in any case, a necessary requirement for the conclusion and execution of the commitments undertaken by our Company.
In such cases, failure to provide the data may make it impossible for our Company to fulfill your requests.
L. Cookies
For further information on how our website uses your data, please also read our cookie policy.
