PRIVACY AND COOKIES POLICY
1. Introduction
Casa Musa Ostuni, located in Ostuni, Italy, is responsible for processing personal data as outlined in this privacy statement. This policy complies with the General Data Protection Regulation (GDPR) and other applicable EU data protection laws.
2. Contact Information
Casa Musa Ostuni
Website: www.casamusaostuni.com
Address: CASA MUSA Contrada Badessa 720 17 Ostuni, Italy
Email: casamusaostuni@gmail.com
3. Personal Data We Collect
We process personal data that you provide when using our services or communicating with us. This includes:
- Full name
- Address
- Phone number
- Email address
- IP address
- Location data
- Payment information
4. Special or Sensitive Personal Data
Our website is not intended for individuals under 16 years of age. We do not knowingly collect data from minors without parental consent. If you believe we have collected such data, please contact us at casamusaostuni@gmail.com, and we will delete it promptly.
5. Purpose and Legal Basis for Processing Personal Data
We process personal data for the following purposes:
- Managing reservations and bookings (contractual necessity)
- Handling payments (contractual necessity)
- Sending notifications and updates (legitimate interest)
- Contacting you if necessary to provide services (contractual necessity)
- Informing you about service updates and seasonal offers (consent)
- Complying with legal obligations, such as tax reporting (legal requirement)
6. Automated Decision-Making
We do not use automated decision-making processes that could significantly impact individuals.
7. Data Retention Period
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected:
- For reservations: Personal data is retained for the duration of the contractual relationship and for any required legal or tax obligations.
- For marketing communications: Data is retained until the user withdraws consent.
- For legal compliance: Data is stored according to tax and accounting regulations.
8. Sharing of Personal Data
We do not sell your data. We may share your data with third parties only in the following cases:
- Service providers: We engage third parties for payment processing and booking management under strict Data Processing Agreements (DPAs).
- Legal compliance: We may disclose data if required by law.
All third parties are contractually obligated to maintain the confidentiality and security of your data.
9. Cookies and Similar Technologies
We use the following types of cookies:
- Essential cookies: Necessary for website functionality.
- Analytical cookies: Used to optimize website performance (Google Analytics, etc.).
- Marketing cookies: Only used with user consent.
You can manage cookie preferences via your browser settings or opt-out at any time.
10. Your Rights Under GDPR
As a data subject, you have the right to:
- Access your personal data
- Correct inaccurate data
- Request deletion ("right to be forgotten")
- Withdraw consent for processing
- Object to data processing
- Request data portability
To exercise these rights, contact us at casamusaostuni@gmail.com. You may also file a complaint with the Italian Data Protection Authority (Garante per la Protezione dei Dati Personali) at www.garanteprivacy.it.
11. Data Security
We implement appropriate security measures to protect your data from unauthorized access, loss, or misuse. If you suspect a data breach, please contact casamusaostuni@gmail.com immediately.