The purpose of this Privacy Policy is to clearly and concisely illustrate how we process the personal data you have communicated to our company by coming into contact with our offices through any channel (telematic, telephone, post, e-commerce, physical PoS, web contact forms for bookings, information and job applications).
Da Vittorio S.r.l., as Data Controller, guarantees and constantly ensures that your personal data is always processed in compliance with the requirements of EU Regulation 2016/679 (GDPR) on data protection.
The purpose of this privacy policy is, therefore, to explain how our company collects, uses, discloses, stores and, if necessary, transfers your personal data, pursuant to and for the purposes of Article 13 GDPR.
A. Identity and contact details of the Data Controller
Your Data Controller is Da Vittorio S.r.l., in the person of its pro-tempore legal representative, with registered office in Brusaporto (BG), Via Cantalupa 17, tax code and VAT number 03237670165 (hereinafter referred to as the ‘Company’ or ‘Data Controller’), with the following contact details:
-telephone: +39035.681024
-email: This email address is being protected from spambots. You need JavaScript enabled to view it.
B. Purpose of processing, legal basis and legitimate interest
The processing of your personal data by Da Vittorio S.r.l. can take place on the basis of:
a) your consent (for example, by contacting our offices or PoS for information, orders, reservations, etc.);
b) a contract (if you are, for example, a supplier or customer of our Company);
c) a legal obligation (when our Company is required to comply with specific legal requirements);
d) a a legitimate interest (for example, when we send you communications on the basis of your legitimate expectation to receive information from us about our activities).
C. Data protection and possible data recipients
Your personal data will be processed exclusively by our staff, specifically authorised and trained to process such data and, in any case, under the responsibility of the Data Controller and exclusively for the purposes for which your data was collected.
Da Vittorio S.r.l. adopts suitable and adequate technical and organisational measures according to the provisions of the GDPR in order to guarantee the security of your personal data, protecting them against loss, theft and/or abuse, as well as against unauthorised access, disclosure, alteration and/or destruction, whether intentional or accidental.
Your personal data are stored at our company and will not be communicated or passed on to third parties, with the exception of:
a) for those data related to tax compliance for which our Company has chosen to use an external Consultant.
b) for the copying of contact data stored by an external supplier/server (backup, mailing and CRM service) to protect their integrity or for the better management thereof.
c) for the management of specific services requested by you that require the intervention of qualified professional (event planner, etc.).
d) for the compulsory communications required by law to the Public Security in charge of receiving the notices of your stay at our hotel.
Da Vittorio S.r.l. ensures and guarantees, in any case, that the above-mentioned suppliers offer the same guarantees of security and reliability in terms of data processing as those guaranteed by our Company.
Da Vittorio S.r.l. may, however, be obliged, in some cases, to transmit your personal data, in whole or in part, to third parties due to legal obligations, legal proceedings of any kind or species and/or requests by public authorities.
D. Data transfer to Third Countries
Da Vittorio S.r.l. does not transfer your data outside the European Union, to third countries or to International Organisations.
E. Data retention period
Your personal data will only be stored to the extent that is strictly necessary for the fulfilment of the purposes for which they have been collected.
On some occasions, Da Vittorio S.r.l. may keep your data even after this period, to the extent strictly necessary and indispensable to issue certificates and/or documents that may be requested by private or public entities, to achieve the other purposes for which the data was collected or to allow our Company to exercise and/or enforce a right or to defend itself in court. In any case, your data will not be kept for a period exceeding the legal limitation period.
F. Profiling
Da Vittorio S.r.l. does not use automated processes aimed at profiling.
G. Newsletter
By subscribing to our mailing list, you can receive the periodic newsletter of Da Vittorio S.r.l.
Our company will send informative or commercial communications (such as company activities, invitations to events or promotions, etc.) to the e-mail address provided by you during the registration process (directly at our office in Brusaporto, or via on-line and/or telephone and/or telematic request, or again at events).
Our newsletter is managed through a cloud service operated by an external provider that guarantees compliance with GDPR regulations. The newsletter service can be cancelled at any time by simply requesting the deletion of your name and address by writing to This email address is being protected from spambots. You need JavaScript enabled to view it..
H. Applications
Through our recruiting webpage you can apply for the job positions available at our company.
Spontaneous applications are made on the basis of your specific consent to the transmission of your personal data; we ask you, in any case, not to indicate in your curriculum vitae any data that could reveal your state of health, racial and ethnic origin, religious beliefs, political opinions, sexual life or your genetic or biometric data or any other information that could be qualified as ‘particular’ within the meaning of Article 9 of EU Regulation 2017/679. We cannot, in fact, take such data into account in these cases without your explicit informed consent.
If, on the other hand, you respond to a specific job advertisement that has appeared on our website, on specialised search engines, on social platforms (LinkedIn or others) or on job advertisement aggregators, please refer to the subject of the advertisement in your application, addressing your CV exclusively to the email address indicated in the advertisement.
I. Rights of the data subject
With reference to your personal data, you may exercise the following rights using the contact details above ('Point A' of this notice):
1. right of access to personal data; right to obtain rectification or erasure of personal data or restriction of processing concerning them (Articles 15 - 18 GDPR);
2. right to object to processing pursuant to Art. 21 GDPR;
3. right to data portability, in relation to data in electronic format only, within the limits established by Article 20 GDPR.
In relation to data for which the legal basis for processing is your consent, you have the right to revoke that consent at any time, without affecting the lawfulness of the processing carried out by the Controller and based on the consent you provided before revocation.
J. Complaint
We also inform you that you have the right, where applicable, to lodge a complaint with the territorially competent supervisory authority, as identified by Articles 3, 55 and 56 GDPR.
For further information, please visit the institutional website of the ‘Garante della protezione dei dati personali’ at the following address: www.garanteprivacy.it o www.gdpd.it.
K. Data disclosure and provision
Finally, we inform you that the communication of your personal data may constitute a legal obligation and/or a contractual obligation and, in any case, a necessary requirement for the conclusion and fulfillment of the commitments undertaken by our Company.
In these cases, failure to provide this information may prevent our company from processing your request.
L. Cookies
For more information on how our website uses your data, please also read our cookie policy.
