EU Regulation 2016679, Legislative Decree 196/03, as amended by Legislative Decree 1012018
as well as other current regulatory provisions on the protection of personal data

This privacy policy applies to any type of information collected by us and is drawn up pursuant to art. 13 and art. 14 of EU Regulation nr 679/2016. Our main priority is to offer you pleasant stays of the highest level; his complete satisfaction and trust are essential for us. It is for this reason that, as part of our commitment to meet your needs, we have defined a privacy policy that formalizes our commitment to you and describes how your personal data is used by the data controller. This document describes how your personal data is used and processed in a readable and transparent manner, also providing useful references on how to contact us. The data controller, in the structure, may provide / provide the guest with privacy policies in addition to this privacy policy, which define the specifications of the collection and processing of data and form, together with this Privacy Policy, the basis on which the personal data of the guest will be processed by the owner.
Please read this Privacy Policy carefully. By providing personal data and other information through our Services, you acknowledge that your personal data will be processed in accordance with the terms of this Privacy Policy. If any term of this Privacy Policy is unacceptable to you, please do not use the Services or provide any personal information.
This Privacy Policy is drafted in Italian and can be translated into other languages. In case of inconsistencies, the Italian version will prevail.



Pursuant to art. 4 point 7) of the GDPR 2016/679, Data Controller;
TROPEA HOSPITALITY SRL in the person of its legal representative pro-tempore
VIA CAMPO DI SOTTO SNC | 89861 TROPEA (VV) | ITALY | VAT: 03 848 380 790
Phone +39 0963 548 602 | +39 333 6818145 | |


"Personal data" means all information collected and recorded in a format that allows the personal identification of the data subject, either directly (e.g. name) or indirectly (e.g. telephone number) as a natural person. Before providing us with this information, we invite you to read this document in which our privacy policy is described.
This information on the protection of personal data is part of the general conditions applicable to our hotel and tour operator services.
By accepting these conditions, you expressly accept the provisions contained therein.

The following principles are applicable within the business of the data controller:

  • - Transparency: when collecting and processing your personal data, we will provide you with all the relevant information and inform you about the purposes and recipients of the data.
  • - Legitimacy: we will collect and process your personal data for the purposes described in this statement.
  • - Relevance and accuracy: We will only collect the personal data necessary for its processing and take all reasonable steps to ensure that the personal data we hold about you is accurate and up to date.
  • - Storage: we will keep your personal data for as long as necessary for the processing of your personal data in accordance with the legal provisions.
  • - Access, rectification, opposition: you have the right to access your data, as well as modify, correct or delete them. In addition, you have the right to object to the use of your personal data, in particular to avoid receiving commercial information (marketing).
  • - Confidentiality and security: We will ensure that reasonable technical and organizational measures are taken to protect your personal data from accidental or unlawful modification or loss or from unauthorized use, disclosure or access.
  • - International Sharing and Transfer: We reserve the right to share your personal data with third parties (e.g., business partners and/or service providers) for the purposes set out in this policy and will take appropriate measures to ensure security when sharing or transferring such data.

On various occasions we will be required to request from you, as a customer of the data controller, information about you and / or members of your family or members or carers, such as:

  • - contact details (e.g. surname, first name, telephone number, e-mail address);
  • - personal information (e.g. date of birth, nationality);
  • - information about any children (e.g. name, date of birth, age);
  • - date of arrival and departure;
  • - credit card number or other payment account number, billing address and other payment and billing information;
  • - data necessary to meet special requests (e.g. health conditions requiring specific accommodation);

Tropea Hospitality Srl
may collect personal identification data from other third-party sources:

  • - via social media
  • - through affiliated organizations or other third parties

If you voluntarily provide us with identification data concerning, by way of example, your health, such data will only be used as necessary to satisfy special requests (always by way of example health conditions such as to require specific accommodation in the structure , or even special requests regarding food products to be avoided for any pathologies, allergies or eating disorders.
The Data Controller may use and store such data to communicate to a group structure the need to offer an appropriate service.
By providing such data the user expressly consents to the collection, use, processing and storage by the data controller in accordance with this policy.
The information collected in relation to persons under the age of 18 is limited to the name and surname, nationality and date of birth and such information may be provided to the data controller only by an adult person or by those who have parental responsibility.
We will be grateful if you would ensure that your children do not provide us with any personal information, in particular via the Internet, without your consent. If this happens, you can contact us and provide us with the necessary instructions for deleting such information.
We do not voluntarily collect information of a particular nature concerning, for example, race, ethnicity, political opinions, religious and philosophical beliefs, membership of trade unions, nor information relating to health status or sexual orientation.
The Data Controller may need to collect such information to meet your needs or to provide you with an adequate service, as in the case of specific diets.
In this case, according to the laws in force in some countries, your prior consent may be required with reference to the collection of information of a confidential nature.

The term "particular data" means its information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, as well as processing genetic data, biometric data intended to uniquely identify a natural person, data concerning health or data concerning a person's sex life or sexual orientation. We generally do not collect any particular information unless you voluntarily provide it or if we are required to do so in accordance with applicable laws or regulations. With regard to your personal data that fall into this category (defined by Article 9 of the GDPR) voluntarily communicated by you, we inform you that they will be processed by authorized personnel with the utmost confidentiality and in accordance with the provisions of current legislation. Therefore, we kindly invite our customers that such information (diseases, allergies, intolerances, etc.) must be communicated to our reception staff, by filling out the appropriate form prepared that will be destroyed by an authorized person no later than three days after check-out by means of a special shredder.

Personal data may be collected on various occasions, including:
a) Hotel activities:
- preventive requests;
- reservations;
- management of payment services;
- estimation and sale of the package and / or tourist service;
- data processing activities for administrative and accounting purposes, customer assistance, etc.);
- check-in and payment;
- consumption of meals and drinks during a stay;
- requests for information, complaints and/or disputes.
b) Commercial activity (marketing):
- participation in satisfaction surveys (for example the completion of a satisfaction questionnaire following a hotel stay) – also anonymously;
- subscription to newsletters, to receive offers and promotions by e-mail.
c) Profiling activities:
- Identification of preferences, tastes, habits, needs and consumption choices, in order to improve the services provided, meet the specific needs and address the commercial proposals of interest, processing personal data such as, by way of example and not exhaustive: personal data and residence / geographical area; family status; age; profession; data relating to any registration to our company websites and their use; goods or services purchased; consumption range; level of expenditure incurred; active services; frequency of use, etc .. This allows the creation and definition of your profile, useful for processing market analysis and statistics (aggregate or anonymous form); to improve the products and services offered and make them more responsive to your needs.
Profiling - subject to the explicit consent of the interested party - may be carried out within our facilities through the administration of paper and / or digital questionnaires through a specific service.
d) Transmission of information from third parties:
- tour operators, travel agencies, booking systems and so on.
e) Internet Activities:
- connection to Tropea Hospitality Srl websites (IP address, cookies);
- information form, registration - subscription to newsletter - contact request - booking confirmation - for the insertion of comments;
- online data collection forms (request for quotes and / or online booking, Tropea Hospitality Srl pages on social networks, network access devices such as Facebook access data and so on).

The Data concerning the User is collected to allow the Owner to provide the requested Service, comply with legal obligations, respond to enforcement requests, protect its rights and interests (or those of Users or third parties), detect any malicious or fraudulent activity, etc.
Specifically, we collect your personal data in order to:
1. Comply with our obligations to customers
2. Booking rooms and accommodation requests: creation and storage of legal documents in accordance with accounting principles
3. Gestire the stay of customers at our structure(s)
4. Acceptance of your request to take advantage of the guarantee referred to in Article 50 of Legislative Decree no. 79/2011 (Tourism Code);
5. Adempiere to the current administrative, accounting and tax obligations, including the obligation provided for by the "Consolidated Law on Public Security Laws" (Article 109 R.D. 18.6.1931 n. 773) which requires us to communicate to the Police Headquarters, for public security purposes, the personal details of the customers accommodated in the manner established by the Ministry of the Interior (Decree of 7 January 2013)
6. Fulfill the obligations provided for by the residence tax (Article 4 of Legislative Decree no. 23 of 14 March 2011).
7. Manage the request for quotes, various information
8. Manage the required services:
- Reservations and organization of the stay
- underwriting of the insurance policy (mandatory and/or voluntary)
9. Manage the booking of rooms and accommodation requests:
- creation and storage of legal documents
10. Manage the stay of customers at our facilities:
- monitoring the use of services (telephone, bar, pay TV and so on);
- management of access to the rooms;
- internal management of lists of customers who behaved inappropriately during their stay at the facility (aggressive and antisocial behavior, non-compliance with the contractual terms of the structure, non-compliance with security regulations, theft, damage and vandalism or problems with payment).
11. Improve our services, in particular:
- processing of your personal data for commercial activities (marketing);
- adaptation of our products and services in order to better meet your needs;
12. Manage the relationship with customers before, during and after the stay:
- provision of data for the customer database;
- sending newsletters, promotions and tourist, hotel or service offers;
- management of requests to unsubscribe from newsletters, promotions, tourist offers;
- assessment of the right to object;
- use of a dedicated telephone service to search for people staying at the facilities of Tropea Hospitality Srl, in the event that events occur that affect the structures in question (natural disasters, terrorist attacks and so on).
13. Improve the services of the data controller, in particular:
- conducting surveys and analysis of questionnaires and customer comments (also anonymously);
- management of claims/complaints.
14. Protect and improve the use of the websites of the data controller, in particular:
- improved navigation;
- adoption of security measures and fraud prevention.
15. Comply with local legislation, for example regarding the retention of accounting documents.
It is possible to have more information, on request, from the Data Controller at the contacts indicated in this statement.

You may be subject to a decision based on automated processing, including profiling. In that case, you will have the right to obtain human intervention, to express your opinion and to contest the decision.

The profiling purpose carried out by the Data Controller, both with human intervention and in a totally automated way, serves to define the profile of the interested party (subject to explicit consent), in order to formulate commercial proposals appropriate to his needs and characteristics. In this case, the processing for marketing purposes of the Data Controller may also be carried out using the data of the profiling activity, in order to be able to send personalized marketing communications of the Data Controller (via e-mail, sms, MMS, whatsapp, telephone calls with operator, postal mailings).
Your data may be communicated to personnel authorized by the Data Controller and / or to the related service providers with whom a contract has been stipulated and appointed as data processors if necessary.
The legal basis of the processing as provided for in Article 6 of Reg (EU) 679/2016 is:
• - paragraph a): the interested party has given consent to the processing of their personal data for one or more specific purposes
The interested party has the right to revoke the consent at any time without prejudice to the lawfulness of the processing based on the consent given before the revocation.

The email address provided in the context of the purchase of a product and / or a service offered and sold directly by the Data Controller, may be used to allow the Data Controller the direct sale of similar products or services (and therefore the sending by email to the user of promotional communications concerning such products and / or services) without his consent, provided that you do not exercise the right to object in the manner indicated in this Privacy Policy. The collection of your data by the Data Controller is necessary in order to pursue its legitimate interest. Your data may be communicated to personnel authorized by the Data Controller and / or to the related service providers with whom a contract has been stipulated and appointed as data processors if necessary.
The legal basis of the processing as provided for in Article 6 of Reg (EU) 679/2016 is:
• - paragraph f): the processing is necessary for the pursuit of the legitimate interest of the data controller or third parties, provided that the interests or fundamental rights and freedoms of the data subject that require the protection of personal data do not prevail, in particular if the data subject is a minor.

Direct marketing - With your consent, your data are collected and processed by the Data Controller to allow the management of your subscriptions to our marketing communications and to send you - with automated contact methods (e.g. e-mail, and /or sms and/or instant messaging) and traditional (e.g. traditional mail and/or telephone contacts with operator) - newsletters, commercial communications and / or advertising material on products or services offered by the Data Controller other than those for the provision of which the data were collected.
Your data may be communicated to personnel authorized by the Data Controller and / or to the related service providers with whom a contract has been stipulated and appointed as data processors if necessary.
The legal basis of the processing as provided for in Article 6 of Reg (EU) 679/2016 is:
• - paragraph a): the interested party has given consent to the processing of their personal data for one or more specific purposes
The interested party has the right to revoke the consent at any time without prejudice to the lawfulness of the processing based on the consent given before the revocation.

The Data Controller adopts the appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of Personal Data. The processing is carried out using paper, computer and / or telematic tools, with organizational methods and with logic strictly related to the purposes indicated.

The Data Controller processes Personal Data relating to the User if one of the following conditions exists:
• the User has given consent for one or more specific purposes;
• the processing is necessary for the execution of a contract with the User and / or the execution of pre-contractual measures;
• the processing is necessary to fulfill a legal obligation to which the Data Controller is subject;
• the processing is necessary for the performance of a task carried out in the public interest or for the exercise of public authority vested in the Data Controller;
• the processing is necessary for the pursuit of the legitimate interest of the Data Controller or third parties.
However, it is always possible to request the Data Controller to clarify the concrete legal basis of each treatment and in particular to specify whether the processing is based on the law, provided for by a contract or necessary to conclude a contract.

The provision of data relating to the execution of the contract, preventive request and / or information and to the fulfillment of legal, fiscal, accounting, administrative obligations, etc., is mandatory and any failure to provide your data will make it impossible for the owner to perform the requested services.
The provision of data for the performance of marketing and / or profiling activities is always free and optional. Failure to provide such data will have no consequence on your ability to access the features offered by the Site.
Users who have doubts about which Data are mandatory, are encouraged to contact the Owner.

To guarantee you the right of access and modification, we are required to share your personal data with internal and external recipients, subject to the following conditions.
Within the company, in order to provide you with the best service, we reserve the right to share your personal data, allowing access to authorized personnel, including:
• - staff and hotel partners;
• - reservation staff using booking tools;
• - IT departments;
• - Company services rental means of transport, shuttles etc.
• - business partners and marketing services;
• - medical services, if applicable;
• - legal services, if applicable;
• - in general, any subject (internal / external) in charge / authorized of the processing of specific categories of personal data.
Regarding service providers and partners: your personal data may be sent to third parties for the purpose of providing you with services and improving your stay.

These suppliers and partners include, but are not limited to:
• - External service providers: ITC companies, call centers, banks, credit card issuing institutions, lawyers, couriers, postal services, hosting providers, IT companies, communication agencies.

Our service providers contractually undertake to protect your personal data and not to use or share it except as required by law.
Third parties are designated, if necessary, as Data Processors by the Data Controller.
The updated list of Data Processors can always be requested from the Data Controller

Local authorities: Tropea Hospitality Srl may also be required to send your information to local authorities if required by law or as part of an investigation and in accordance with local regulations.
In the event of any corporate reorganization, (merger, sale, assignment, or other transfer of ownership of all or part of the business, including in connection with bankruptcy proceedings, Tropea Hospitality Srl may transfer all data collected in accordance with this Policy.
In addition, the data controller may make available web services (for example, they can be forums and blogs) through which the User can publish information and material on the Site. In this case, please pay attention to the possibility that any data made known through these services becomes public access as it is available to visitors to the site and the general public who could use them for any purpose.
In all this it is advisable to use discretion when disclosing personal identification data or any other information through such web services.

Your personal data are processed by the data controller within the territory of the European Union and are not disseminated. The Data are processed at the operational headquarters of the Data Controller and in any other place where the parties involved in the processing are located. For more information, contact the Data Controller. If necessary, the data controller for technical, operational or contractual reasons, may transfer your personal data also outside the European Economic Area, always in compliance with the rights and guarantees provided for by the Privacy Law. On any occasion in which it is therefore necessary to transfer the data to third countries or international organizations, it will be the responsibility of the data controller to take the required measures so that such processing complies with the law.

Tropea Hospitality Srl adopts appropriate technical and organizational measures, in accordance with the applicable legal provisions, to protect your personal data from unlawful or accidental destruction, accidental loss or modification, as well as from unauthorized disclosure or access. To this end, we have taken technical (e.g. firewall) and organisational (e.g. a user id/password access system, physical protection solutions, etc.). When you send your credit card information to make a hotel reservation, the security of the transaction is guaranteed by SSL (Secure Socket Layer) encryption technology.
The security of e-mail communications cannot be guaranteed, so in their correspondence via e-mail to the data controller the user must not include any payment data or data of a particular nature.

We will keep your personal data only for the period necessary to fulfill the purposes indicated in this privacy policy or in accordance with the provisions of applicable law.
Your Personal Data will be kept only for the time necessary for the purposes for which they are collected, respecting the principle of minimization referred to in Article 5, paragraph 1, letter c) of the GDPR, namely:
a) The data processed for the execution of a contract will be kept for a period of 10 years following the conclusion of the contract itself, unless the need for further storage arises, to allow the data controller to defend its rights.
b) The data processed for the fulfillment of legal obligations will be kept by the data controller within the limits established by law and as long as the need for processing persists to fulfill these legal obligations.
c) The data processed for the pursuit of a legitimate interest of the data controller, will be processed for the time strictly necessary for the pursuit of said interest and precisely: the data collected to carry out preliminary checks related to the completion of the contract, transmission of estimates, answers to questions or information.
d) The data will be processed for marketing purposes for a period of 24 months and until any revocation of the consent given for the use of the same for this purpose; following this revocation, the owner will cease the processing in question and will not keep the data acquired exclusively for this purpose.
e) The data will be processed for profiling purposes for a period of 12 months and until the possible revocation of the consent given for the use of the same for this purpose; after this period or following this revocation, the owner will cease the processing in question, delete or make anonymous the personal data resulting from this profiling activity, as well as the data acquired exclusively for this purpose.
Once the retention periods indicated above have elapsed, the data will be deleted, destroyed or made anonymous, compatibly with the technical procedures of backup and cancellation. Therefore, at the end of this term the right of access, cancellation, rectification and the right to data portability can no longer be exercised. In any case, the further conservation provided for by the applicable legislation, including that provided for by art. 2946 of the Italian Civil Code.

The interested party has the right to ask the data controller, access to personal data concerning him, the correction or cancellation of the same, the limitation of processing, data portability, he has the right to oppose the processing, he has the right to oppose profiling, to lodge a complaint with a supervisory authority. The interested party has the right to revoke the consent at any time without prejudice to the lawfulness of the processing based on the consent given before the revocation.
For the complete and exhaustive list of rights exercisable by the interested party, please refer to Articles. 15 et seq. of the GDPR 2016/679.

It is possible to exercise the rights of the interested party by writing / contacting:
Data Controller
TROPEA HOSPITALITY SRL in the person of its legal representative pro-tempore
VIA CAMPO DI SOTTO SNC | 89861 TROPEA (VV) | ITALY | VAT: 03 848 380 790
Phone +39 0963 548 602 | +39,333 6818145 | |

It is possible to request the appropriate form prepared by the owner to exercise his rights.

The processing operations connected to the web services of this site take place at the offices of the data controller and are handled by internal data processors who work with the collaboration of third parties designated as external data processors. No data deriving from the web service is disseminated. The personal data provided by users who access the web services present in the interactive areas of the site (e.g. requests for quotes, reservations, newsletter subscription), will be used only for the purposes previously indicated.

21) DATA SHARING by browsing our website, using the " book now
" service, your information will also be shared with them and their possible affiliates. This information may include personal data such as your name, your contact details, your payment details, the names of guests traveling with you, and the preferences you specified when booking. For more information please visit their website. Other service providers: We use service companies to manage your data on our behalf. This management serves for the purposes described in this statement, for example the management of the reservation, payments, sending marketing material, etc. These service providers are bound by confidentiality agreements and do not have permission to use your personal data for other purposes.

The computer systems and software procedures used to operate this website may acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This would be information that is not collected to be associated with identified interested parties, but which by their very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes, for example, the IP addresses or domain names of the computers used by users who connect to the site, the addresses in Uniform Resource Identifier (URI) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response. the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user's computer environment. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning and are deleted immediately after processing. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the site: except for this eventuality, the data on web contacts do not persist for a longer time than allowed by the law.
The site uses the 'Cookie' technology to improve the possibilities of using the services offered, associating a 'Cookie' with the connected visitor.
This Website uses Cookies. To learn more and to view the detailed information, the User can consult the Cookie Policy.

You have the right to access your personal data collected by the data controller and to modify them, subject to the applicable legal provisions. You can also exercise your right to object by writing to the address indicated below.

If you encounter difficulties in exercising these rights, please contact:

Data Controller
VIA CAMPO DI SOTTO SNC | 89861 TROPEA (VV) | ITALY | VAT: 03 848 380 790
Phone +39 0963 548 602 | +39,333 6818145 | |

In order to ensure the confidentiality and protection of your personal information, we will need to identify you in order to respond to your request. For this purpose, we will ask you to attach to your request a copy of an official identity document, such as your identity card or driving license or passport. In the event that your personal data are not correct, complete or updated, we invite you to notify us in the manner identified above. All requests will be processed as soon as possible and in accordance with applicable law. You can also exercise your rights in relation to the personal data stored and processed by the structure following a stay.

The processing of your personal data will take place, in compliance with the provisions of the GDPR, using paper, computer and telematic tools, with logic strictly related to the purposes indicated and, in any case, with suitable methods to guarantee security and confidentiality in accordance with the provisions of Article 32 GDPR.

Pursuant to Regulation (EU) 2016/679, you have the right both to lodge a formal complaint with the Guarantor authority (art. 77) in the manner indicated on the Authority's website at: 
and to bring an action before the courts (Article 79).

At our facilities, during check-in and / or during access to the WI-FI service, the interested party will receive further specific information regarding the processing of their personal data in relation to the service rendered.

If you have any questions about our Policy or how the data controller handles your personal data, please contact us by regular mail and/or email:

VIA CAMPO DI SOTTO SNC | 89861 TROPEA (VV) | ITALY | VAT: 03 848 380 790
Phone +39 0963 548 602 | +39,333 6818145 | |

We reserve the right to change this policy from time to time; accordingly, we invite you to consult it regularly. Any changes to this Policy will become effective upon posting.
The use of the Site after the last publication of these changes implies the acceptance by the user of the new version.

(Policy Privacy aggiornata a: 13 FEBBRAIO 2023)