Pursuant to Art. 13 of EU Regulation 2016/679 (GDPR)
The Data Controller for personal data collected through the website vivorooms.it and in the course of the guesthouse's activities is:
Sara Verdecchia – VIVO rooms
Via Gorizia, 24
62012 Civitanova Marche (MC) - Italy
P.IVA: IT02499070445
E-mail: sara@vivorooms.it
Tel./WhatsApp: Personal Data Processing Policy+39 347 7947578
Browsing data. The website's computer systems automatically collect, during navigation, technical data implicit in the use of Internet communication protocols: IP addresses, device domain names, URIs of requested resources, time and method of requests, HTTP status codes and parameters relating to users' operating systems. Such data are used exclusively for anonymous statistics and to ensure the proper functioning of the website.
Voluntarily provided data. Submitting the contact form, sending e-mails, WhatsApp messages or booking requests involves the collection of: full name, e-mail address, phone number, stay dates and number of guests, and any special requirements spontaneously communicated by the user.
Guest data at check-in. Pursuant to public safety regulations (T.U.L.P.S.), the Data Controller collects and transmits to the competent authorities the identifying data of guests (name, surname, date and place of birth, document number, nationality) at the time of the stay.
Providing the data required for booking is mandatory; failure to do so will make it impossible to complete the service.
| Purpose | Legal basis (GDPR) | Retention |
|---|---|---|
| Handling contact requests and quotes | Art. 6(1)(b) – pre-contractual measures | 12 months from the request |
| Managing bookings and stays | Art. 6(1)(b) – performance of a contract | Duration of relationship + 10 years |
| Transmitting guest data to authorities (guest registration form) | Art. 6(1)(c) – legal obligation (T.U.L.P.S.) | As required by sector regulations |
| Tax, accounting and administrative obligations | Art. 6(1)(c) – legal obligation | 10 years (D.P.R. 600/1973) |
| Website security and prevention of unlawful activities | Art. 6(1)(f) – legitimate interest | 7 days (system logs) |
| Sending promotional communications and offers | Art. 6(1)(a) – consent of the data subject | Until consent is withdrawn |
| Anonymous browsing statistics | Art. 6(1)(f) – legitimate interest | Aggregated and anonymous data |
Processing is carried out using manual, electronic and telematic tools, with logic strictly related to the stated purposes and in a manner that ensures security and confidentiality. The Data Controller adopts appropriate technical and organisational measures, including encrypted communications (HTTPS) and security procedures for data access. Data are not subject to automated decision-making or profiling without the prior consent of the data subject.
Data will not be disclosed publicly. They may be communicated, only to the extent strictly necessary, to: public security authorities (Police Headquarters/Guest Registration Portal) for the guest registration form; Municipality of Civitanova Marche for the tourist tax; IT service providers (hosting, booking management system) appointed as Data Processors pursuant to Art. 28 GDPR; OTA platforms (Booking.com, Airbnb, etc.) where the booking is made through such channels; professional advisors (accountant, legal counsel); judicial or administrative authorities where required by law.
No data will be transferred to third parties for marketing purposes without express consent.
Data are processed within the European Union. Any transfers outside the EEA (e.g. international booking platforms) will be carried out in compliance with Arts. 44–49 GDPR, by means of Standard Contractual Clauses or equivalent legal instruments.
Data subjects may exercise at any time: access (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction (Art. 18), portability (Art. 20), objection (Art. 21), withdrawal of consent and complaint to the Supervisory Authority(garanteprivacy.it).
To exercise your rights, send a request to sara@vivorooms.it. The Data Controller will respond within 30 days of receipt.
For information on the use of cookies, please refer to the Cookie Policy available on the website.
The Data Controller reserves the right to update this policy. Any changes will be published on this page with the new update date.
EU Regulation 2016/679 (GDPR); Legislative Decree 196/2003 as amended by Legislative Decree 101/2018; T.U.L.P.S. and circulars on guest registration; Provisions of the Italian Data Protection Authority.
Last updated: February 2026
vat id IT02499070445 privacy policy cookie policy credits
