Privacy Policy

Who we are

Our website address is: https://www.villaninettaostuni.com.

The individuals responsible for this website and for processing your data (the Data Controllers) are Alessandra di Lascio and Michele di Lascio, who are based in Italy and the United Kingdom.

Contact Details: Contrada Vallegna, 72017, Ostuni, Italy Email: info@villaninettaostuni.com

What personal data we collect and why we collect it

The only personal data we collect is the information you voluntarily provide to us through our contact form.

Contact Form

When you fill in our contact form, we collect your first name, surname, email address, and the content of your message.

We collect this information for the sole purpose of responding to your enquiry. Our lawful basis for processing this data is your consent, which you give by ticking the checkbox on the contact form before submitting your message. We do not use this information for marketing purposes.

How long we retain your data

We keep your personal data only for as long as is necessary for the purpose for which it was collected and to comply with our legal obligations.

  • Contact Form Enquiries: If your enquiry does not result in a booking, we retain your data for 24 months to allow us to refer back to your query should you contact us again. After this period, your data is securely deleted.
  • Booking & Financial Records: For confirmed guests, we are required by Italian law to keep your booking information and related financial records for 10 years.

What rights you have over your data

You have important rights regarding your personal data under both EU and UK data protection law. These include the right to access, rectify, erase, restrict processing, and request data portability.

Please note that the right to erasure is not absolute. For example, we cannot erase data related to a booking that we are legally required to keep for 10 years for tax purposes.

How to exercise your rights

If you would like to exercise any of these rights, please contact us at our email address: info@villaninettaostuni.com.

Your right to lodge a complaint

If you are not happy with how we have handled your data, you have the right to lodge a complaint with a supervisory authority.

  • In Italy, the authority is the Garante per la protezione dei dati personali (GPDP)http://www.gpdp.it
  • In the United Kingdom, the authority is the Information Commissioner’s Office (ICO)http://www.ico.org.uk

Where your data is sent

Your personal data is managed by us in Italy and the United Kingdom.

As one of our business owners is based in the UK, your data will be accessed from the UK. This transfer is legally safeguarded by an “adequacy decision” from the European Commission, which recognises UK data protection laws as equivalent to those in the EU.

Additionally, our third-party website hosting and email providers may store data on servers located outside of the EU or the UK. In such cases, we ensure that these data transfers are protected by legal agreements, such as Standard Contractual Clauses, that meet European and UK data protection standards.

How we protect your data

We take the security of your data seriously. Our website uses SSL/TLS encryption (HTTPS) to protect any information you send us via our contact form. Access to your personal data is restricted to the data controllers and is protected by strong passwords.