Privacy Policy

Dear User,

Albergo Bodoni di Benedetti Paolo & C. Snc, owner of the site, with registered office in Florence (FI), Via Martiri del Popolo 27, cap 50122 – hereinafter the “Owner” -, as owner of the processing of personal data, informs you pursuant to art. 13 EU Regulation no. 2016/679 (hereinafter “GDPR”) that your data will be processed in the manner and for the purposes indicated below:

  1. Scope of the treatment

The Data Controller will process personal data (for example: name, surname, address, telephone, e-mail, credit card details to guarantee the reservation requested by the customer, navigation data, IP addresses, the domain names of the computers used by the users who connect to the site, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numeric code indicating the status of the response given by the server (successful, error, etc.) ), – hereinafter the “Personal Data” or also “Data” – communicated by you when accessing the website, submitting a request electronically to the Data Controller, or when booking the service by the Data Controller, for the purposes indicated in article 2 below and in compliance with current regulations.

  1. Purpose of the treatment

Your personal data are processed:

  1. without your express consent (art.6 letter b) of the GDPR), in the case of users who submit requests via the site or by sending e-mail, to receive information relating to the services of Hotel Bodoni. These data are used for the sole purpose of responding to questions / requests and guaranteeing the requested service and are communicated to third parties only if this is necessary for this purpose. The legal basis for these treatments is the need to respond to the requests of the interested parties and guarantee the requested service.
  2. without your express consent (art.6 letter b) of the GDPR), in the case of users who make the online reservation through the dedicated section of the website. These data are used only to guarantee the requested service. The legal basis for these treatments is the need to respond to the requests of the interested parties and guarantee the requested service.
  3. only with your specific and distinct consent (art.7 GDPR), for the following Marketing Purposes: to send you via e-mail, mail and / or sms, newsletter, communications, advertising material on the activities of the Owner and detection of the degree of satisfaction. The legal basis for this treatment is the consent freely expressed by the interested party.

  1. Type of data processed
    This type of data includes the data communicated through the site or by sending e-mails to the addresses on the site. The communication of data via the website and the optional, explicit and voluntary sending of e-mails to the addresses indicated on the site entail the subsequent acquisition of the sender’s data (such as: name, surname, residence address, sender’s email address, telephone number, date of birth), necessary to respond to requests, as well as any other personal data included in the message.
    During their normal operation, the IT systems and software procedures used to operate the site acquire some personal data whose transmission is implicit in the use of Internet communication protocols. This is information that is not collected to be associated with identified interested parties, but which by its very nature could allow users to be identified. This category of data includes the IP addresses or domain names of the computers used by users who connect to the site, the addresses in URI (Uniform Resource Identifier) ​​notation of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user’s computer environment. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning and are deleted after processing. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the site.
    For cookies we mean a textual element that is inserted in the hard disk of a computer only after authorization. Cookies have the function of streamlining the analysis of web traffic or of signaling when a specific site is visited and allow web applications to send information to individual users. No personal user data is acquired by the site in this regard. Cookies are not used to transmit personal information, and so-called are not used. persistent cookies of any kind, or systems for tracking users. The use of so-called Session cookies is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to allow safe and efficient exploration of the site. I c.d. session cookies used on the site avoid the use of other IT techniques that are potentially detrimental to the confidentiality of user navigation and do not allow the acquisition of the user’s personal identification data.
  1. Processing methods

Your Personal Data will be subjected to both paper and electronic processing. The Data Controller will process Personal Data for the time strictly necessary to fulfill the aforementioned purposes and in any case for no more than 10 years from the end of the user / customer qualification.

  1. Access to data

Your data may be made accessible for the purposes referred to in art. 2.a), 2.b) and 2.c) to:

  • employees and / or collaborators of the Data Controller or of companies controlled by the Data Controller or connected to it, in Italy and abroad, in their capacity as persons in charge and / or internal managers of the processing and / or system administrators;
  • third-party companies and / or other subjects (as an indication, credit institutions, professional firms, consultants, insurance companies for the provision of insurance services, etc.) who carry out outsourcing activities on behalf of the Owner, in their capacity as managers external treatment.

  1. Disclosure of data

Senza la necessità di un espresso consenso art. 6 lett. b) e c) del GDPR), il Titolare potrà comunicare i Suoi Dati per le finalità di cui all’art. 2.a) e 2.b) ad autorità giudiziarie nonché a quei soggetti – quali, ad esempio, responsabili esterni al trattamento dati – ai quali la comunicazione sia obbligatoria per legge oppure sia necessaria per l’espletamento delle finalità dette. Detti soggetti tratteranno i dati nella loro qualità di autonomi titolari del trattamento. I Suoi Dati in ogni caso non saranno diffusi ad altri soggetti.

  1. Data transfer

In addition to personal computers and company devices, personal data are stored on Gmail servers.

In any case, it is understood that the Owner, if necessary, will have the right to move the servers even outside the EU. In this case, the Data Controller ensures as of now that the transfer of non-EU data will take place in accordance with the applicable legal provisions, subject to stipulation of the standard contractual clauses provided by the European Commission.

  1. Nature of providing data and consequences of refusing to answer

The provision of data for the purposes referred to in art. 2.a) and 2.b) is mandatory. In their absence, we cannot guarantee you an adequate response to your request or the requested service.

The provision of data for the purposes referred to in art. 2.c) is optional. You can therefore decide not to provide any data or to subsequently deny the possibility of processing data already provided: in this case, you will not be able to receive newsletters, communications and material relating to the activities carried out by the Data Controller. However, you will continue to be entitled to the activities referred to in art. 2.a) and 2.b).

  1. Rights of the interested party

In your capacity as an interested party, you have the rights referred to in art. 15-21 of the GDPR (right of access, right of rectification, right to be forgotten, right of limitation of treatment, right to data portability, right of opposition), as well as the right of complaint to the Guarantor Authority. In particular, the right to:

    • obtain confirmation of the existence or not of Personal Data concerning you, even if not yet registered, and their communication in an intelligible form;
    • obtain the indication:
    1. the origin of the Personal Data;
    2. the purposes and methods of treatment;
    3. of the logic applied in case of treatment carried out with the aid of electronic instruments;
    4. the identity of the owner and managers;
    5. of the subjects or categories of subjects to whom the Personal Data may be communicated or who can learn about them as managers or agents.
  • get:
    1. updating, rectification or, when interested, integration of Data;
    2. cancellation, transformation into anonymous form or blocking of Data processed in violation of the law, including data whose retention is unnecessary for the purposes for which the Data were collected or subsequently processed;
    3. the attestation that the operations referred to in the previous points have been brought to the attention, also as regards their content, of those to whom the Data have been communicated or disseminated, except in the case in which this fulfillment proves impossible or involves the use of means manifestly disproportionate to the protected right;
  • object, in whole or in part:
    1. for legitimate reasons, to the processing of your personal data, even if pertinent to the purpose of the collection;
    2. to the processing of Personal Data concerning you for the purpose of sending advertising material on the activities and projects of Hotel Bodoni, by e-mail and / or paper mail.

  1. How to exercise your rights

You can exercise your right of access to your personal data:

    • By sending us an e-mail to the following address:
    • Write to us at: Via Martiri del Popolo 27, postcode 50122 – Florence (FI)

Please note that further information may be required to confirm your identity before providing you with the desired information.

  1. Our contact details – how to contact us

To exercise your rights and for any information, our complete contact details are:

Albergo Bodoni di Benedetti Paolo & C. Snc

Via Martiri del Popolo 27, postcode 50122 – Florence (FI)

Telephone number: +39 055-240741


  1. Changes to this information

Any changes we make to our privacy policy in the future will be posted on this page and, where appropriate, will be communicated to you via email. Please double-check our privacy policy regularly to check for any updates or changes made to it.

  1. Information update

This version of the information on the processing of personal data was updated on 08/04/2020.