Privacy Policy of maisongleni.it

Last updated: March 9, 2026

This notice describes how the personal data of users who visit and use the website maisongleni.it is processed.

1. Data Controller

The Data Controller is Gleniss Ciotola, reachable at:

Via Giovanni Berta 88, Isernia, Italy
Email: info@maisongleni.it

For any request relating to the processing of personal data or to exercise the rights provided for by Regulation (EU) 2016/679, the user may contact the Data Controller at the email address indicated above.

2. Scope of this notice

This Privacy Policy applies to personal data processed through the website maisongleni.it and to contacts generated through the website, including:

  • browsing the website;
  • sending communications to the email address indicated on the website;
  • contacts made through the phone button;
  • contacts made through the WhatsApp button;
  • requests for information, availability, or booking related to the accommodation facility.

This notice does not govern any third-party websites, platforms, or services accessible through external links, which remain subject to their own privacy notices.

3. Types of data processed

3.1 Browsing data

The IT systems and software procedures used to operate the website acquire, during their normal operation, certain technical data whose transmission is implicit in the use of Internet protocols.

By way of example, this category includes:

  • IP addresses or other network identifiers;
  • information about the browser and device used;
  • URI/URL of the requested resources;
  • time of the request;
  • method used to submit the request to the server;
  • parameters related to the user's operating system and IT environment;
  • technical data that may be contained in system, security, maintenance, or diagnostic logs.

3.2 Data voluntarily provided by the user

The optional, explicit, and voluntary sending of messages to the contact addresses indicated on the website, as well as contact made by phone or WhatsApp, entails the acquisition of the data communicated by the user, such as for example:

  • first and last name;
  • email address;
  • phone number;
  • message content;
  • data relating to requests for information, availability, or stay;
  • any further data voluntarily included by the user in the communication.

3.3 Data relating to stay or booking requests

If the user contacts the facility to check availability or request a booking, data such as the following may also be processed:

  • arrival and departure dates;
  • number of guests;
  • organizational needs related to the stay;
  • additional information voluntarily communicated by the user for the management of the request.

4. Purposes of processing and legal basis

a) Allowing browsing and the technical functioning of the website

Browsing data is processed to ensure the proper functioning of the website, the security of the infrastructure, technical maintenance, and the prevention of improper use.

Legal basis: the Data Controller's legitimate interest in ensuring the security, availability, and proper functioning of the website.

b) Responding to contact, information, or availability requests

Data sent via email, phone, or WhatsApp is processed in order to respond to the user's requests and provide the requested information about the accommodation facility and the services offered.

Legal basis: performance of pre-contractual measures taken at the request of the data subject and, where applicable, the Data Controller's legitimate interest in managing the communications received.

c) Managing booking requests or matters related to the stay

Where the contact is aimed at a booking or a stay request, the data is processed to manage the pre-contractual phase and, where applicable, the contractual and organizational phase related to hospitality.

Legal basis: performance of pre-contractual and contractual measures.

d) Compliance with legal obligations

Data may be processed in order to comply with obligations imposed by laws, regulations, or requests from competent authorities.

Legal basis: compliance with a legal obligation to which the Data Controller is subject.

e) Establishing, exercising, or defending a legal claim

Data may be processed, where necessary, in order to protect the Data Controller's rights in or out of court.

Legal basis: the Data Controller's legitimate interest in defending its rights.

5. Nature of the provision of data

The provision of data for simple browsing is implicit in the use of Internet protocols and necessary for the functioning of the website.

The provision of data requested or voluntarily communicated via email, phone, or WhatsApp is optional; however, failure to provide such data may make it impossible to respond to the user's request or manage availability or booking requests.

6. Methods of processing

Processing is carried out using paper, IT, and electronic tools, in accordance with the principles of lawfulness, fairness, transparency, data minimization, and confidentiality, by adopting appropriate technical and organizational measures to protect personal data from unauthorized access, loss, destruction, disclosure, or unlawful use.

7. Contacts by email, phone, and WhatsApp

The website does not currently use contact forms. Contacts mainly take place through:

  • direct sending of emails to the address published on the website;
  • phone calls made through a clickable button;
  • messaging through the WhatsApp button.

The use of WhatsApp involves interaction with a service provided by a third party. In such case, the processing of data carried out by the platform provider is governed by the privacy terms and documentation of the relevant provider. The Data Controller, on the other hand, processes the data received through this channel in order to respond to the user's requests and manage any requests for information or booking.

8. Special categories of data possibly communicated by the user

The website does not provide forms dedicated to the systematic collection of special categories of data.

However, during contacts the user may voluntarily communicate additional information related to personal or stay-related needs. In such cases, such data will be processed only if relevant to the request and to the extent strictly necessary for its management.

If, during the handling of requests or bookings, the user voluntarily communicates data that may reveal health status, disabilities, allergies, religious beliefs, or other special categories of data, such information will be processed with particular care and only to the extent strictly necessary for the management of the request or the stay.

9. Google Maps

The website uses Google Maps, integrated through Elementor, to allow users to view the location of the accommodation facility.

The integration of maps or content provided by third parties may involve the communication of technical data, such as IP address, browsing data, and device information, to the relevant service provider. Any activation of components that are not strictly necessary takes place in a manner consistent with the preferences expressed by the user through the consent management system, where required.

10. Cookies and other tracking tools

The website uses technical cookies and, subject to consent where required, additional tracking tools or third-party services.

The management of cookie preferences and consent is carried out through a dedicated platform. Detailed information on the cookies used, their purposes, storage periods, and the methods for giving, refusing, or withdrawing consent is contained in the separate Cookie Policy, available in the website footer.

11. Statistical services

The website uses Google Analytics 4 for statistical analysis of website traffic and usage.

This tool is activated only after the user's consent, where required, through the cookie consent management system. In the absence of consent, the service is not activated.

The use of Google Analytics 4 may involve the processing of data relating to browsing, interaction with the website, the device, and the browser used, according to the technical configuration adopted on the website. For further details on how the service works, the categories of data processed, storage periods, and consent preferences, please refer to the Cookie Policy.

12. Google reviews and third-party content

The website may integrate widgets or content from third-party services, such as Google reviews. Such components, when present, may involve the communication of technical data, such as IP address, browser information, device information, and browsing data, to the respective service providers.

Any activation of content that is not strictly necessary will take place in a manner consistent with the preferences expressed by the user, where required.

13. Hosting, cache, and technical services

The website is hosted by Serverplan, with infrastructure located in Italy and therefore within the European Union.

For technical, performance, and maintenance purposes, the website relies on services related to hosting, cache, and performance optimization. As of the date of this notice, LiteSpeed Cache is in use. Such tools may involve the processing of technical data, logs, IP addresses, and other data strictly necessary for the operation, protection, and optimization of the website.

If additional security or performance plugins or services are installed in the future, this notice may be updated if such tools involve further processing of personal data.

14. Recipients of the data

Personal data may be disclosed, within the limits of the purposes indicated above, to subjects acting as:

  • technical and IT service providers;
  • hosting providers;
  • providers of services connected to the functioning of the website;
  • consultants, professionals, or subjects assisting the Data Controller from an administrative, legal, tax, or technical point of view;
  • public authorities or subjects entitled to request the data pursuant to legal provisions.

Such subjects may act, depending on the case, as independent data controllers or as duly appointed data processors, where necessary.

15. Transfer of data to non-EU countries

Some third-party services that may be used by the website, such as messaging platforms, maps, statistical services, reviews, or embedded components, may involve transfers of data to countries located outside the European Economic Area.

In such cases, processing will take place in compliance with the safeguards provided for by applicable law, such as adequacy decisions, standard contractual clauses, or other measures provided for by law.

16. Data retention period

Without prejudice to legal obligations or the need to protect the Data Controller's rights, personal data is retained for the time strictly necessary to pursue the purposes for which it was collected.

As a general rule:

  • contact data and messages received via email or WhatsApp are retained for the time necessary to handle the request and, subsequently, for an ordinary maximum period of 24 months, unless further needs arise in connection with pre-contractual requests, contractual relationships, or the protection of rights;
  • data relating to availability or booking requests may be retained for the time necessary to manage the request and, where applicable, for subsequent administrative, tax, or legal obligations;
  • technical and security logs are retained for periods proportionate to the purposes of security, diagnosis, and maintenance;
  • data processed through statistical tools subject to consent is retained in accordance with what is indicated in the Cookie Policy and in the settings of the service used.

If a contractual relationship is established or legal obligations arise, the data may be retained for the periods provided for by applicable law.

17. Rights of the data subject

The data subject may exercise, in the cases provided for by applicable law, the following rights:

  • obtain confirmation as to whether or not personal data concerning them exists;
  • access their personal data;
  • request rectification or updating;
  • request erasure, where permitted;
  • request restriction of processing;
  • object to processing in the cases provided for;
  • receive the data in a structured, commonly used, and machine-readable format, in cases of portability;
  • withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal;
  • lodge a complaint with the competent Data Protection Authority.

18. How to exercise rights

To exercise their rights or request information on the processing of personal data, the user may write to:

info@maisongleni.it

19. Legal defense

The user's personal data may be used by the Data Controller to establish, exercise, or defend a right before a court or in the stages leading to its possible establishment.

20. Updates to this notice

This Privacy Policy may be subject to changes or updates, including as a result of legal, organizational, or technical changes to the website.

Users are invited to consult this page periodically in order to review the most up-to-date version.