Privacy Policy

Data controller

Owner: Rosalia Ricciardi
Email: rosalia_ricciardi@virgilio.it
Phone: +39 338 243 9475
Contrada Porilla 5, 98075 San Fratello (ME)

Effective date: January 28, 2026

1. Introduction

This policy describes how we collect, use, and store the personal data of users who visit the Le Case di Bettina website and/or make reservations through the site.

The processing is carried out in compliance with Regulation (EU) 2016/679 (GDPR).

2. Types of data collected

The site collects only the data strictly necessary to manage reservations and communications with guests:

Identification and contact data : name and surname, email address, telephone number.
Booking information : dates of stay, number of guests, any notes/needs indicated by the guest.
Payment information : Information required for payment processing; payments are processed via Wix Payments / PayPal.
Communication data via Email or chat/WhatsApp : messages sent via the convenient WhatsApp, email, or chat link on the site.

No identification documents, health data, or other sensitive data are collected through the site, unless otherwise specifically requested (in which case explicit consent will be requested and specific instructions will be provided).

3. Purposes and legal bases of the processing

Personal data are processed for the following purposes:

Completion of bookings and management of stays (confirmations, operational communications, check-in/out). Legal basis: performance of the contract.
Payment management and tax/accounting obligations . Legal basis: Performance of the contract and legal obligation. Payments are processed via Wix Payments/PayPal; therefore, some payment information is processed by the respective providers.
Chat/WhatsApp communications to provide information, respond to requests, or assist you . Legal basis: performance of the contract or consent, as applicable.
Legal obligations (e.g., tax documentation management). Legal basis: legal obligation.
Website improvement and analytics : If analytics or profiling tools are used, explicit consent will be required; essential technical cookies do not require consent. The guidelines of the Italian Data Protection Authority apply to cookies and consent.

4. Methods of treatment and safety

The treatments are carried out with manual, computer and telematic tools with appropriate technical and organisational measures to protect the data (authorised access, backups, internal controls). Access to the data is allowed only to authorised personnel and appointed external managers.

5. Third parties and data controllers

To provide services, the Data Controller uses suppliers who may act as external Data Processors or independent controllers.

The main external services used are:

Wix (website hosting and management platform, including booking tools).
Wix Payments (payment processor for the website). Wix Payments integrates various payment methods (cards, Apple Pay, Google Pay, etc.) and can also process transactions through third-party providers such as PayPal; the relevant terms and conditions are governed by Wix.
PayPal (if the guest chooses PayPal as their payment method, PayPal will process the payment data according to its own policy).
WhatsApp / Meta (messaging service used for direct communications; WhatsApp terms and conditions apply to Business use).

The relevant providers have their own privacy policies and terms of use: users are advised to consult the official policies of the services indicated (links to the policies are provided below).

6. International transfers

Some suppliers (e.g. Wix, PayPal, Meta) may also transfer or process data outside the EU; such transfers take place in accordance with the guarantees provided by the GDPR (adequacy decisions, standard contractual clauses, etc.).

The Owner undertakes to request appropriate guarantees from suppliers.

7. Retention period (minimums applied)

To ensure compliance and operational simplicity, the following minimum retention periods apply:

Booking data and accounting data (including payment references): retained for up to 10 years for tax and accounting purposes.
Contact data (email, telephone) linked to bookings : up to 10 years together with booking data.
Browsing data / technical log : stored for up to 6 months unless otherwise required for security or investigation reasons.
Cookie consent data : Recording of user consent and choice for up to 2 years (preference log) to demonstrate the validity of consent.

These periods may be updated in case of legal obligation or defensive needs (e.g. litigation).

8. Cookies and tracking tools

The site uses technical cookies necessary for the operation of the site and third-party cookies provided by the integrated services (Wix, PayPal, any widgets). Cookies that are not strictly necessary (e.g. profiling or marketing cookies) will only be activated after the acquisition of explicit consent through banners/consent management tool in accordance with the Guarantor's guidelines.

9. Rights of the interested party

Pursuant to Articles 15–22 of the GDPR, the data subject may exercise the rights to:

Access to data;
Correction of inaccurate data;
Erasure (right to be forgotten), within the limits of legal retention obligations;
Restriction of processing;
Data portability (if applicable);
Objection to processing for legitimate reasons;
Withdrawal of consent (without affecting the lawfulness of processing based on previous consent).

To exercise your rights, please send a request by email to rosalia_ricciardi@virgilio.it or by post to Contrada Porilla 5, 98075 San Fratello (ME). If you have a complaint, you can contact the Italian Data Protection Authority.

10. Data security

The Data Controller applies technical and organisational measures (authenticated access, backups, updates) to protect the data. However, users are advised not to send particularly sensitive data via unprotected channels.

11. Updates of the information

This information may be updated; the version published on the site will show the date of last modification. We invite you to consult it periodically.