Book online Request Quote

Privacy Policy

Interested parties: Browsers

Pursuant to Regulation (EU) 2016/679 (hereinafter “Regulation”), this page describes the methods of processing the personal data of users who consult the website accessible electronically at the following address:


This information does not concern other websites, pages or online services that can be reached via hypertext links published on the website but refer to resources outside the Data Controller’s domain.

It should be noted that the Privacy policy may be changed from time to time due to the activation of new services or as a result of legal updates, so it is advisable to periodically check for any news on the subject by referring to the aforementioned sites. This page describes how to manage the website with reference to the processing of personal data of the users who consult it. This policy is also provided pursuant to Article 13 of the (EU) Regulation concerning the protection of individuals with regard to the processing of personal data of those who interact with the web services of “HOTEL GABRIELLA srl – Via Dei Gerani 9 – Diano Marina (IM)” accessible electronically via the aforementioned address; further and any data processing is defined in the policy and cookie policy corresponding to the website footer.

The policy is provided only for this website, and not for other web sites that may be consulted by the user through links. The policy is also inspired by Recommendation no. 2/2001 that the European authorities for the protection of personal data, collected in the Group established by art. 29 of directive no. 95/46/EC, adopted on 17 May 2001 to identify several minimum requirements for the collection of online personal data and, in particular, the methods, times and nature of the information that the data controllers must provide to users when they connect to web pages, regardless of the purposes of the link.


The Data Controller

After consulting this website, data relative to identified or identifiable persons may be processed.

The “data controller” for the processing of their data is HOTEL GABRIELLA srl – Via Dei Gerani 9 – Diano Marina (IM), email


Data protection officer

The Data Protection Officer (DPO) is Gabriella Piotti, who can be reached at the following email address:


Legal basis for the processing

The personal data indicated on this page is processed by HOTEL GABRIELLA srl, in order to carry out its activities. Consent, implementation of a contract, fulfilment of a legal obligation and also the pursuit of a legitimate interest are the legal bases that will be pursued, depending on the data processing carried out on the aforementioned website.


Place of data processing

The processing linked to the web services of this website takes place in Italy, is managed by the “Pensare web srl” service provider and is organised by the technical staff of reference (data processing manager), and by other representatives of “HOSPITALITY FACTORY srl”, on the occasion of updating and maintenance operations. No data deriving from the web service will be disclosed. The personal data provided voluntarily by users who submit requests for contact are used for the sole purpose of carrying out the service or action requested, also possibly through external service providers.


Types of data processed and purposes of processing

Navigation data  

During their normal operation, the computer systems and software procedures used to operate this website acquire some personal data, the transmission of which is implicit in the use of Internet communication protocols.

This category of data includes IP addresses or domain names of computers and terminals used by users, the URI/URL (Uniform Resource Identifier/Locator) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters related to the operating system and the user’s IT environment.

This data is necessary for the use of web services and is also processed for the purpose of:


  • Obtaining statistical information on the use of services (most visited pages, number of visitors by time or day, geographical areas of origin, etc.);


  • Checking that the services offered function correctly.



Data communicated by the user

The optional, explicit and voluntary sending of messages to the contact addresses included on the forms, as well as the compilation and forwarding of the forms included, entail the acquisition of the sender’s contact information, necessary for replying, as well as all personal data included in the communications.

Specific information will be published on the pages of the websites set up for the provision of certain services.

Cookies and other tracking systems

No use is made of cookies for user profiling.

Session cookies (non-persistent) are used instead and such use is strictly limited to what is necessary for safe and efficient browsing of the websites. The storage of session cookies in terminals or browsers is under the user’s control, whereby, at the end of HTTPS sessions, information regarding cookies remains recorded in the service logs, on the servers, with storage times specific to each single third party manager of the service. Any data acquired through cookies and the methods for its management is fully described in the “cookie policy” document.

Navigation data

This data is used for the sole purpose of obtaining anonymous statistical information on the use of the website and to check that it is functioning correctly strictly for the time necessary to fulfil the purposes for which it was collected. The automatically-collected information can be used by “HOTEL GABRIELLA srl” for verification of responsibility in the event of hypothetical computer crimes to the detriment of the website, for statistical purposes, to improve browsing and website content. Any data acquired through cookies is fully described in the “cookie policy” document.

Data provided voluntarily by the user


The optional, explicit and voluntary sending of data entered in the data collection forms, or the sending of emails to the email addresses indicated on this website, entails the subsequent acquisition of the sender’s address, necessary for responding to requests, as well as any other personal data included in the message. It should be noted that the personal and/or business data entered in the forms on the websites is used to respond to user queries, in order to provide the requested information and services.


Processing methods

Personal data is processed with automated tools strictly for the time necessary to fulfil the purposes for which it was collected. Specific security measures are observed to prevent loss of data, unlawful or improper use and unauthorised access. We wish to inform you that, in order to provide a complete service, there are links to other websites managed by other data controllers. We decline all responsibility in the event of errors, contents, cookies, publications of unlawful immoral content, advertising, banners or files that do not comply with current legal provisions and for the respect for Privacy legislation by websites not managed by us to which reference is made.


Data recipients

The recipient of the data collected following website consultation, pursuant to Article 28 of the Regulation, is, for example, the person responsible for the Pensare web srl data processing, as provider of the web platform hosting services;


Transfer of data abroad

Third countries: The website communication services may use external suppliers located in non-EU countries, in particular in the USA. It has been verified that the contractual clauses for these suppliers include subscription to the Privacy Shield agreements.


Rights of interested parties

You have the right to obtain, from the data controller, the cancellation (any right to be forgotten), limitation, updating, rectification, portability, opposition to the processing of personal data concerning yourself and, in general, you can exercise all rights. provided for by articles 15, 16, 17, 18, 19, 20, 21 and 22 of the GDPR, where applicable with respect to the purposes of data processing.


EU 2016/679 Regulation: Articles 15, 16, 17, 18, 19, 20, 21 and 22 –


  1. The interested party has the right to obtain confirmation of the existence or non-existence of personal data concerning him/herself, even if not yet recorded, and its communication in an intelligible form.


  1. The interested party has the right to obtain information regarding:



  1. the origin of the personal data;
  2. the purposes and methods of the data processing;
  3. the logic applied in case of processing carried out with the aid of electronic tools;
  4. the identity of the data controller, managers and representative appointed pursuant to article 5, paragraph 2;
  5. the individuals or categories of individuals to whom the personal data may be communicated or who may gain knowledge of them, in the capacity of appointed representative in State territory, managers or officials.


  1. The interested party has the right to obtain:



  1. the updating, rectification or, when interested, integration of data;
  2. the cancellation, transformation into anonymous form or blocking of data processed in violation of the law, including data that does not need to be kept for the purposes for which it was collected or subsequently processed;
  3. attestation that the operations referred to in letters a) and b), also with regard to their content, have been brought to the attention of those to whom the data has been communicated or distributed, except in the case in which such fulfilment proves impossible or involves the use of means that are clearly disproportionate with respect to the protected right;
  4. data portability.


  1. The interested party has the right to object, in full or in part:



  1. for legitimate reasons, to the processing of personal data concerning him/herself, even if relevant to the purpose of the data collection;
  2. to the processing of personal data concerning him/herself, for purposes of sending advertising or direct sales material or for carrying out market research or commercial communication.

Right to complain

Interested parties who believe that the processing of personal data referring to themselves carried out through this website is in violation of the provisions of the Regulation have the right to lodge a complaint with the Guarantor, in accordance with article 77 of the Regulation itself, or apply to the appropriate courts (article 79 of the Regulation).