Villa Chiara – Lavi Luxury Apartments in Capri

  • English
  • Italian
Entry-header image

Privacy Statement

1. Data Controller

Lavi Luxury Apartments, Villa Chiara
Hospitality managed by Gestione Alberghiera Italiana S.r.l.
VAT No. 14061481009 | REA RM‑1493393
Email: commercioitalia@casellapec.com

2. Scope and Applicability

This Privacy Statement applies to the personal data processing performed on this website and during the guest experience. It covers what information is collected, how and why it is used, processed, and protected—ensuring compliance with the GDPR and e-Privacy Directive.

3. Personal Data Collected

We may collect and process the following categories of data:

  • Reservations & Booking Data: name, contact details, payment information, stay dates.
  • Communications: emails, messages via email, phone, or WhatsApp for bookings and customer support.
  • Technical Data: IP address, device information, cookies and usage logs.

4. Purpose and Legal Basis for Processing

  • Contract Performance: to manage bookings, guest experience, invoicing, and customer support.
  • Legal Compliance: for fulfilling obligations such as tax reporting.
  • Legitimate Interests: analytics, site improvement, security, and fraud prevention.
  • Consent: for marketing communications, when applicable, only with explicit opt-in consent.

5. Cookies and Tracking Technologies

Our site uses cookies and similar tracking tools. We always inform users clearly and obtain prior consent when required. The cookies necessary for booking are exempted from needing consent, in compliance with EU rules.

6. Data Sharing and Third Parties

Personal data may be shared with:

  • Service Providers: payment processors, booking engines, marketing platforms.
  • Legal Authorities: if required by law or to protect safety and rights.
  • Other Partners: only based on contractual safeguards in line with GDPR principles.

7. Data Retention

We retain personal data only as long as necessary for booking management, legal obligations, or dispute resolution. After that, information is securely deleted or anonymized in compliance with GDPR storage limitation principle Distinctive Resorts.

8. Rights of Data Subjects

Under GDPR, guests may exercise the following rights:

  • Access their personal data.
  • Rectify incorrect data.
  • Erase data (“right to be forgotten”).
  • Restrict processing under certain conditions.
  • Object to processing, including direct marketing.
  • Data Portability: request transfer of supplied data.
    Requests can be sent to our contact email above. We commit to responding within one month, extendable when necessary.

9. Data Security

We adopt technical and organizational measures to safeguard data integrity, confidentiality, and availability, including encryption and access controls.

10. Children’s Privacy

Our services are not intended for minors. If data from individuals under 16 is collected, we will require parental or guardian consent before processing.

11. Policy Updates

This Privacy Statement may be updated. The effective version will be posted here with the last updated date visible. Users are encouraged to review it periodically.

12. Complaints

Guests have the right to lodge a complaint with the data protection authority of their EU residence—most notably for the data controller’s main establishment, which is Naples, Italy.