Skip to content

Privacy e Cookie Policy

Privacy Policy


CA’BIANCA Bed & Breakfast, VAT Number 01152030456, Data Controller, hereby informs you that your data will be processed in accordance with the methods and for the purposes indicated below.

The Data Controller undertakes to protect the privacy and confidentiality of Personal Data in accordance with the principles of fairness, lawfulness, transparency, and the protection of your rights.


We process personal data communicated by you (name, email, company name, phone number, etc.) on occasions of requests sent spontaneously and data collected automatically from the website.

  • Data provided by you: personal, identifying, and non-sensitive data communicated by you to make requests via email, through the contact form, or by phone about our products/services.
  • Data we collect automatically: anonymous data collected using cookies or similar technologies: for further information, please refer to the Cookie Policy below.

N.B. Users under the age of 16 cannot provide any personal data without the consent of parents or legal guardians.


We will process your personal data:

A) to fulfill our contractual obligations; provide a response to your information requests; calculate a quote you requested; execute contracts for the sale of products or for the provision of services; provide necessary assistance regarding purchased products and services.

B) to perform aggregate statistical analysis anonymously to improve our services;

C) for administrative purposes and to fulfill legal obligations such as accounting, tax obligations, or to comply with requests from the judicial authority.

D) in the case of submitting a curriculum vitae, solely for selection purposes.


Providing your data is always optional, but its failure could make it impossible to proceed with some processing, such as those strictly related to the fulfillment of a contract or the provision of requested services.


The processing of your personal data is carried out through the operations indicated in Article 4 of the Privacy Code and Article 4(2) of the GDPR, namely: collection, recording, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, erasure, and destruction of data.

Your personal data is stored at the Data Controller’s premises and is subject to both paper and electronic and/or automated processing with logic strictly related to the purposes indicated and in a manner that ensures the security and confidentiality of the data. The data you send are not saved within our website.

The Data Controller will process personal data for the time necessary to fulfill the aforementioned purposes and in any case for no longer than 10 years from the cessation of the relationship for purposes under point C and for no longer than 38 months from the data collection for purposes under point B.


Your data may be made accessible for the purposes indicated in point 2:

  • to employees and collaborators of the Data Controller, in their capacity as internal processors and/or administrators of the system;
  • to third-party companies or other subjects (website providers, cloud providers, e-payment service providers, suppliers, technicians responsible for hardware and software assistance, shipping agents and carriers, credit institutions, professional firms, etc.) that perform outsourcing activities on behalf of the Data Controller, in their capacity as data processors.


The data will not be disseminated, sold, or exchanged with subjects other than the data controller, the processors, and the appointees without your express and explicit consent.


You have the right to know what personal data are being processed. In particular, you have the right to access, rectify, delete, as well as the right to data portability, the right to restrict processing, and the right to object to processing, where applicable.

Below is a brief explanation of the rights recognized to you regarding the processing of your personal data.

  • The right to access allows you to obtain confirmation as to whether or not your personal data are being processed by the Data Controller and, if so, to access such data and related information;
  • The right to rectification allows you to obtain the correction of inaccurate personal data concerning you without undue delay and, taking into account the purposes of the processing, to have incomplete personal data completed;
  • The right to erasure allows you to obtain the erasure of personal data concerning you without undue delay (e.g., when your personal data are no longer necessary in relation to the purposes for which they were collected), subject to exceptions provided by applicable law (e.g., when the retention of your data is necessary to comply with legal obligations applicable to the data controller). Erasure will be carried out within the technical times provided;
  • The right to data portability allows you, in certain circumstances provided by applicable law, to receive in a structured, commonly used, and machine-readable format the personal data concerning you that you have provided. You may transmit this data to another data controller, provided that this right can be recognized to you under applicable law, and except where it may result in a prejudice to the rights and freedoms of others;
  • The right to restrict processing allows you, in certain circumstances provided by applicable law, to obtain the restriction of processing of your personal data. In such cases, the Data Controller may continue to process your data only in certain cases, for example, for the exercise of the right of defense or to protect the rights of another natural or legal person;
  • The right to object to processing allows you, in certain circumstances provided by applicable law, to object to the processing of your personal data unless there are compelling legitimate grounds, rights, or freedoms that allow the Data Controller to continue processing;

For more information on the processing of your personal data or to exercise your rights, please contact us.


This Privacy Notice may be subject to changes. It is therefore advisable to check this Privacy Notice regularly and refer to the most updated version.


Last update: May 2024

Cookie Policy

For us, data protection is a very serious matter, and we wish to inform you about the manner in which data is processed and the rights you can exercise under the relevant data protection regulations, European Union Regulation 2016/679 (hereinafter also referred to as “GDPR”).

Data Controller and DPO

CA’BIANCA Bed & Breakfast

Categories of Data Subject to Processing

The data processed by the Data Controller are “personal data” (as per Art. 4.1 of the GDPR) provided by you.
In particular, the categories of relevant personal data may include, but are not limited to:

  • Any demographic and identification data (for example, but not limited to, name and surname, etc.);
  • Any contact data (IP address, email address, and similar data) and browsing data.

Processing of Data Useful for Navigation Purposes

The computer systems and software procedures tasked with the operation of this website acquire, during their normal exercise, some personal data whose transmission is implicit in the use of Internet communication protocols.

These are pieces of information that are not collected to be associated with identified individuals, but which by their very nature could, through processing and association with data held by third parties, allow users to be identified.

Among the information that may be collected are IP addresses, the type of browser or operating system used, addresses in URI (Uniform Resource Identifier) notation, the domain name, and the addresses of the websites from which access or exit was made (referring/exit pages), the time when the request was made to the server, the method used, and information about the response obtained, further information about the user’s navigation on the site (see also the section related to cookies) and other parameters related to the user’s operating system and computer environment.

These same data could also be used to identify and verify responsibilities in the event of potential computer crimes against the website.

Use of Cookies

When you visit any website, it can store or retrieve information on your browser, mostly in the form of cookies. This information may concern you, your preferences, or your device and is largely used to make the site work as you expect. The information typically does not directly identify you but can provide a more personalized web experience. Because we respect your right to data protection, you can choose not to allow certain types of cookies. Click on “Cookie Settings” and on the headers of the different cookie categories to learn more and change the default settings. However, disabling some types of cookies may have consequences for your browsing on the site and the use of the related services we can offer.
The following information is provided to the user in accordance with the provisions of the Italian Data Protection Authority’s simplified notice on cookies of May 8, 2014, titled “Identification of simplified methods for providing information and obtaining consent for the use of cookies.”

What are Cookies? And What Cookies Do We Use?

Cookies are small text strings that a website can send to your device (whether it’s a PC, a notebook, a smartphone, or a tablet) while you’re browsing. Typically, they are stored directly on the browser used for navigation. The same website that sent them can then read and record the cookies found on the same device to obtain various types of information. What kinds? Each type of cookie has a well-defined role.

How many types of cookies are there?

There are two fundamental macro-categories, each with different characteristics: technical cookies and profiling cookies.

Technical cookies are generally necessary for the proper functioning of the website and to enable navigation. Without them, you might not be able to view pages correctly or use some services. For example, a technical cookie is essential for keeping the user logged in throughout the visit to a website, or for storing language settings, display preferences, and so on.

The technical cookies used on this website can be further distinguished into:

  • Necessary Cookies
    These cookies are essential for the operation of the website, especially in terms of normal navigation and use. They cannot be disabled in our systems. They are usually set only in response to actions you take that constitute a request for services, such as setting privacy preferences, logging in, or filling out forms. You can set your browser to block these cookies, but this may result in some or all parts of the site not functioning properly. These cookies do not store personal information.
  • Analytical Cookies
    These cookies allow us to count visits and traffic sources so we can evaluate and improve the performance of our website. They help us understand which pages are the most and least popular and see how visitors navigate the site. All information collected by these cookies is aggregated and therefore anonymous. If you do not authorize these cookies, we will not be able to evaluate the navigation and collective behavior of our users and consequently improve the performance of the site.
  • Functionality Cookies
    These cookies allow the website to provide advanced functionality and customization, enabling navigation based on a set of selected criteria (e.g., language, selected products for purchase). They may be set by us or by third-party providers whose services have been added to our pages. If you do not authorize these cookies, some or all of these services may not function properly.

Profiling cookies are designed to profile the user and are used to send advertising messages in line with the preferences expressed by the user during their navigation.

  • Profiling Cookies
    Profiling cookies can also be used by third-party companies to build a profile of your interests and show you relevant advertisements on this and other websites.

These cookies can only be set through our website by our advertising partners, so they are third-party cookies. These cookies are based solely on identifying your browser and your internet device. If you do not authorize these cookies, you will not be shown or sent the aforementioned advertisements, nor will profiles of your interests be created. Refusing or revoking consent for the use of one or more profiling cookies will not interfere with your ability to access the website or browse it.

Cookies can also be classified as:

  • first-party cookies: these are cookies generated and managed directly by the website operator you are currently visiting.
  • third-part cookie: these are cookies generated and managed by entities other than the website operator you are currently visiting, typically as a result of a contract between the website owner and a third party.

List of cookies we use in this website

Google analytics:

_ga, _ga_*
Registers a unique ID used to generate statistical data on how the visitor uses the website.

AEC cookies ensure that requests within a browsing session are made by the user, and not by other sites. These cookies prevent malicious sites from acting on behalf of a user without that user’s knowledge.

This cookies is used to collect website statistics and track conversion rates and Google ad personalisation.

This cookies is used to collect website statistics and track conversion rates and Google ad personalisation.

Stores a user’s state regarding their cookies choices.

Cookie Banner:

Store cookie consent preferences.

Duration of Cookies

Cookies have a duration determined by the expiration date (or a specific action, such as closing the browser) set at the time of installation.

Cookies can be:

  • temporary or session cookies (session cookie): these are used to store temporary information, allowing you to link actions performed during a specific session and are removed from the computer when the browser is closed;
  • permanent cookies (persistent cookie): these are used to store information such as login names and passwords, so you don’t have to re-enter them every time you visit a specific site. They remain stored on your computer even after closing the browser.

Cookie Management

In accordance with the provisions of the Italian Data Protection Authority’s simplified notice on cookies of May 8, 2014 (published in the Official Gazette no. 126 of June 3, 2014), you can change your cookie consent at any time by clicking on the “Cookie Settings” link at the bottom of every page on this website.

CA’BIANCA Bed & Breakfast will keep appropriate records of the User’s consent(s) through a specific technical cookie, considered by the Privacy Authority as a “non-particularly invasive” tool. The User can refuse consent and/or change their cookie preferences at any time through access to this Privacy Policy, which is accessible from every page of this website.

If you have already given your consent but wish to change your cookie preferences, you must delete them through your browser, as indicated below. Otherwise, those already installed will not be removed. Please note that there is no way to control third-party cookies, so if you have previously given consent, you must proceed to delete cookies through the browser (in the dedicated section) or request opt-out directly from third parties.

How to Disable/Delete Cookies via Browser


  1. Open the Chrome Browser
  2. Click on the menu in the browser toolbar next to the URL entry window for navigation
  3. Select Settings
  4. Click on Show Advanced Settings
  5. In the “Privacy” section, click on the Content Settings button
  6. In the “Cookies” section, you can modify the following cookie settings:
    – Allow local data storage
    – Modify local data only until the browser is closed
    – Prevent sites from setting cookies
    – Block third-party cookies and site data
    – Manage exceptions for some websites
    – Delete one or all cookies

Mozilla Firefox

  1. Open the Mozilla Firefox Browser
  2. Click on the menu in the browser toolbar next to the URL entry window for navigation
  3. Select Options
  4. Select the Privacy panel
  5. Click on Show Advanced Settings
  6. In the “Privacy” section, click on the Content Settings button
  7. In the Tracking section, you can modify the following cookie settings:
    – Ask sites not to track
    – Tell sites that you’re willing to be tracked
    – Do not tell sites any preferences regarding tracking of personal data
  8. From the History section, you can:
    – By enabling “Use custom settings,” select to accept third-party cookies (always, from visited sites only, or never) and to keep them for a specified period (until they expire, until Firefox is closed, or ask every time)
    – Remove individual stored cookies.

Internet Explorer

  1. Open the Internet Explorer Browser
  2. Click on the Tools button and choose Internet Options
  3. Click on the Privacy tab and, in the Settings section, adjust the slider according to the desired action for cookies:
    – Block all cookies
    – Allow all cookies
    – Select sites from which to obtain cookies: move the slider to an intermediate position so as not to block or allow all cookies, then click on Sites, in the Website Address box enter a website, and then click Block or Allow.

Safari 6

  1. Open the Safari Browser
  2. Click on Safari, select Preferences, and then click on Privacy
  3. In the Block Cookies section, specify how Safari should accept cookies from websites.
  4. To view which sites have stored cookies, click on Details

Safari iOS (mobile devices)

  1. Open the Safari iOS Browser
  2. Tap on Settings and then Safari
  3. Tap on Block Cookies and choose among the various options: “Never,” “Third-party and advertisers,” or “Always”
  4. To delete all cookies stored by Safari, tap on Settings, then on Safari, and finally on Clear Cookies and Data.


  1. Open the Opera Browser
  2. Click on Preferences, then on Advanced, and finally on Cookies
  3. Select one of the following options:
    – Accept all cookies
    – Accept cookies only from the site being visited: third-party cookies and those sent from a different domain than the one being visited will be rejected
    – Never accept cookies: all cookies will never be saved.

Note regarding minors under 14 years old

Minors under the age of 14 cannot provide personal data. CA’BIANCA Bed & Breakfast will not be responsible for any collection of personal data or false statements made by minors. In any case, if such usage is detected, CA’BIANCA Bed & Breakfast will facilitate the right of access and deletion requested by the legal guardian or the person exercising parental responsibility.

Exercising the Data Subject’s Rights

The data subject, concerning the personal data subject to this notice, has the right to exercise the rights provided by the EU Regulation listed below:

  • Right of access by the data subject [Article 15 of the EU Regulation]: The data subject has the right to obtain from the controller confirmation as to whether or not personal data concerning them are being processed, and, where that is the case, access to the information expressly provided for in the cited article, including but not limited to the purposes of the processing, the categories of data and recipients, the retention period, the existence of the right to erasure, rectification or restriction, the right to lodge a complaint, all available information on the origin of the data, the possible existence of automated decision-making pursuant to Article 22 of the Regulation, as well as a copy of their personal data.
  • Right to rectification [Article 16 of the EU Regulation]: The data subject has the right to obtain from the controller the rectification and/or completion of inaccurate personal data concerning them, without undue delay;
  • Right to erasure (“right to be forgotten”) [Article 17 of the EU Regulation]: The data subject has the right to obtain from the controller the erasure of their personal data without undue delay if one of the reasons expressly provided for in the cited article exists, including but not limited to the cessation of the need for processing for the purposes, withdrawal of consent on which the processing is based, objection to processing where it is based on a non-prevailing legitimate interest, unlawful processing of data, deletion for legal obligations, data of minors processed in the absence of the conditions of applicability provided for in Article 8 of the Regulation;
  • Right to restriction of processing [Article 18 of the EU Regulation]: In cases provided for in Article 18, including unlawful processing, challenge of the accuracy of data, objection of the data subject, and cessation of the need for processing by the controller, the data subject’s data must be processed only for storage except with the consent of the data subject and other cases expressly provided for in the cited article;
  • Right to data portability [Article 20 of the EU Regulation]: The data subject, in cases where the processing is based on consent and on a contract and is carried out by automated means, may request to receive their personal data in a structured, commonly used and machine-readable format, and has the right to transmit them to another controller;
  • Right to object [Article 21 of the EU Regulation]: The data subject has the right to object to the processing of their personal data, in case the processing is based on a non-prevailing legitimate interest or is carried out for direct marketing purposes;
  • Right not to be subject to automated decision-making [Article 22 of the EU Regulation]: The data subject has the right not to be subject to a decision, including profiling, based solely on automated processing (for example, carried out exclusively through electronic tools or computer programs).

The above description does not replace the text of the cited articles, to which reference is made in full and to be read in full here::

Right to Lodge a Complaint

The data subject, if they believe their rights have been violated, has the right to lodge a complaint with the Data Protection Authority, as indicated by the Authority at the following Internet address: Alternatively, a written communication can be sent to the Italian Data Protection Authority, Piazza Montecitorio no.121, 00186 Rome.

Last update: May 2024
Back To Top