Privacy & cookies policy


Pursuant to Regulation (EU) 2016/679 (hereinafter GDPR), this page describes the methods of personal data processing of the users the Ghivine Albergo Diffuso di Fancello Stefano (hereinafter "Ghivine Albergo Diffuso") website, accessible electronically at the following address:

This policy does not concern other sites, pages or online services accessible from hypertext links that may be published on the site, but referring to resources outside the Ghivine Albergo Diffuso domain.

All the treatments carried out through this website are based on the principles of lawfulness, correctness and transparency.
During the processing operations, an adequate level of protection and confidentiality will be guaranteed, in accordance with the provisions of art. 32 EU Reg. 679/2016.


The data controller is:  Ghivine Albergo Diffuso di Fancello Stefano

For any information or to exercise the rights provided for by EU Regulation 679/2016, you can contact the Data Controller at the following addresses:

Address: Via Umberto, 40 (registered office)) – Via Roma, 36 (operational headquarters) – 08022 Dorgali (NU)
Telephone: +39 0784 1876223


Navigation data

The computer systems and software procedures used to operate this site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This data category includes IP addresses or domain names of computers and terminals used by the website users, the addresses in URI / URL (Uniform Resource Identifier / Locator) notation of the requested resources, the time of the request, the method used in submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user's IT environment. The navigation data does not persist for more than seven days (except for any need to ascertain crimes by the judicial authorities)

Used provided data

The optional, explicit and voluntary sending of messages to the contact addresses of Ghivine Albergo Diffuso, the private messages sent by users to social media profiles, as well as the compilation and forwarding of the forms on the site, involve the acquisition of data contacts of the sender, necessary to reply, as well as all personal data included in communications. The personal data may be processed with automated and non-automated tools, in compliance with the security measures referred to in art. 32 GDPR.

Cookies and other tracking systems

Cookies are not used for user profiling, nor are other tracking methods used. Instead, session cookies (non-persistent) are used strictly limited to what is necessary for the safe and efficient navigation of the sites. The storage of session cookies in terminals or browsers is under the user's control, where on the servers, at the end of the HTTP sessions, information relating to cookies remains recorded in the service logs, with retention times not exceeding seven days, like other navigation data

Social Media

Regarding the processing of personal data carried out by the managers of the Social Media platforms used by Ghivine Albergo Diffuso, please refer to the informations provided by them through their respective privacy policies. Ghivine Albergo Diffuso processes personal data provided by users through the pages of the dedicated Social Media platforms within the scope of the purposes set out in this statement, exclusively to manage interactions with users (comments, public posts, etc.) and in the compliance with current legislation. The processing of personal data of users of the social media channels of Ghivine Albergo Diffuso responds to the policies in use on the respective platforms. Personal or sensitive data entered in comments or public posts within social media channels may be removed. The data shared by users through private messages sent directly to the channel managers will be processed in compliance with the current regulations on the protection of personal data and this policy on the processing of personal data.


The User's personal data will be processed by Ghivine Albergo Diffuso for the following purposes

  1. Preparation of pre-contractual measures for services requested by the User (estimates);
  2. Response to information requests sent by the User
  3. Fulfillment of legal obligations to which the Data Controller is subject;
  4. Obtain statistical information on the use of web services (most visited pages, number of visitors by time or day, geographical areas of origin, etc.);
  5. Control of the correct functioning of the services offered;
  6. Sending commercial communications via email regarding products and services similar to those purchased by you, except for your express refusal to receive such communications, which you may express during the purchase or on subsequent occasions (so-called soft spam)
  7. Carrying out marketing activities: such as the processing of statistics and market research, sending newsletters or other information and promotional material relating to the activities, products and services of Ghivine Albergo Diffuso, sending surveys to improve the service ("customer satisfaction "). Such communications may be made via automatic messages, via e-mail, via SMS / MMS, via paper mail and / or the use of the telephone with operator; it is specified that the Data Controller collects a single consent for the marketing purposes described here, pursuant to the General Provision of the Guarantor for the Protection of Personal Data "Guidelines on promotional activities and the fight against spam", of 4 July 2013; if , in any case, if you wish to oppose the processing of your data for marketing purposes carried out with the means indicated here, you can do so, at any time, according to the procedures set out in paragraph 7 of this policy.


Legal basis of the processing, identified from time to time, will be:

  • the execution of the contract and / or pre-contractual measures - art. 6 (1) (b) EU Reg. 679/16;
  • compliance with legal obligations - art. 6 (1) (c) EU Reg. 679/16;
  • legitimate interest - art. 6 (1) (f) EU Reg. 679/16;
  • consent - art. 6 (1) (a) EU Reg. 679/16.


The user's personal data, acquired for the purposes referred to in point 4 of this information, will be kept for the time necessary to pursue the purposes in question and for a time equal to the contractual duration, in compliance with the times prescribed by law, and / or for the period necessary to allow the Data Controller to protect its interests and / or fulfill the legal obligations to which it is subject. In relation to the purposes referred to in points (f) and (g) – marketing - the user's data will be kept until the purposes of the processing have been pursued or until the consent is revoked. The navigation data does not persist for more than seven days (except for any need to ascertain crimes by the judicial authorities). Once these terms have elapsed, the Data will be destroyed or made anonymous.


Where necessary, the User's personal data may be shared with:

  1. subjects delegated and / or appointed by the Data Controller - i.e. companies or professional firms that provide assistance and consultancy in the IT sector, payroll and contribution processing, as well as tax and legal consultants - to carry out activities strictly related to the pursuit of the aforementioned purposes, rightly appointed as Data Processors;
  2. )domain administrators: the domain administrator and / or third party resellers who provide assistance in using the service may have access to the personal data of the interested parties;
  3. persons authorized to process personal data who are committed to confidentiality or have an adequate legal obligation of confidentiality;
  4. subjects, bodies or authorities to whom the communication of your personal data is mandatory by virtue of legal provisions or regulations or orders of the authorities, or for reasons of public interest.

It is possible to request precise information about the subjects who process the data on behalf of the owner by making an explicit request to the contact details referred to in point 1 of this policy

Personal data are stored on servers located within the European Union and can be transferred to EU countries and / or to third countries with respect to the EU, for the purposes referred to in the introduction, in accordance with the provisions of Applicable law, subject to the stipulation of the standard contractual clauses provided by the European Commission. Personal data are not subject to disclosure


The interested parties have all the rights provided for by EU Regulation 679/2016, namely:

  • the right to ask the owner for access to personal data, ie to know what data the owner processes (Article 15);
  • the right to obtain rectification, i.e. the right to have one's data modified if they have changed (Article 16);
  • the right to limit the processing that concerns him, i.e. to limit the use of data by the data controller (Article 18);
  • the right to object, for legitimate reasons, to their treatment (Article 21);
  • the right to data portability, i.e. the right to receive all personal data processed by the owner in a structured and readable format on an IT support (Article 20);
  • the right to request the cancellation of their data from the owner (Article 17);
  • the right to revoke the previously given explicit consent at any time, without prejudice to the lawfulness of the processing carried out up to that moment (art.7 - 13);
  • the right to lodge a complaint with the Guarantor for the Protection of Personal Data in the event of violations of the law (Article 77).

To exercise your rights, you can refer to the contact details of the Data Controller (point 1. of this policy).


The Data Controller reserves the right to update the Information at any time and make users aware of it through the use of the most appropriate tools, for any further information or question it is possible to refer to the contact details of the Data Controller.