Lorem ipsum

consectetur adipiscing elit

logo_trullallero_tavola disegno 1

Trullo Trullallero

Strada Noci Zona D, 74015 Martina Franca TA, Italy 

logo_trullallero_tavola disegno 1

Trullo Trullallero


instagram
whatsapp

Trullo Trullallero © 2026 All rights reserved | Privacy Policy | Cookies Policy

PRIVACY POLICY

This Privacy Policy is provided pursuant to Regulation (EU) 2016/679 (GDPR) and describes how personal data of users who browse and use the website www.trullotrullallero.com (the “Website”) are processed by the tourist accommodation Trullo Trullallero.

 

1. Data Controller

 

Data Controller
Alessandra De Paola – Trullo Trullallero
CIN: IT073013C200071695
Strada Noci Zona D, 74015 Martina Franca (TA), Italy
Email: info@trullotrullallero.com

No Data Protection Officer (DPO) has been appointed. For any information regarding the processing of personal data, users may contact the Data Controller directly.

 

2. Types of personal data processed

 

The Data Controller processes:

  • identification and contact data (name, surname, email address, phone number);
  • booking-related data (stay dates, number of guests, special requests);
  • payment data (processed via the booking system and its providers, not stored directly by the Data Controller);
  • browsing data (IP address, logs, cookies), as described in the Cookie Policy.

The Website does not intentionally collect special categories of data pursuant to Article 9 GDPR or judicial data.

 

3. Purposes and legal basis of processing

 

3.1 Booking and stay management

Personal data are processed in order to:

  • allow users to book their stay through the online booking system;
  • manage the contractual relationship (booking confirmations, pre- and post-stay communications, check-in and check-out);
  • comply with legal obligations (tax, accounting, public security requirements).

Legal basis: performance of a contract and compliance with legal obligations.

Providing the data is necessary; failure to do so will make it impossible to complete a booking.

 

3.2 Service communications

The Data Controller may send communications related to the booking (e.g. confirmations, useful information about the stay, review requests) via email, SMS or WhatsApp.

Legal basis: legitimate interest of the Data Controller and the guest in receiving information necessary for the stay.

 

3.3 Contact requests

Data provided via contact forms or email are processed solely to respond to user requests.

Legal basis: legitimate interest of the Data Controller in replying to requests.

Providing data is optional; failure to provide them will make it impossible to respond.

 

3.4 Soft spam

Pursuant to Article 130(4) of the Italian Privacy Code, the Data Controller may use the contact details provided during a booking to send communications relating to similar services (e.g. updates or offers regarding the accommodation), unless the user objects.

Legal basis: legitimate interest of the Data Controller.

Users may object at any time by contacting the Data Controller.

 

4. Marketing and profiling

 

The Data Controller:

  • does not send newsletters or generic promotional communications;
  • does not carry out user profiling activities.

The Website uses third-party services (e.g. Google Analytics, Google Ads) for statistical purposes and to improve user experience, subject to consent provided via the cookie banner. For further details, please refer to the Cookie Policy.

 

5. Data communication

 

Personal data:

  • are not disclosed to third parties for commercial purposes;
  • may be processed by external providers supplying technical services necessary for the operation of the Website and the integrated booking system, acting as data processors pursuant to Article 28 GDPR;
  • may be communicated to public authorities where required by law.

In particular, the Website is developed using the Aruba Supersite platform and hosted on infrastructure provided by Aruba S.p.A., which supplies hosting, technical support and integrated booking services and processes personal data on behalf of the Data Controller.

 

6. Data retention

 

Personal data are retained:

  • for the time necessary to manage the stay and comply with legal obligations;
  • for a maximum of 6 months for contact requests not followed by a booking;
  • for the periods required by tax and civil law for contractual data.

Once the retention period has expired, data will be deleted or anonymised.

 

7. Transfer of data outside the EU

 

Personal data may be processed by service providers located outside the European Union (e.g. Google LLC for Google Analytics, Google Ads and Google Maps services).

In such cases, data transfers are carried out in compliance with Articles 44 et seq. of the GDPR, based on adequacy decisions of the European Commission or other appropriate safeguards provided by law.

 

8. Data subject rights

 

Users have the right to:

  • access their personal data;
  • request rectification or erasure;
  • obtain restriction of processing or object to processing;
  • request data portability;
  • withdraw consent at any time;
  • lodge a complaint with the competent supervisory authority.

Requests may be sent to the contact details indicated in section 1.

 

9. Changes to this Privacy Policy

 

The Data Controller reserves the right to amend this Privacy Policy at any time. Updates will be published on the Website with the relevant effective date.

 

Powered by LegalBlink.